Announcement

Collapse
No announcement yet.

Hacking Can Kill Now

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • shrdlu
    replied
    Re: Hacking Can Kill Now

    Originally posted by streaker69 View Post
    How many security cameras watch the front desk at the Wardman Park Mariott? ;)
    In 2006, eight. I wasn't there this year, so I can't say whether the number's changed.

    Leave a comment:


  • theprez98
    replied
    Re: Hacking Can Kill Now

    Originally posted by streaker69 View Post
    How many security cameras watch the front desk at the Wardman Park Mariott? ;)
    Enough.

    Leave a comment:


  • streaker69
    replied
    Re: Hacking Can Kill Now

    Originally posted by theprez98 View Post
    I feel better knowing I'm not the only person who walks into a place and wonder how I might shoplift.
    How many security cameras watch the front desk at the Wardman Park Mariott? ;)

    Leave a comment:


  • theprez98
    replied
    Re: Hacking Can Kill Now

    Originally posted by 0x58 View Post
    This article seems to fit rather well in the discussion: http://www.wired.com/politics/securi...tymatters_0320
    I feel better knowing I'm not the only person who walks into a place and wonder how I might shoplift.

    Leave a comment:


  • 0x58
    replied
    Re: Hacking Can Kill Now

    Originally posted by theprez98 View Post
    Manufacturers don't think like we do.
    This article seems to fit rather well in the discussion: http://www.wired.com/politics/securi...tymatters_0320

    Leave a comment:


  • lil_freak
    replied
    Re: Hacking Can Kill Now

    Normally I don't post back to back however I thought for those of you who wanted more information on the tech I wear everyday here's a link Medtronic Minimed

    Leave a comment:


  • lil_freak
    replied
    Re: Hacking Can Kill Now

    Originally posted by Thorn View Post
    Yes, that would be you, lil-freak! I just didn't want to mention names without permission.

    Actually, I'd really like to explore the idea further. Can you send me some screen and/or packet captures?
    Once I get a chance to go home I'll grab those for you and send them your way Thorn.


    Originally posted by Renderman
    Anyone good at writing formal letters to see if we/I can get some of these devices to crank at since they seem so willing to discuss potential issues?
    I'm already working on this with one of my states local distributors for Medtronic. I soon as can get something the first one is yours Render.

    I'd send you mine but I had to pay out of pocket for it and for a wireless device the size of a silver dollar they currently run more than $3000.00 USD plus $350.00 USD a month for the sensors that have to be changed out every few days.

    Leave a comment:


  • renderman
    replied
    Re: Hacking Can Kill Now

    Anyone good at writing formal letters to see if we/I can get some of these devices to crank at since they seem so willing to discuss potential issues?

    Leave a comment:


  • theprez98
    replied
    Re: Hacking Can Kill Now

    Originally posted by Deviant Ollam View Post
    Creepy, creepy stuff to me. What the fuck is the big goddamn hassle with a mini-USB port on these devices? (Yeah, i get it... internal vs. external... but still)
    Manufacturers don't think like we do.

    Leave a comment:


  • Deviant Ollam
    replied
    Re: Hacking Can Kill Now

    I was actually going to guess that it would be some sort of monitoring equipment that is equipped to output dumps of data without the use of wires, etc. It makes the most sense that the biotech industry would first attempt WiFi or BlueTooth type radio on those devices. Of course, they'll say that these are just outputting simple data streams or XML whatnot... but still.
    1. How long until someone figures out that by associating with the device it's possible to do a lot more than just get simple figures but actually interact with the control systems or mess with firmware? (firmware updates are often the second thing that a manufacturer will start to play with over communication links... after data but before full control signaling)

    2. What about just good old information leakage? For instance, someone having a radio receiving in their office when interviewing job candidates... "well, he goes in the 'no' pile since we don't want someone with weak kidneys on the healthcare plan" Even worse... if you know the unique ID of someone's unit, you could do the sort of things we talk about concerning the risks of chipped passports, like setting an explosive or other terroristic-type of device in a lobby and triggering detonation only after a specific individual's short-range signal is seen appearing.

    Creepy, creepy stuff to me. What the fuck is the big goddamn hassle with a mini-USB port on these devices? (Yeah, i get it... internal vs. external... but still)
    Last edited by Deviant Ollam; March 19, 2008, 12:17.

    Leave a comment:


  • Thorn
    replied
    Re: Hacking Can Kill Now

    Originally posted by lil_freak View Post
    That would have been me with my "Medtronic" Insulin pump and continuous glucose monitor. Like last year I will only be wearing the pump and leaving the wireless glucose monitor at home for defcon.

    You would think Medtronic would be more concerned, but that might be why a few of their products are not covered by insurance companies yet. Which sucks if you need said product/device, I have great insurance and they cover all of my stuff at 100%, however they will not cover the glucose monitor until more studies and upgrades to fix problems have been done.
    Yes, that would be you, lil-freak! I just didn't want to mention names without permission.

    Actually, I'd really like to explore the idea further. Can you send me some screen and/or packet captures?

    Leave a comment:


  • lil_freak
    replied
    Re: Hacking Can Kill Now

    Originally posted by Thorn View Post
    Cardiac pacemakers/implanted defibrillators are just the latest incident of this and we should expect the trend to continue. At DC15, a member of the DC Forums showed that different type of medical device was showing up on some wireless programs.
    That would have been me with my "Medtronic" Insulin pump and continuous glucose monitor. Like last year I will only be wearing the pump and leaving the wireless glucose monitor at home for defcon.

    You would think Medtronic would be more concerned, but that might be why a few of their products are not covered by insurance companies yet. Which sucks if you need said product/device, I have great insurance and they cover all of my stuff at 100%, however they will not cover the glucose monitor until more studies and upgrades to fix problems have been done.

    Leave a comment:


  • Thorn
    replied
    Re: Hacking Can Kill Now

    Cardiac pacemakers/implanted defibrillators are just the latest incident of this and we should expect the trend to continue. At DC15, a member of the DC Forums showed that different type of medical device was showing up on some wireless programs.

    Leave a comment:


  • noid
    replied
    Re: Hacking Can Kill Now

    Originally posted by xor View Post
    The experiment required more than $30,000 worth of lab equipment and a continuous effort to interpret the data from the implant's signals.
    Remember when Sun SPARC 5's cost 10 grand? I'm sure this will be more of an issue in a few years when that 30K room full of equipment can be bought at Fry's for under 200 bucks and it fits in your backpack. Of course hackers aren't going to be running around flatlining people, but we'll get the heat when the criminal element does it.

    Leave a comment:


  • Greyhatter
    replied
    Re: Hacking Can Kill Now

    Medtronic, the industry leader in cardiac-regulating implants, said Tuesday that it welcomed the chance to look at security issues with doctors, regulators and researchers, adding that it had never encountered illegal or unauthorized hacking of its devices that have telemetry, or wireless control, abilities.

    "To our knowledge, there has not been a single reported incident of such an event in more than 30 years of device telemetry use, which includes millions of implants worldwide," said a Medtronic spokesman, Robert Clark. Clark added that newer implants with longer transmission ranges than Maximo also had enhanced security.


    If this hack was viable and had been used to derail a live subject before then....

    "If I needed a defibrillator, I'd ask for one without wireless technology."
    Last edited by Greyhatter; March 17, 2008, 21:01.

    Leave a comment:

Working...
X