From: Cathal Garvey <[email protected]> >Without getting into the issue of whether patents encourage innovation.. >I do think that medical devices are a special case. If you have a heart >implant, that thing needs to be "unhackable", but also totally >verifiably safe. So there should be firmware signing, no mutable state, >verifiable memory safety...but the code should be open source, and if >need be the firmware signing key for each device (needs to be different >for each device!) should be accessible by a legitimate owner.
>So, no more remote-hackable heart implants, but doctors and cardiac >technicians can still apply critical patches and inspect the source for >sanity. It should be fairly simple to protect against heart-implant hacks. First, communication with them is probably limited to inductively-coupled signalling, at a fairly high level. Secondly, it should be based on a two-way challenge/response system: The external device signals a code, call it a password, to which the implant would respond with a reply, which itself includes a randomized code. The external device reads that randomized code, processes it in some way (presumably a hash), and retransmits it to the implant. Only if the implanted device receives what it considers the correct code, would it allow further manipulation. Presumably, any attempt to illegitimately access such a device wouldn't be close enough to read the implant's reply signals, and thus couldn't proceed further. "Do you have have a match?". "No, but I have a lighter". "Even better". "Until they go wrong". Jim Bell
