St. Jude Merlin@home Transmitter Vulnerability
- by kmcgrath
- 2017-01-09 19:29:57
- Interferences
- 2215 views
- 3 comments
My son gave me a heads up email on this alert this morning. I have a Medtronics device but you St. Jude people may want to read this:
https://ics-cert.us-cert.gov/advisories/ICSMA-17-009-01
3 Comments
Re: Merlin
by N8UAD - 2017-01-12 13:53:02
This is much ado about nothing. Actually just having the device puts you at risk Grateful Heart, that being said any "attack" would have to take place at at distance of 6 to 10 feet from you, it would be so obvious to you that it wouldn't be practical, the only other way would be for them to attack via the Merlin at home network, which isn't going to be easy. Also the addressing information that they would have to have in order to "attack" a device is another thing that they're not talking about. I have a St. Jude ICD, and Merlin@home, I'm not losing any sleep over this, with 34 years of working on communications systems, digital, voice, via radio or wire, I know too much too even let this bother me.
Indeed N8UAD
by Grateful Heart - 2017-01-12 17:12:44
But my response was in reference to the Advisory that was posted, not in general.
I'm glad you know too much and you're not bothered.....but there may be some newbies who were concerned after reading the Advisory. Perhaps you could reassure them.
Grateful Heart
You know you're wired when...
You can shop longer than the Energizer Bunny.
Member Quotes
I am an avid scuba diver.
No Need to Panic
by Grateful Heart - 2017-01-09 20:13:29
Apparently, the vulnerability is with the Merlin box AND a St. Judes device.....if you have BOTH.
And if you have both, keep your Merlin plugged in and ON so they can update a software patch for the Merlin. In fact, if you have a Merlin regardless of device brand, it's probably a good idea to keep the Merlin on so they can update/ patch it.
Grateful Heart