Building an open-source Wi-Fi Mac layer for the ESP32
25 comments
·March 9, 2025megamix
magnat
1. They might have used IP cores with license that forbids disclosing any technical details, including firmware implementation.
2. Manipulating RF registers could cause the device to operate outside of regulatory parameters, perhaps invalidating FCC certification for the whole device. By not disclosing how to use MAC directly, they can claim they did their best to prevent device from misbehaving.
luma
Item 1 is certainly the case here. Espressif licensed most of their original IP from tensilica, and this is completely normal for building a commercial microcontroller. If you don't have the in-house skill to build a complete WiFi radio stack from the ground up, you simply license the IP core and roll it into your product.
Nice work by the presenters here, it's a good idea and might help the community, but the current state is not the result of Espressif trying to be jerks.
KennyBlanken
The second item has been trotted out for roughly two decades as an excuse for why router companies block open source firmwares.
In those two decades there's been no evidence the FCC or other regulatory bodies follow that theory, and no evidence that open source firmware causes "misbehavior."
Please stop talking about it like it's an issue. It isn't.
MadnessASAP
The chaos that surrounded the Flipper Zero clearly indicates that it is an issue.
mannyv
People have been trying to shoehorn the Internet into the OSI model for decades. It's like the OSI supporters have waged a campaign to be relevant...and won.
It's a nice model, but once it gets above the phy layer it becomes sort of bad.
londons_explore
A huge part of the cost of developing a WiFi chip is in the firmware. WiFi is a complex set of protocols, and is especially tricky to implement in a low ram, low compute, power constrained device.
There is perhaps a 50/50 effort split between firmware and hardware design. Open source the firmware and suddenly an upstart competitor has only half the cost to market, and therefore could undercut you in price.
IshKebab
Just in case you didn't know, the OSI model is wrong. The world uses the "TCP/IP model" - there's no "presentation layer" for example.
brookst
I would argue that the higher layers of OSI become more abstract and blurry, but it’s not wrong per se. TLS maps fairly well (not perfectly) to presentation layer.
Then again, OSI works best as a descriptive model rather than prescriptive. Plenty of applications don’t follow the model at all. QUIC is largely an optimization by collapsing many functions that OSI models as separate layers into one monolithic thing.
null
rubatuga
OSI MAC =/= WIFI MAC + PHY
pvtmert
i'm also not professional networking engineer but overall open core will allow;
better interfacing and integration as a wifi chip on SBCs like raspberry pi, potentially allowing faster rates and lower latencies on SPI or I2c buses
better security and possibly handling further standards than the espressif allows.
for example, you may implement wpa3 or wpa4 (if it comes out at some point) without needing to wait for espressif to implement and release themselves. plus, they may never have the incentives to do so if a newer chip (esp64?) comes out...
mannyv
One big win might be power savings.
numpad0
It's just local maxima of utility. Not global ideal but pragmatic useful solutions. They could have delayed release for a century or two until a truly fair and open chip could be designed and fabricated, or you can get the chip today and complain about its pathetic proprietary nature along this long journey towards idealist heaven. The latter is way better.
iou
Timely post with the vulnerability research this week? https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-...
luma
This outfit has changed the term "backdoor" to mean "any undocumented feature". The findings reported are absolutely not a backdoor in any conventional usage of the term. One would need to flash their own code to the micro to make use of these features, which is the normal operating mode for any micro device.
This is nothing other than a security research team trying to get some attention by crying wolf.
dugite-code
That was related to Bluetooth. Interesting undocumented low level commands but it's a bit of a stretch to call it a vulnerability IMHO.
But having the whole stack open would just be better in general.
gibibit
Correct. HN thread https://news.ycombinator.com/item?id=43301369
Not a vulnerability in the way that Tarlogic makes it sound. Disingenuous and misleading article for sure.
nottorp
A good bunch of "security" articles that make the news look more like scareware to me in the past years.
mystified5016
This isn't a backdoor, it's just an undocumented debugger in the HCI stack. You still need a physical UART connection to the device AFAIK. The exact same type of connection you use to program and debug the device normally.
pabs3
A list of other open source firmware:
null
bastard_op
I was watching the 38c3 talk about this a few months ago, and just laughed seeing the recent news. Guess they have a good reason to be paranoid, hmm.
I’d like someone to explain this to me as I find this interesting. I have tech background but the OSI model is not something I’ve interacted with directly.
Some questions I come to think of
1. Why ESP32 made it closed? 2. What does the MAC layer in the OSI model make it so important to either make this closed/open source ?
From the article: "security auditability", possibility for features not supported, make research into Wi-Fi networks with lots of nodes more affordable.
E.g. ESP32 is proprietary, but it doesn’t limit the connection to certain routers, but could it be made to be?