Question: security wrt to bolus from phone feature

[sarakingsley]

Describe the question Apologies if this is the wrong place to post this question. What are the possible security issues with using this and the new bolus from phone feature? I'm assuming none since the data stream is one-way but storing tandem app credentials seems concerning? Curious for more information about this also in relation to considering how to OpenAPS with tandem in the future...

[jwoglom]

tconnectsync doesn't manipulate any pump state and instead just reads data already being sent from the pump to your smartphone via t:connect, so there should be no concern here. There is no back-channel communication from the t:connect servers to the smartphone app and then your pump.

tconnectsync doesn't touch any of the API endpoints that the smartphone t:connect app uses to upload pump data. Even if a malicious user were to decode how that api endpoint works and send fake pump data to it, such that the t:connect website showed e.g. additional boluses or a lower basal rate or something like that, it would only affect the website and not the control:iq algorithm since that entirely lives on the pump.