As per the other post:<p>tl;dr<p>Scott's most relevant points:<p>1. "This is a key fob that looks like a car alarm beeper that some pump users use to discretely give themselves insulin doses. However, I feel the need to point out as a pump wearer myself that:<p>Not every Insulin Pump has a remote control feature. Not every remote-controllable insulin pump has that feature turned on. Mine does not, for example."<p>2. "all he requires to perpetrate the hack is the target pump's serial number. This is like saying "I can open your garage door with a 3rd party garage door opener. Just give me the numbers off the side of your unit..."<p>3. If you are a diabetic on a pump who is concerned about this kind of thing, my suggestion is to turn off your pump's remote control feature (which is likely off anyway) and turn off your sensor radio when you are not wearing your CGM. Most of all, don't panic. Call the manufacturer and express your concern. In my experience, pump manufacturers do not mess around with this stuff. I'm not overly concerned.<p>--<p>Also - someone asked how much entropy was in the serial ID's on these units ?<p>Even if entropy is low are - how are you going to randomly select a person, and know their serial ID ? Unless you know what units are distributed to what hospitals/doctors - at exact times - at exact shipments and then from the sample delivered know the exact unit given to any person at any particular time.<p>Sure, if you know a "set of id's" you could try each one sequentially until you finally get a hit - but even then, you must somehow ensure the person being targeted has remote connection turned on. I'm pretty sure walking up to them and saying "oh, hai 'dere! ... plz turn on ur remotz connetz'n 4 me?" [ said in this voice - <a href="http://www.youtube.com/watch?v=xh_9QhRzJEs" rel="nofollow">http://www.youtube.com/watch?v=xh_9QhRzJEs</a> ] - is going to make them pretty suspicious.<p>There's a lot of "ifs" in there and frankly - if your aim was kill them - it would be a lot faster to do it some other way because to actually get all these things to line up perfectly .... your chances are pretty slim.<p>I'm a bit of sceptic on this 'hacking' - not to say that it's great that it has been uncovered - but your dealing with minute hardware where every single ms of processing power counts. Simple encryption should be utilized [but then this might be easily hacked anyway ?] but for units placed inside the body [pacemakers and the like] - splitting the units resources between keeping the patient alive vs. encryption for wireless protocols seems to weigh more heavily on the former than the later given how unlikely - for the majority of the world - these 'attacks' are going to be.
As a diabetic (something few of the posters seem to be) I find this discussion quite interesting if a little wrong in some of its assumptions. The first is the idea that turning off the pump will cause the wearer to expire. In most cases, not true. If you want to (and lets wave our magic wand and enable the hack skipping the tech problems mentioned) kill your target, you are going about it the wrong way. Don't turn off the supply---turn it up, way up. You need to create an overdose based on the size of the individual and their tolerance to insulin. Now without knowing the details of the pump industry, I'd guess that there are built in limiters concerning overdoses. This makes the problem far more challenging, even if you know the individual in question. How often do you discuss with your diabetic friends just how many units it would take to kill them? At a guess, even if you know they are diabetic, this is probably not part of normal conversation. There is also the assumption that the wearer never checks his equipment. In the single photo in the article above, I notice a screen crowded with information. Again jumping over the problems listed both in the article and here, the hack would have to adjust the display so as not to warn the victim. Given the in-ability to decipher the signals transmitted, this seems a bit problematic at best. No, I think the best method of attack is the one with a hammer---'Wow you wear a pump huh? Can I see it (victim looks down to pull up shirt) villain applies Maxwell's hammer as solution.'
The notion that you can kill a person with diabetes by hacking their insulin pump is absurdly ridiculous. I can't think of an insulin pump that does not have a setting to limit the maximum bolus. In addition, the setting typically has a sane value and is enabled by default. Further, when a pump is setup with a doctor/nurse practitioner, this value is set to number that is tuned to the person with diabetes. There is also feedback when the pump is delivering insulin. I know this is the case with Animas and Medtronic pumps.<p>So even if someone got in range, had your serial number, knew the protocol and attempted an insane dosage, the worst that would happen is someone didn't notice the delivery feedback and hit the max bolus. While this would be worst case breach, it is not lethal. Within an hour, the victim will feel hypoglycemic, check their blood glucose and correct it.
I'd have liked a medical approach to this FUD.<p>Can anyone with more insight than me (medical background perhaps? Or 'experienced' diabetic, since I think this leads to a specific background just as well) tell me what attack vector this could open?<p>I don't want to play this down, the argument just doesn't match with what I (think to) know, so - please educate me.<p>Isn't the maximum dose limited by the pump? And the models I've seen seem to take a long time to inject something (with a step motor, for these things).<p>What could you do to the 'victim'?<p>Supressing the basal/ongoing rate would send them on a high level of blood sugar, something that I'd expect leads to a very clear reaction: The person, if ~experienced~, will feel nasty, check the pump (maybe the battery died and you didn't hear the alarm. Maybe something with the injection needle went wrong), measure glucose level again and - depending on the result - apply a 'fast' insulin via direct injection. Am I glossing over something here?<p>Injecting a large(r) amount of insulin would, with a delay that seems to be related to the type of insulin used, send the person into dangerous low levels of blood sugar. Unless this hits at once though, I'd again expect the person to _know_ that there's something wrong if you start craving for every food you can imagine. Probably you'll feel like shit and start shaking etc. pp. I assume this is the more dangerous route, but again the first reaction is probably 'Fuck diabetes, what's going on with my levels', a check of the current sugar levels and direct counter measures (if it's not too bad: Juice, fructose etc. Otherwise you probably have again an injection nearby).<p>After typing all this I DO wonder what happens if someone causes this in your sleep though...<p>So - can someone tell me how wrong I am and tell me about the purely medical dangers?
I'm much less concerned about vulnerabilities which will allow people to kill me than about vulnerabilities which will enable people to steal my data or money.<p>There's far more people who want to steal my data or money than who want to kill me, and if somebody <i>does</i> want to kill me and can get within range of me then there's several thousand other ways to do it.
The gentlemen who wrote this post takes an approach I'm not comfortable supporting: The signal and commands haven't been successfully reversed engineered yet so this isn't a real threat.<p>A little bit about my background: 10+ years successfully (legally) reverse engineering software technology that required both client software and packet manipulation in industries that have been very proactive against it.<p>Seeing as the medical devices are hardware items issued to unique individual recipients the issue could easily be fixed with a 1024+ Public Private Key-Pair between the devices unique to each issuance.<p>However, this does nothing to protect the many millions of individuals, using today's devices, potentially exposed to the threat described by Jay Radcliffe.
I'm unsure where I stand on this subject, but this excerpt from Jaron Lanier's "You Are Not A Gadget" seems relevant:<p>"There are respectable academic conferences devoted to methods of violating sanctities of all kinds. The only criterion is that researchers come up with some way of using digital technology to harm innocent people who thought they were safe. ...<p>"If the same researchers had done something similar without digital technology, they would at the very least have lost their jobs. Suppose they had spent a couple of years and significant funds figuring out how to rig a washing machine to poison clothing in order to (hypothetically) kill a child once dressed."
To be honest, the facts are kind of boring, and the fear-mongering is kind of dramatic.<p>I can definitely see how, if they didn't care about the abstract concept of truth, people could prefer to pay attention to the fear-mongering.
This was the plotline of a 3rd season episode of Law & Order, "Virus". <a href="http://www.imdb.com/title/tt0629490/" rel="nofollow">http://www.imdb.com/title/tt0629490/</a>
The Weekly World News once reported that a new, deadly computer virus could make your computer explode. Seems sort of prophetic now, given the media frenzy. <a href="http://books.google.com/books?id=9ewDAAAAMBAJ&pg=PA40&lpg=PA40&dq=weekly+world+news+computer+virus&source=bl&ots=2G50Gert-I&sig=zuxQYUAqCz_Lzs7q5qnxTvJapo8&hl=en&ei=kQA8TqKGNuriiAKqkKz0Cw&sa=X&oi=book_result&ct=result&resnum=4&ved=0CDAQ6AEwAw#v=onepage&q=weekly%20world%20news%20computer%20virus&f=false" rel="nofollow">http://books.google.com/books?id=9ewDAAAAMBAJ&pg=PA40...</a>