Posted by
michael
on from the buffer-overflow dept.
tuiterwyk writes: "There's an article here on Techweb about manufacturers plans to give pacemakers and defibrillation devices internet capabilities. BSOD takes on a whole new meaning...." And so does 'denial of service attack'.
Re:Article scores -1, Flamebait
by
maggard
·
· Score: 5
Pacemakers generally maintain logs & are externally programmable, heve been so for years. This is used to fine tune their responses, to check the battery state, etc. They don't run an OS, at least not in the sense of Win/Mac/'nix, they're dedicated purpose devices.
There is no wire protruding out of a person's body, all communication is done via a small radio transmitter/reciever and a dedicated piece of hardware (though doubtless this could be duplicated on a PC.)
The pacemaker would presumably report in a two-stage process. Either a dedicated-purpose device or a reciever/transmitter (possibly connected serially/USB) would use a coded signal to cue the pacemaker to broadcast it's logs. These would be recorded on the dedicated device or a home PC and then transmitted online to the central site.
There the records (I'm guessing here) could be analyzed for warnnig signs, dangerous trends, etc. Likely if they exceed some threshold a flag will be set and a specialist will review the information.
I can't imagine any scenario where the pace-maker would ever transmit directly to an online site; there simply isn't the power available for that sort of direct telemetry. Therefore no sort of direct atttack, DOS or otherwise would be possible.
On the outside chance that remote reprogramming of the pacemaker were allowed I would be concerned, and of course there should be concerns over the security of one's uploaded logs, but from what's reported the whole situation seems very safe if possibly not entirely private.
Frankly I think you would do well to invest the 5 minutes to do a search, read a pacemaker FAQ & answer the rest of your own questions on your own.
-- I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
As someone who has a pacemaker...
by
DavidTC
·
· Score: 5
...let me tell you a little about them.
Many people don't know how they transmit and receive data. They use magnets. (Which, BTW, was the whole point behind the microwave prohibition, cause early microwaves spun off magnetic fields like crazy. Nowdays, microwaves have stopped that, and pacemakers only respond to very strong magnets. Still can't go inside power planets with big generators.)
Anyway, they have a little handheld device used to program the pacemakers using magnetic fields. They can send and receive data, obviously using some sort of modulation.
Now, pacemakers have all sorts of data that can programmed, like 'threshholds', which is how small a voltage in the patient's heart triggers a real voltage, and various other stuff, and they give out all sorts of data like how much battery life they have and how often they get triggered, and even patient's average heartbeat.
Now, all this data is completely unaccessable to me. Forget reprogramming, I can't even check the batteries. It would be nice to be able to access this information, but I have a few questions...first of all...WHAT THE HELL TOOK THEM SO LONG? Seriously. They go from no access at all to remote telemetry? Sheesh.
How about just giving me a handheld device to access it? Or a dialup phone access. I mean, we'd need a handheld device to hold against it anyway. Why haven't they come out with the thing earlier, to let us read it, without a computer link? Wouldn't have to be much, simply a 'magnetic modulator' and a tiny LED screen.
-David T. C.
-- If corporations are people, aren't stockholders guilty of slavery?
Just think, UCITA give companies the right to remotely disable software, I don't want Microsoft or SUN remotely disabling my grandfather's pacemaker because he forgot to pay for his daily licensing fee!!!!
-- Sticking feathers up your butt does not make you a chicken - Tyler Durden
Slashdot Mirror
There is no wire protruding out of a person's body, all communication is done via a small radio transmitter/reciever and a dedicated piece of hardware (though doubtless this could be duplicated on a PC.)
The pacemaker would presumably report in a two-stage process. Either a dedicated-purpose device or a reciever/transmitter (possibly connected serially/USB) would use a coded signal to cue the pacemaker to broadcast it's logs. These would be recorded on the dedicated device or a home PC and then transmitted online to the central site.
There the records (I'm guessing here) could be analyzed for warnnig signs, dangerous trends, etc. Likely if they exceed some threshold a flag will be set and a specialist will review the information.
I can't imagine any scenario where the pace-maker would ever transmit directly to an online site; there simply isn't the power available for that sort of direct telemetry. Therefore no sort of direct atttack, DOS or otherwise would be possible.
On the outside chance that remote reprogramming of the pacemaker were allowed I would be concerned, and of course there should be concerns over the security of one's uploaded logs, but from what's reported the whole situation seems very safe if possibly not entirely private.
Frankly I think you would do well to invest the 5 minutes to do a search, read a pacemaker FAQ & answer the rest of your own questions on your own.
I don't read ACs: If a post isn't worth so much as a nom de plume to its author then I wont bother either.
Anyway, they have a little handheld device used to program the pacemakers using magnetic fields. They can send and receive data, obviously using some sort of modulation.
Now, pacemakers have all sorts of data that can programmed, like 'threshholds', which is how small a voltage in the patient's heart triggers a real voltage, and various other stuff, and they give out all sorts of data like how much battery life they have and how often they get triggered, and even patient's average heartbeat.
Now, all this data is completely unaccessable to me. Forget reprogramming, I can't even check the batteries. It would be nice to be able to access this information, but I have a few questions...first of all...WHAT THE HELL TOOK THEM SO LONG? Seriously. They go from no access at all to remote telemetry? Sheesh.
How about just giving me a handheld device to access it? Or a dialup phone access. I mean, we'd need a handheld device to hold against it anyway. Why haven't they come out with the thing earlier, to let us read it, without a computer link? Wouldn't have to be much, simply a 'magnetic modulator' and a tiny LED screen.
-David T. C.
If corporations are people, aren't stockholders guilty of slavery?
Just think, UCITA give companies the right to remotely disable software, I don't want Microsoft or SUN remotely disabling my grandfather's pacemaker because he forgot to pay for his daily licensing fee!!!!
Sticking feathers up your butt does not make you a chicken - Tyler Durden