[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4C4D6709.3000408@linuxbox.org>
Date: Mon, 26 Jul 2010 13:44:25 +0300
From: Gadi Evron <ge@...uxbox.org>
To: FunSec <funsec@...uxbox.org>, full-disclosure@...ts.grok.org.uk
Subject: Paper on the law and Implantable Devices security
A new research paper from the Freedom And Law Center deals with issues
that some of us keep raising these past few years, and does a good job
at it - bionic hacking (or cybernetic hacking if you prefer).
"Killed by Code: Software Transparency in Implantable Medical Devices"
outlines some of the history of these devices and even shows some cases
where devices have been recalled (likely due to software issues).
Some of the paper's recommendations are especially interesting, such as
to create a database of implantable devices code, so that if the vendor
disappears it can still be patched (I rephrased).
While unintentional, I am considered the father of this field (not that
I'm complaining) and I can't even begin to tell you how excited I am
that a field I have been evangelizing for some years now if finally
getting more attention -- even if from the legal standpoint with the
main concern of liability.
Still, I can't help but maintain some skepticism that before some
disaster happens (to us or others) this won't be taken too seriously.
The paper can be found here:
http://www.softwarefreedom.org/resources/2010/transparent-medical-devices.html
Here's a 2007 Wired article covering the subject from a talk I gave,
covering the subject from a different perspective:
http://www.wired.com/threatlevel/2007/08/will-the-bionic/
Gadi.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists