To the ESP32 and conspiracy theories surround the ESP8266. China? WiFi? Killswitch? A explosive document from the think tank ICITNewbie. Someone new to a group or activity.had already caused a stir in 2020 with a report. This now updated essay once again provides reasons and arguments that clearly illuminate this thesis from one side.
A one-sided view
In the cybersecurity scene, it's not uncommon for certain technologies or devices to come under particular scrutiny. This one-sided examination can be attributed to various factors, including the prevalence of the technology, known vulnerabilities, and the potential risks to users and infrastructure. The ESP8266 and ESP32 chips are widely used in a variety of IoT devices and critical infrastructures. This high prevalence significantly increases the potential impact of security vulnerabilities. The ESP8266 and ESP32 chips feature a CPU, their own memory, an integrated 2.4 GHz Wi-Fi antenna, and the ability to download updates over the internet. This autonomy makes them potential „perfect weapons“ for cyberattacks. An infected device only needs a power source to execute malicious functions, making it difficult to detect and combat.
A fundamental principle of any threat analysis is to expose the entry points and technical aspects, regardless of the attackers' motivation. This also applies to the ICIT report, which, while mentioning political aspects, primarily focuses on technology.
Another important aspect is the architecture of the ESP32 chips. They do not use an ARM-based processor, but the 32-bit Tensilica Xtensa LX6. Microcontroller. These microcontrollers are based on the Xtensa architecture, which was designed from the ground up to be highly customizable, allowing manufacturers to optimize their processors for specific applications. This is not surprising from a technological standpoint. However, unlike ARM, Xtensa allows for completely custom instructions, while ARM's Custom Instructions remain heavily tied to the classic ARM data model. This naturally also creates room for speculation about potential „incidental software“ or malicious IPs.
Attack vectors and threat scenarios
If Espressif devices are compromised, attackers could use them for large-scale Distributed Denial-of-Service (DDoS (Distributed Denial of Service)-to carry out attacks, spy on sensitive data, or disrupt the operation of critical infrastructures. Particularly concerning is the fact that these chips are embedded in a variety of IoT devices, which are often insufficiently secured. Another aspect that heightens concerns about Espressif devices is geopolitical tensions. As Espressif Systems is a China-based company, there are concerns that the Chinese government could exert influence over the company to carry out cyber espionage or other malicious activities. These concerns are comparable to those regarding other major Chinese technology companies like Huawei and ZTE. The possibility that Espressif chips could be used to penetrate private and industrial networks worldwide and collect information or carry out acts of sabotage makes these devices a potential security risk in geopolitical conflicts.
The ICIT report specifically names the following attack scenarios:
Distributed Denial-of-Service (DDoS) AttacksAttackers could exploit the firmware of Espressif devices to carry out Layer 2 DDoS attacks that cannot be stopped by conventional security solutions. Such attacks could only be terminated by physically removing the devices.
Espionage and data exfiltrationAny ESP8266 or ESP32 device connected to a Wi-Fi network could collect data about network traffic behavior and send it to an external server. Linking MAC addresses with geographic locations could create a global surveillance map that could be used for espionage purposes.
Time Log ManipulationBecause many Internet connections are based on transport Layer Security (TLS) based on accurate timekeeping, Espressif devices could query manipulated time servers in Beijing without being noticed. This could endanger the integrity of communication protocols.
Closed sourcesIt is at least noteworthy that while the majority of the network code and WPA2 integration in the ESP32 is open source, the Wi-Fi library is not. This fact reinforces concerns about the possibility of malicious firmware being injected into this undisclosed component, thereby limiting the verifiability and transparency of security measures. A potential remedy for this situation lies in a large portion of open community code that provides open-source stacks for Wi-Fi.
Industrial Aspects and Consumer Perspective
The threat from Espressif devices affects both consumers and industrial companies. Consumers could unknowingly purchase infected devices that operate unobtrusively for them but open up the network for surveillance or interference. In industry, such devices could endanger the security of critical infrastructure.
Espressif's market strategy raises „questionable financial aspects“ according to ICIT, and there are „discrepancies in market positioning and behavior that we found concerning.“ Questions have been raised regarding market share gains at the expense of profits and the level of Espressif's R&D expenditures. However, these characteristics are typical of innovative technology companies entering existing markets.
According to the ICIT report, Espressif is profitable. In fact, Espressif claims that the company is not only profitable but also maintains a healthy profit margin of over 40% and has never engaged in unethical or anti-competitive behavior to gain market share. Espressif’s operating income has increased every year between 2016 and 2019 and is expected to do so again in 2020.
Espressif points out that in exchanges with their customers, they are not the cheapest provider on the market. They use the TSMC process, which requires a higher price than other competing foundries, and build chips with more memory so their customers can develop more complex applications and thus create more value. This enables their customers to create better applications.
An example of this is the latest ESP32-C3 chip, which has 400KB of memory, while most competing products have around 256KB. (Memory takes up a significant portion of a chip's cost.) It is not Espressif's strategy to simply rely on large volumes with very low-cost chips or to sacrifice profit margins solely for market share.
Espressif's profit margins have exceeded 42% in recent years, which is higher than those of most companies in this sector. Profit margins are a top priority for Espressif, as they serve as the best measure of the quality of its design efforts.
Espressif defends its position by emphasizing the innovative power and added value of its products. The higher memory capacity and advanced features of Espressif chips enable customers to develop more powerful and versatile IoT applications. This underscores the company's commitment to quality and innovation, which is also intended to promote the security and reliability of Espressif products in the long term.
Summary
The financial and market strategic aspects of Espressif demonstrate the company's aim to maintain a strong market position without neglecting ethical standards. Despite the allegations, Espressif remains a key player in the IoT sector, with its products widely used in both consumer devices and critical infrastructures. However, this extensive use makes it all the more important to continuously monitor and improve the security and integrity of Espressif chips to prevent potential threats and attacks. The geopolitical sensitivity of the Espressif ESP8266 and ESP32 chips lies in the potential use of these devices for cyber espionage and sabotage by state actors. Since Espressif Systems is based in China, there are significant concerns that the Chinese government could exert influence over the company to support global cyberattacks. These concerns are comparable to those regarding other Chinese technology companies such as Huawei and ZTE. The widespread use of Espressif chips in IoT devices and critical infrastructures worldwide increases the risk that these technologies could be used as tools for surveillance and sabotage in geopolitical conflicts.
