medtronic

People with diabetes are scouring the internet for a discontinued insulin pump that can be reprogrammed as an "artificial pancreas"

Since 2014, open source hackers have been perfecting the OpenAPS, an "open artificial pancreas" made by modifying the firmware of discontinued Medtronic insulin pumps, which were discontinued due to the very security flaw that makes them user modifiable (that flaw also leaves them vulnerable to malicious modifications). Read the rest

Wireless vulns in Medtronic's implanted defibrillators allow remote shocks, shutdown, denial-of-service battery attacks and data theft

Medtronic is the most notorious maker of insecure medical implants in America, with a long history of inserting computers into people's bodies with insecure wireless interfaces, toolchains and update paths, and nothing has changed. Read the rest

Insecure medical implant company Medtronic finally plugs one of its worst vulnerabilities

Medtronic (previously) is a notoriously insecure medical implant manufacturer whose devices have been repeatedly shown to be grossly insecure -- their pacemakers can be hacked before leaving the factory! Read the rest

Bad infrastructure means pacemakers can be compromised before they leave the factory

It's been ten years since the first warnings about the security defects in pacemakers, which made them vulnerable to lethal attacks over their wireless links, and since then the news has only gotten worse: one researcher found a way to make wireless pacemaker viruses that spread from patient to patient in cardiac care centers, and the medical device makers responded to all this risk by doubling down on secrecy and the use of proprietary code. Read the rest

Slashdotter: I've had a pillcam stuck in my gut for 12 weeks and counting

BeauHD, a Slashdot moderator, has Crohn's Disease, and he lives in an age of modern miracles, which means that he can have his small intestine surveyed by swallowing a tiny pill-sized camera, rather than having a scope threaded up his rectum or down his throat, or having his gut sliced open. Read the rest

Apple, CTA and Big Car are working in secret to kill New York's Right to Repair legislation

Here's the list of companies that are quietly lobbying to kill New York State's Right to Repair legislation (previously), which would force companies to halt anticompetitive practices that prevent small businesses from offering repair services to their communities: "Apple, Verizon, Toyota, Lexmark, Caterpillar, Asurion, Medtronic" and the Consumer Technology Association "which represents thousands of electronics manufacturers." Read the rest

Can you audit the software that goes in your body?

The Software Freedom Law Center's latest white-paper, "Killed by Code: Software Transparency in Implantable Medical Devices," examines the strange circumstances around pacemakers and other implanted medical devices. Regulators like the FDA inspect the hardware designs for these devices in great detail, but the crucial software that runs the devices is a closed book -- a proprietary secret that's only ever called in for examination when the devices start to crash, with disastrous circumstances.

In 2008, the Supreme Court of the United States' ruling in Riegel v. Medtronic, Inc. made people with IMDs even more vulnerable to negligence on the part of device manufacturers.4 Following a wave of high-profile recalls of defective IMDs in 2005, the Court's decision prohibited patients harmed by defects in FDA-approved devices from seeking damages against manufacturers in state court and eliminated the only consumer safeguard protecting patients from potentially fatal IMD malfunctions: product liability lawsuits. Prevented from recovering compensation from IMD-manufacturers for injuries, lost wages, or health expenses in the wake of device failures, people with chronic medical conditions are now faced with a stark choice: trust manufacturers entirely or risk their lives by opting against life-saving treatment.

We at the Software Freedom Law Center (SFLC) propose an unexplored solution to the software liability issues that are increasingly pressing as the population of IMD-users grows--requiring medical device manufacturers to make IMD source-code publicly auditable. As a non-profit legal services organization for Free and Open Source (FOSS) software developers, part of the SFLC's mission is to promote the use of open, auditable source code5 in all computerized technology.

Read the rest

:)