03-18-2015, 07:55 AM
(This post was last modified: 03-18-2015, 07:57 AM by wp6529.)
A quick search on "security risks of connected medical devices" will provide plenty of valid results, including from the FDA and a nice article in a medical device manufacturer magazine which references the hack demonstration at a conference.
"it was not until Jay Radcliffe demonstrated a potential attack through the wireless interface of a patient-worn insulin pump that awareness of medical device security issues “exploded,” prompting a U.S. Government Accountability Office inquiry into medical device security issues"
While the debate about hacking continues, the situation that bothers me most is that the DME can use the modem to change my settings without getting in touch with me first. The CPAPer should have easy control of whether the modem is enabled or not. If a change is required then the CPAPer should be advised and asked to enable the modem, similarly for reporting compliance data.
Actually, where I live it could be considered a privacy issue. My DME does not have the right to read my data without my permission. Why is there no upload disabling switch. Also, why do does one need to be a "clinician" to set the time twice a year?
As a patient, I find this level of assumed ineptitude extremely patronizing.
WELCOME! to the forum.!
Much success to you with your CPAP therapy.
Good job. I noticed that Resmed recently pushed a software update via the modem for the AS10. It's a shame you can't make that external connection for occasions like that.
Statistics prove that people who have more birthdays live longer.
(03-18-2015, 04:46 AM)k_ogre Wrote: roving gangs of "CPAP hackers"
Hackers of any type are hardly noted for their "roving". I suspect most of them spend about 18 hours a day in their bedroom in their parent's basement.
I am neither a Doctor, nor any other kind of medical professional.
Actually you know, it is what it isn't.
1. "Someone could hack my cpap machine!" So what? There really isn't anything there that they can fool with that will kill me. It might inconvenience me, or screw up a nights sleep or something, but that's about it. So if someone's greatest desire in life is to find out what my ahi results are? Well, ya coulda just asked me. But nooooooooooo you picked me out of what, maybe a million or so cpap users to futz with? Ok. Have your way with me, but first I'm gonna go by a lottery ticket.
2. "I don't like Resmed, etc. monitoring me." How about "google?" or "yahoo," or "Microsoft." Problem with those? They know a heck of a lot more about you than Resmed or anyone can learn from monitoring or hacking your cpap machine. Why aren't you pulling the cord to your computer connections if this is a concern.
3. "My DME might change stuff without telling me." Just for the fun of it I suppose, because why else would they go to the trouble of giving you the time of day and risk their business while they're at it? It's not like, as a general rule, they do that when you call them up for help or assistance.
4. Most compelling of all to me is "Wow, I've got this nice new machine. Like all nice new machines there will be updates to it's software or firmware. Perhaps very important updates. I won't get those because I keep my modem disabled/turned off. Ha ha! The jokes on them!"