It sounds like they did the setup like that on purpose, knowing that hacking would be easy - they would not need to defend it with FDA, but will instead give the freedom to decide to the end user.
I hope you are successful with it! If it happens, I would gladly ditch my iPhone and go Android for the purpose of having the single device. And buy you a bunch of your favorite beverages.
I donât know how focused they are on security. The last time I checked, their website still supported weak cipher suites (Triple-DES) and it also supported the older and more insecure TLS version (1.0).
Any chance of getting it on iOS devices, too?
I had a water damaged omni brick. I am very tech savvy, and so I took the omnipod apart. There is 1 main board, that controls all the major functions. The screen connects to the main board. Then there is a daughter board connected to the main board that has the hardware for the checker. There is a chip on the daughter board and I am not sure what the function of it is. I would be very interested to get into the omnipods coding to see what i can understand. Definitely something I would tinker with. I will try to connect omnipod to computer and get to the actual code. Iâm not familiar with the manufacturing process, but the code for the omnipod has to be installed onto the device somehow.
https://drive.google.com/file/d/1kSZZCS3f72yfFr2mpkZCCacLYVeAkCk_/view?usp=sharing
https://drive.google.com/file/d/1-4GyHtjbn75GIt9kYJaUhywGUyZPf7wP/view?usp=sharing
Oh. the code is encrypted?
Has anyone succeeded in extracting the Dash android application and then running it through the IDA Pro decompiler to try to find the key-generation procedure?
I assume the PDM sends a query to get a UUID from the pod, hashes it with the UUID of the PDM, and then uses that as an initial encryption key, and then uses rolling session keys that change every hour or so. And then maybe has another layer of encryption/ciphering below the BLE encryption. Perhaps (if Loop is lucky) the same one the Eros pods used (but I wouldnât bet on it).
Does anyone know if the Tidepool Loop project - which I presume will have to get access to Insuletâs Mission-Impossible-Secure-Pod-Protocol - and itâs key algorithms - will roll that programming tidbit back out to the open source ânon-Tidepoolâ Loop project? Or will Tidepool just become another âlocked down only-what-the-FDA-deems-âsafeâ-overly-annoying-beepingâ hybrid closed loop project?
I just started Omnipod, and there was some mistake where they sent me a Dash PDM and Classic pods - and so my first experience actually using the Omnipod system was Loop. Which worked quite well. I purposely used almost NO manual boluses or âlet the Loop know how many carbs Iâm eatingâ except for specific corrections the few times when I actually went low. I simply let it run closed loop to see âhow well it would doâ with my âsemi-low-carb-with-cheatingâ diet - and it did!
Now my endo doesnât want to switch me back to the Classic pods (he claims the Dash pods are better at micro-dosing or something - I personally see almost no difference between the Eros and Dash pod mechanisms except for the mainboard.)
So going âbackâ to the Dash PDM has been very annoying for me - too many damn button presses, and too many damn beeps - makes me feel even more like a âdiabetic cyborgâ.
Even 1 extra press is too much when Iâm used to being able to bolus a single unit with only 3 in Loop (1. âdouble-down arrowâ; 2. number button â1â; 3. âDeliverâ button⌠And at some point Iâll probably do a custom build with a âquick bolus actionsâ swipe (swipe from top-left of screen or some other impossible-to-butt-dial something) and then have big âbolus 1â and âbolus 2â buttons.
Why doesnât the Dash PDM at least have the keypad up by default on the âbolus screenâ? Does anyone on their QA team actually have type 1 diabetes? Not just T2, as the usage patterns are likely quite different?
1 Like
Yes, the Dash is annoyingly complicated. I assume itâs that way to prevent any inadvertent blousing and likely was designed that way to appease any FDA concerns.