Thanks for the reminder!

@[email protected], @[email protected], [email protected], @[email protected], @[email protected], @[email protected], @[email protected]

Thanks for the reminder! I also added a native-instance link because unlike lemmyverse.link, this one is guaranteed to work for the existence of the community.

The entire French population: “I guess we’re going on a holiday”

Linux desktop? I mean, Win10 support ends…

Edit: cuz the parent comment used to say “What year is it?”

I agree that a list would be cool but I need to make sure that people know this is not a “WARNING! Avoid these bugged devices:” situation. Calling for a list increases unjustified panic. (Also, it looked like you didn’t understand the difficulties of listing all ESP32 products, which I was all too happy to be pedantic about.)

Am I oddly curious about the cheapest/most expensive/most popular retail ESP32 device? Yes.

Does this news increase/decrease the benefit of making such a list? No, it’s still way below the cost.

No. I’m saying you cannot have a complete list because the chip is user friendly. Look at all the “ESP32 project” results in the search engine of your choice if you want an incomplete list. Unlike say an Intel processor, you don’t need a contract with the manufacturer to make a device with the chip so not even Espressif has a list of commercial products that ship with their chip.

I will not stop you from building a list, I’d just not bother if I were you. There is no use of one resulting from this news. Suppose I told you “LOOK! This device’s firmware was compiled before they knew the program might be .1% more efficient with this instruction discovered in 2025!” – would that really change how you feel about the device? We live in an age of bloat; most software has way higher overhead that could be optimized away.

However, lots of people will fail to realize that, again, this is not an exploit so I’ll enjoy lower ESP32 prices for future home automation projects.

That’s like saying “I want a list of all devices with ATmega328P.” Anyone can make a unique device with this chip as the processor, in fact I have. It’s a chip with an extremely low barrier of entry thanks to extensive documentation, lots of dev boards and libraries. Not as low as the 555 (lots of people’s first IC) but WAY lower than anything you’d traditionally consider a 32-bit CPU.

Anyway, even if you obtained the list magically, it would be of little use. To be clear: this is not an exploit. The chip just has more instructions than previously thought – instructions that you write into your program when building an ESP32 device. This can make some programs a little faster or smaller but you still need to flash them onto the microcontroller – using physical access, OTA (if you set it up in the existing FW) or some exploit (in someone’s OTA implementation, perhaps).

There is nothing to “fix”. Undocumented instructions have just been found in the silicon but they are not executable unless the ESP32’s firmware their owner flashed to give it a purpose uses them. No pre-2025 firmware that we know of uses these instructions, and they might turn out to be buggy so compilers might not adopt them. If they turn out OK, the documentation of the instruction set will need an update, and compilers will be able to take advantage of the new instructions.

Yes, this is about undocumented instructions found in the silicon but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).

It is good to question the “backdoor” allegations - maybe the instructions’ microcode was buggy and they didn’t want to release it.

This is about silicon. Undocumented instructions have just been found in it but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).

This is about silicon. Undocumented instructions have just been found in it but they are not executable unless the ESP32’s firmware uses them. Firmware cannot be edited to use them unless you have an existing vulnerability such as physical access or insecure OTA in existing firmware (as far as researchers know).

Yup. Most European countries barely use stop signs as opposed to the US.

Wait until it learns that lanes can be turned into dedicated tram corridors.

Try it with Intel integrated graphics, sucker

Some people have torrents across various directories or even renamed files in them (yes, it’s possible and useful for crossseeding between trackers with different naming schemes). Of course, this makes migration way more difficult.

Is there an audio version other than TTS? I know Ed does podcasts but the newsletter isn’t one of them.

I hate how English overuses personal pronouns.

“Know your ABCs?”

Nyet. I refuse to take ownership of the modern Latin alphabet, which is used by billions of English speakers worldwide and with minor variations by over a hundred more languages. An ordering of its letters is a common good by and for the public domain. Its entire point is being standard so it would lose all value if there was “ABCs” of mine, yours or any other single person rather than “the ABCs”.

How is Signal not privacy-friendly? It’s the most private thing that can be called a “messenger app”.

Also the required diacritics use the number row on Czech keyboards so you need a numpad or type numbers with Shift.

You’re right, they got called out as a “honeypot” for basic KYC and not having E2EE (which you can’t with email AFAIK)