This isn't even in Broadcom code.

Maybe not this time, but they have a history of fatal firmware bugs that could compromise the host system - such as http://boosterok.com/blog/broadpwn2/

For what it's worth, Broadcom's market share in attractive heavy-firmware wifi adapters is pretty high. They could just be an exploit magnet.

Does that mean that all embedded WiFi (and probably also baseband) controllers are deeply rotten, and we only blame Broadcom so far because of their popularity with device manufacturers?

Pretty much.

In general, you can assume that if you can't audit it, it's absolute crap. This is true for hardware and software.

These companies with widely available low level firmware should really switch to Rust.

I love rust and have rewritten a dozen cross-platform utilities in it, but rust is nowhere near usable for general purpose embedded development.

why??

Go with Qualcomm? Last time I check Atheros aren't any better software wise and much worse in hardware.

I am not sure if there are any real alternative to Broadcom WiFi and Ethernet, apart from Apple making one themselves.

( The W1 and W2 may be part of this )

This is a Hacker News post about an interesting security vulnerability. It is, by both moderator and owner intentions, specifically meaningful in the 'grand scheme' of Hacker News, a site set up to permit people to discuss links.

Yes, at a different level of business, Apple has an open lawsuit against Qualcomm, but that's not the scope that we're here to discuss. Mentioning it is fine, linking to a recent HN post about it would be stellar!, but "It means nothing in the grand scheme" is dismissive and wrong.

Your concerns are clearly expressed, but insulting others for choosing to discuss a topic not relevant to your concerns is no excuse to shut them down verbally. That approach is not welcome here.

EDIT: I'm not a mod or anything.