EDIT: please see my most recent followup - guns were jumped.
Argh, a backdoor in the ESP32 Bluetooth stack? This is *just* what I need right now.
I always figured it was possible but it sucks to have it confirmed.
I can admit, now, that there was always a sense of "these chips are too good to be true" - and now we've had confirmation. As you always do.
The worst part is that there isn't a single replacement part that's a go-to for all the uses I have - at least not one that isn't another #espressif part.
I've got some work ahead of me. :)
@jeffrizzo I'm afraid this article doesn't make much sense to me. They're referencing having root access on the ESP32 like that's even a thing? And any re-writing of the ESP32 code, wouldn't it be instantly obvious to the owner when their device just stops doing its function? I understand the broad picture that an ESP32 could be hijacked via BT but I think I'm missing some details here.
Fortunately none of my ESP32 devices have ever enabled BT, so I assume they couldn't be hijacked this way?