"Polish Hacker" Shares Software, Security Dongles for Repairing Abandoned Medical Ventilators

Faced with manufacturers' inability to repair faulty ventilators, some medical staff are turning to security lockout hacks.

Gareth Halfacree
6 months agoCOVID-19

While many makers are still working on scratch-built emergency ventilators in preparation for potential additional waves of SARS-CoV-2 infections, others are bypassing artificial restrictions put in place by manufacturers to repair existing equipment that would otherwise be unavailable for use.

A number of makers, engineers, and scientists have put forward designs for low-cost, rapidly-producible ventilators designed to avoid a shortage of equipment in the face of rising COVID-19 infections. There have been designs released from NVIDIA, Makers for Life, Marco Mascorro, and even NASA — but what about the ventilators already in hospitals but which have failed and require repair?

Vice's Jason Koebler has reported on an effort to repair these medical-grade ventilators when their manufacturers would not — and it all hinges on a small dongle, provided by someone identified only as "a hacker in Poland," which bypasses digital rights management (DRM) functionality which would otherwise prevent the repair.

"This is a copy of a proprietary tool," a ventilator technician identified only as "William" told Koebler. "It doesn’t take rocket science to put these things back together. The weak point of these companies' supply chains is other countries, so through our friends in other countries we’re able to get this stuff."

The original dongle and supporting software was, the Polish hacker told the site, obtained by taking the manufacturer's official training course — then the dongle reverse-engineered and the software copied and distributed widely, allowing those who are not authorised by the company in question to effect repairs.

While it could be argued that a security lockout dongle would, in normal times, assist with ensuring that a certified piece of medical apparatus has not been tampered with by an unauthorized party, these are not normal times: A medical-grade ventilator repaired by an suitably-trained yet unauthorized party is likely to perform better than any of the hacked-together designs being offered as emergency alternative, and with ventilator companies working flat out many medical centers are facing long waits for official repairs.

The full write-up is now available on Vice's Motherboard; it does not, however, include any information on ordering or building the lock-out dongle.

Gareth Halfacree
Freelance journalist, technical author, hacker, tinkerer, erstwhile sysadmin. For hire: freelance@halfacree.co.uk.
Related articles
Sponsored articles
Related articles