Slashdot Mirror
$75K Prosthetic Arm Is Bricked When Paired iPod Is Stolen
kdataman writes U.S. Army Staff Sgt. Ben Eberle, who lost an arm and both legs in Afghanistan, had his Ipod Touch stolen on Friday. This particular Ipod Touch has an app on it that controls his $75,000 prosthetic arm. The robbery bricked his prosthesis: "That is because Eberle's prosthetic hand is programmed to only work with the stolen iPod, and vice versa. Now that the iPod is gone, he said he has to get a new hand and get it reprogrammed with his prosthesis." I see three possibilities: 1) The article is wrong, possibly to guilt the thief into returning the Ipod. 2) This is an incredibly bad design by Touch Bionics. Why would you make a $70,000 piece of equipment permanently dependent on a specific Ipod Touch? Ipods do fail or go missing. 3) This is an intentionally bad design to generate revenue. Maybe GM should do this with car keys? "Oops, lost the keys to the corvette. Better buy a new one."
Who?
The guy in the article?
The article?
The editor?
The submitter?
At least start a new paragraph..
He'll be right. He is from the ARMy after all.
You know, given the terrible kind of software we see in embedded software, and the terrible security implemented by most companies ... I'm perfectly willing to believe this is an incredibly bad design, because there's plenty of evidence that these kinds of things tend to have incredibly bad designs.
Between companies using 10 year old Linux kernels, to having unpatchable systems, or just having really bad understandings of security, I've come to conclude this is the norm.
Lost at C:>. Found at C.
What if the ipod was dropped and breaks? What kind of poor planning is this where that one ipod was the linchpin of this expensive prosthetic?
MABASPLOOM!
I recently sat through a Touch Bionics seminar and, at least for the newer devices, all you need to do is enter the "serial number" of the hand into the app and it can control it. We even joked about how easy it was, so friends with prosthetic hands could prank each other by entering their friend's serial number into their own app and controlling their friend's hand. This may just apply to new devices though, maybe in response to problems like this?
It is quite possible that all three points that the submitter raises are valid. I'm very likely to believe that the design was intentional. After all, in the software world, the consumer has become the beta tester and if the consumer has software problems, he or she needs to buy expensive "support packages." In effect, the marketing departments figured out how to force the consumer to be a beta tester and make money from the consumer's problems.
Possibility 4) Hardlinking to a specific iPod makes it harder to hack the prosthetic arm from.
It's not the perfect way to prevent hacking, but I can certainly see why this could be considered a security feature that benefits the owner of the arm.
Would you rather have a prosthetic arm that does nothing or one that is controlled by some pubescent scriptkiddie?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
The guy who stole it could now be controlling his hand. "Now hand over your wallet! No, wait... I'll do it! Bwahahahahah!" Small favors and all that...
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
It makes me wonder why the arm/hand (which is it?) doesn't have whatever functionality the iPod provides built-in. You can't tell me there isn't enough room in even a forearm to store something iPod sized. I can understand it being linked to particular hardware to prevent any hijacking, but you would think that it would be much like car keys... I can get my $150 new key, but the dealer is the one that can program it to work with only my car.
Seriously, they charge an arm and a leg for prosthetic limbs!
=Smidge=
The article doesn't specify why they need to replace the hand rather than just do a software reset. But my first thought was of all those stories a while ago about security on diabetic pumps, and I thought "Well now we know why there shouldn't be security on these devices"
This posting is provided 'AS IS' without warranty of any kind, implied or otherwise.
at least for the newer devices, all you need to do is enter the "serial number" of the hand into the app and it can control it.
Gawd .. whats worse: Bad security or No security?
I am Slashdot. Are you Slashdot as well?
According to the user manual for i-limb,
To make changes to the limb, it either requires loading the software on a pc with blue-tooth or getting an ipod touch setup by i-limb.
Not a $75,000 loss by any means, sounds like the factory has to set up the ipod touch though. It is a pain in the rump, but most robberies are.
This is security through obscurity, until the arm sends his serial number over bluetooth or something.
Shouldn't the app be an Android app?
Hmmmm?
Apple removed the ability for iOS apps to read the iPhone's / iPad's / iPod's device id with iOS 7, which means any software that relied on that would no longer work.
https://www.facebook.com/pages/Prayers-and-Words-of-Hope-for-SGT-Ben-Eberle/265580916826243
have a look at his comment.
While it's easy for me to see this as a bad design, it's also not much of a stretch to believe that this was a conscious choice. After all, if it were trivially easy to pair a wireless device with the prosthetic, it would be trivially easy to take control of the guy's hand (think "Stop hitting yourself!").
Is this bad for the user experience, particularly given it's predicated on an easily lost, easily broken, and frequently stolen device? Certainly. Is the UX of the lost/stolen device better than the UX of a compromised device? Perhaps not.
I'm not familiar with the device, but the engineer in me want's to believe that no one would design a system with such an obvious weakness. I believe that it's more likely that the stolen iPod contains data which is tailored specifically to him and/or the prosthetic and it wasn't backed up properly.
If he was using a Zune, no one would have stolen it.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
This is what happens when Apple fanboys work anywhere.
4. It's a security feature ( a bad one maybe but still) and it doesn't cost $75k to get it re-authenticated.
- http://www.milkme.co.uk
After getting a quote from the dealers to get a lost key replaced for all three cars on my keyring (which dissappeared), I wondered if it wouldn't just be cheaper to have the cars towed away and re-buy new ones. (The prices ranged from $150-$275 EACH to have them replaced)
Is it just my observation, or are there way too many stupid people in the world?
Does the prosthetic co make you buy there ipad? if so they can sell ones that are the basic model jailbreak by them for say $1000 with there apps pre loaded. Also the paper work calls the ipad an medical device
Or pay 3x restitution on the retail value of the item stolen, and subject the engineer who designed such a foolish interface requirement to the 100 lashes and year of hard labor. That would seem a great deal more in line with the crime here.
Is it just my observation, or are there way too many stupid people in the world?
does i-limb make you use them so they can bill the VA, medicare disability, ETC say $200-$500 to pair an bluetooth device?
Does it seem odd to anyone else that he'd be fine with leaving the device in his truck's center console overnight that's required to make use of one of his arms?
"Pretty sure I won't come up with ANY need to use my other arm for the rest of the night.... Maybe I'll go fetch the controller tomorrow?"
Last time I checked, the government doesn't earn money.
Not even remotely true. Governments are perfectly capable of earning money when they choose to. Governments can and do own things and can behave very much like private businesses if they want to. In China and Egypt and Russia (and many more) have huge swaths of the private economy are outright owned by the government. The fact that the US government generally refrains from trying to make a profit and behaving like a private enterprise doesn't mean they cannot or do not. For a time in the very recent past the US government literally owned GM and Chrysler which means the US government was for a time in the automobile manufacturing business.
Not to mention that a government can literally "print" money if they want to. The Federal Reserve technically makes a profit every year though that doesn't really mean much in reality.
Taxpayers do.
Some do and some do not. People who stay home to raise children often do not earn any money. Religious leaders are often supported by tithes or donations earned by others. Elected officials and judges are typically supported by taxpayers.
There was still a limited range, like 100 feet or less, I don't remember the protocol, so it would really only be an issue if you were hanging out with lots of people with the same version of the hand.
"[Getting a new prosthetic hand and iPod configured to work together] takes a long time," Eberle told the San Antonio Express-News. "It's tedious and it's a lot of work with the hand itself."
So in fact, another ipod could work, but it has to be trained first. A good backup of the training data should allow a new ipod to be set up quickly, but it sounds like they didn't do that.
Have you read my blog lately?
Why would you make a $70,000 piece of equipment permanently dependent on a specific Ipod Touch?
$
"If any question why we died, Tell them because our fathers lied."
100 lashes would kill a man.
"If any question why we died, Tell them because our fathers lied."
I know people that have far more than $75k worth of data sitting on their home PCs with no backup.
No, no it's not security through obscurity. It's security through something you know - a perfectly valid method of securing something. Of course, it would be nice if in this case, you could change the thing you're supposed to know to be different to the device's serial number.
The software detects weak signals from damaged nerves to usefully move fingers of the prostetic arm. This is no floppy bird. There was probably an incredible amount of difficulty to get the thing working in the first place and the issue of backup was left for later. One day these things would be both modular and not cost $70k.
The iPod touch has a limited battery life... Though you'd hope it shares power source with the arm.
It was intentionally coupled to a specific device for legal/liability reasons related to medical devices.
Having to replace the entire arm is stupid though. Ideally, the arm should be able to be "re-paired" in a doctor's office or at the patient's home by a factory-authorized person such as his doctor or a technician. For legal/liability reasons, this might require replacing a chip but that should be no big deal.
In any case, the only reason I can think of for the arm to have to be replaced is if the company has gone through bankruptcy or is no longer in business, or if the arm has already exceeded its useful life as a medical device and as a result the company no longer supports it. This should not be the case for any adult prosthetic arm new enough to be controlled by an iPod.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I dunno; if the serial number is emitted over bluetooth, or guessable/brute-forceable, a range of 100 feet may mean dozens of people in which one troll may lurk, waiting to make your prosthetic go all Dr. Strangelove on you.
I'm not seeing the security here, other than the comparatively small attack space.
Welcome to the Panopticon. Used to be a prison, now it's your home.
I had my dog chipped but the vet said that if I ever let my iPhone run out of battery the implant will explode. I think the implant was made by the same company.
I'm not familiar with the device, but the engineer in me want's to believe that no one would design a system with such an obvious weakness.
I run a company that makes wiring harnesses and I am an engineer (as well as an accountant) myself. I assure you that there are a LOT of idiots who would would design such a stupid system. I get to deal with some of them on a semi-regular basis.
We like to pretend here on slashdot that engineers are universally good at their job and always do quality work but I have several file cabinets full of evidence 10 feet from where I sit that proves that too many engineers are monumentally incompetent idiots. On a daily basis I see drawings that are incomplete, incorrect, badly designed, occasionally dangerous, specify incompatible or needlessly expensive parts, difficult or impossible to read, sloppy, cannot be manufactured and even just plain incoherent. I have seen precisely 7 product drawings (out of hundreds) in the last 5 years where I could build the product detailed on the print without asking even a single question or correcting some error. This is quite simply bad engineering by people who aren't very good at their jobs.
The fun part of engineering is figuring out a clever solution to a problem. The harder and less fun part of engineering (but probably the more important part) is documenting the solution in such a way that others can understand and replicate your solution and adjust/debug it if necessary. People who can write good quality work instructions are a shocking rarity even among very smart people. A lot of engineers will take easy shortcuts even when it results in a worse and more expensive product in the long run.
Apple doesn't allow access to UDIDs (universal device identifiers) anymore, so unless the software is quite old, or requires a jailbroken device, the prosthesis cannot be paired to the device. (That's one of the reason why you can't access the UDID anymore, because pairing information with a device is stupid; the bigger reason is privacy).
The prosthesis can easily be paired to an AppleID plus an application specific ID. However, all information about this would be stored on the device, backed up to iTunes, and could be restored by just buying a new phone, entering the AppleID and password, and downloading the last backup.
If that doesn't work, then these guys must have some really strange and stupid software design + implementation.
Then they aren't taxpayers, are they?
Sure they are. I assure you that the priest who is fully supported by his congregation is taxed on his "earnings". A housewife still has to file and is responsible for the taxes on the spouses income even if they had no role in actually earning it. All those people still pay sales, use, gasoline, excise, etc taxes. It's essentially impossible to not be a taxpayer on some level.
People who didn't want their car stolen again asked for that feature. Feel lucky that you didn't have need of it before it existed.
Their bikes come with one red key, and when it breaks, you cannot program new keys. The ID of the keys are programmed into the ECU. When those keys quit, Ducati's policy is that bike is never is never allowed to be started again unless you replace both ECUs and the instrument panel which in my case cost 1.5x what the bike was worth. I had to part-out my 2005 Monster after my box with my keys was stolen while I was moving. Of course most of the electroncis, including the instruments, had to be thrown away rather than being able to sell them on ebay like the mechanical parts because of Ducati's policy. My $6k bike turned into about $2k worth of parts.
I probably came-out even because when I took the bike apart to sell for parts I noticed the timing belt was shredded and about to fail. In order to decrease the service interval and get more people to return to the dealer more often for horrifically expensive service, Ducati designed the engine to self-destruct if the timing belt even slipped a few teeth. If Ducati's red key policy hadn't ruined my bike, Ducati would have soon destroyed the engine anyway so the bike would have been worth nearly nothing. Also, Ducatis are very dangerous when this policy goes into effect because it locks-up the back tire. The saleman I bought it from had been down twice due to this policy, once on a track and again the dealership parking lot. Also, the insurance on my Kawasaki was about $450 per year and on my Ducati it was only $134. Ducati's trashing of bikes is a very effective anti-theft measure so insurance is cheaper than with other bikes. Thieves hate stealing things that turn themselves into scrap. Of course with Ducati, the bikes more often turn themselves into scrap without being stolen.
Nobody would have touched it if he had clasped that iPod in his bionic hand.
This is not the sig you're looking for.
Each one is a custom job. Not that many are produced per year. It's "high tech".
I must admit that it's expensive, but not rediculously so.
I think we've pushed this "anyone can grow up to be president" thing too far.
....it's no shock that we're seeing a whole new form of vendor lock-in.
BeauHD. Worst editor since kdawson.
3) This is an intentionally bad design to generate revenue. Maybe GM should do this with car keys? "Oops, lost the keys to the corvette. Better buy a new one."
Ever hear of an iCloud backup? Also... note what the article states about how the prosthetic will be replaced:
If such tragedy happened to you or me, govenrment would not pay, and insurance would probably find a way to not pay.
I support the troops strongly and all, however, I have to question if gov't paying for $75,000 iPhone-dependant prosthetics is appropriate at all. They should use their economic clout to force more reasonable pricing and not accept bullshit reasons to require a replacement.
100 lashes would kill a man.
Nonsense. It might do so rarely, but there are many documented cases in military history of men being sentenced to 1,000 lashes or more and surviving. Permanent disablement was an expected outcome of such a sentence, but not usually death. In a recent case of a teenage girl sentenced to 100 lashes in the Maldives, Amnesty International described the likely outcome as "long-term psychological as well as physical scars". I would imagine they had an expert on the subject make this assessment.
Bionic limbs should use standard USB chargers.
Do you think the voltage or amperage would warrant it? If it doesn't run on 5v servo motors, you'd have to include an extra transformer. Not to mention the slow charging time with USB on such a high amperage device.
http://touchbionics.com/produc... Nothing on their about a 1:1 relationship with the device. Most likely lost training data and presets which could represent a significant time investment. Though one has to wonder why the device was not backed up so that a new one could be restored from the backup. Most likely this is just poor journalism... Ie running with a sensationalist story and not following up. There isn't even a mention in the article of trying to confirm the idea the hand would have to be replaced with the actual manufacturer of the hand. That said, if this one is true then I hope the full wrath of the internet viral mob is brought to bear on touch bionics for such an asinine design.
I don't ask you to be me. I only ask you not expect me to be you.
I'm a tech reporter at Slate, and after looking into this I found that the prosthetic was not actually bricked when the iPod was stolen. See: http://slashdot.org/submission...