Comments on: Wear a pacemaker? Be nice to hackers ‘cos they can kill you. http://aralbalkan.com/1445 Passionate geekisms. Fri, 19 Mar 2010 19:46:31 -0700 http://wordpress.org/?v=2.8.5 hourly 1 By: Jason The Saj http://aralbalkan.com/1445/comment-page-1#comment-175695 Jason The Saj Mon, 11 Aug 2008 14:01:40 +0000 http://aralbalkan.com/1445#comment-175695 While many would probably not die if their pacemakers were turned off. It's more there to help keep pace. Aid could probably be given to most in a timely fashion. Many pacemakers also have built in defibrillators to shock the heart if it stops. If one could hack such pacemakers and trigger the defib, that oculd very likely kill someone. Quite scary, but I've long suspected pacemakers to be a weakness. - The Saj While many would probably not die if their pacemakers were turned off. It’s more there to help keep pace. Aid could probably be given to most in a timely fashion.

Many pacemakers also have built in defibrillators to shock the heart if it stops. If one could hack such pacemakers and trigger the defib, that oculd very likely kill someone.

Quite scary, but I’ve long suspected pacemakers to be a weakness.

- The Saj

]]> By: Gareth Rodger http://aralbalkan.com/1445/comment-page-1#comment-175319 Gareth Rodger Sat, 09 Aug 2008 16:58:30 +0000 http://aralbalkan.com/1445#comment-175319 That's incredibly stupid. Give the pacemaker a serial number and store the data just like all other medical data - in a database somewhere. Surely the data can then be kept updated as-well. As for turning the blinking thing off, add encryption as you say then store the key in the patients medical logs. I can't quite understand how this was not thought of during the design or even development stages. That’s incredibly stupid.

Give the pacemaker a serial number and store the data just like all other medical data – in a database somewhere.

Surely the data can then be kept updated as-well.

As for turning the blinking thing off, add encryption as you say then store the key in the patients medical logs.

I can’t quite understand how this was not thought of during the design or even development stages.

]]> By: Aral http://aralbalkan.com/1445/comment-page-1#comment-175316 Aral Sat, 09 Aug 2008 16:42:34 +0000 http://aralbalkan.com/1445#comment-175316 @Jane: Separating the information from the controls and encrypting the controls should be the first step. There's a huge difference between being able to read someone's information and killing them. :) Data privacy is IMHO, relatively speaking, not that big a concern and could be left unencrypted in the short-term at least. @Jane: Separating the information from the controls and encrypting the controls should be the first step. There’s a huge difference between being able to read someone’s information and killing them. :) Data privacy is IMHO, relatively speaking, not that big a concern and could be left unencrypted in the short-term at least.

]]> By: Jane http://aralbalkan.com/1445/comment-page-1#comment-175279 Jane Sat, 09 Aug 2008 12:51:48 +0000 http://aralbalkan.com/1445#comment-175279 Pacemakers at the moment can contain information about the patient which can be accessed by hospitals and which can help identify the patient if they're not conscious after an accident or similar. If you were to encrypt all the information, you'd need to ensure that all the readers could decrypt the information in case of emergency, which would mean having separate keys for each pacemaker manufacturer. An interesting technical challenge : 1) prevent unauthorised sources from "tampering" with the settings of the pacemaker - i.e. bpm at which to fire etc 2) allow access to salient patient information to allow identity and serious allergy/patient records of importance to still be available 3) ensure that the lifetime of a pacemaker battery isn't impacted - 10 - 15 years is the current average Pacemakers at the moment can contain information about the patient which can be accessed by hospitals and which can help identify the patient if they’re not conscious after an accident or similar. If you were to encrypt all the information, you’d need to ensure that all the readers could decrypt the information in case of emergency, which would mean having separate keys for each pacemaker manufacturer.

An interesting technical challenge :
1) prevent unauthorised sources from “tampering” with the settings of the pacemaker – i.e. bpm at which to fire etc
2) allow access to salient patient information to allow identity and serious allergy/patient records of importance to still be available
3) ensure that the lifetime of a pacemaker battery isn’t impacted – 10 – 15 years is the current average

]]> By: Ronny http://aralbalkan.com/1445/comment-page-1#comment-175250 Ronny Sat, 09 Aug 2008 10:12:28 +0000 http://aralbalkan.com/1445#comment-175250 Wow! I first thought you're kidding... I wonder how they will fix that... Bush doesn't happen to be wearing one of those? :p Wow! I first thought you’re kidding…
I wonder how they will fix that…
Bush doesn’t happen to be wearing one of those? :p

]]>