Interoperable Telesurgery Protocol Plaintext Unauthenticated MitM Hijacking

So, run it over a VPN.<p>I&#x27;m not saying that they shouldn&#x27;t add security to their protocol, but I can think of several ways off the top of my head to stay secure. The application-layer protocol doesn&#x27;t have to be the one to implement it, network-level encapsulation can help you there.<p>I&#x27;m not sure how old the protocol is, but perhaps it was more important to get it working and wrap it in a VPN and then iterate on that design.

Did some digging on this. Basically: 1) Some researchers wrote a paper called &quot;Preliminary protocol for interoperable telesurgery&quot; in 2009. (<a href="http:&#x2F;&#x2F;citeseerx.ist.psu.edu&#x2F;viewdoc&#x2F;download?doi=10.1.1.160.867&amp;rep=rep1&amp;type=pdf" rel="nofollow">http:&#x2F;&#x2F;citeseerx.ist.psu.edu&#x2F;viewdoc&#x2F;download?doi=10.1.1.160...</a>) 2) At the end of the paper, they write: &quot;Also, security is an obvious requirement for real world adoption of this kind of service.&quot; 3) Last month, some other people showed that you could hax0r this unprotected protocol: <a href="http:&#x2F;&#x2F;www.technologyreview.com&#x2F;view&#x2F;537001&#x2F;security-experts-hack-teleoperated-surgical-robot&#x2F;" rel="nofollow">http:&#x2F;&#x2F;www.technologyreview.com&#x2F;view&#x2F;537001&#x2F;security-experts...</a><p>So in other words, somebody demonstrated that a preliminary protocol that admitted it didn&#x27;t have any security was insecure. Woo!

I access the site and get:<p>Checking your browser before accessing osvdb.org.<p>This process is automatic. Your browser will redirect to your requested content shortly.<p>Please allow up to 5 seconds… DDoS protection by CloudFlare Ray ID: 1eaaa26e86870920<p>have I gone back in time to 1995?

Authentication and encryption are hard problems. They&#x27;re also solved problems (for some definition of solved). Like any other protocol, it should concentrate on solving its own problem well and leave unrelated problems to others.

Make a great major news story. I can think of almost nothing more terrifying than being naked on a table with some random haxxor operating a rogue telesugery robot over me. Makes even normal surgery sound good.

There is nothibg wrong with text, some of the intended uses of the protocol are over rs232.

wow, too lame