In a presentation at the BreakPoint security conference in Melbourne, IOActive researcher Barnaby Jack described an attack on pacemakers that could, he says, deliver lethal shocks to their owners. Jack claims that an unspecified pacemaker vendor's devices have a secret wireless back-door that can be activated by knowledgeable attackers from up to 30 feet away, and that this facility can be used to kill the victim right away, or to reprogram pacemakers to broadcast malicious firmware updates as their owners move around, which cause them to also spread the firmware, until they fail at a later time. Darren Pauli from Secure Business Intelligence quotes Jack as saying,
“The worst case scenario that I can think of, which is 100 percent possible with these devices, would be to load a compromised firmware update onto a programmer and … the compromised programmer would then infect the next pacemaker or ICD and then each would subsequently infect all others in range,” Jack said.
He was developing a graphical adminstration platform dubbed “Electric Feel” which could scan for medical devices in range and with no more than a right-click, could enable shocking of the device, and reading and writing firmware and patient data.
“With a max voltage of 830 volts, it's not hard to see why this is a fairly deadly feature. Not only could you induce cardiac arrest, but you could continually recharge the device and deliver shocks on loop," he said.
Manufacturers of implanted devices have been resistant to calls to publish their sourcecode and to allow device owners to inspect and modify that code, citing security concerns should latent vulnerabilities be exposed, and put implantees at risk. But as Jack's presentation demonstrates, vulnerabilities can be discovered without publication -- and if they are discovered and not disclosed, they may never be patched (or may not be patched until coming to light in some kind of horrific attack). In other words, secrecy helps bad guys, but keeps good guys and innocent bystanders in the dark.
Hacked terminals capable of causing pacemaker deaths
(Image: Atlas Pacemaker, a Creative Commons Attribution (2.0) image from travisgoodspeed's photostream)
Hearthcabinet's "Ventless Fireplaces" use "pre-filled alcohol gel cartridges" -- that is, proprietary logs. When Drew quizzed the company's reps about this on Facebook, they danced around the question, but yeah, it's proprietary logs all right. The company notes that the design is patented (the founder, a product liability attorney named Michael Weinberger, has many related […]
It being 2019, you may now buy a portable cassette player with Bluetooth functionality. Meet Its OK, a ~$65 gadget currently firing up Kickstarter. Chaim Gartenberg: the It’s OK does the usual tape things, like playing cassettes or letting you record to tapes, it also bills itself as the world’s first Bluetooth 5.0 portable cassette […]
Eurogamer’s Will Judd flirts with heresy: “Are mechanical keyboards really good for gaming?” When it comes to PC gaming peripherals, stats and specs drive purchases. Gaming monitors became popular because they offered lower latency or higher refresh rates, while gaming mice boasted higher sensitivities and improved tracking accuracy. Yet this quantitative trend doesn’t seem to […]
With the rising temperatures on tap this summer, the climate is going to be a frequent topic of conversation, and those conversations won’t be happy ones. Luckily, there’s a way to do a little climate change of your own – in a safe and sustainable way. When it comes to personal air conditioners, EvaPolar is […]
Whether you’re using them for next-level selfies or steady tracking shots, gimbals are a must for anyone who wants to maximize the potential of these powerful smartphone cameras we’re all carrying around. But those smartphones are also supposed to be portable, and let’s face it: Gimbals tend to offset that advantage. Weighing in at just […]
It’s too hot for yard sales, but hey: The internet is here for you. Here are the top ten deals on some of the Boing Boing Store’s best gear, just in time for summer. It’s everything from grills to security cameras to MacBook Pros, and they might be as low as they’re ever going to […]