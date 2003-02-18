from the while-(will):live dept.
Karen Sandler of the Software Freedom Conservancy delivered a keynote presentation last week at linux.conf.au 2018 (LCA) in Sydney, Australia. Specifically she spoke about her multi-year odyssey to try to gain access to the source code for the pacemaker attached to her heart and upon which her life currently depends. Non-free software is having an increasingly (negative) impact on society as people entrust more of their lives to it. That software is found in an increasing number of places, both high and low, as all kinds of devices start to run fully networked microcomputers.
In her first LCA keynote 6 years ago, Karen first told the people of LCA about her heart condition and the defibrillator that she needed to have implanted. This year she described her continued quest to receive the source code for the software running in her defibrillator, and how far she has been able to get in obtaining the source code that she's been requesting for over a decade now.
(Score: 2, Troll) by JoeMerchant on Saturday February 03, @02:58PM (4 children)
Sorry to say, Karen, but security though obscurity is a thing, and it's a big part of what's keeping pranksters from slipping up behind you with a little programmer wand and stopping your heart with a cell-phone app.
If you are able to obtain a copy of the (incredibly simple) source code in your implantable device, then so are many other people, and if it's that easy to do, somebody with bad intent will do it, and then publish an Instructable about how to cause every implantable defibrilator passing the anti-theft panels at WalMart and your local library to shock their implantees as they walk through.
When Dick Cheney got an implant, there was serious talk about customizing it just to prevent these kinds of possibilities - and I think it was done. Most people don't have as many targets painted on them as Dick Cheney, so the level of concern is a bit lower for the general population.
So, Karen Sandler - when you raise enough awareness of these issues to gather $10M USD, you _might_ have enough of what the industry pays attention to to enter talks with a smaller, scrappier implant company about developing an open source variant of an existing device. I don't think you're looking at a net-profitable venture, but after the development cycle, that open source variant of the implant might attract a couple of extra points of market share, from the 2% of people in the world who even have an inkling of why what your are saying is important.
(Score: 1, Funny) by Anonymous Coward on Saturday February 03, @04:08PM
Except maybe his hunting partner.
(Score: 0) by Anonymous Coward on Saturday February 03, @04:09PM (2 children)
Encryption keys and passwords in the hands of users is one thing, but security through obscurity controlled completely by a third party is just asking for disaster. If the pacemaker security is that weak, then these companies need to be held liable immediately.
What's even more important, though, is freedom. All software should respect users' freedoms. As a society, we need to encourage education and independence; proprietary software is antithetical to those values.
Personally, I think we're doomed. If only 2% of the people in the world (if that) care about whether or not the computing devices that they interact with (even indirectly) every day of their lives are black boxes, then we're just asking for disaster. Bring on the planet-destroying meteor, because I can't handle that much ignorance and stupidity.
(Score: 2) by JoeMerchant on Saturday February 03, @04:28PM (1 child)
Pacemaker security is that weak. Good luck holding them liable, where are the damages? It is a disaster waiting to happen, luckily most (not all) pacemakers, defibrillators and similar devices are not network connected - though most are wirelessly programmable via near-field devices.
We've been asking for disaster for decades now. Since it hasn't happened yet, we seem to keep asking harder... someday it will get here.
(Score: 2) by canopic jug on Saturday February 03, @04:41PM
It is a disaster waiting to happen, luckily most (not all) pacemakers, defibrillators and similar devices are not network connected - though most are wirelessly programmable via near-field devices.
Not any more. Towards the second part of her presentation she told about being faced with having to replace the device. All the new models had wireless. Not a single US vendor was willing to provide the option to turn it off, some refused even to talk about it. She lucked out in that her doctor found a European supplier authorized for use in the US which had a single model with that option.
Money is not free speech. Elections should not be auctions.
(Score: 3, Insightful) by turgid on Saturday February 03, @03:52PM (7 children)
Every single piece of source code I've ever seen has made me question what the coders have done. If I saw the source code to an implanted medical device, I'd have more to worry about. The additional stress would probably be detrimental to my health. No thanks.
(Score: 2) by bzipitidoo on Saturday February 03, @04:24PM (6 children)
WTF? First Joe Merchant says maybe security through obscurity isn't so bad, and then you say you want to bury your head in the sand?
What's wrong with you?!? Did you get a brain implant with closed source code, and it's affecting your thinking?
(Score: 2) by JoeMerchant on Saturday February 03, @04:32PM (1 child)
You misread me, I'm not saying it's not so bad. I am saying: it is the current state of the art - millions of implantees around the world have wirelessly programmable life support devices without even as much as a programmable pass-code in them. If you know how to program one copy of the model, you know how to program them all - and I know of at least 100,000 devices in the field which are programmable to stimulate at over 3x the level for which they are approved for use in humans, it's a research mode and the only protection against going into research mode is built into the company programmer software, not the implantable device itself.
(Score: 2) by bzipitidoo on Saturday February 03, @04:57PM
Sounds similar to the infamous Therac-25.
Security through obscurity may be the current state of affairs, but it's definitely not the current state of the art! We know better than that. Sounds like a lot of executives are being bean counters, taking shortcuts the recklessness of which they don't understand and can't be bothered to care about, to save a few cents. That practice ought to be stopped, but I guess it won't be, until there's a major accident killing dozens or hundreds or more patients, and they can't wiggle out of responsibility by blaming it on the patients, their bad genes, the doctors, evil hackers, or whatever.
Medical providers like to excuse their outrageous price gouging by claiming the money helps them go the extra mile to assure more safety. And then they pull stunts like this.
(Score: 3, Insightful) by turgid on Saturday February 03, @04:39PM (3 children)
If I had the source code to a device keeping me personally alive, I'd be obsessed by it. I wouldn't stop thinking about it night and day. I've worked in safety critical industries before (nuclear power) and safety never relied on a single point of failure. I've seen the machinery, I've read the operating procedures and I've reviewed the safety case. I've also been "doing" software since I was a small child, and let me tell you the quality of that stuff is pretty uniformly terrible. In general, human beings refuse to learn how to write good software. In safety critical systems, we usually rely on at least redundancy (several instance of a device), diversity (different designs and manufactures) and segregation (physical barriers between systems to prevent a fault spreading, like fire). I'd much rather rely on a medical device that contains no software at all. Fly by wire aircraft worry me.
(Score: 2) by canopic jug on Saturday February 03, @04:46PM
Fly by wire aircraft worry me.
I don't know if it still works but one guaranteed way to put a commercial jet pilot into great distress and or depression used to be to get them to realize that "avionics" are computers. Further that avionics were computers that had escaped, perhaps temporarily, the influence of Wintel and the M$ mindset. That "temporarily" part really used to get them.
The current state does not look promising [aviationtoday.com].
Money is not free speech. Elections should not be auctions.
(Score: 2) by bzipitidoo on Saturday February 03, @05:05PM (1 child)
Is it that having the software would drive you crazy, or the mere fact that you could obtain the software? You are free to ignore it. But the rest of us would feel better if we could review and improve the code.
There is a way to get peace of mind that it really is flawless, if the code base is small enough: formal verification. Being embedded, ithere's a good chance it is. It can't be the usual mess of 1 megabyte of library code per 100 lines of application code.
(Score: 2) by turgid on Saturday February 03, @05:13PM
You're right, if it's a few hundred lines of embedded code, it can be formally verified. The way things are going these days, the people doing the "verification" might not be up to it though. Peer review and independent scrutiny of these things is essential. The point I was trying to make through use of polemic was that some standards are very low these days, and frequently the people who put themselves in charge of upholding the standards aren't as clever or thorough as they think they are.
(Score: 0) by Anonymous Coward on Saturday February 03, @04:05PM
That thing attached to my heart, my aorta?
Got billions of copies of the source, but I'll need $$$ in machinery to read it, and even more to submit a patch.
