The insulin pump hacking underground.
April 29, 2019 6:04 PM   Subscribe

Obviously, you can’t just call up Medtronic to order a discontinued pump with a security flaw. The security issue doesn’t bother Boss, whose day job is in IT. There’s a tiny, theoretical risk that someone who knows his pump’s serial number and gets physically close can take over. But, he says, “if I drink coffee in the morning and forget to enter it into my phone, my blood sugar is going to be higher than normal.” The everyday risk of making such a mistake outweighs the remote risk of someone else hacking his pump.
posted by bitmage (30 comments total) 19 users marked this as a favorite
 
My husband has had type-1 diabetes for 35 years and I’ve witnessed half of that. Even without the closed loop artificial pancreas, he lives a life without finger pokes or abdominal shots before every meal. I can track his blood sugar from my phone. What a world we live in.
posted by gryphonlover at 6:38 PM on April 29, 2019 [4 favorites]


While I'm very sympathetic to patients who do this it doesn't make any sense for me compared to the 670G from medtronic which does most of the important things and has a warranty / product support.
posted by BrotherCaine at 6:54 PM on April 29, 2019


Gosh, I wonder if I still have my old Medtronic pumps? It doesn't sound like me to just throw something like that away. I'm not ready for looping myself, but I'd be happy to donate them to someone who is.

I have a friend whose 13-year-old son just started looping. They're both really excited about it.
posted by The Underpants Monster at 7:30 PM on April 29, 2019 [3 favorites]


This is super cool! Thanks for sharing the article.

Yeah there is a medtronic minimed thing that does this, but it locks you into the Medtronic ecosystem. With plug and play there is just that more robustness from diversity.

And while it would be great to have 'real' products that are FDA approved, there's just something about the human ingenuity and hacking that I just like. Makes me feel that I can be self-sufficient.
posted by freethefeet at 7:43 PM on April 29, 2019 [1 favorite]




Another good, very recent, article on this is from Scott Hanselman: Open Source Artificial Pancreases will become the new standard of care for Diabetes in 2019.

I'm not Type 1 myself, but I've been managing my elderly father's diabetes care for a long time now. We have recently switched to Dexcom's G5 system that supports a caregiver monitoring BG levels remotely via iOS or Android apps. For years before that, with the G4, we used to plug his receiver in to a little computer running custom software I cooked up on his bedside table at night that would text or call me when he was going out of range. I can't imagine how I'd have held things together without that.

He isn't at a point in his life where we are going to start Looping now, but a decade ago we'd have been early adopters for sure.

These sorts of technologies absolutely save lives. There is no good technical reason they shouldn't have been open and widely available years ago now. It's finally coming together, thanks almost entirely to the NightScout and #WeAreNotWaiting movement rather than the companies or regulatory agencies.
posted by bcd at 10:54 PM on April 29, 2019 [4 favorites]


My first reaction to this was discomfort, because it feels like journalism about Nintendo rom sites, but worse - if you tell the public, you're telling lawyers, and that's going to jeopardize the thing you're discussing.

I want a version of this article to exist that's only visible to people who will be okay with it, but I also don't really know how much of like Nightscout's assorted integrations are acceptable to device manufacturers and their regulators.
posted by bagel at 11:14 PM on April 29, 2019 [2 favorites]


A random diabetes tech stories for the oldtimers, probably hard to imagine for anyone diagnosed in the last couple decades:

In the late 70s he had an original Glucometer - that was the brand name of the earliest home units, not yet a generic name for the type of device. They were the size of a brick, needing blood to be applied to the strip, then manually timed and finally rinsed off before inserting. He carried it around in a camera bag designed for an SLR and associated bits.

Somewere into the 80s it was quite exciting to get what I think was an original OneTouch, though there have been a lot of brands over the years and that memory is a bit blurry. The shocking bit, by modern standards, is that it had a a 3.5mm stereo jack that was clearly designed for data but no instructions or cables. It was a new/small enough organization then that we were able to get a hold of someone who sent me a hand assembled patch cable from that to a DB-25 serial connector and a single photocopied page describing the 'protocol' such as it was. 8 bits, no parity, 1 stop bit, 9600bps with XON/XOFF flow control. You could type three letter commands at it with your favorite terminal emulator and update settings to dump data. It wasn't long before I had charts and graphs in Excel rather than a hand-written logbook to send to the endocrinologist.

We've come a long way.
posted by bcd at 11:20 PM on April 29, 2019 [18 favorites]


bcd, that sure brings back memories! My first Glucometer came in a case about the size of an encyclopedia. You had to get a big drop on the strip, count to some number I can't remember, blot it with a tissue, and then insert it. And I remember having to go to the hospital lab and have blood drawn just to get an a1c! Mixing long-acting and regular insulin in one syringe.

(On the flip side, I also remember that if something happened to a vial of insulin I could go to the pharmacy and buy a replacement out of pocket for $40.)
posted by The Underpants Monster at 11:55 PM on April 29, 2019 [1 favorite]


I do not have Diabetes, but I found this article and the one posted by bcd to be fascinating. People hacking for good, people being supportive of each other, open source, etc is refreshing to read about. It seems as if this is a real community, the type of community online that I thought was intended rather than the types that have artificially been the standard as set by some big tech company. Maybe I am projecting too much on this, but it seems refreshing.
posted by AugustWest at 11:59 PM on April 29, 2019 [1 favorite]


Oh yes, I completely forgot about the blotting part - a stack of cut up pieces of papertowel for blotting was one of the supplies in that camera bag. We also had little bottles though, one of distilled water to rinse with and an empty one to rinse into when not near a sink. Maybe that was different model. It is a long time back now.

The price of insulin in the US is absolutely criminal. We're in Canada, and a vial of lispro/humalog is still around $50 - and I'm quite certain Eli Lilly continues to turn a profit at that.
posted by bcd at 12:10 AM on April 30, 2019 [2 favorites]


I'm a little surprised no one has figured out how to jailbreak the newer pumps and flash firmware onto them that allows remote control. It's not like a pacemaker, where the hardware is physically implanted in you and not accessible. Exploiting an old security hole seems like a guarantee for obsolescence (those pumps are going to get rarer and rarer as they wear out, and the prices on them are inevitably going to creep up as supply dwindles), and the security risk is non-zero. I'd much rather see a device flashed with third-party firmware that uses proper security to keep intruders out.

I personally wouldn't feel comfortable working on code like that, but for folks who are part of the community and are basically hacking their own bodies via insulin pumps, it seems like it would be a natural extension of what they're already doing.
posted by Mayor West at 5:26 AM on April 30, 2019 [1 favorite]


(The sticker price of new Medtronic pumps runs over $7,000.)
Oh, never mind, let's just wait for some Silicon Valley techbros to disrupt the insulin pump market and sell their own proprietary pump that allows third-party mods. The FDA will pitch a fit, but at $7K a pop, I can hear the stampede of venture capital and regulatory capture already.
posted by Mayor West at 5:29 AM on April 30, 2019


This is late, hope some people are still looking at this but came across a recent hacking story of decoding one of the newer pumps, the radio controlled Omnipod.
posted by aleph at 7:51 AM on April 30, 2019 [3 favorites]


Mayor West: Yes, pumps have always been around that price, across all the models and over a couple decades. Clearly they've decided that's what the market will bear. Not sure the VC crowd will be that excited about it though, because while it's high-margin, it's low-volume. The vast majority of diabetics are Type 2 and pumps aren't generally indicated there.

aleph: That's a great write-up. Hanselman has a related piece on that as well. It is less technical, more just his initial exploring with SDR and snooping on his pump, that might be of interest to others.
posted by bcd at 1:34 PM on April 30, 2019 [1 favorite]


Having put custom ROMs on android phones, I think people who want to open source their insulin pump are risk-tolerant to the point of crazy. I mean hacking for additional reporting or alerts is one thing, but actual insulin delivery is kind of nuts.
posted by BrotherCaine at 2:19 PM on April 30, 2019


It seems to be a kind of necessary nuts, in some cases. Others, not so much.
posted by aleph at 2:38 PM on April 30, 2019 [1 favorite]


Having put custom ROMs on android phones, I think people who want to open source their insulin pump are risk-tolerant to the point of crazy. I mean hacking for additional reporting or alerts is one thing, but actual insulin delivery is kind of nuts.

Compared to a proprietary closed-loop system, maybe, if you can afford the one (1) version of those presently available, and you're confident you or your insurance can keep paying for its components. There's risk there, sure, and it's unlikely that there'd be as much open source pump demand if getting medical equipment via insurance weren't such a clusterfuck.

If my choices were a) "set up Loop or another closed-loop open source system to read my blood glucose levels and my food logging and do the right things" OR b) "try doing the right things myself, like an older T1D relative did, by reading nutrition facts and CGM output and pushing buttons myself," then b) seems like the obviously absurd choice.

Like, doing pump input by hand is simple arithmetic. It's arithmetic I'd have to do 24/7/365, when I'm asleep, busy, or partying, and when messing it up could kill or hospitalize me. That sounds extremely, radically unlike a task humans are more suited to than computers.
posted by bagel at 2:44 PM on April 30, 2019 [3 favorites]


"and has a warranty / product support"

Given that my wife is on her 4th 670G in less than 2 years - that is kind of an important point.

However, she runs damn near normal blood glucose levels, and the auto mode on the 670G is not configurable, so you live with what they decided was low or high. Those levels run her way higher than she runs managing the pump manually, so much to her doctor's and the Medtronic reps dismay, she won't use auto mode. She also turns off the CGM at night, which seems to make the damn thing last longer and run more reliability. The 670G really feels like a beta product to me.

Her dad was an executive at Eli Lilly through the 70s and 80s. She "got" to test some products that never made it to market, or didn't last long. Lilly tried to release a blood test meter that didn't need strips. And she had a hardcover book sized blood meter that had to be plugged in and warm up for 10 minutes prior to a reading. That was damn convenient in a restaurant.

But I still think Medtronic is basically the embodiment of evil.
posted by COD at 2:52 PM on April 30, 2019 [2 favorites]


Like, doing pump input by hand is simple arithmetic. It's arithmetic I'd have to do 24/7/365, when I'm asleep, busy, or partying, and when messing it up could kill or hospitalize me. That sounds extremely, radically unlike a task humans are more suited to than computers.

And to further complicate the ethical burdens and risk/reward assessments, consider the common case of where the pump-wearer is a small child and it's the parent who is responsible. (Or the similar, though less common, case like mine where they are blind and have age-related cognative decline.)
posted by bcd at 2:55 PM on April 30, 2019 [2 favorites]


We haven't used a Medtronic pump in 7-8 years now, but our experience with a couple different models from them before that was pretty fair. I don't like the fact that they are locked in even to the point of using a non-standard connector to the tubing.

The Animas pump we used more recently had a standard Leur lock on the cartridge which meant it took standard needles and there were options from different vendors in compatible injection sites. Sadly they've now left the North American market.

That said, we've been super happy with the OmniPod in the last couple years. No tubing, completely waterproof, the entire unit is replaced every 72 hours. We've had a few fail while setting them up, but OmniPod has always been good about replacing those promptly and we've never had one fail while in use. Dad would not go back to a more traditional pump form factor.

This will be too late arriving for us, but we were still delighted by the news that Tidepool and OmniPod are working together to ship an FDA appoved Loop.
posted by bcd at 3:11 PM on April 30, 2019 [2 favorites]


However, she runs damn near normal blood glucose levels, and the auto mode on the 670G is not configurable, so you live with what they decided was low or high.

Or, and I really, really don't recommend this, you consistently mis-calibrate with a slightly higher blood sugar than your fingerstick meter reports so that the 120 target is more like 110 or 100.

Auto-mode is definitely not for everyone, nor is it for every situation. I turn it off if and go back to a manual temp basal of ~40% of normal basal when I'm doing prolonged exercise (riding my bike up a 3000+ ft mountain, etc... ) Some people I know want to try auto-mode at nighttime only.

Personally when people ask me about the 670g I ask what their A1C and time in range is. If they're exceptionally well controlled they're not going to see much benefit.
posted by BrotherCaine at 4:59 PM on April 30, 2019 [2 favorites]


Also, I've had to use one of the Medtronic pump models that can be hacked for looping while it was past warranty, and my experience with that was that I had to take the pump partially apart and dry it out every once in a while because of humidity or stuck button problems, etc.. very stressful having a pump out of warranty especially if you don't have a good backup. I hope these people can source spares because if I picked up a revel or 530g on ebay I would not expect it to last more than a year.
posted by BrotherCaine at 5:08 PM on April 30, 2019


My first reaction to this was discomfort, because it feels like journalism about Nintendo rom sites, but worse - if you tell the public, you're telling lawyers, and that's going to jeopardize the thing you're discussing.

I want a version of this article to exist that's only visible to people who will be okay with it, but I also don't really know how much of like Nightscout's assorted integrations are acceptable to device manufacturers and their regulators.


The Only Human podcast did an episode about 3 years ago that talked about how the FDA responded (not nicely, as I recall) to the original developers of the open source code. I'd be curious to know how the movement proceeded from there, because my memory was that things had to be done more secretively for liability reasons once they attracted attention from the government. I'm pretty sure this is the episode... Time to re-listen!
posted by vytae at 7:28 PM on April 30, 2019 [2 favorites]


I wonder if we'll someday see some cryptic Alibaba item described as "portable microfluidic step motor pump with luer lock interface" or some such nonsense that's tailor made to work with this kind of program without ever stating a medical application in the description.
posted by BrotherCaine at 7:35 PM on April 30, 2019 [3 favorites]


"portable microfluidic step motor pump with luer lock interface"

Heh. Yes, that's really the trick, isn't it? Hardware to control that, countless Arduino type devices, the RasPI Zero, etc is available widely and dirt cheap. Software is honestly not that difficult to make robust and fail-safe when the problem set is this narrow. Given the cost and size of the hardware it would even be reasonable to build everything in parallel, two SoCs, two independent software implementations, if they don't agree in lockstep the system shuts down and alarms loudly. All of that is in the range of hobbyists today.

The microfluidic step-motor pump is not, and won't be in the foreseeable future. The tolerances and safeguards there are a tough problem.
posted by bcd at 9:02 PM on April 30, 2019 [2 favorites]


Yeah, I was super-happy with my Omnipod, but I had to switch insurance companies and the new one will only cover Medtronic supplies.
posted by The Underpants Monster at 7:08 AM on May 1, 2019 [1 favorite]


I wonder if anyone at your local pump support group has the opposite problem and can swap. I know I gave away a lot of Animas pump supplies when I switched back to Medtronic early.
posted by BrotherCaine at 11:14 AM on May 2, 2019


Yeah, I always donate anything I can't use to my endocrinologist's practice. I've been the beneficiary of other people's donations, too. It's great
posted by The Underpants Monster at 2:18 PM on May 2, 2019


So if I'm going to set up one of these systems for my FIL who is interested and has the compatible pump, CGM, and Apple hardware already, I should use Loop right?
posted by a halcyon day at 3:26 PM on May 3, 2019


« Older Militarized cetaceans - Russian reconnaissance and...   |   “Brooks, is this book about humping?” Newer »


This thread has been archived and is closed to new comments