Comments on: Hardware Hack: Hacking the ICE Medical ID USB wallet card

By: ftrotter

ftrotter — Sat, 20 Aug 2011 02:40:23 +0000

nice catch.

By: Hans

Hans — Mon, 04 Apr 2011 21:40:12 +0000

It’s about the ICE Card. On the blister it says 2GB, on the web tech specs. 1 GB and in real it is only 448 KB.

By: Rick

Rick — Sat, 26 Jun 2010 05:32:50 +0000

Ive read all the posts and have the card in hand. I feel you guys are all correct in part, but I fear you are missing the point. It wasnt designed for techies and it isnt idiot proof from the IT perspective by any means. However it is *EXACTLY* what the CHARGE NURSE at the ER needs to see in order to get the background info they may need to keep YOU alive. Especially if youre dealing with potentially life-threatening medical issues where having the correct and complete medical info in the correct and competant hands might be important to you.

If Im awake and able, I can direct those attending me to look at the USB card. Otherwise, the medic dog-tags and wallet card will be enough to keep me alive for a while. The old-fashoned hard copy does refer them to look at the USB card for info such as directives, insurance and medical records, meds list and the like. Between the dog-tags and the USB card, Im good.

Furthermore, the content on the card should be in the form of a PDF file. Everyone can read and print it. Hyperlinks are fine, but hard to do from a printed file. Keep it simple, save your life.

-Rick

By: ftrotter

ftrotter — Sun, 10 Jan 2010 13:34:22 +0000

True, which is why a simple text or html file, rather than an executable of any kind, are better contents for the usb drive.

Also, it would be better if the card would contain some kind of hyperlink to your health information, so that healthcare people would not -have- to insert the usb…

Hopefully all addressed in an upcoming hack…

-FT

By: John Lynn

John Lynn — Sun, 03 Jan 2010 03:30:10 +0000

Very interesting. I like the simple “hack.” I wonder how many emergency personnel will look for this. However, I guess they’ll be looking through my wallet to find out who I am. I like it a lot.

By: Kevin

Kevin — Fri, 01 Jan 2010 16:32:00 +0000

VERY cool “hack”! What’s funny is that deleting all the cards default files is what actually makes it useful.

Maybe their version 2 of the card will be much better for the general public.

Thanks for the info!

By: Bob Paddock

Bob Paddock — Thu, 24 Dec 2009 01:44:41 +0000

Anyone that plugs an unknown card like this in to their system,
unless the system is designed and isolated for such unsafe
usage has failed “Penetration Testing”.

See this for an example:

http://www.sans.org/newsletters/newsbites/newsbites.php?vol=8&issue=47
“…the penetration testing company left 20 USB drives near the credit union in the parking lot and smoking areas. Employees picked up 15 of the 20 drives and installed them on their computers to see what they held, which turned out to be a Trojan horse program that gathered passwords, logins and other data and emailed them back to the company.”