{
  "docId": "019dd923-622c-750b-8b96-76efb5813bae",
  "docSlug": "8ff52fe302da",
  "documentTitle": "St. Jude Medical (STJ)",
  "authorId": "51_Muddy_Waters",
  "authorName": "Carson C. Block",
  "documentKindSlug": "research-note",
  "documentKindLabel": "Research note",
  "sourceTypeSlug": "short_seller",
  "sourceTypeLabel": "Short seller",
  "presentationDate": "2016-08-25 00:00:00",
  "orientation": "portrait",
  "aspectRatio": 0.77272725,
  "pageNumber": 9,
  "pageCount": 34,
  "prevPage": 8,
  "nextPage": 10,
  "slideType": "expose_contradiction",
  "function": "expose_contradiction",
  "density": "balanced",
  "nDataPoints": 0,
  "notes": "The slide uses a 'root' access screenshot to prove the vulnerability of the device.",
  "elementsJson": [
    "bullet_list",
    "paragraph",
    "screenshot"
  ],
  "metadataConfidence": 0.95,
  "imagePath": null,
  "slideHref": "/slides/019dd923-622c-750b-8b96-76efb5813bae/9",
  "deckHref": "/decks/019dd923-622c-750b-8b96-76efb5813bae",
  "deckJsonHref": "/decks/019dd923-622c-750b-8b96-76efb5813bae.json",
  "deckAnchorHref": "/decks/019dd923-622c-750b-8b96-76efb5813bae#slide-9",
  "components": [
    {
      "bbox": null,
      "kind": "callout",
      "text": "Even if the SSH keys have been changed, their unencrypted existence on older @home devices is shocking.",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd953-1ac3-70f9-854f-5cef21bc23e3",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.35,
        "w": 0.6,
        "x": 0.2,
        "y": 0.42
      },
      "kind": "image",
      "text": "Screenshot showing root access terminal and browser window.",
      "attrs": null,
      "subkind": "screenshot",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "26bfce2d-3fc4-4595-b4aa-c212f69bbcf8",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.25,
        "w": 0.75,
        "x": 0.14,
        "y": 0.09
      },
      "kind": "list",
      "text": "The toll-free access number for the Merlin network. The User ID and Password for the Merlin network. STJ server IP addresses. SSH keys.",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "8b9d04b4-cf27-4bb3-9ada-2fedb4ce5eef",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.05,
        "w": 0.78,
        "x": 0.11,
        "y": 0.85
      },
      "kind": "paragraph",
      "text": "We have little doubt that STJ is about to enter a period of protracted litigation over these products. Should these trials reach verdicts, we expect the courts will hold that STJ has been",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "b7dc4307-9c27-4a25-818b-dfbe85042a95",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.06,
        "w": 0.78,
        "x": 0.11,
        "y": 0.3
      },
      "kind": "paragraph",
      "text": "The network credentials present on the @home device likely could be exploited to obtain confidential (and legally protected) patient data from the Merlin network.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "e5f039d7-5d75-4b05-aab3-420be3d4a5a5",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.03,
        "w": 0.7,
        "x": 0.11,
        "y": 0.82
      },
      "kind": "title",
      "text": "Security Well Below Industry Standards (the Case for Gross Negligence)",
      "attrs": null,
      "subkind": "action-title",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "6ff476f8-a2a7-47db-a04a-ad871e2b7b29",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [],
  "frameworks": [
    {
      "name": "fraud-exposure",
      "slug": null,
      "matchId": "5cb159ac-e166-4f5c-87aa-20e5c9faee1f",
      "evidence": "The slide exposes security flaws to argue for gross negligence and potential litigation.",
      "confidence": 0.9
    }
  ],
  "arcBeats": [
    {
      "to": 9,
      "from": 8,
      "beatId": "716e823d-942f-4aa0-b02d-57823f8af9bd",
      "arcName": "Problem-Agitate-Solution",
      "arcSlug": "problem-agitate-solution",
      "beatName": "Problem (Identify pain)",
      "beatSlug": "problem-agitate-solution-problem-identify-pain",
      "evidence": "The document identifies the problem of security vulnerabilities in St. Jude Medical's cardiac device ecosystem",
      "position": 0,
      "confidence": 0.8,
      "parentBeatName": "Complication",
      "parentBeatSlug": "complication"
    }
  ],
  "loops": [],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}