Medtech giant Medtronic is quite a piece of work. The company started as a Minneapolis repair shop before growing to be one of the world's largest, most profitable - and lowest-taxed, thanks to financial engineering - corporations.

1/
Despite the company's origins in conducting unauthorized repairs on behalf of hospitals and other device owners, Medtronic (along with Apple) has led the fight to kill dozens of state #RightToRepair bills:

https://pluralistic.net/2020/07/10/flintstone-delano-roosevelt/#medtronic-again

2/
Medtronic's dirty tricks campaigns against R2R are especially salient now, because the company has sabotaged its ventilators so they can't be repaired by hospital engineers without obtaining an unlock code from the company:

https://pluralistic.net/2020/07/10/flintstone-delano-roosevelt/#medtronic-again

3/
But Medtronic's device defects aren't limited to ventilators. At least as alarming is the company's history of making personal medtech devices (including pacemakers) that are insecure in every conceivable way.

4/
Medtronic devices have been shown to be LETHALLY compromisable by sending them unencrypted wireless signals or just by poisoning their unsecured supply chain, which allows you to inject malicious firmware into devices en masse.

5/
If there was ever a manufacturer whose customers needed to be able to turn to third parties to shore up its products (literally) fatal deficiencies, it's Medtronic.

6/
Which brings me to the present moment. It's been two years since QED Security Solutions' @XSSniper and Jonathan Butts presented their work on Medtronic's Minimed insulin pump, showing that it could be remotely controlled by cheap wireless devices.

7/
Among the attacks they enabled: dumping the device's full supply of insulin, potentially killing the person wearing it.

8/
The defects they identified were intrinsic to the device and the only defense was disabling the wireless, which rendered the device useless for family members who helped loved ones manage their insulin (especially young kids or people with dementia, etc).

9/
Still, Medtronic dragged its feet on a recall, saying (incredibly) that it had known about these defects for years before Rios and Butts told them about it, but had decided not to fix them and didn't see why that should change now.

10/
Finally, though, the company has launched a "voluntary recall" - after Rios and Butts built an Android app that exploited the defect they identified and created a "universal remote for every one of these insulin pumps in the world" and presented it at Black Hat.

11/
This is an app that would let the user murder Medtronic users from a distance of several feet. Obviously, they haven't released it, but the publicity did its job.

https://www.wired.com/story/medtronic-insulin-pump-hack-app

Finally.

eof/
Hackers Made an App That Kills to Prove a Point

Medtronic and the FDA left an insulin pump with a potentially deadly vulnerability on the market—until researchers who found the flaw showed how bad it could be.

https://www.wired.com/story/medtronic-insulin-pump-hack-app
You can follow @doctorow.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more