I’d like someone to explain this to me as I find this interesting. I have tech background but the OSI model is not something I’ve interacted with directly.
Some questions I come to think of
1. Why ESP32 made it closed?
2. What does the MAC layer in the OSI model make it so important to either make this closed/open source ?
From the article: "security auditability", possibility for features not supported, make research into Wi-Fi networks with lots of nodes more affordable.
E.g. ESP32 is proprietary, but it doesn’t limit the connection to certain routers, but could it be made to be?
magnat 4 days ago [-]
1. They might have used IP cores with license that forbids disclosing any technical details, including firmware implementation.
2. Manipulating RF registers could cause the device to operate outside of regulatory parameters, perhaps invalidating FCC certification for the whole device. By not disclosing how to use MAC directly, they can claim they did their best to prevent device from misbehaving.
luma 4 days ago [-]
Item 1 is certainly the case here. Espressif licensed most of their original IP from tensilica, and this is completely normal for building a commercial microcontroller. If you don't have the in-house skill to build a complete WiFi radio stack from the ground up, you simply license the IP core and roll it into your product.
Nice work by the presenters here, it's a good idea and might help the community, but the current state is not the result of Espressif trying to be jerks.
KennyBlanken 4 days ago [-]
The second item has been trotted out for roughly two decades as an excuse for why router companies block open source firmwares.
In those two decades there's been no evidence the FCC or other regulatory bodies follow that theory, and no evidence that open source firmware causes "misbehavior."
Please stop talking about it like it's an issue. It isn't.
MadnessASAP 4 days ago [-]
The chaos that surrounded the Flipper Zero clearly indicates that it is an issue.
xattt 4 days ago [-]
There’s many devices that can get uncapped (Yaesu handhelds for example) without losing FCC certification.
Eduard 4 days ago [-]
"uncapped"?
xattt 4 days ago [-]
To open up capabilities outside of intended function.
londons_explore 4 days ago [-]
A huge part of the cost of developing a WiFi chip is in the firmware. WiFi is a complex set of protocols, and is especially tricky to implement in a low ram, low compute, power constrained device.
There is perhaps a 50/50 effort split between firmware and hardware design. Open source the firmware and suddenly an upstart competitor has only half the cost to market, and therefore could undercut you in price.
IshKebab 4 days ago [-]
Just in case you didn't know, the OSI model is wrong. The world uses the "TCP/IP model" - there's no "presentation layer" for example.
4 days ago [-]
brookst 4 days ago [-]
I would argue that the higher layers of OSI become more abstract and blurry, but it’s not wrong per se. TLS maps fairly well (not perfectly) to presentation layer.
Then again, OSI works best as a descriptive model rather than prescriptive. Plenty of applications don’t follow the model at all. QUIC is largely an optimization by collapsing many functions that OSI models as separate layers into one monolithic thing.
IshKebab 4 days ago [-]
No it's definitely wrong. TLS is not a presentation layer.
> QUIC is largely an optimization by collapsing many functions that OSI models as separate layers into one monolithic thing.
Yeah, or in other words, it doesn't follow the OSI model at all because the OSI model is a relic from the 70s that didn't catch on.
mannyv 4 days ago [-]
People have been trying to shoehorn the Internet into the OSI model for decades. It's like the OSI supporters have waged a campaign to be relevant...and won.
It's a nice model, but once it gets above the phy layer it becomes sort of bad.
pvtmert 5 days ago [-]
i'm also not professional networking engineer but overall open core will allow;
better interfacing and integration as a wifi chip on SBCs like raspberry pi, potentially allowing faster rates and lower latencies on SPI or I2c buses
better security and possibly handling further standards than the espressif allows.
for example, you may implement wpa3 or wpa4 (if it comes out at some point) without needing to wait for espressif to implement and release themselves. plus, they may never have the incentives to do so if a newer chip (esp64?) comes out...
mannyv 4 days ago [-]
One big win might be power savings.
rubatuga 4 days ago [-]
OSI MAC =/= WIFI MAC + PHY
numpad0 4 days ago [-]
It's just local maxima of utility. Not global ideal but pragmatic useful solutions. They could have delayed release for a century or two until a truly fair and open chip could be designed and fabricated, or you can get the chip today and complain about its pathetic proprietary nature along this long journey towards idealist heaven. The latter is way better.
This outfit has changed the term "backdoor" to mean "any undocumented feature". The findings reported are absolutely not a backdoor in any conventional usage of the term. One would need to flash their own code to the micro to make use of these features, which is the normal operating mode for any micro device.
This is nothing other than a security research team trying to get some attention by crying wolf.
dugite-code 5 days ago [-]
That was related to Bluetooth. Interesting undocumented low level commands but it's a bit of a stretch to call it a vulnerability IMHO.
But having the whole stack open would just be better in general.
Not a vulnerability in the way that Tarlogic makes it sound. Disingenuous and misleading article for sure.
nottorp 4 days ago [-]
A good bunch of "security" articles that make the news look more like scareware to me in the past years.
mystified5016 4 days ago [-]
This isn't a backdoor, it's just an undocumented debugger in the HCI stack. You still need a physical UART connection to the device AFAIK. The exact same type of connection you use to program and debug the device normally.
bastard_op 5 days ago [-]
I was watching the 38c3 talk about this a few months ago, and just laughed seeing the recent news. Guess they have a good reason to be paranoid, hmm.
Some questions I come to think of
1. Why ESP32 made it closed? 2. What does the MAC layer in the OSI model make it so important to either make this closed/open source ?
From the article: "security auditability", possibility for features not supported, make research into Wi-Fi networks with lots of nodes more affordable.
E.g. ESP32 is proprietary, but it doesn’t limit the connection to certain routers, but could it be made to be?
2. Manipulating RF registers could cause the device to operate outside of regulatory parameters, perhaps invalidating FCC certification for the whole device. By not disclosing how to use MAC directly, they can claim they did their best to prevent device from misbehaving.
Nice work by the presenters here, it's a good idea and might help the community, but the current state is not the result of Espressif trying to be jerks.
In those two decades there's been no evidence the FCC or other regulatory bodies follow that theory, and no evidence that open source firmware causes "misbehavior."
Please stop talking about it like it's an issue. It isn't.
There is perhaps a 50/50 effort split between firmware and hardware design. Open source the firmware and suddenly an upstart competitor has only half the cost to market, and therefore could undercut you in price.
Then again, OSI works best as a descriptive model rather than prescriptive. Plenty of applications don’t follow the model at all. QUIC is largely an optimization by collapsing many functions that OSI models as separate layers into one monolithic thing.
> QUIC is largely an optimization by collapsing many functions that OSI models as separate layers into one monolithic thing.
Yeah, or in other words, it doesn't follow the OSI model at all because the OSI model is a relic from the 70s that didn't catch on.
It's a nice model, but once it gets above the phy layer it becomes sort of bad.
better interfacing and integration as a wifi chip on SBCs like raspberry pi, potentially allowing faster rates and lower latencies on SPI or I2c buses
better security and possibly handling further standards than the espressif allows.
for example, you may implement wpa3 or wpa4 (if it comes out at some point) without needing to wait for espressif to implement and release themselves. plus, they may never have the incentives to do so if a newer chip (esp64?) comes out...
https://wiki.debian.org/Firmware/Open
This is nothing other than a security research team trying to get some attention by crying wolf.
But having the whole stack open would just be better in general.
Not a vulnerability in the way that Tarlogic makes it sound. Disingenuous and misleading article for sure.
https://youtu.be/r8IqkUTGjlA