back to article Security bod watches heart data flow from her pacemaker to doctor via ... er, SMS? 3G? Email?

A computer security researcher has probed the communication protocols used by her pacemaker – and hopes her findings will raise awareness of just how much info medical devices are emitting. Marie Moe received her pacemaker four years ago after she experienced a form of arrhythmia, and her heart began to slow. Soon after, she …

  1. Anonymous Coward
    Anonymous Coward

    "The life of our patients is at stake"

    Don't Amazon et al make it pretty clear that their services are not to be used for anything medical, ever, nosireebob? I thought pretty much everything throws that disclaimer out now.

    So is this company operating illegally? It's certainly operating unethically if it's relying on a third party with whom they have no 100% uptime contract and lives are on the line.

    Any idea which company it is? I'd like to make sure I avoid them...

    1. Roq D. Kasba

      Re: "The life of our patients is at stake"

      I agree, it sounds criminally negligent to me.

      If any system requires any kind of guaranteed uptime, it had better fail over automatically into autonomous, old-fashioned mode.

      I can see a future for smart embedded medical devices, but it seems even further off than getting your lightbulb and fridge on the same secure protocol - a market that's so fragmented and leaky it's simply not worth even getting started with it.

      1. Anonymous Coward
        Anonymous Coward

        Re: "The life of our patients is at stake"

        And any system that cannot afford to fail had better not have superfluous bells and whistles that can either go wrong themselves, or increase the complexity of the electronics and software forming the critical components.

    2. Doctor_Wibble

      Re: "The life of our patients is at stake"

      > services are not to be used for anything medical, ever

      I think you're right that this kind of disclaimer has been around for a long time now - even ones about not using software for nukular doodad control thingummybobs have been around for at least 15-20 years (when did Java come out, I'm sure early Java was the first time I saw one of these though that may just be because it was the first time I was ever actually required to read one of these things, thankfully back when a licence agreement could still fit on a single bookshelf).

      1. Anonymous Coward
        Anonymous Coward

        Re: "The life of our patients is at stake"

        I'm sure early Java was the first time I saw one of these

        All Sun software/hardware had them, from the early days of the first workstations. Rightly so, I would not want my life or my reactor to be controlled by any variety of off-the-shelf Unix! "panic" would never be more appropriate...

    3. Anonymous Coward
      Anonymous Coward

      Re: "The life of our patients is at stake"

      Frightening. If you read down the thread, another user points out that AWS isn't supposed to be used for anything life-critical - to which our hero replies:

      Well, it is supposed to be reliable...

      Should I ever have need for such a device, I really hope that this fucking idiot had nothing to do with it.

      1. Stuart Castle Silver badge

        Re: "The life of our patients is at stake"

        Re: "Well, it is supposed to be reliable..."

        My iPhone and iPad are quite reliable, but that does not mean I'd trust iOS to run equipment that my life depended on.

    4. Michael Wojcik Silver badge

      Re: "The life of our patients is at stake"

      It reminds me of Larry Niven's "The Ethics of Madness", a (long) short story from 1967. The plot is triggered by a malfunctioning automatic drug-dispensing machine.

      It's an interesting story for people in IT, as much because of how its predictions do and don't match what's happened in the past 48 years. A key aspect (not much of a spoiler, since this is revealed in the first couple of pages) is that the setting is a future which features, among other things, FTL spaceflight, psychoactive drugs which can control severe paranoid schizophrenia with no noticeable side effects, and desktop machines which not only can dispense such drugs but give the patient a manicure in the process.1

      What it doesn't feature is decent user interfaces, fail-safe mechanisms, or LEDs. Its want-of-a-nail failure cascade begins when a warning lamp on the "autodoc" fails to light because it's a decade old and has burned out.

      So on the one hand, it's way off regarding the sophistication of our user interfaces. We're a long way from magical treatments for psychosis, hopefully a long way from robot manicures, and probably forever away from FTL space travel;2 but even our refrigerators are available with much better error-reporting mechanisms than a single pair of red/green indicators. And, of course, we have LEDs.

      On the other hand, it's pretty prescient in guessing that the people who design medical technology will make awesomely stupid choices about safety and failure modes.

      1I'll use a robot car if I must, but no way in hell am I getting a robot manicure.

      2Them's the breaks, kids.

      1. allthecoolshortnamesweretaken

        Re: "The life of our patients is at stake"

        Niven is always worth a read.

        Me, I'd rather take my chances with the robot manicure than a self driving car. Far, far fewer parameters to take into account, hence less prone to fuck-ups.

        BTW, that reminds me: last week I read "Lock In" by John Scalzi. I can highly recommend it. Anyway, in this future self driving cars are a reality. When a rookie FBI agent gets into a car with his new partner for the first time he wonders why she is disabling the autodrive function. To which she replies that this is a bureau car, and no, you really don't want the autodrive from the lowest bidder.

        http://www.goodreads.com/book/show/21418013-lock-in

  2. Anonymous Coward
    Anonymous Coward

    Windows 10 forced update

    ... convergence of devices ....

    ... no more turning off "critical updates" ....

    [insert very short steps ]

    ... "she nearly died going the steps at covent garden station, her pacemaker's software was mis-configured".......

    I might just start a linux of medical devices, so that we can write our own damn pacemaker software*

    (*I am quite likely to need one in the future, i have a dicky heart)

    1. TRT Silver badge

      Re: Windows 10 forced update

      Open source surgery?

  3. JimmyPage Silver badge

    "Homeland"

    of course, this is no news to anyone who saw season 2 of Homeland ... 3 years ago.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Homeland"

      I've also seen these devices sent haywire by the security scanners at the exit of some shops.

      Another reason why TASERs should be used sparingly as anyone with a pacemaker or neurostimulator could die after being hit by one.

      1. The First Dave

        Re: "Homeland"

        "Another reason why TASERs should be used sparingly is anyone could die after being hit by one."

        FTFY

  4. Herby

    These are really interestng devices...

    I worked on a Pacemaker project about 17 years ago, and they used a CMOS version of a 6502 chip inside. I believe that the communication was through induction coils (which are VERY close range). The code used all sorts of tricks to get its job done, some of which I feel are dubious at best. My job as as a tester to make sure that one could make every line of code executed somehow. It did all sorts of marvelous things, and was not the easiest piece of software to get your arms around. The testing facility was a bunch of WinNT boxen (4) to control various aspects of the test. They really wanted to make it through.

    Of course there is "Dick Cheney" mode that TURNS OFF all RF communication. He didn't want to be dispatched electronically (like the movie).

    Oh, they also included a laptop with each pacemaker that had the control software. It was relatively cheap inclusion compared to the total cost (around $20k if I remember correctly).

    1. Anonymous Coward
      Anonymous Coward

      Re: These are really interestng devices...

      The ones I work with are still like that. I don't know if that's more predominant in Europe or if the market's changing and they'll all become walking security nightmares.

  5. SuccessCase

    I think it's quite brave talking about security flaws in your pace-maker at a hacker conference. Yes it's human nature that most people want to do good. Yes there are very few people and/or hackers that are destructive and black-hat hackers of the "random acts of vandalisation" kind are far fewer than most in general society suppose (and less likely to be at conferences than say, white hat hackers). But still, they do exist and she's probably made some of the few that do curious if they might just be able to...

    1. I. Aproveofitspendingonspecificprojects

      Insert clause here:

      > Yes it's human nature that most people want to do good.

      The problem is that if you catch them young enough or dumb enough they will hand over liability if they accept the terms of "a "good" cause".

      It wasn't all that long ago the the default for expert medical advisers was set to: "Lie". Anyone here remember the 1970's? (Or was it back in the 1960's that the ethics of telling the truth to people was debated for the first time?)

      Even today if you write to a company or government agency the first reply will attempt to condition you to behave. That's if you get a reply. If you hit one of their battleships their first reply will be no reply.

      All you base are belong fucu this our game longtime.

  6. xeroks

    " making her nearly collapse after climbing stairs at Covent Garden station."

    Aren't those the ones that go up 10 storeys? If so - they are a serious workout, little wonder she had problems.

    1. Roland6 Silver badge

      Re: " making her nearly collapse after climbing stairs at Covent Garden station."

      I would hope she was referring to the short flight of steps from the platforms to the lifts and not the emergency spiral staircase of 193 steps (the equivalent to a 15-storey building)...

  7. Flywheel

    What's the worst that could happen?

    a) Prominent politician receives implanted medical device, and the event is publicised prominently;

    b) The "enemy" (whoever they are) gets to find out...

  8. En_croute
    Happy

    UK fitted pacemakers (well, from 5 years ago) don't have WiFi as standard. Only devices that need regular controlling have this functionality. I checked, mine does not come up on any scan (yet)!

    I seem to remember you published a Pacemaker WiFi hack article back in 2008... http://www.theregister.co.uk/2008/03/12/heart_monitor_hacking/

    Mine's the white coat with the stethoscope

  9. Anonymous Coward
    Anonymous Coward

    "Why won't this compile?"

    Anon because I worked with many pacemaker software engineers... and wow... I would NOT want to my heart to be running their software. Almost all of them seemed clueless about software (see title). Hopefully it was a case of one or two good guys carrying all the muppets for the embedded stuff. I am always amazed at how long and far you can go in this industry *as a software engineer*, whilst still being unable to write any working code at all. And to be honest, I am quite pissed off at it.

    I did not work on the pacemakers, but on another class 3 device, with the same people.

  10. Daedalus

    It gets better

    After the sales droids have dragooned the offshore programmers into handing over whatever they've got so far and the device is certified, you can't actually update the code without going through the certification process all over again. Which tends to make people unwilling to update software. Or even admit there's a problem.

    1. Anonymous Coward
      Anonymous Coward

      Re: It gets better

      Then the certification process needs a pacemaker ...or a plug yanked. --Capt. Obvious

  11. Anonymous Coward
    Anonymous Coward

    Can also be used for good

    Seeing what personal medical devices can be programmed to do can be used for both bad, knock out someones pacemaker, or good , build your own artificial pancreas for type 1 diabetes.

    Yes it has been done, closing the loop between a continuous glucose monitor and an insulin pump. These are still in research labs, hospitals and someones pocket with a raspberry pi

    raspberrypi.org/blog/artificial-raspberry-pi-pancreas

    If you don't want to go the whole hog and have an automatic closed loop someone has worked on a system where it gives suggestions on how to alter insulin dosing and so a human closes the loop

    hypodiabetic.co.uk/home/blog/diabetes-life/5-months-with-happ-diy-artificial-pancreas

    Both these people are trying to do something now to make their lives with type 1 diabetes easier without having to wait for the regulators to approve something, I applaud them for it but may not yet go quite as far as that with my use of insulin pumps and continuos monitoring.

    1. SolidSquid

      Re: Can also be used for good

      And if you get bored you can play some Doom on your pancreas

  12. Ken Moorhouse Silver badge

    Overclocking

    Will this be the next big update for your pacemaker?

    "Increased performance or your money back"

    "Lifetime guarantee!"

  13. PeterM42

    I'll just change the channel on this router.......

    .....cough, choke......URGH!

  14. Anonymous Coward
    Anonymous Coward

    Vendors ....

    > "As a patient I am expected to trust that my device is working correctly and that every security bug has been corrected by the vendor, but I want to see more testing and research [because] we can't always trust vendors."

    You can never trust vendors.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like