Researcher Reverse-Engineers Pacemaker Transmitter To Deliver Deadly Shocks

Bismillah writes "Pacemakers seem to be hackable now too, if researcher Barnaby Jack is to be believed. And the consequences of that are deadly. Anonymous assassinations within 30 feet of the pacemaker seem to be possible. From the article: 'In a video demonstration, which Jack declined to release publicly because it may reveal the name of the manufacturer, he issued a series of 830 volt shocks to the pacemaker using a laptop. The pacemakers contained a "secret function" which could be used to activate all pacemakers and implantable cardioverter-defibrillators (ICDs) in a 30 foot -plus vicinity. ... In reverse-engineering the terminals – which communicate with the pacemakers – he discovered no obfuscation efforts and even found usernames and passwords for what appeared to be the manufacturer’s development server. That data could be used to load rogue firmware which could spread between pacemakers with the "potential to commit mass murder."'"

Vulnerability in pacemaker firmware?

[DikSeaCup]

Shocking!

Re:Vulnerability in pacemaker firmware?

[dkleinsc]

I'm shocked, shocked!%N#)NO CARRIER

Re:Vulnerability in pacemaker firmware?

Speaking of - can it be used as a makeshift defibrillator in case of a heart attack?

Re:Vulnerability in pacemaker firmware?

[durrr]

There's pacemakers that only do the pacing.
There's ICDs; Implantable cardioverter-defibrillators that restores proper rythm after detecting arrythmias.
And there's combinations of the two. Most likely the pacemaker in question here is a combination device or they're actually talking about ICDs and not pacemakers.

A classic heart attack involves blocking of coronary arteries however and a defibrillator won't do shit for that. Defibrillations are made to terminate an arrythmic beat and restore the normal sinus rythm.

Re:Vulnerability in pacemaker firmware?

I'm not exactly sure how it has fuck-all to do with the topic at hand.

It was a response to the question the parent asked. Try reading it.

Does it really matter how the little black box caused your heart to stop

Yes, it does.

Re:Vulnerability in pacemaker firmware?

What if a person hits REBOOT, holds their breath, and has a lot of hope? Or am I just thinkin' like an ignorant redneck again?

Re:Vulnerability in pacemaker firmware?

Bon Jovi said it best:

shock to the heart,
and you're to blame.
you give pacemakers,
a bad name.

Re:Vulnerability in pacemaker firmware?

Remember to disable fsck on startup!

Re:Vulnerability in pacemaker firmware?

I'm shocked, shocked!%N#)NO CARRIER

That is sooooooooooooo 1990s.

Re:Vulnerability in pacemaker firmware?

[Ginger+Unicorn]

This is the second post I've seen in three weeks where someone has implied that pacemaker-induced heart failiure would somehow cause their modem to hang up. It doesn't make sense, damnit!

Re:Vulnerability in pacemaker firmware?

[dkleinsc]

You should familiarize yourself with the Rule of Funny.

Re:Vulnerability in pacemaker firmware?

[Rich0]

Sure, but any of those pacemakers can administer shocks to your heart. Whether they normally operate one way or another probably has little impact on whether somebody who can hack them can get them to do whatever. My understanding is that many pacemakers are capable of many modes of operation, since in terms of the hardware there isn't much difference. Kind of like how the ECU hardware in a sports car and a compact car might be the same, though the software might be different. Either way if somebody tells the thing to fire the spark when the cylinder is traveling up it will ruin your engine fast.

Re:Vulnerability in pacemaker firmware?

holding your breath isn't going to help when the heart's not pumping your blood anyway.

best bet is to bend over and kiss your ass goodbye

Re:Vulnerability in pacemaker firmware?

[Wandering+Voice]

Thanks. Now I'm reading all comments to that tune in my head.

Re:Vulnerability in pacemaker firmware?

[Jeremiah+Cornelius]

Dick Cheney option!

Re:Vulnerability in pacemaker firmware?

[Gilmoure]

You can program pacemakers to shoot lawyers in the face?!!!

Re:Vulnerability in pacemaker firmware?

[shutdown+-p+now]

They trip the cord with their foot as they fall from the chair.

Re:Vulnerability in pacemaker firmware?

[Randle_Revar]

You haven't wired your heart to your modem yet? Quit living in the past, man!

Re:Vulnerability in pacemaker firmware?

[tehcyder]

You should familiarize yourself with the Rule of Funny.

Repeating an inappropriate internet meme does not mean that you are being funny.

Re:Vulnerability in pacemaker firmware?

There's grade skools that's taught we to wright.

Re:Vulnerability in pacemaker firmware?

[tehcyder]

You haven't wired your heart to your modem yet? Quit living in the past, man!

What's a modem?

Re:Vulnerability in pacemaker firmware?

[Randle_Revar]

It's retro-cool, that's what it is!

Why are these approved?

[Errol+backfiring]

... he discovered no obfuscation efforts and even found usernames and passwords ...

How come such pacemakers were ever approved by the FDA?

Re:Why are these approved?

Because the FDA doesn't care about security. It's not in their mission or charter, and they don't test for it. Hopefully with issues such as this, that issue will be rectified.

Re:Why are these approved?

[nurbles]

The left side of the bell curve strikes again?

Re:Why are these approved?

The FDA cares only that you have a "quality process", and follow it. It doesn't actually care about the quality of the software that comes out of that process.

Re:Why are these approved?

Because the FDA doesn't care about security. It's not in their mission or charter, and they don't test for it. Hopefully with issues such as this, that issue will be rectified.

Uh, not their mission or charter? Care to tell me exactly what the fuck their mission and charter is, if it's somehow not trying to keep citizens safe from products produced by companies with crystal-clear motives (greed, profit), driven by executives with less-than-average morals?

Computer security may not specifically be their primary mission, but product security sure as hell is. And if it's not, then dismantle the whole damn organization, because clearly what the public thinks they do, and what they actually exist for, are two completely different things.

Re:Why are these approved?

The extensive product safety testing is mostly black-box for medical hardware. If you don't have roaming hackers in the testing environment specifications, you're out of luck.

Re:Why are these approved?

There are exceedingly strict regulations about the design of medical devices. The design must be formally qualified with models of reliability to provide a definite reliability figure during licensing. Software designs should, where possible, be formally (I.e. with mathematical logic) proven; as opposed merely to designed to a specification, tested and debugged.

Implacable medical devices also have critical energy requirements as batteries are not easily repelaceable. Any CPU cycles or logic circuits not essential for the device's primary function are highly undesirable.

It is not surprising that security has been omitted as it would be very expensive and degrade the performance of the device. Modern technology should, however, be more capable which may make such security measures easier.

Re:Why are these approved?

[netwarerip]

Maybe because the F stands for food and the D stands for drug?

Re:Why are these approved?

[cultiv8]

This has been known since at least 2008. The Economist has an interesting article about the FDA slowly moving towards open source medical devices to improve the overall security and reliability of software in medical devices.

Re:Why are these approved?

They were told not to concern themselves with such things.

After all, elected officials know far better, the people picked them, whereas unelected bureaucrats, well, they just have fancy degrees.

Re:Why are these approved?

[Errol+backfiring]

I worked for a company that does medical test (for the approval of new medicines) and there were quite a few rules for writing the software needed. This is "secondary" software in the sense that it only captures data and no life depends on it directly. I would expect unencrypted communication channels to prosthetics to be severely outlawed.

Re:Why are these approved?

[gweihir]

The FDA is clueless, susceptible to coercion and no competent independent security review was ever done.

Re:Why are these approved?

[Errol+backfiring]

Even the fact that an internal organ has or needs wireless capabilities baffles me. There are so many ways to abuse them! You can be tracked, for instance. Does Google have all the details of the pacemakers among the router data? Why not create a plug just under the skin so it is easily reached when needed? Wireless pacemakers literally are an unnecessary evil.

Re:Why are these approved?

It is their mission and charter. Anything that passes through their corrupt and greedy little hands is supposed to be safe for use. As in, it can't cause cancer after use, or shock your heart into stopping or open garage doors everytime you drive down a street (look it up).

Re:Why are these approved?

[RobinH]

Actually the benefit of wireless is absolutely obvious: you can monitor battery levels, even update firmware in the event of a serious bug, without doing surgery, and without having wires protruding through the skin (which is itself a major infection risk).

Re:Why are these approved?

Because the people at the FDA are romantics at heart.

"baby, you have the username and password to my heart."

Re:Why are these approved?

[gstoddart]

Maybe because the F stands for food and the D stands for drug?

Except, medical devices of all kinds are supposed to go through some fairly rigorous hurdles before they can be approved by the FDA. Even more so for the implantable kind.

That this is actually possible means either someone didn't fully grasp the impact of being able to get into these things remotely, or went for a "security by obscurity" approach. (Yes, they do need to be remotely accessible by the doctors, but you'd think they'd need to be somewhat more secure than this.)

Re:Why are these approved?

[aXis100]

Yeah, but there's a difference between short range wireless (several cm) and long range (10's of metres) that makes a huge difference to the possible attach vectors.

Re:Why are these approved?

[Rob+the+Bold]

Yeah, but there's a difference between short range wireless (several cm) and long range (10's of metres) that makes a huge difference to the possible attach vectors.

But since the attacker isn't worried about getting his hacked programming device approved, he's free to boost the amplifier and/or antenna gain on his end, or any other tweak he can come up with to increase the effective range.

Re:Why are these approved?

[drinkypoo]

medical devices of all kinds are supposed to go through some fairly rigorous hurdles before they can be approved by the FDA. Even more so for the implantable kind.

They do, but it's [been] more stuff like "resistant to body fluids and sanitizing compounds" and "rubber covers for all ports to prevent short circuits with possible sparks if items are set down on a metal surface which may be near an open oxygen tap" than "secure cryptographically protected interfaces" or "maximum protection for patient data".

Re:Why are these approved?

[cdrguru]

It takes a real paranoid person to think that someone would "just for fun" want to hack into a pacemaker. We haven't gotten over the idea that people are generally good and nobody would want to do this, even if they could.

The truth is that if you could kill someone with a mouseclick, you might - I don't care who you are, that is just the way people are in reality. We have operated under the assumption that "nobody would do this" for far too long.

Re:Why are these approved?

A good section of the Public probably thinks the FDA is responsible for keeping them away from the Cure for Cancer.

However, a better question is not asking about the overall purpose of the FDA, but the specific authorizations they receive for the regulation of medical devices.

And no, they are not empowered to make the kind of decisions you want, they are actually enjoined from doing so, because they're nothing but technocratic bureaucrats and that means they shouldn't be trusted with setting their own rules. Better let Congress do it...or better yet, the same companies that are trying to sell the products! Surely business will know what will serve the customer without getting in their way. Can't have overpowering regulations crushing entrepreneurs, now can we?

Re:Why are these approved?

[DragonWriter]

Yeah, but there's a difference between short range wireless (several cm) and long range (10's of metres) that makes a huge difference to the possible attach vectors.

There actually isn't a fundamental difference between short-range and long-range wireless: its all broadcast, and range depends on both the the sensitivity of the receiver and the power of the transmitter. You can't make a system "short-range only" when you control only one endpoint.

Re:Why are these approved?

The FDA is clueless, susceptible to coercion and no competent independent security review was ever done.

This post is clueless, susceptible to conspiracy theories and no competent independent thought was ever done.

Re:Why are these approved?

[an+unsound+mind]

The purpose of the FDA is to keep the profits of the pharmaceutical industry high. And nothing else.

FDA, for example, has entirely skipped on regulating "supplements". No matter their claims or effects, as long as they don't contain restricted substances.

Re:Why are these approved?

[bill_mcgonigle]

he's free to boost the amplifier and/or antenna gain on his end

This is why I was fairly shocked (:wince:) when Dick Cheney very publicly got a remotely programmable pacemaker while he was in office. We'd just read stories about bluetooth being beamed over something like a kilometer at the time.

Re:Why are these approved?

[Rich0]

Certainly part of their mission, but quality in the FDA realm has a peculiar definition. Quality is measured by presence/absence of paperwork for the most part. Sure, there are guides on what kinds of paperwork need to exist, but for the most part the FDA is much better at finding issues with the paperwork that is there than they are with finding issues with the paperwork that isn't there.

Most FDA types are doctors or scientists or such. You don't really get people thinking in terms of computer security.

I work with software tested to "FDA standards" all the time, though not with medical devices. I'm fairly confident that if I wanted to bypass the security in almost any of this software it would be fairly trivial to do so. Like most industrial control software, the software in health applications tends to be secure against casual intrusion. A doctor trying to guess passwords probably couldn't hack in, but there are a million other ways to get in that the people doing this kind of work don't think of. Lots of software implements the business logic on a client installed locally, which is almost impossible to secure.

There is obviously a risk balance, but any attack mountable over RF against a life support device of any kind HAS to be rigorously prevented. You don't want somebody with a directional antenna to kill 300 people in a large hospital from halfway across town.

Re:Why are these approved?

[an+unsound+mind]

And to add to that point:

People dying is very bad advertising for new medications, so FDA has an interest in preventing that. However, if someone else can be blamed for the death - or if it causes symptoms that can be treated or reversed - suddenly FDA cares much less.

Because if someone hacks a pacemaker the death can be blamed squarely on the hacker and FDA's hands are clean. Despite letting a dangerous, hackable pacemaker enter the market.

In many ways, FDA approval resembles a brand. And I suppose in that analogy supplements are "offbrand products".

Re:Why are these approved?

[Pinky's+Brain]

Well in theory you can use a ping to determine distance, generally though you won't.

Re:Why are these approved?

[fuzzyfuzzyfungus]

FDA, for example, has entirely skipped on regulating "supplements". No matter their claims or effects, as long as they don't contain restricted substances.

Talk to Congress(ask for Tom Harkin(D-IA) and Orrin Hatch(R-UT) in particular. Harkin appears to be a True Believer and gets some nice campaign cash from Herbalife, Hatch? Well, let's just say that Utah has a thing for 'supplements'.).
 
The "Dietary Supplement Health and Education Act of 1994’’ says that the FDA can't do jack about 'supplements', aside from some basic manufacturing standards stuff, unless they get enough adverse event reports to satisfy the burden of proof(on them) and do something about it.

Re:Why are these approved?

Because the FDA doesn't care about security. It's not in their mission or charter, and they don't test for it. Hopefully with issues such as this, that issue will be rectified.

GAO issued a very specific report last week recommending FDA take specific actions to improve information security of medical devices. FDA can only do what Congress allows, and most of these security problems appear to be "at time of use" which is outside their legal remit from Congress. But they could have a role for design controls during the pre-market notification (aka 510(k)) or pre-market approval (PMA) processes.

http://www.gao.gov/products/GAO-12-816

Re:Why are these approved?

Gads, I think that is what happened to him. Few are normally as evil as W, Cheney and Rove.

I figured that somebody else had to be pulling strings on them. Certainly that would make more sense than that they were total idiots who did not know how to conduct war or how to balance a budget and managed to destroy the US economy.

I am still trying to figure out what evil person is controlling Romney. That is the only way to describe his wanting to repeat evil.

Re:Why are these approved?

Talk to Dr. Burzynski about his Antineoplaston therapy treatment for cancer.
Go watch this video, and then make an informed opinion of the FDA.
http://youtu.be/1qG_ZWs04es
It is a crazy story of what happens with the FDA, and how they "approve" medicine. They are in collusion with the major medical companies, pharmaceuticals, insurance, equipment manufacturers. It is all about money. will Curing something give more money in the long run than just treating the symptoms.

Re:Why are these approved?

[cayenne8]

Uh, not their mission or charter? Care to tell me exactly what the fuck their mission and charter is, if it's somehow not trying to keep citizens safe from products produced by companies with crystal-clear motives (greed, profit), driven by executives with less-than-average morals?

The FDA is largely toothless....

I mean, recently, the FDA was ruled to NOT have the authority to shut down food processing plants that have multiple health/cleanliness/etc infractions.....

You'd kinda think that was a given, wouldn't you?

Nope...big business have their people (both parties) in the positions that run oversight organizations like the FDA...and they pull all the teeth from those organizations, they're just there symbolically these days....

Re:Why are these approved?

[Lehk228]

won't help, the ping has to be processed before being sent back. it would be trivial to emulate closer distance via more agile responders. instead of a general purpose PC recieving and replying from 10 inches, a fine tuned ASIC notified to expect a query by the transmittal module so it can do some of it's startup before the signal even arrives.

the only way to use reply time to measure max distance is to make use of processing which operates at the edge of physical laws, and typically such things can't do much computation so even that can be defeated by guessing the correct reply, if you can sent 100 million bad broadcasts per day, even a tiny fraction of correct guesses will be deadly

Re:Why are these approved?

[jwdb]

You can prevent this with a cryptographically secure ping: have the pinger send out a random number, and the pingee respond with the number signed with their private key. Assuming the pingee cannot predict the number beforehand, it can only respond after having received the ping and can therefore not pretend to be closer than it actually is.

Not sure if a pacemaker can handle crypto, however...

Re:Why are these approved?

[Lehk228]

my point is that the general purpose computer chip responding to the ping on the system deployed in 2012 will have a much slower response time than the liquid cooled overclocked ASIC killbot9000 deployed for assassination purposes in 2016, and so it can pretend to be much closer than it is, especially since even nanosecond differences in response times would be huge compared to the time for EM to travel 10 inches 10 feet or even 10 miles.

to be extra 1337 you can even cheat by starting the reply with a random guess of the first 7/8 bits if you only need a success rate of half to one percent (highly boosted signal trying to kill people in a large area undetected)

I'm shocked...

[AmiMoJo]

... by this shocking news! My heart nearly burst out of my chest I was so surprised!

Prank your family!

... Reminds me of the TV-B-Gone.

Re:Prank your family!

[ColdWetDog]

... Reminds me of the TV-B-Gone.

Father-in-law begone.

Better.

Well I'm convinced it's true

So pacemaker manufacturers put in mechanism for making 800 volt shocks? Some sort of huge capacitors? And they put this in just waiting for a security researcher to find?

Erm. Well I'm convinced! Must be true. Not some McGyver scenario at all.

"Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, game, hardware, retail, financial, media, travel, aerospace, healthcare, high-tech, social networking, and software development organizations. "

Re:Well I'm convinced it's true

[Hank+the+Lion]

I built a stun gun capable of generating 900,000 volts on-demand out of a few dollars worth of parts and a 9 volt battery, and it fits in the palm of your hand

900V or 9 kV I would believe, 900 kV not so much.
You would need creeping distances of more than 300 mm just to prevent arcing and making the voltage collapse before it even reached the 900 kV.
"900 kV" and "fits into the palm of your hand" are mutually exclusive, I think.
(and yes, I've designed and built multi-kV devices myself)

Re:Well I'm convinced it's true

[Chirs]

So pacemaker manufacturers put in mechanism for making 800 volt shocks?

Read the article. It's an implantable _defibrillator_. You know, the ones where they used to rub the pads together and yell, "Clear!" before using?

Re:Well I'm convinced it's true

You should explain that to all of the manufacturers offering commercially-available 900kV stun guns. There are batons available that reach into the MV range. These are not in any way new devices, and operate on the exact same principle as a defibrillator, albeit at far lower amperage.

Point being, 800-900 volts at a decent amperage is trivial to produce for even a shade-tree engineer without the need for "huge" capacitors; never mind multi-billion dollar companies employing nuclear power packs and highly-specialized equipment.

Re:Well I'm convinced it's true

[Hank+the+Lion]

Explaining it to the manufacturers of 900 kV stun guns will have no effect.
They know very well that their product does not reach 900 kV.
Those tasers may very well reach 90-100 kV (spark length of 3-3,5 cm), but not tenfold that.
It's just as with the 200W PMPO computer speaker sets that are supplied from a 12W transformer: pure marketing hype.

But, I agree with your main point: it is trivial to create a sufficiently high voltage in a small volume.
Even the simplest 2 kV fly swatter tennis rackets show that.

Function creep...?

[Horus1664]

Why would a device such as a pacemaker, with what seems to be a simple and bounded function, require the facility to communicate with anything?

Re:Function creep...?

[richardcavell]

Cardiologists commonly communicate electronically with the pacemaker after its insertion to adjust numerous parameters of its function. The pacemaker can also deliver information to the cardiologist about its usage history, battery state, etc. (Doctor) Richard Cavell

Re:Function creep...?

less scalpels involved if you need to get data from the device or reconfigure it

Re:Function creep...?

Probably to avoid surgery just to check its logs/battery level/performance/other issues with the patients harts that might be detectable with the pacemakers.

Re:Function creep...?

[kenh]

There is the other side of this - if the pacemaker was protected by a password, what if a cardiologist other than the one that installed it had to access/update/configure it? Either there would have to be a commonly-known access code (negating all attempts at securing the device) OR the doctor would have to contact the Mfg. or some central password authority to get the codes to access the device, and that might be an unacceptable delay in a life-or-death scenario.

Sure, you could ask patients to carry password cards OR tattoo the password on a body part if you really felt the need to password-protect the device.

Not so sure about one pacemaker updating another pacemaker, as the description mentions - does the pacemaker really have a strong enough transmitter to download a new firmware image onto another pacemaker in another body?

Re:Function creep...?

[ 571254000.0 ] /dev/heart - shock capacitor 100%, battery 9.5%, fatal errors 0, physical failures: 0, memory failures: 50, mobility: 80%, patient may need replacing.

Re:Function creep...?

Pacemakers aren't a "one-size-fits-all" device, every patient needs different programming, the ability to alter the pacemaker settings without having to remove it surgically from the patient is an absolute must. There's always fine tuning needed after being implanted, and diseases progress over time as well -- what is optimum today may not be tomorrow, so there must be a way to change the settings without having to open patients up at the drop of a hat.

My father was implanted one in august 2010 to help with his hypersensitive carotid sinus syndrome. Sometime in early september of that year he had an episode where he still fainted and fell (and hurt himself) because the pacemaker was operating on a less agressive setting than it should be. It was a matter of 5 minutes at the hospital to adjust the settings and thankfully it hasn't happened since. Imagine if he had to go under the knife again just to correct that, it would be pretty insane wouldn't it?

Also, for the first six months since he got it he was monitored every month, the pacemaker logs would be read to make sure everything was peachy, and the pacemaker tested to check that everything was working as it should (it generally involves speeding up the heart rate on demand up to 100 bpm for a few seconds and other self diagnose tests). For the six months after that he was monitored every other month, now he goes for a check twice a year. This would be impossible to do if the pacemaker wasn't able to communicate wirelessly with the monitoring equipment.

The equipment itself is kind of a loop looking device that is placed on the shoulder so that the loop itself is centered around the spot where the pacemaker is implanted under the skin. The rest looks like a portable dvd player. Everything fits inside a small briefcase.

Re:Function creep...?

[cultiv8]

Sure, you could ask patients to carry password cards OR tattoo the password on a body part if you really felt the need to password-protect the device.

What about implanting an RFID chip on the patient that constantly transmits the password? Oh, wait...

Re:Function creep...?

[devnullkac]

I think you're close. You need a secondary access method that requires direct skin contact near the device in order to bypass the front-line wireless security. Same concept as how most people will protect wireless access to their home network, but rely on physical security to prevent someone replacing their router: if someone can get close enough to get physical access, you'll know it and know to stop it before it's too late.

Re:Function creep...?

[Pinky's+Brain]

You can put a database with ID/key pairs inside the communication devices (pre-generated so you don't need to update the database). Can still be compromised of course by hacking the communication device, but it does add an extra layer of security.

Re:Function creep...?

[Pinky's+Brain]

Of course with a strong encryption algorithm a single secret key would be enough, but this is assuming you want to use something weak or password only.

Re:Function creep...?

[EnsilZah]

If it's a non-time-critical update/maintenance sort of thing then there's no reason one cardiologist couldn't contact another and get the access information beforehand or just have a very expensive, very hard to steal machine in the hospital that authenticates things for you.

If it's in the field, I doubt a paramedic would have the kind of training to be tweaking a pacemaker anyway.
I'm sure they could be carrying a smartphone-type device that tunnels from the pacemaker or other such medical device to a specialist back at a hospital.

Re:Function creep...?

Give the patient the password, and the ability to change it. If they want to give another cardiologist access, they can choose to do so.

Seriously, if a device is embedded in your body, you and you alone should be the final arbiter of what it does.

Re:Function creep...?

Sure, you could ask patients to carry password cards OR tattoo the password on a body part if you really felt the need to password-protect the device.

Might not be a bad way. Tattoo it next to the surgical scar, perhaps with UV-reactive ink. Puts it in a fairly handy place, where a surgeon will look.

Correction

[wonkey_monkey]

a series of 830 volt shocks from the pacemaker

Boomers

Boomers are pushing 70s now. Within the next 10yrs they are going to start dying of in droves anyway.

Re:Boomers

[dcw3]

At 53, I'm still a boomer. Considering that I'm still out doing 5 mile runs, I suspect I have the potential to hang on a bit longer.

Re:Boomers

[jasper160]

You are minority unfortunately. Most people today, of all age brackets, are part of the XL generation.

Re:Boomers

"Pushing" means the top end, not the bottom end of the age range.

Re:Boomers

[vlm]

Considering that I'm still out doing 5 mile runs

Sadly, in the USA, that makes you a far right corner of the bell curve elite athlete.

I shit you not, I'm considered an "athlete" or "jock" at work because I take a 1+ mile walk every day as a portion of my lunch hour while everyone else in the 500 person building sits around and gets fatter at lunch time.

Re:Boomers

[aicrules]

Distance running can be one of the places where what appears to be a healthy person ends with a heart attack. Keep up the exercise, but definitely be sure to have regular check ups with your Doc.

Re:Boomers

5 Miles is hardly distance running. More like a normal average persons twice a week light exercise. Then again, I don't live in the US.

Re:Boomers

[neyla]

Not "most", but more than a third of americans are obese, yes. If the trend holds, it'll be "most" in another decade.

Re:Boomers

[Urban+Garlic]

If after 53 years you still haven't finished your 5-mile run, you may not be in especially good condition...

Re:Boomers

[Bob+the+Super+Hamste]

Power lifting is also similar but there it is because so many power lifters don't do any cardio. Besides I would bet that someone who is taking care of themselves like working out daily also is getting their annual check ups.

Re:Boomers

[MiG82au]

I don't suppose you've ever worn a heart rate monitor during a weight lifting session. Recovering from anaerobic effort is an aerobic process (for some reason this escapes most people), and believe me, when you're lifting heavy you pant and beat hard afterwards. The times I've worn my HRM, my average HR was around 135 140 (about the same as fast walking?), peaking at 183 after deadlifts. And don't think that my rates are high because I'm unfit; when I do 10 mile time trials on my bike my average HR is ~170 over 26 minutes (37 km/h average speed). I'm not saying it's equivalent to any other cardio, but to say that lifting does not exercise the CV system is a load of BS. Admittedly, the effect would be reduced if you trained with 1 or 2 rep sets and very long breaks in between.

Re:Boomers

Ha. look up "Jim Fixx" on Wikipedia please.
Run all you want.

Re:Boomers

[Bob+the+Super+Hamste]

I don't think it provides as much of a cardio work out. I don't wear a HRM but after a session I have the elevated heart rate and am panting as well. Granted that is for short spans while a good cardio work out would give you a lower heart rate but over a much longer span which is what is needed.

Re:Boomers

Actually, you probably have a low heart rate - like many endurance athletes. Doctors call that Sinus Bradycardia. It's often perfectly healthy. However, if you start to show symptoms related to poor perfusion of blood through the brain (i.e., dizziness, loss of consciousness), then the doctor is going to recommend a pacemaker to speed you up a bit and get the blood moving a bit more. Endurance athletes for that reason are at a higher risk of needing a pacemaker than your average person.

I think I understand the lack of security

[ndogg]

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Re:I think I understand the lack of security

[machine321]

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Yeah, but there are a lot of developers are sociopaths. Fortunately one of the people who discovered this went public with the information.

Re:I think I understand the lack of security

[localman57]

Or just a common hacker who likes to mess with stuff. People have been finding ways to modify the ECM calibrations in cars for years, although until recently it hasn't been wireless capable.

So, Bobby, you're pretty good with the computers, right? Could you make the old ticker run a bit stronger for a while? Ya see, old man Johnson's been telling all the dames down at the retirement home all about how he keeps lapping me around the mall. I just need, you know, a little boost.

Re:I think I understand the lack of security

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Really? I think the developer was doing nothing more than assuming that the lockdown of the device was the job of "someone" other than him.

Developers often work in far-less secure environments because security blockades can impair development. Security is usually that step that everyone assumes that "someone" will do...until shit like this happens, when everyone finally realizes "someone" isn't there, or was never hired/budgeted for in the first place.

Re:I think I understand the lack of security

[Intrepid+imaginaut]

No, sorry this is just completely insane. Under no circumstances should this have been possible, at all, ever. How many senior politicians and CEOs have pacemakers? Something sounds like it went very wrong in the engineering, development, or management departments, or maybe all three.

Re:I think I understand the lack of security

[Errol+backfiring]

Unfortunately, it only takes one sociopath.

Or an advertising company (for tracking). Or a supermarket. Or...

Re:I think I understand the lack of security

It seems completely obvious that security simply was not part of their product development lifecycle. It makes sense that previous versions that did not accept outside information would not undergo some type of security auditing and without good corporate governance they would just iterate the development process.

Re:I think I understand the lack of security

[fph+il+quozientatore]

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?" Unfortunately, it only takes one sociopath.

Think about intelligence agencies and secret service. The same people that already killed with Polonium poisoning in the past, for instance.
It's a very clean and safe way to dispose of someone after all: who can tell it from a real heart attack after the fact?

Re:I think I understand the lack of security

[skids]

Unfortunately, it only takes one sociopath.

...or one particularly loathsome patient.

Re:I think I understand the lack of security

[skids]

There's a good chance the developer fuly intended to implement security. The conversation probably went like this:

PHB: Is it done yet?
Dev: All the basic functions work but now we need to do a secu....
PHB: Ship it!

Re:I think I understand the lack of security

[Chrisq]

I'm sure the developer was thinking, "Who would even think of trying to hack a pacemaker? Who would even want to?"

Unfortunately, it only takes one sociopath.

Or a Muslim driving through town with a live broadcast

Re:I think I understand the lack of security

[ColdWetDog]

No, sorry this is just completely insane. Under no circumstances should this have been possible, at all, ever. How many senior politicians and CEOs have pacemakers? Something sounds like it went very wrong in the engineering, development, or management departments, or maybe all three.

Think your statement through a couple more times. With emphasis on "CEO" and "politician".

Did something go wrong? Really?

Re:I think I understand the lack of security

[BoRegardless]

Or...an heir or business partner.

Re:I think I understand the lack of security

Actually, it might be detectable. The device keeps logs of all events seen and performed, so it would have hopefully logged that it received an external command to fire, or at least that it was accessed. This is all useful diagnostic data, so mfr's are likely to include that function. So now we know it was homicide, not an industrial accident.

We also know the time the guy died because it's a sudden and obvious thing in this case. Since proximity must be close (let's say even a 30' radius were possible with a boosted signal) and given the surveillance state we live in, it's likely that law enforcement will find some type of video recording of people carrying things (backpack, etc) in the vicinity. It would also have to either be a directed antenna or someone walking very close to the person with an omnidirectional of some kind, making it more obvious. Public locations are likely in this scenario, since private locations make you more likely to stand out (unless you hide in their bushes). Since cell location data also does not require a warrant, you can bet they will have every functional cell phone within a quarter mile radius of the deceased nailed down and know who was there and where they've been.

If the target is high profile enough, the freedoms you don't have thanks to the Patriot Act will ensure that the life history of anyone even remotely relevant is accessed and profiled. They will find their executioner.

It's an elegant way to kill someone for sure, but one that I think could leave traces if it weren't well thought out.

Re:I think I understand the lack of security

[Intrepid+imaginaut]

Politicians are people t- ...hmm... hm...

Re:I think I understand the lack of security

[tilante]

Logs? They were able to reprogram the firmware. You can't trust the logs - they say whatever the attackers want them to say. (Presuming the logs aren't being stored in a way that prevents them from being rewritten... but if their security is this bad, what's the chance that they did that?)

Time he died? Again, they were able to reprogram the firmware. Don't kill him right then - insert a "kill him at time X", with X being days, weeks, or months away. Note that you can also do things like "deliver the shock at time X, but don't log that you did, and after you deliver it, patch your own firmware to erase the reprogramming". I'm guessing that these devices are most likely using some form of flash memory for storage instead of magnetic memory... so if you do it properly, there's no trace at all that the code ever existed by the time someone tries to find out what happened.

Proximity? With a good amplifier and antenna, you could extend that to hundreds of meters. Let's be conservative and call it up to a hundred meters. But remember that radio waves travel through things that light doesn't -- the device doing the reprogramming could be in the trunk of a car, a nearby house, etc. You can't clear everyone away from hundreds of meters around every hotel room, house, etc. every major figure with a pacemaker is in, all the time.

So it becomes "profile everyone who's been within a hundred meters of this person since they ( had the pacemaker implanted / did whatever made them a target )". When that's a period of months or years, and the person involved is a major public figure, that's going to be minimum thousands of people, more likely tens of thousands.

Re:I think I understand the lack of security

Logs can be rewritten.

Crank 3

[revelation60]

Sounds like it could be the plot of the new Crank movie!

Isn't it plain and obvious...

[shiftless]

...the state of computer "engineering" is complete and utter shit if a fucking pacemaker can be hacked and compromised? What the mother fuck? Are you fucking kidding me? Shouldn't those be among the best designed, safest, most reliable and secure of devices? God help us all. Just wait until they drag us into this war with Iran here soon, and China and Russia decide to team up to end our bullshit and we end up descending into WW3.

Can you imagine the utter chaos in the U.S. when all our magic electronic boxes suddenly stop working, or worse, work silently behind our backs to sabotage and/or kill us? According to another /. article, it's 300+ days on average (sometimes years) between the finding of a typical "zero day" exploit and when it was actually found (kept hidden, and potentially exploited) by attackers. Who wants to bet money China and Russia both have teams of hackers dedicated to finding exploits for all common software and systems in the U.S., extensively documenting and writing code against them, nicely sorting and tabulating it all out and filing it away in an archive, then keeping this info close at hand at all times for when the right opportunity presents itself?

Right now we are more vulnerable than ever. Hands up: who here is looking forward to jumping into a world war with both feet, then being surprised by how much we don't know about our own security vulnerabilities, learning the hard way from powerful foreign countries that just might kick our asses, or at the very least cause massive damage (bombing, etc) to the mainland U.S.? We're learning now that pacemakers have huge gaping security holes. Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Re:Isn't it plain and obvious...

[mwvdlee]

Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Your sanity?

Re:Isn't it plain and obvious...

[thedonger]

Shouldn't those be among the best designed, safest, most reliable and secure of devices?

I'm surprised they would allow remote access without a direct connection. It's vulnerable enough in that it relies on electronic timing and can be affected by external electromagnetic forces; but, to make it accessible via wireless/RF/whatever just seems like a bad idea through and though.

Re:Isn't it plain and obvious...

[pauljlucas]

I'm surprised they would allow remote access without a direct connection. It's vulnerable enough in that it relies on electronic timing and can be affected by external electromagnetic forces; but, to make it accessible via wireless/RF/whatever just seems like a bad idea through and though.

AFAIK, wireless access was designed in so doctors can tweak the settings without having to cut into the patient to make a wired connection.

Re:Isn't it plain and obvious...

[MarkGriz]

utter shit if a fucking pacemaker
What the mother fuck?
Are you fucking kidding me?
end our bullshit and we end up descending into WW3.
work silently behind our backs to sabotage and/or kill us?
powerful foreign countries that just might kick our asses
Holy fucking Christ.

Ask your doctor if Xanax is right for you

Re:Isn't it plain and obvious...

[judoguy]

Direct connection is a BAD idea. How do you propose to do that? Anything that penetrates the skin, particularly with a direct cardiac connection is a huge infection vector. And yes, I used to work for a class III medical device manufacturer.

Re:Isn't it plain and obvious...

[locofungus]

"...the state of computer "engineering" is complete and utter shit if a fucking pacemaker can be hacked and compromised?"

While I don't know the details of this, I don't think you can claim that computer "engineering" is complete and utter shit because it's possible to do bad things that will kill people.

The vast majority of cars have wheel nuts that are accessible and use a standard spanner to remove. This is a real threat - cars with expensive wheels now typically use locking wheel nuts - but what you don't (often) get is people removing wheel nuts or letting down tyres "because it's fun and I'm 'leet' "

In the UK in the late 80s and early 90s we did have a spate of high performance cars being stolen and "joy ridden". This lead to deaths, both of the "joyriders" and of innocent passers by. Modern cars are much harder to steal and this is no longer a significant problem. But nobody was claiming that the state of mechanical engineering was complete and utter shit because they didn't engineer their systems from day 1 to prevent this happening. What actually happened was that insurance companies required sophisticated immobilizers on these high performance cars. The buyers then started demanding this as default from the manufacturers and then the manufacturers added these more expensive engineering details.

Tim.

Re:Isn't it plain and obvious...

[dywolf]

God help all those poor soldiers on the front lines with pacemakers.... ...

oh wait...

Re:Isn't it plain and obvious...

[cdrguru]

The clear answer is that security has been an afterthought and still is for the most part. There is also the rather idealistic notion that such things are utterly beneath humans to do. What we have found on the Internet is pretty much nothing is "beneath" humans. If someone can get away with doing some mischief, they might do it. If they can do it anonymously, it is almost a dead certainty someone is going to do it if for no other reason than for laughs or bragging rights.

We are clearly starting to see the dark underside of humanity. The Internet has allowed a huge amount of anonymous and pseudo-anonymous activity and this has pretty much turned over the rock so everyone can see the squishy, many-legged stuff that is buried in the human psyche.

No, I don't think there is any putting the genii back in the bottle. This pretty much means we are going to need a huge program to revise software with the first thought being "How can this be misused for fun and profit?" and the second being "Given infinite time, assume any security will be broken - so how do we keep this from being used in a harmful manner?" This means computers are going to get a lot harder to use and a lot of things that can't be automated in this environment will go back to manual systems or systems that require in-person, hands-on control.

Re:Isn't it plain and obvious...

Agreed. This fruit is the direct result outsourcing and Windows' development environments. No, this isn't
a bash - it really is fact-based. 98% of Windows developers don't fully grasp the concept of sizeof()
(sorry for the programming concept); only happy code paths are tested, and we wonder why these things happen...

CAPTCHA = incubate

Re:Isn't it plain and obvious...

Cracking the patient open to make the direct connection is more likely to kill them than a malicious hacker.

Re:Isn't it plain and obvious...

[Chrisq]

Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Your sanity?

Your dildo?

Re:Isn't it plain and obvious...

[Jack9]

> Then maybe you need to go work for a body piercer, who has more than enough experience installing hardware into people without so much risk of infection.

The epidermis is highly resistant to infection compared to internal organ tissue which largely has no nerves and no significant way to deal with infection. The primary cause of death for cardiac surgery patients is infection.

> Pretty sad a piercer would have more experience than someone that supposedly worked for a medical device manufacturer.

The sad part is your ignorance.

Re:Isn't it plain and obvious...

[ColdWetDog]

Last time I checked (and to be honest, I didn't look that hard given the location of the particular piercing), these afficiondos don't go for the deep structures like the heart. There are qualitative and quantitative differences between putting a piece of metal in your skin and a wire into your heart. Guess which one is easier?

That said, I've seen plenty of infected piercings. The nice thing is you can remove them and the problem goes away. Removing the heart has other consequences.

Re:Isn't it plain and obvious...

[ColdWetDog]

I think this guy is well into Thorazine territory.

Re:Isn't it plain and obvious...

[ZeroSumHappiness]

As a pile-on to what others before me have said, piercings usually go into healthy individuals. Pacemakers and similar devices usually go into people who are highly vulnerable to immune system compromise.

Re:Isn't it plain and obvious...

[gnasher719]

In the USA, there are plenty of people - millions actually - who have the means to kill anyone wearing a pacemaker quite easily. These people are called "gun owners". Now the number has increased by one - some idiot hacker who figures out how to hack into the pacemaker software. So what has changed?

Re:Isn't it plain and obvious...

[firewrought]

the state of computer "engineering" is complete and utter shit if a fucking pacemaker can be hacked

Ever seen the signs "warning: microwave ovens may be in use" on fast food joints and other places? Guess why: pacemakers used to be programmed via microwave signals. I hate to break it to you, but insecure, wirelessly manipulable pacemakers have been the norm for decades. Do they need to be secured? Yes, but don't assume that's the highest or most urgent design priority for these little boxes. After all, if you want to kill someone from 30 feet away, there are other devices that will do it for you.

Can you imagine the utter chaos in the U.S. when all our magic electronic boxes suddenly stop working, or worse, work silently behind our backs to sabotage and/or kill us?

Okay... someone's seen a few too many Hollywood movies. The next world war will feature some amount of state-sponsored hacking and some amount of deaths from such hacking, but it's not going to be a "Die Hard 4" scenario. More likely, resistance movements working against an aggressor nation will use small amounts of hacking in combination with other methods (social engineering, insider support, etc.) to carry out sabotage.

Hands up: who here is looking forward to jumping into a world war with both feet, then being surprised by how much we don't know about our own security vulnerabilities, learning the hard way from powerful foreign countries that just might kick our asses, or at the very least cause massive damage (bombing, etc) to the mainland U.S.?

You win an honorary eye-roll. Not because cybersecurity isn't a concern, but because you have quite an active imagination. It seems to me that US national defense has much bigger worries from other factors: a poor economy and shrinking middle class, radicalized ideologies both at home and abroad, unmaintainable federal debt, military pork and bureaucracy, and loss of domestic manufacturing (***this is the biggie, because it's PRODUCTION that wins wars). Just to name a few.

Re:Isn't it plain and obvious...

[T.E.D.]

This is why I have always absolutely refused to interview for biomedical jobs that use C. For stupid GUI's, fine use an insecure bug-prone language, but for God's sake not when human life is on the line. I will have no part in that.

Re:Isn't it plain and obvious...

I can pretty easily shine a flashlight through an inch of skin, muscle and bone (right through my wrist).

Here are 5 solutions which might as well be considered direct connections but do not penetrate the skin with anything that could be an organic infection vector:
1. Light: an optical sensor could be built into the device to be operated via a light source pressed against the skin.
2. Sound: a sonagram like device could make a connection in such a way that you could not reproduce it without skin contact
3. inductive coupling such as those used in "wireless" charging pads
4. magnetic coupling (whereas inductive coupling would utilize a current formed in the receiver, magnetic coupling would create a measurable magnetic field in the receiver to be used by internal electronics)
5. direct application of electricity to the skin - you can pass a measurable current through the human body safely (all you need to pass is something measurable, you don't actually need to power the device)

A simple inverse distance squared law from physics suggests that none of these would be practical at distances over several inches from the device and almost impossible at an exploitable distance from the target (you only need to get this to be more difficult than it would be to kill the target by other means).

Re:Isn't it plain and obvious...

[tiffany352]

Meanwhile, the Jet Propulsion Laboratory at NASA (among many other companies which need life-critical applications) have been writing in C using the VXWorks Real Time Operating System for decades. Why? Well, definitely not because it's an "insecure bug-prone language". The bug-prone languages are the high level languages you probably are suggesting we use instead, which, instead of causing user error, have undefined behaviour, internal implementation bugs, and often many layers of godawful code. Good C is probably a heck of a lot more secure than any "Good PHP" you could hope to write, especially if you go by JPL's C coding conventions.

Re:Isn't it plain and obvious...

[TheCarp]

Yes but, there are consequences. When someone gets shot, investigations happen, people with motive are questioned. Mode of death and circumstances affect alot.

As an example, I have some friends with a farm and a good amount of land behind it. They have a camping ground for events and a number of structures etc in the woods from the many many years of farm and other uses.

They allowed someone that was going through hard times to stay in their woods, living in one of the primitive stuctures. He helped out at the farm, feeding the animals. One day, they noticed the animals hadn't been fed, later on, they went out to check on him.... he had attempted to kill himself, but was still barely alive.

The parametics and police were decidedly unhappy about having to head out into the woods....but did tell my friends that its a really good thing that they found him when they did, because if he had died, and they came to find the dead body, the investigation would have been a very different matter, whereas, since he was (even if just barely) alive when the police arrived, they could just call it an accidental OD or possible suicide and not have to investigate.

Now, if it were a gunshot?... you know they would investigate. However.... guy with a pacemaker has a heart attack? Thats natural causes man.

This could have happened already, many times over, and nobody would be any wiser.... no need to investigate such an "obvious" death.

Re:Isn't it plain and obvious...

It's not a bug, it's a feature!

Re:Isn't it plain and obvious...

Meh. I wrote the firewall that's running on my PC myself. It's rewriting cookies and stripping GETs from the http stream to lock my browser down exactly how I want it, and it blocks and alerts me if anything I haven't preauthorized tries to make an outbound connection. If I ever have a pacemaker installed, I will get two of them, and I'll take one of them apart and understand it before the other one gets implanted, so I'm not as freaked out about any of this shit as you are. You may feel vulnerable, but I don't.

Re:Isn't it plain and obvious...

Modern cars are much harder to steal and this is no longer a significant problem. But nobody was claiming that the state of mechanical engineering was complete and utter shit because they didn't engineer their systems from day 1 to prevent this happening. .

Be that as it may it isn't really a relevant point. It wasn't the state of the cars mechanics that were shit, it was the pitiful security which allowed the thefts etc.

I tend to agree that things are rotten in the state of medical hardware if these hacks were so easily perpetrated.

Re:Isn't it plain and obvious...

[VisceralLogic]

In the USA, there are plenty of people - millions actually - who have the means to kill anyone wearing a pacemaker quite easily. These people are called "gun owners". Now the number has increased by one - some idiot hacker who figures out how to hack into the pacemaker software. So what has changed?

Don't forget the 10s of millions of car owners.

Re:Isn't it plain and obvious...

[reve_etrange]

The problem isn't bug-prone languages, it's bug-prone programmers.

Re:Isn't it plain and obvious...

[T.E.D.]

AKA: Human beings.

Re:Isn't it plain and obvious...

[shiftless]

While I don't know the details of this, I don't think you can claim that computer "engineering" is complete and utter shit because it's possible to do bad things that will kill people.

When was the last bug-free program you ever used?

The vast majority of cars have wheel nuts that are accessible and use a standard spanner to remove. This is a real threat - cars with expensive wheels now typically use locking wheel nuts - but what you don't (often) get is people removing wheel nuts or letting down tyres "because it's fun and I'm 'leet' "

What if cars randomly broke down on the side of the road and crashed for no apparent reason...and everyone sighed and just accepted it as normal, or inevitable? Would you then consider automotive engineering to be a flawed discipline?

Re:Isn't it plain and obvious...

[guruevi]

Besides number 5, all of those are exploitable. It just takes a strong enough light/sound/electromagnetic pulse. See Bluetooth 'sniper' rifles or modified (tin can) WiFi access points. Even though BT only works in the distance of couple of feet, with a strong enough antenna this can be extended to several hundred. Same goes for WiFi.

The thing is that it needs some sort of authentication before letting anyone 'reprogram' you which is severely lacking in these products.

Re:Isn't it plain and obvious...

Yes...an 'obvious' death...now point me in the direction of Dick Cheney.

Re:Isn't it plain and obvious...

I used to work for a company that made EEG ("brain wave monitoring") machines. Like the kind that would be used, for example, by an anesthesiologist- while you're being operated on- to regulate the type and amount of anesthesia- to make sure you don't wake up, or die. Kind of important, but not directly life-support.

So one day I was in the showroom and I was messing with one of the machines, and I did the kinds of things I should be paid big $ to do: I pressed some random keyboard keys simultaneously. Of course the thing locked up. So I tried the old ctrl-alt-delete and it rebooted. Wouldn't you trap the keyboard interrupt? Anyway, small company and basically 1 guy (not a true engineer) coded for that particular machine. I mentioned to him what happened and after a pondering pause, his response was: "why would anyone ever do that?"

(Hopefully I don't need to write more- you the reader should be able to understand the absurdity of the situation, and the bigger-picture problem that such things should NOT be allowed on the market or in any clinical use.)

Re:Isn't it plain and obvious...

Ages and ages ago, I wrote some statistics-gathering software for one of the leading pacemaker companies. This was around the time that microprocessors were starting to take over a lot of functions that previously had been implemented with discrete logic circuitry; and I asked one of the company reps whether they were planning to use any in their products in the future.

I clearly remember that he said their competitors were looking into it, but that they themselves considered anything involving software of any sort to be far too unreliable, and that their devices used only custom VLSI chips.

I expect they've changed their tune in the meantime, given the benefits of the much more sophisticated signal processing that you can do with software, and the more complex processing requirements of new applications (such as Implantable Cardioverter Defibrillators (ICDs)) that didn't exist back then.

Still, his comment made a big impression on a young programmer.

Re:Isn't it plain and obvious...

Don't worry.. we can shock the sanity out of you with a simple command...

Re:Isn't it plain and obvious...

When was the last bug-free program you ever used?

Exactly. The idea that most programmers are "computer engineers" is total bollocks. If the crap that comes out of software developers' hands were actually produced by people belonging to a real engineering institute, you'd have about a tenth the number of people working in the field, as most would-be "software engineers" would soon be booted out for unprofessionalism.

Re:Isn't it plain and obvious...

[Khyber]

If I'm ignorant, tell me all about the major piercings I have that not only go through muscle tissue but also bone, NOT just the epidermis.

Again, you know nothing.

Come back when you've got some pics on BME (that'd be Body Modification Extreme Magazine.)

Re:Isn't it plain and obvious...

[Khyber]

Usually, no, they don't. If there's a chance of immune system compromise, they'll get transcutaneous external cardiac pacing, not an internal pacemaker.

*sigh* But you people keep on thinking you know anything about the medical industry. It's not like I haven't had half of my skeleton replaced with metal, my heart jumpstarted several times, and other fun shit in 30 years of life and the risks that come with it.

Re:Isn't it plain and obvious...

[Khyber]

" these afficiondos don't go for the deep structures like the heart"

Go read you a BME magazine and tell me they don't go for deep structures. I've seen it from bone piercing to full-out surgical implants.

Re:Isn't it plain and obvious...

[Thiez]

Compared to the average person in need of cardiac surgery and a pacemaker, would you say your immune system is probably better, or probably worse?

Re:Isn't it plain and obvious...

[shiftless]

Exactly. Meaning the problem is: bug-prone languages.

Re:Isn't it plain and obvious...

[shiftless]

It's basically like, take that guy, multiply times a few million = the scale of the problem we face in bringing sanity to software development.

Re:Isn't it plain and obvious...

[Khyber]

Worse. Far worse. I have a severely compromised immune system due to immunosuppressants keeping my body from rejecting medical skeletal implants.

Extra-human capabilities, too?

"potential to commit mass murder"

How about using the functionality to ENHANCE your heart? For example: increase heart rate in anticipation of race, even out heartbeat to beat a lie detector, etc. ?? I don't know enough about pacemakers / ICDs to know if they could have any extra-human capabilities ... Anyone?

Re:Extra-human capabilities, too?

TFS says that a hack could spread from pacemaker to pacemaker - how the hell is that allowed? I can see a pacemaker being vulnerable to a remote control hack (not that they should be, but that security was forgotten), but who would make a pacemaker that was capable of talking out with enough power to reach another device at least 30 cm away? What usecase is there for this?

Re:Extra-human capabilities, too?

[Robert+Zenz]

I don't know enough about pacemakers / ICDs to know if they could have any extra-human capabilities ... Anyone?

"It's the sound of progress, my friend!"

Re:Extra-human capabilities, too?

Long distance disabling of the devices?

Dick Cheney

[inode_buddha]

Dick Cheney has a pacemaker...

Re:Dick Cheney

Then the world is saved, and all is good.

Re:Dick Cheney

[I_am_Jack]

Dick Cheney has a pacemaker...

Had. He has a transplanted heart now.

Re:Dick Cheney

Vampires don't need pacemakers they are dead already pffff

Re:Dick Cheney

Cheney has a heart now? I heard he was interested in Aztec religion, and this explains it. I feel sorry for the donor obviously.
http://hereinliesomelies.blogspot.co.uk/2010/08/dick-cheney-confesses-he-is-incarnation.html

(message to FBI software; this is merely a bad taste joke and I apologize)

Re:Dick Cheney

[greylion3]

Dang. I was going to start a bet about how long till Cheney bites it from a "malfunctioning" pacemaker.

On a side note; I've heard about organ recipients developing traits of their donors, so this might be a good thing.

Then again, bad news for whoever has their soul linked to Cheney until the ticker stops.

Re:Dick Cheney

[Lehk228]

he has a heart now?

Death Panels

[tgd]

Well, automation brings efficiency. This will just make Obama's death panels all that much more efficient!

Just need to send a letter in the mail! "Dear Sir or Madam, Can you please ensure you are standing within 30 feet of your computer tomorrow morning at 8am."

Re:Death Panels

[azalin]

Why not built a circuit into the letter? Like those cards that play music once you open them.

Hmmm... sounds familiar

[StefanSavage]

Seems like this was demonstrated four years ago, no?

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses.
D. Halperin, T.S. Heydt-Benjamin, B. Ransford, S.S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W.H. Maisel.
IEEE Symposium on Security and Privacy, May 18-21, 2008.

See: http://www.secure-medicine.org/icd-study/icd-study.pdf

new super villian!

this sounds like an awesome supervillian plot

I hope to see it in a comic book of movie very soon

Solution....

[coinreturn]

Tin foil vest.

Assassins Creed 2020?

[Fookin]

Sounds like a fun mission or mini-game for a future Assassins Creed title. Maybe you invade a Templar nursing facility and need to kill them without being detected.

*Lock-on target*

*BZZZZ-BZZZZ*

"Requiescat in pace."

Herp Derp article author

[Smerta]

(1) It was most likely an ICD (or pacemaker/ICD combination), not a pacemaker.

Pacemakers are used to establish a regular heartbeat (pacing) at a specific interval. Implantable Cardiac Defibrillators (ICDs) are used to deliver high-voltage shocks at a precise moment in time to stop an arrhythmia. Delivered at exactly the wrong time, this can induce an arrhythmia.

(2) "he issued a series of 830 volt shocks to the pacemaker using a laptop". Sorry pal, thanks for playing, hit the bricks, you're done. The ICD (not pacemaker) is the one issuing the shocks. At least the voltage level sounds about right. All of this starting from a ~3V battery too.

The wireless interfaces (telemetry) into pacemakers and ICDs are notoriously insecure, from all major device manufacturers. They are playing catch up now. Believe me, there is a lot of heartburn (no pun intended) in the ranks of corporate/executive management in the device companies when it comes to this topic.

A couple points worth remembering:

(1) These devices have very long lifetimes. The typical implant is expected to last 6-10 years (usually the battery is the limiting factor). So there are people walking around with devices in them with security problems from 10 years ago in some cases.

(2) It takes a tremendous amount of money to develop a new device in this class. All the testing, certification, trials, etc. The electronics and firmware are incredibly optimized for their specific function, the test suites are massive, the verification & validation processes are lengthy.

(3) Regarding (1) above about 10 year old firmware - essentially all devices support near-range telemetry, which allows a physician / tech within physical proximity (a few inches) to download logs about what events the device has seen / experienced. It also allows the device to be updated with firmware patches. Having been around this enough in different places, I'm pretty confident saying that it's always in the form of patches, as opposed to wholesale forklift updates.

Patches aren't just pushed out like Firefox releases, even the smallest one is a massive amount of effort -- even if the change is a one-line change in code. And more importantly, any patch requires the patient to visit the physician, the physician to be up to date on patches & warnings, etc.. I've seen data first-hand from 2 device manufacturers showing the distribution of devices & updates in the field, and believe me, not everyone is anywhere near up to date. Actually, it probably looks a lot like the Firefox version distribution...

Re:Herp Derp article author

[LeadSongDog]

Any such device is developed in a company run by medical doctors, not security engineers. While they want to produce an excellent, robust product, they lack the requisite sense of paranoia to value secure implementations.

Besides, when your heart goes on the fritz, do you really want the doc to have to waste time researching login credentials?

Re:Herp Derp article author

[Errol+backfiring]

Not exactly. The FDA at least should have rules for these devices like they have rules for almost anything else that has remotely to do with health or human bodies.

Re:Herp Derp article author

[dubdays]

Delivered at exactly the wrong time, this can induce an arrhythmia.

No kidding. That asystole arrhythmia is a real bitch.

Re:Herp Derp article author

Actually, it probably looks a lot like the Firefox version distribution...

Their distribution timing needs a pacemaker since its got severe arrhythmia?

Not all bad news

Doesn't Dick Cheney have one of these?

The Power of Three?

[GJSchaller]

Wasn't this the plot of a recent Doctor Who episode?

Oh come on...

I worked in Pacemaker and ICD design for a decade. All the devices that I saw required a high field strength magnet, generally built into the programming head, to be held with in 10 cm's of the implanted device during programming. The devices have reed switches/hall-effect sensors or the like built in to detect the magnetic field before unlocking the device for programming.

SImple fix

Have a physical switch disable wireless access, or make its case a Faraday cage. A technician then just has to remove the cover when they have to interface with the device. Why complicate the software?

This means a whole new line of clothing

Why just have one wire in your bra? Introducing the Faraday collection!

Re:This means a whole new line of clothing

[Chrisq]

Why just have one wire in your bra? Introducing the Faraday collection!

Will it match my tinfoil hat?

Love the fact that...

[AmIAnAi]

Love the fact that my targetted advertising at the top of the page was for defibshop.co.uk - "Need a defibrillator..."

In my head!

This makes me a little paranoid. I've got a pace-maker type device delivering small amounts of voltage to two implants in my brain! Talk about messing with your head...

Gee Brain, what do you want to do tonight?

[s_p_oneil]

This sounds like a plot for an episode of Pinky and the Brain.

See Karen Sandler's work on this issue.

[kfogel]

Hackable medical devices are a known problem -- there's a great paper on it from Karen Sandler, at that time at the Software Freedom Law Center (she's given OSCON talks about it too):

Killed by Code: Software Transparency in Implantable Medical Devices

And the SFLC's announcement / summary of the paper:

Software Defects in Cardiac Medical Devices are a Life-or-Death Issue

Re:See Karen Sandler's work on this issue.

Karen kicks ass!

Re:See Karen Sandler's work on this issue.

here's the video in case you're wondering:
OSCON 2011: Karen Sandler

Keren Sandler

Keren Sandler of Gnome Foundation did a talk about this very thing, her grief getting the source code for her implanted defibrillator from the medical device companies, Medtronic etc. Basically they have been acting like software companies 20 years ago, or industrial controller manufacturers 2 years ago.

http://www.youtube.com/watch?v=5XDTQLa3NjE

It seems security researchers are eventually skooling tech security complacent industries.

She mentions that Dick Chaney has a similar device that mechanically pumps his blood and that technically, he doesn't have a pulse.

Sounds like a design flaw on the pacemaker.

Such mission-critical devices should be designed to be impervious
to such exploits.

Same as SCADA software.

Same as air traffic control systems.

etc.

Wonderful discovery!

[fustakrakich]

12 years too late...

Fireman Bill fallacy?

[Okian+Warrior]

if a fucking pacemaker can be hacked and compromised [...] God help us all. Just wait until they drag us into this war with Iran here soon, and China and Russia decide to team up to end our bullshit and we end up descending into WW3.

Can you imagine the utter chaos in the U.S. when all our magic electronic boxes suddenly stop working, or worse, work silently behind our backs to sabotage and/or kill us?

I'd like to propose a new logical fallacy, the "Fireman Bill" fallacy.

That's where you start with a problem and predict a series of possible - but highly unlikely - events which lead to total catastrophe.

I don't see it on the Lofical Fallacy Bingo card. (Some are close or have similar characteristics, but none address the complete goofiness of the argument.)

Where does one go to register these things?

Re:Fireman Bill fallacy?

[shiftless]

It's only highly unlikely if you're a moron, or totally ignorant. Every fucking thing in the U.S. today is made in China. How many backdoors do you want to bet are installed in every aspect of our country? It's your blind ignorance that will end up getting us all killed.

Re:Fireman Bill fallacy?

[tehcyder]

I'd like to propose a new logical fallacy, the "Fireman Bill [google.com]" fallacy. That's where you start with a problem and predict a series of possible - but highly unlikely - events which lead to total catastrophe.

Sounds like a version of the slippery slope fallacy to me.

only person I can think of...

Where does Dick Cheney live?

DNS

[ThatsNotPudding]

Anybody got Dick Cheney's IP address? Just curious; totally unrelated to this story. Honest.

Re:DNS

First thought in my mind too.....

Isn't it the amps that'll kill ya?

http://www.msnbc.msn.com/id/49306749/ns/technology_and_science-science/t/why-david-blaines-million-volt-stunt-shockingly-safe

Granted I haven't taken a physics class in 25 years.

I think you're onto something!

[zooblethorpe]

You can program pacemakers to shoot lawyers in the face?!!!

Ooo, now there's an idea!

Beaker, get in here, I have something I want to show you...

Sanity Exploit

[zooblethorpe]

Holy fucking Christ. What else is out there waiting to be compromised and exploited?

Your sanity?

Sheesh, I thought that's what the presidential debates were for ...

:-P

For the Slashdot crowd: Clomipramine

[zooblethorpe]

No, seriously, it sounds like he isn't getting any, in which case he might want to try clomipramine / Anafranil.

Apparently around 5% of users report spontaneous orgasm when yawning.

I wish more things in life had side effects like that. Of course, that would necessitate certain changes to one's wardrobe, but I think the minor additional hassle would be well worth it...

:-P

Re:For the Slashdot crowd: Clomipramine

[shiftless]

LMAO at a thread full of armchair psychologists trying to figure out what medicine to prescribe to fix "OMG SOMEHOW NOT NORMAL!!1" What a bunch of morons. Look in the mirror: you're what's wrong with America.

Umm...

[zooblethorpe]

We are clearly starting to see the dark underside of humanity. The Internet has allowed a huge amount of anonymous and pseudo-anonymous activity and this has pretty much turned over the rock so everyone can see the squishy, many-legged stuff that is buried in the human psyche.

"Starting to see"? No offense, cdrguru, but you sound like someone who has never read any history. All of that squishy, many-legged stuff has been happily striding across the breadth and scope of human experience for some time now. Arguably, since we've been human. (And by some accounts, much longer than that even -- pretty much all of humanity's ugly behaviours have clear predecessors / analogs in other primate species.)

Cheers,

Summary

[g0bshiTe]

I for once found the summary very informative. As my father had a pacemaker, I wasn't aware that they created an AD-HOK when more than one was around. Who would have thought pacemakers communicated with each other?

exploiting

al queda is working at this very moment

Re: and if you like that...

[almechist]

No, seriously, it sounds like he isn't getting any, in which case he might want to try clomipramine / Anafranil.

Apparently around 5% of users report spontaneous orgasm when yawning.

I wish more things in life had side effects like that. Of course, that would necessitate certain changes to one's wardrobe, but I think the minor additional hassle would be well worth it...

:-P

Spontaneous orgasm is also one of the symptoms of heroin/opiate withdrawal - really, look it up! - but I'm in no hurry to experience that, either. Some things just aren't as good as they might seem to be at first (see also for example Priapism, another potential side effect of certain pharmaceuticals). I know, we're posting on Slashdot, we're likely desperate for thrills of this kind, but still...

I would seriously consider this to be a,...

[hesaigo999ca]

I would seriously consider this to be a sign of the times, how old is the programming on these pacemakers...old or new model....my money is on new!

its kinda hard to read TFA when

[KingBenny]

403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.

Re:its kinda hard to read TFA when

[KingBenny]

http://www.kurzweilai.net/hacked-terminals-capable-of-causing-pacemaker-deaths works better, very death note