Skip to content
Snippets Groups Projects
Unverified Commit e2bc52d4 authored by Volkor Barbarian Warrior's avatar Volkor Barbarian Warrior
Browse files

edit wording, add foreword to make it look like im some evil hacker

parent fb1def33
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
content/blog/snooping-private-hospital-records.md
+ 10
5
View file @ e2bc52d4
---
title: "Snooping Private Hospital Records"
title: "The Horrifying Data Security Problem in Hospitals"
date: 2018-12-02T03:22:05+11:00
description: ""
tags: [
......@@ -11,7 +11,11 @@ tags: [
]
---
So this is going to be a fun post.
Foreword: All data in this post is entirely fabricated, however the vulnerability exists (as of 2018-12-02) and can be collected by anyone.
Hospitals are aware of the issue, and decide to do nothing (or [only do it when it makes the news](https://www.abc.net.au/news/2020-07-21/teenager-published-confidential-patient-data-on-website/12477376))
I wrote this post in order to raise public awareness of the issue, however it seems like since I wrote this, nothing has been done.
So this is going to be a scary post.
I haven't said anything on here about my little hobby of SDR's, so I'll explain what it is, SDR stands for Software Defined Radio (basically a computer programmable radio), this has been popularised by the RTL-SDR, which allows you to listen from around 22mhz up to 1700mhz of the radio spectrum.
My current SDR is some dodgy Chinese one I got from eBay, and a slightly better than the stock antenna I got from <https://www.rtl-sdr.com>. Normally these RTL-SDR's aren't used as a SDR, they're just a TV tuner for the computer.
......@@ -52,8 +56,9 @@ So, putting this together, this one report tells us that (at least) before 4:20a
That's a lot of information. like, A LOT of information. I've completely fabricated all the details of this example, and all unknown information is random, but this amount of data is a massive privacy problem.
During my logging, I received around 535 Requests, with some duplicates sent to multiple Addresses.
My logging was over the course of 11:30pm to 6pm the following day.
During the logging, there was around 500 Requests, with some duplicates sent to multiple Addresses.
The total duration of the logging was around 20 hours of collection.
## Keypads and Idiot doctors
......@@ -92,7 +97,7 @@ I can't really find a better way to have this other than a dot point.
* Rob someone's house while they are at the hospital
* Additionally being able to see when 90+ year olds are taken to the hospital.
* Collect this data long term and sell it in bulk to ~~the hackers~~ ~~the russians~~ any number of insurance companies
* Blackmail patients, who had something they wouldn't really like to have announced (cocaine based suicide attempt, police charges)
* Blackmail patients, who had something they wouldn't really like to have announced (cocaine induced suicide attempt, police charges)
* Break into places that have had their key's location broadcast for everyone in the state to hear.
* Break into the hospitals locked medicine room.
* Break into places that have had their pins for their locks broadcast.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment