Almost half a million pacemakers need firmware updates to avoid getting hacked

[Shreyas1]

53 minutes ago, Taf the Ghost said:

This is why IoT is dangerous. 

 

I don't think this is as much IoT as it is convenience as to not have to remove the pacemaker every time a change is needed.

[NumLock21]

Wasn't this talked about years ago, where pace makers can be hacked?

[Shreyas1]

10 minutes ago, NumLock21 said:

Wasn't this talked about years ago, where pace makers can be hacked?

now we have a firmware update though. Also, closer to half  a million people have to get their pacemakers fixed now.

[Taf the Ghost]

35 minutes ago, NumLock21 said:

Wasn't this talked about years ago, where pace makers can be hacked?

It's been "known" for a while, like a lot of things in the high-end tech or security fields. Publicly admitted? Not so much.

[Beskamir]

2 hours ago, AshleyAshes said:

You need to consider the risk of infection.  Cutting someone open always presents a risk of bacterial or viral infection which is a serious risk in itself, especially in an era of increasingly antibiotic resistant infectious bacteria.  It's not uncommon to need to download telemetry and tweak settings on a pace maker.  So allowing short range wireless interaction with a pace maker actually SAVES lives as well as reducing risks of other harm from complications.

Fair enough but then the access one can get through a wireless connection should be incredibly limited ideally on a hardware level. Major changes should require physical access to the device imo.

[Vode]

2 hours ago, iamdarkyoshi said:

They need to be programmed externally via RF. You can't exactly put a USB port on a person

...yet

[LAwLz]

2 hours ago, Taf the Ghost said:

This is why IoT is dangerous. 

Except you know... the fact that this is not IoT?

The attack is not carried out over the Internet.

 

2 hours ago, Taf the Ghost said:

this is why "those in the know" have favored the older Pacemaker models for a while.

Such as?

Are those people "in the know" security experts, doctors or a mix of both? Because it would be very reckless of someone to recommend an old model which might be worse in very significant ways just because it is not vulnerable to a previously unknown attack.

[captain_to_fire]

6 hours ago, Shreyas1 said:

The FDA estimates that 465,000 vulnerable devices have been implanted in patients in the US. Hackers could use “commercially available” equipment to change the devices’ programming. In May, researchers found that pacemaker programmers could intercept the device using equipment that cost anywhere between $15 to $3,000, reported Ars Technica. Abbott will now require devices to provide authorization in order to communicate with the pacemaker.

Yikes! 

[Shreyas1]

8 hours ago, ElfFriend said:

Fair enough but then the access one can get through a wireless connection should be incredibly limited ideally on a hardware level. Major changes should require physical access to the device imo.

Yea, but if someone needs to change the speed or something, they have to take out the pacemaker and then put it back in

[Sauron]

12 hours ago, SageOfSpice said:

It's interesting that shutting it down is even a built in functionality? Huh. Might have to read into this more.

Well if you can reprogram it shutting it down may not be necessary do deal fatal damage.

[Ezzy-525]

12 hours ago, RGProductions said:

why would anyone need to add functionality to a pacemaker?

They're updating it to Windows 10 - Pacemaker Edition!

[WolfDeville]

Reminds me of this:

 

[WMGroomAK]

1 hour ago, Ezzy-525 said:

They're updating it to Windows 10 - Pacemaker Edition!

I figure if they were to put any OS on a pacemaker it would have to be an Apple OS so they could integrate in Beats by Dre...

[Jito463]

19 hours ago, ElfFriend said:

Fair enough but then the access one can get through a wireless connection should be incredibly limited ideally on a hardware level. Major changes should require physical access to the device imo.

Doctors need to be able to adjust the rate of pulses without having to cut you open, and that's all one would have to adjust in order to kill you (were someone so inclined).

[mr moose]

On 8/31/2017 at 1:16 PM, Taf the Ghost said:

This is why IoT is dangerous. 

 

Also, this is why "those in the know" have favored the older Pacemaker models for a while. This stuff has been known for a bit.

I'm sorry but,  "those in the know": must not be anyone with experience with the "older models".

 

Hell, I ain't no doctor but I remember watching people with pacemakers struggling to walk up one flight of stairs becasue they had the older pacemakers.