SoylentNews

Phoenix666 [soylentnews.org] writes:

A computer security researcher has probed the communication protocols used by her pacemaker – and hopes her findings will raise awareness of just how much info medical devices are emitting.

Marie Moe received her pacemaker four years ago after she experienced a form of arrhythmia [nih.gov], and her heart began to slow.

Soon after, she sought out the manual for her closed-source device – and enlisted the help of Cambridge University industrial control hacker Eireann Leverett to find out more about the vital gizmo that keeps her heart beating normally.

Moe, once of Norway's Computer Emergency Response Team, found the device had two wireless interfaces: some near-field communications (NFC) electronics used to exchange data with medical equipment during hospital check-ups, and another system for communicating with a bedside device.

Leverett says the bedside unit passes sensitive medical information about herself from her pacemaker to remote servers, and finally to her doctor's workstation, via communications channels from SMS and 3G to the standard internet. Leverett fears these channels are not necessarily secure, and the servers are often held in foreign countries – which all in all is a headache for privacy.

Seems she's missed the opportunity to do cool stuff like program in a meditation mode.

Original Submission