You can use an online tool to look up the Bluetooth [1] or Wifi [2] MAC of the device. If it's espressive you've got one of their chips. That doesn't guerantee that it's not one of the others they make. You can also open up the device and look for the esp32. They almost always look the same with their metal can ontop.
The risk has been estimated as 0.3 out of 10
Don't worry about it.
[1] https://ipnet.tools/bluetooth-device-address-lookup-tool [2] https://ipnet.tools/mac-lookup-tool
Someone correct me if i'm wrong, but it looks like it's not the big deal the original blog post makes it out to be.
To issue those undocumented HCI commands one either needs to hijack a computer/soc/mcu that is connected to an esp32 with HCI UART transport enabled or put malicious software on the esp itself.
The mac spoofing might be interesting for people building hacking tools, however.
Just pick one of the many registrars and server hosts that don't care about takedown requests and host a website with them.
That way it stays more accessible to everyone.
I agree in principle but using Tor won't affect DMCA takedowns.
It ain't so.
To use the "backdoor" an attacker needs to have full access to the esp32 powered device already.
It's like claiming that being able to leave your desk without locking your PC is a backdoor in your OS.