Slashdot Mirror
First Internet-Connected Pacemaker Goes Live
The Register is reporting that a New York woman has become the first person to have her pacemaker wirelessly connected to the internet for full-time monitoring. "The device contains a radio transmitter which connects to receiving equipment in New Yorker Carol Kasyjanski's home, using a very low-power signal around 400MHz, to report on the condition of her heart. Any problems are instantly reported to the doctor, and regular checkups can be done by remotely interrogating the home-based equipment — the pacemaker itself doesn't have an IP address, fun as that would be."
I wonder what a DDoS would do to it ...
Otherwise that lady is going to be in for quite the surprise when the pacemaker starts looking at youporn.
A Magic the Gathering Article and Forum Aggregator
Does it run Linux?
If the patent is rapidly losing consciousness
I wonder if that was intentional or not?
Now that Slashdot knows about it, it's only a matter of time before someone starts trying to hack these things. Countdown: Someone here installs Linux and runs a NES emulator on his own pacemaker in 3....2....
Would you want one with an IP address?
Not me, thank you.
On a side note, the pacemaker owner was recomended not to play multimedia content from youtube in his equipment so the battery lasts longer.
The obvious next step is to hook this system up to Twitter. It would be much more interesting than those silly kids which allow your plants to tweet.
ping pacemaker
4 packets transmitted, 0 received, 100% packet loss, time 3609ms
meaning she is gone...
http://www.reuters.com/article/technologyNews/idUSTRE5790AK20090810 http://news.yahoo.com/s/nm/20090810/lf_nm_life/us_pacemaker_2
Why not just tap it into Twitter and utilize an existing system that's stable, easily accessible, and highly availabile? Not to mention you could keep your friends in the loop!
Capitalism: When it uses the carrot, it's called democracy. When it uses the stick, it's called fascism.
...then the next step is to see what a little overclocking would do to it...
God forbid she downloads copyrighted material and the RIAA have her internet connection terminated...
...are belong to us.
Seriously, though...are we just one step away from remote-controlled heartplugs? Dune fans...er...rejoice?
Warning: mild gore in link.
That's assuming that someone sets up a scheduler to actually do these checkups. When my Dad has his pacemaker put in, he was supposed to go back to the hospital every few months to have the data the device was collecting downloaded and the battery checked. He had it for at least a year or two and it was never checked. Someone at the hospital forgot to enter it into a database. He had a checkup with his cardiologist during that time too and the doctor never asked about it.
the good ground has been paved over by suicidal maniacs
This is by no means the first "wirelessly-monitored" pacemaker. Pacemakers and ICDs have been linked to home monitoring equipment for several years, and that equipment routinely communicates with a central monitoring station (usually via a modem).
Now, if the pacemaker itself was doing the communicating directly (say over any Wifi or cellular network) that would be pretty amazing. But they point out that the pacemaker doesn't have an IP address, and it's only communicating with equipment in the patient's home. That sounds a lot like existing technology, except perhaps that the final link (home monitoring device -> monitoring station) is being performed via IP rather than a phone line. That's nice, but certainly not very exciting. And why does it require a whole new pacemaker to make this upgrade?
Clearly there's something to this article that I'm not seeing...
Recipient of said device breathes a sigh of relief when he discovers his heart won't be slashdotted.
There are lies, damned lies, and statistics.
It doesn't have a receiver anyway. It's just a radio transmitter.
Denial of Systolic attack?
Thousands of 4channers suddenly stop what they were doing and in unison spit out, 'WHAT just got connected to the Internet?' as smiles spreads across their faces. ... maybe this isn't such a good idea...
- For the complete works of Shakespeare: cat
This just remind me of that Harkonnen heart plug from Dune
As someone fitted with a pacemaker of late, having means to often update the doc with performance data would be nice - if not downright life-saving.
With current technology, I have to go in for my "tuneup" every six months. It does involve a wireless interface, and there is an impressive amount of data dumped. A great many parameters can be changed with ease by a trained technician. When we determined that my natural resting heartrate was under 60bpm, reprogramming that to a minimum of 50bpm was trivial.
Transmitting ongoing data to the doc would be convenient, making it easy to email "hey, something funny happened today, please look into it" without having to wait until a scheduled appointment involving a not-always-available technician. Being able to transmit critical event as they occur is also very desirable - duh; my Medical Alert necklace may direct medics to call my cardiologist, who would be much more effective if he already had incident data.
Of course the real problem is remote control. Informing the doc of ongoing/critical data is one thing; allowing access to make remote updates is a different issue. Making the unit such that remote changes are impossible is, of course, possible. However, if ANY change will be made to such a critical device, then it should be done IN A DOCTOR'S OFFICE. One of my diagnostic routines is dropping my heart rate to 40bpm - harmless if done right, lethal if screwed up.
Of course the real concern to most /. readers is the LOLFAIL headline. "Hey, watch out for a DDOS on your pacemaker! Ha ha ha!" Nothing wins a lot of reads like a headline making some technical advancement sound really dumb. Funny how so many readers of a high-tech news source treat high-tech advancements like Luddites.
Can we get a "-1 Wrong" moderation option?
serving as a timing belt.
Utilizing the synergization of benchmark e-solutions to pre-workaround action items!
nt
Article indicates the pacemaker doesn't have an IP address, and only connects via 402-405 MHz radio link.
However, it's nearly inevitable that a later version of it and/or those of another pacemaker manufacturer will have its own IP.
Those with access to a large bot net could easily scan for pacemaker software and then target all or, more likely, a specific person(s) to remotely sabotage their pacemaker, possibly resulting in death...
Most killers won't go to such extremes, since there are numerous easier, less traceable ways of killing. But for people in prison, remote killing has its appeal ... in particular, to target judges and prosecutors, who, due to age / stress along with access to top quality medical care, often have pacemakers.
To digress somewhat, there are already numerous horror stories of people's on-line medical records getting mixed up / corrupted due to identity theives who seek care under someone elses name - and to make matters worse, ID victims generally do NOT have the right to see that extraneous data nor have it removed. So I'm highly skeptical of the security of on-line medical devices when even on-line medical records aren't as secure as they should be.
Ron
No Slashdot effect either.
.... Aaargghh
Patriotism is a virtue of the vicious
I'm totally doing a mashup so the Internet can watch Carol Kasyjanski's heartbeat and music to go with it.
- For the complete works of Shakespeare: cat
... I think the server crashed, just dead links.
Doesn't matter just try out some of the 2^32 minus reserved addresses
all /.ers Christian Name starting with an "A" take the 0.5*2^30 upper addresses and ...
Thank good they haven't postet the IP on /.
I suppose you don't even need a computer network of brainless bots to DDOS a computer,
slashdot + us the faster than light clicking slashdot-crauts would fullfill the task, twice as good as any botnet can do,
btw. "Police: Man blamed child porn on cat"
haha next time he can blame his hacked pacemaker for doing so, it will also be very complicated to confiscate this evidence.
and here it comes the DomainName for the Pacemaker
http://pacemaker.chicagohope.md/
and you end up with a Pack-it (in) Storm.
I wonder if extreme latency, though will give longer TTL (time to live) for those shooting pics with TTL (thru the lens).
In any case, a barrage of packets would heap on "layers" of love.
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
So, this is NOT the first internet-connected pacemaker after all?
Maybe next time.
Well, at least we know why the IPv6 address space is so huge.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
First Internet-Connected Pacemaker Goes Dead
Please don't feed the trolls.
I think this is great.
It brings me to my own situation: I recently got a CPAP machine with a smartcard for data storage. Unfortunately the card reader is about 130 dollars online and it requires a proprietary software. If my MD wants to see the data he needs for me to remove the card and send it in.
Wouldn't it be great to have these kinds of home devices just "phone it in"? Real data that my MD can look over at his discretion as well as having a copy of it available to me for my own edification. It could be set up to red flag certain data that, because it could be detected as it happens, could prevent minor issues from becoming major issues. This is the kind of technology that is cheap to employ, automated systems could look for abnormalities and could lead to saving lives as well as curbing the cost of health care by making sure that small issues don't become major issues.
More and more people are doing home monitoring of medical conditions without being able to make sense of all the data. This is a great resource and one I can agree to using stimulus money for to take to the next level.
Dedicated Cthulhu Cultist since 4523 BC.
Every six months my pacemaker is checked. Part of the test is to speed and slow down the pacemaker and my heart for a short time.
It is a truly a scary and heartfelt experience.
" the pacemaker itself doesn't have an IP address, fun as that would be."
Cant be done.
You cant have a tcp connection without a source IP.
Now maybe the IP is forcefully dynamic and always within the private ranges.... buts thats another thing. K?
NO SIG
Correlation does not imply causation. If it did you'd be an inbred racist hick who jumps to conclusions about statistics when they know nothing about how statistical analysis works.
oh wait.. never mind.
Shadus
The pacemaker is not connected to the internet. The "base station" is and that is what the doctors are remotely checking. The pacemaker is just sending its current state to the "base station". The pacemaker is no more connected to the internet than a wireless keyboard or a pair of bluetooth headphones are.
"he" is a woman.
A key thing that is left out (But what most people have surmised):
Pacemaker <--MICS Band--> Home monitoring unit (developed by pacemaker company; obtains IP address - typically via dial-up.) <--TCP/IP--> PaceMaker Companies Servers <-- TCP/IP--> Physician Web connection
The 400mhz is considered to be the MICS band - http://en.wikipedia.org/wiki/Medical_Implant_Communication_Service . The great thing about MICS is that it covers not only 'both sides' of the pond, but pretty much all sides. (E.g. Asia, Europe, and the US). The 'challenge' with 400mhz is that it's only a 'few meters' coverage. So you have to have the home monitoring unit (the unit that actually does 'connect' to the internet and the implanted device) within a 'few meters' of the device/patient.
Pacemakers are very small, compared with an ICD (defibrillator). In both cases, battery space is one of the biggest uses of the volume of the CAN. (in a defib you also have a large capacitor). The more energy you use for communication, the faster you drain the battery - and the less power you have for therapy. No one has an 'externally rechargeable' unit - so the only option is to put the patient under for surgery and replace the unit. (Low risk - BUT, there is a risk... and it's a surgery. and these things aren't cheap)
It will probably be a long time before your pacemaker signs on automatically to the local WiFi connection to 'dial home' to the physician. (Power, security, and proprietary data communication formats to name a few reasons).
One commenter early said, "pacemakers have been connected for years" - that's via "TTM" - http://www.google.com/search?q=transtelephonic+monitoring+pacemaker&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a
TTM doesn't provide very much data from the CAN. Basically and EGRAM, battery strength, and maybe a few other items. The at home monitoring unit can pull more data from the can.
The great thing about these systems are the peace of mind from monitoring the pacemaker on a daily/weekly/monthly basis versus once every 6-12 months or 'when the patient feels bad.' And when the patient does 'feel bad' the physician can pull up the latest information from the pacemaker the help determine if the patient should come in or not.
Company Websites:
St. Jude (Featured) - House Call - http://www.sjm.com/devices/device.aspx?name=housecall+plus+remote+patient+monitoring+system&location=us&type=10
Boston Scientific - http://www.aboutlatitude.com/
Medtronic - http://www.medtronic.com/physician/carelink/index.html
But how do we know that just by reading the subject line?
An SQL query goes to a bar, walks up to a table and asks, "Mind if I join you?"
This is nothing new. Boston Scientific (formerly Guidant) Latitude system has been working wirelessly in exactly this manner for nearly five years.
And "researchers" have been trying to hack the protocol -- mainly by reverse engineering the wanded communication.
Gradma is in more danger of a "pillow-attack" for the inheritance than someone trying to tweak her pacing.
Old age and treachery almost always overcome youth and skill.
Would you want one with an IP address?
If it was routable, remote management over SSH by the doctor might be useful. The cardiologist could, for example, do a few runs of dd(1) and determine whether you're ready to have sex with your wife, or whether some additional tweaks are first needed.
The downside, of course, is the patient being a Unix user and discovering the localhost interface.
"Honey, call 911! I just did an accidental rm -rf /!"
It's most likely a different brand, but my wife has had a wireless defibrillator / pacemaker implant since last October. It, too, wirelessly connects to a base in the house, which in turn talks to the doctor's office. They can also remotely activate tests and scans. We joke quite often that she's one of the only people we know that has their own wireless access point. Right before the surgery, the surgeon asked my wife if she had any questions. Her first question? "Um, this thing isn't running on Windows, is it?" He replied that she was the first person to ever ask that, and that it ran on a custom version of Unix.
Am I the only one that misread the title as "First Internet-Connected Peacemaker Goes Live" and thought now we really need to take guns and/or internet away from some people.
Calling someone a "hater" only means you can not rationally rebut their argument.
sysadmin dad: son, your grandmother is getting old and she wont be around much longer. you should cherish the times you have with her
son: how do you know?
sysadmin dad: i caught her throwing warnings to syslog when i was checking logwatches for the toilet and the fridge today. plus her cacti trend for ping time and load looks horrible.
son: will grandma go to heaven?
sysadmin dad: depends, I didnt an asset tag on her so chances are the property disposal authorization wont go through and she'll just sit on the shipping receiving dock forever.
son: so shes going to be a ghost??
sysadmin dad: worse, people dont leave empties on you when your a ghost.
Good people go to bed earlier.
doesn't it have to have an IP to be internet connected, if its pacemaker->external montior->internet then the monitor must have an ip anyway!
IranAir Flight 655 never forget!
... oops.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Is it a wired or a wireless connection?
Catalin Braescu
Ofaly.com
Yeah, but if somebody can interfere with the reporting (through the device it transmits to) they could report a normal condition when a the pacemaker is really having a malfunction, or a full battery when it's really bordering on empty. It's a bad bad idea.
Before someone goes "but how is that worse than not having the device":
It's worse for the same reasons why bad security is worse than no security: A false sense of security. Without, you don't know whether the person is fine. When you don't hear from her and you're worried because she was supposed to call or show up, you call and see if she's ok. With the device, you check the device, read that it's fine and trust that reading.
If it's treated like an additional layer of security instead of a substitute, it's fine. It's likely, though, that this will eventually replace other means of checking on the patient because it's simply more cost efficient to have a computer monitor the patient's wellbeing instead of having a person do it.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
A singularity is the result of dividing by zero. Probably Ray Kurzweil just misinterpreted the usual C/C++ explanation that division by zero is undefined behaviour and therefore anything could happen.
The Tao of math: The numbers you can count are not the real numbers.
I hope that this internet-connected pacemaker does not automatic update its software from microsoft.com ...
Until the skies turn blue...
Until the air of freedom strikes us...
What could possibly go wrong with this.
But how do we know that just by reading the subject line?
You don't. Parent must have read the Summary. Even worse, he might have read The Article.
MMO Vampire Role Playing
It doesn't have a receiver anyway. It's just a radio transmitter.
I don't care. Does it run Linux?
And does it have a private key?
MMO Vampire Role Playing
It can't have an IP address. Imagine what Three Strikes Rule would do to the owner of such device.
Click the kidney, win an iPhone!
they dont act like equals but they wanna be treated like equals (FACT). they dont even want to speak proper english
wanna? dont? (no apostrophe)
You can't speak English properly!
See a lot of these "first" medical procedures usually originating in some press release from a clinic specialising in that particular area of treatment -- and wanting to promote their groundbreaking techniques. But are they the first?
At BMJ Case Reports we published a case of a web-connected implantable cardioverter defibrillator detecting digoxin toxicity a few months ago. An implantable cardioverter defibrillator is not a pacemaker of course but usually includes a quite sophisticated one along with the ability to do the DC shock.
A security vulnerability has been discovered that could allow an attacker to gain complete control of your heart. Download this update to ensure your heart is protected. After completing this update, you may have to restart your circulatory system.
Star Army Space Roleplay