Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Medicine News

Researcher Reverse-Engineers Pacemaker Transmitter To Deliver Deadly Shocks 216

Posted by Soulskill from the cheerful-news-of-the-day dept.
Bismillah writes "Pacemakers seem to be hackable now too, if researcher Barnaby Jack is to be believed. And the consequences of that are deadly. Anonymous assassinations within 30 feet of the pacemaker seem to be possible. From the article: 'In a video demonstration, which Jack declined to release publicly because it may reveal the name of the manufacturer, he issued a series of 830 volt shocks to the pacemaker using a laptop. The pacemakers contained a "secret function" which could be used to activate all pacemakers and implantable cardioverter-defibrillators (ICDs) in a 30 foot -plus vicinity. ... In reverse-engineering the terminals – which communicate with the pacemakers – he discovered no obfuscation efforts and even found usernames and passwords for what appeared to be the manufacturer’s development server. That data could be used to load rogue firmware which could spread between pacemakers with the "potential to commit mass murder."'"
This discussion has been archived. No new comments can be posted.

Researcher Reverse-Engineers Pacemaker Transmitter To Deliver Deadly Shocks More

Researcher Reverse-Engineers Pacemaker Transmitter To Deliver Deadly Shocks

Comments Filter:

  • Why are these approved? (Score:5, Interesting)

    by Errol backfiring ( 1280012 ) on Wednesday October 17, 2012 @08:16AM (#41679779) Journal

    ... he discovered no obfuscation efforts and even found usernames and passwords ...

    How come such pacemakers were ever approved by the FDA?

  • Re:Function creep...? (Score:5, Interesting)

    by kenh ( 9056 ) on Wednesday October 17, 2012 @08:56AM (#41680017) Homepage Journal

    There is the other side of this - if the pacemaker was protected by a password, what if a cardiologist other than the one that installed it had to access/update/configure it? Either there would have to be a commonly-known access code (negating all attempts at securing the device) OR the doctor would have to contact the Mfg. or some central password authority to get the codes to access the device, and that might be an unacceptable delay in a life-or-death scenario.

    Sure, you could ask patients to carry password cards OR tattoo the password on a body part if you really felt the need to password-protect the device.

    Not so sure about one pacemaker updating another pacemaker, as the description mentions - does the pacemaker really have a strong enough transmitter to download a new firmware image onto another pacemaker in another body?

Slashdot Top Deals

After a number of decimal places, nobody gives a damn.

Close