?

Log in

No account? Create an account
entries friends calendar profile Previous Previous Next Next
Mike is Appalled - Qualified Perceptions
firstfrost
firstfrost
Mike is Appalled
A conversation at lunch:

mjperson: Let me tell you about the stupidest idea I ever heard. I was watching NCIS, and someone died, and they were investgating it, and he died of tachycardia, which was weird because he had a pacemaker for low heart rate. And it turned out that someone hacked into his pacemaker. How stupid an idea is that, pacemakers being just accessible via your wireless and remote hacking? Bah."
Me: "... well, pacemakers probably don't have IP addresses, but you know that the ones controlled by wireless don't really have any security, right?"
Mike: That can't be right. They have to be encrypted, you can't just let people hack in and control your pacemaker.
Me: (google google google) "Well, here's an ABC News article. Okay, look, they say it's not a problem, because the number of attackers in wireless range of you is pretty small. "Within wireless distance of you, the number of attackers is necessarily pretty small," Kaminsky said. "It's not to say the devices can't be attacked. They can be. ... It is something for the implant device [user] to think about it."
Mike: ARGH! What do they mean, it's something for the user to think about? Why is it not something for the implant device *maker* to think about? How could they not worry about that? Just stick in a private key...!
Me: Welcome to the real future. It's not as smart as the science fiction future.

Tags:

12 comments or Leave a comment
Comments
desireearmfeldt From: desireearmfeldt Date: March 15th, 2012 06:34 pm (UTC) (Link)
And yet, someone *did* it, which I'd say makes Mike right: this is a problem someone ought to be worrying about... :)
firstfrost From: firstfrost Date: March 15th, 2012 06:42 pm (UTC) (Link)
Argh! No, Mike doesn't get to be right by asserting that real life couldn't possibly be that stupid, when real life *is* that stupid! Regardless of whether it is stupid or not. :)
desireearmfeldt From: desireearmfeldt Date: March 15th, 2012 06:54 pm (UTC) (Link)
Sure, but he's right to be appalled, no?

(There's nothing in your telling of the story that conflicts with the reading that he's appalled by reality, as opposed to doubting its reality. :) )
firstfrost From: firstfrost Date: March 15th, 2012 06:56 pm (UTC) (Link)
Oh, sure, he's right to be appalled. But the thing we were actually disagreeing about during most of the conversation was whether it was reality or not. :)
kirisutogomen From: kirisutogomen Date: March 16th, 2012 02:05 am (UTC) (Link)
There has to be some sort of credit awarded for such irrational unwarranted hopefulness.
chenoameg From: chenoameg Date: March 15th, 2012 06:47 pm (UTC) (Link)
Clearly Mike is not reading his tech reviews magazines, or he would already know about this problem (I'm pretty sure that's where I read about it.)

mathhobbit From: mathhobbit Date: March 15th, 2012 11:35 pm (UTC) (Link)
You read those? Want mine? And R's?

What do they mean when they say "the number of attackers in wireless range of you is pretty small"? Because my home town is pretty densely packed! I bet my neighbors could hack into my pacemaker while I sleep...
ricedog From: ricedog Date: March 16th, 2012 12:09 am (UTC) (Link)
That might be this article.
dcltdw From: dcltdw Date: March 16th, 2012 12:50 am (UTC) (Link)
+1 on "yeah, I recently read about people researching ways to mess with medical devices". I could dig through my RSS reader if you wanted links, but I'm currently too lazy to do so unless poked. :)
shaggy_man From: shaggy_man Date: March 17th, 2012 02:17 pm (UTC) (Link)
Does all of this say "massive wrongful death suit" to anybody else?
arcanology From: arcanology Date: March 20th, 2012 02:17 am (UTC) (Link)
You get the pacemaker, I'll hack it, and we'll be bazillionaires!
nakor From: nakor Date: March 21st, 2012 12:01 pm (UTC) (Link)
It's not that easy. Public key crypto eats silly amounts of power... So much that if you add it, an attacker can still turn off your pacemaker by spamming requests.

Availability is a major goal of these; even if it's just the comms battery that dies, not the pacemaker itself, it still takes major surgery to replace it.
12 comments or Leave a comment