St. Jude Merlin@home Transmitter Vulnerability

My son gave me a heads up email on this alert this morning. I have a Medtronics device but you St. Jude people may want to read this:

https://ics-cert.us-cert.gov/advisories/ICSMA-17-009-01

3 Comments

No Need to Panic

by Grateful Heart - 2017-01-09 20:13:29

Apparently, the vulnerability is with the Merlin box AND a St. Judes device.....if you have BOTH.

And if you have both, keep your Merlin plugged in and ON so they can update a software patch for the Merlin.  In fact, if you have a Merlin regardless of device brand, it's probably a good idea to keep the Merlin on so they can update/ patch it.

Grateful Heart

Re: Merlin

by N8UAD - 2017-01-12 13:53:02


This is much ado about nothing. Actually just having the device puts you at risk Grateful Heart, that being said any "attack" would have to take place at at distance of 6 to 10 feet from you, it would be so obvious to you that it wouldn't be practical, the only other way would be for them to attack via the Merlin at home network, which isn't going to be easy. Also the addressing information that they would have to have in order to "attack" a device is another thing that they're not talking about. I have a St. Jude ICD, and Merlin@home, I'm not losing any sleep over this, with 34 years of working on communications systems, digital, voice, via radio or wire, I know too much too even let this bother me.

Indeed N8UAD

by Grateful Heart - 2017-01-12 17:12:44

But my response was in reference to the Advisory that was posted, not in general.  

I'm glad you know too much and you're not bothered.....but there may be some newbies who were concerned after reading the Advisory.  Perhaps you could reassure them.

Grateful Heart  

You know you're wired when...

Your device acts like a police scanner.

Member Quotes

I am just grateful to God that I lived long enough to have my ICD put in. So many people are not as lucky as us; even though we sometimes don't feel lucky.