+- Apnea Board Forum - CPAP | Sleep Apnea (https://www.apneaboard.com/forums)
+-- Forum: Public Area (https://www.apneaboard.com/forums/Forum-Public-Area)
+--- Forum: Main Apnea Board Forum (https://www.apneaboard.com/forums/Forum-Main-Apnea-Board-Forum)
+--- Thread: Semi-permanently disabling modem in ResMed Airsense 10 (/Thread-Semi-permanently-disabling-modem-in-ResMed-Airsense-10)
RE: Semi-permanently disabling modem in ResMed Airsense 10 - wp6529 - 03-18-2015
(03-18-2015, 01:44 AM)k_ogre Wrote:(03-17-2015, 10:36 PM)wp6529 Wrote: I consider it a pretty big security risk, not just letting your data out, but also the likely hackability of the device and what could be done that way. I don't have my xPAP yet (couple weeks probably), but I'm looking at the S9 and avoiding the 10s for this issue as well as I like the modular design of the 9 over the 10.really do you have internet? cell phone ? those can be hacked 100 time easier than your a10 can and can get 1000 times more data. you should think about the fear you put in peoples head with your unfounded hack paranoia.( how many proven hacks on a apap) the modem helps your care givers to get up to date info on your health if you don't trust your medical team get a new one.
I work in the IT world and see the daily attacks on pretty much anything that is remotely accessible. As I noted much of the concern is with the probable hackability of what is essentially a life support device and has the potential to kill someone if used maliciously. There has been plenty of discussion of this issue by various IT security experts as it relates to other "connected" medical devices such as pacemakers, ICDs, insulin pumps, etc. It's a very valid concern and hacks on such devices have been demonstrated at security conferences.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - k_ogre - 03-18-2015
It's a very valid concern
no it's not just people spreading panic to make money.
medical devices such as pacemakers, ICDs, insulin pumps
really? how many cases can you post?
as a "IT" person would know that to hack anything you 1st need to access it (ok cell modem but what # or numbers it's not likely a standard cell #)
password not the hardest thing
how about the os ? what ever you pull is junk with out the os
and the most important why ? just for kicks ? not likely just nothing in return again they would just hack your phone it's 100 times easier and has useful data.so dump you net and phone and stop putting fears that can harm in people head.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - Sleep87 - 03-18-2015
(03-17-2015, 11:02 PM)big_dave Wrote: I wouldn't do this on a rental machine. The DME may consider it breach of contract due to malicious damage. Only do this if you own the machine outright.
One nice thing about this technique is that it is reversible. If you want to return the machine to the vendor, you can plug the modem back in. Most likely, though, you'll be renting-to-own. In a few months, the DME vendor's opinion won't matter at all.
In the meantime, the effect is the same as if you (successfully) kept the machine on airplane mode 24/7: the only way for the DME vendor to get your data is if you deliberately give it to them (on an SD card).
RE: Semi-permanently disabling modem in ResMed Airsense 10 - wp6529 - 03-18-2015
A quick search on "security risks of connected medical devices" will provide plenty of valid results, including from the FDA and a nice article in a medical device manufacturer magazine which references the hack demonstration at a conference.
"it was not until Jay Radcliffe demonstrated a potential attack through the wireless interface of a patient-worn insulin pump that awareness of medical device security issues “exploded,” prompting a U.S. Government Accountability Office inquiry into medical device security issues"
RE: Semi-permanently disabling modem in ResMed Airsense 10 - on the virge - 03-18-2015
While the debate about hacking continues, the situation that bothers me most is that the DME can use the modem to change my settings without getting in touch with me first. The CPAPer should have easy control of whether the modem is enabled or not. If a change is required then the CPAPer should be advised and asked to enable the modem, similarly for reporting compliance data.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - trailrider - 03-18-2015
Actually, where I live it could be considered a privacy issue. My DME does not have the right to read my data without my permission. Why is there no upload disabling switch. Also, why do does one need to be a "clinician" to set the time twice a year?
As a patient, I find this level of assumed ineptitude extremely patronizing.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - trish6hundred - 03-18-2015
Hi Sleep87,
WELCOME! to the forum.!
Much success to you with your CPAP therapy.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - Crimson Nape - 03-18-2015
Sleepy87,
Good job. I noticed that Resmed recently pushed a software update via the modem for the AS10. It's a shame you can't make that external connection for occasions like that.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - eseedhouse - 03-18-2015
(03-18-2015, 04:46 AM)k_ogre Wrote: roving gangs of "CPAP hackers"
Hackers of any type are hardly noted for their "roving". I suspect most of them spend about 18 hours a day in their bedroom in their parent's basement.
RE: Semi-permanently disabling modem in ResMed Airsense 10 - retired_guy - 03-18-2015
Good grief.
1. "Someone could hack my cpap machine!" So what? There really isn't anything there that they can fool with that will kill me. It might inconvenience me, or screw up a nights sleep or something, but that's about it. So if someone's greatest desire in life is to find out what my ahi results are? Well, ya coulda just asked me. But nooooooooooo you picked me out of what, maybe a million or so cpap users to futz with? Ok. Have your way with me, but first I'm gonna go by a lottery ticket.
2. "I don't like Resmed, etc. monitoring me." How about "google?" or "yahoo," or "Microsoft." Problem with those? They know a heck of a lot more about you than Resmed or anyone can learn from monitoring or hacking your cpap machine. Why aren't you pulling the cord to your computer connections if this is a concern.
3. "My DME might change stuff without telling me." Just for the fun of it I suppose, because why else would they go to the trouble of giving you the time of day and risk their business while they're at it? It's not like, as a general rule, they do that when you call them up for help or assistance.
4. Most compelling of all to me is "Wow, I've got this nice new machine. Like all nice new machines there will be updates to it's software or firmware. Perhaps very important updates. I won't get those because I keep my modem disabled/turned off. Ha ha! The jokes on them!"