The "Pull-out game" of a medical IoT device. Firmware Extraction to a Root shell!
Sometimes the best hardware hacking targets come from the most unexpected of places. In my case I was looking to buy a first aid kit for my lab and was going to use my HSA (Health Savings Account) funds. For people outside of the U.S., HSA is a savings account that lets you set aside money on a pre-tax basis to pay for "qualified medical expenses" , or basically just allocate a set amount of your paycheck, before taxes, into an account that you can use for stuff that insurance won't cover (your deductible, copay, coinsurance, and qualified medical expenses (Eligible health products) . What I stumbled upon when browsing through a HSA eligible products marketplace/store was a Wi-Fi connected male fertility test kit. The moment I set eyes on this product, I immediately added to cart with the intention to tear it down and do some hardware/embedded reverse engineering: Flash extraction and my problems with the Bus Pirate. First part that drew my attention was the Macronix M