Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Encryption

Submission + - Pakistan Bans Encryption (techdirt.com)

An anonymous reader writes: After some rumors of this last month, Pakistan has now officially told all of the country's ISPs that they need to block all encrypted VPNs since content running over such things cannot be monitored by the government.

Comment Re:Pump User Here: (Score 1) 81

What else would a hack simulate but the signal source? In my first two instances, bad data is introduced, but there is no danger to the patient. In the third, bad instructions may be sent, but they are echoed by the pump before starting. In the fourth, you not only have to have a valid serial to simulate, but you have to address it directly to another serial.
Did you read the article? The would-be hacker HAS the serials of his own devices, and still hasn't figured out how to hack them.

Comment Pump User Here: (Score 1) 81

I realize many of these points are pointed out in the article, and I will be repeating them here for those of you who didn't read it:

There are several types of wireless communication built into my pump (A Minimed 722 with a CGMS sensor):
1.) Sensor (inserted elsewhere into body) sends current glucose level to pump
- Requires the sensor serial to be entered into the pump
- If hacked, would report a false glucose level to the pump. The pump NEVER acts on it's own, it only informs you of what the level is, so no danger. Also, for any treatment you are supposed to double check the level with a finger-poke as below.
- Also, if a level is reported that is out-of-pattern with the rest of values that the pump has been receiving, the pump assumes that the sensor is out of calibration or failing, and has you re-calibrate the sensor with a finger-poke.

2.) Meter (regular old finger-pokes) sends current glucose to monitor
- Requires meter serial to be entered into the pump.
- If hacked, the meter and the pump would show different numbers, making the manipulation obvious. Also, if someone randomly started sending values to my pump, I would know due to the fact that I wasn't currently checking my glucose.

3.) Remote sends instructions to deliver insulin
- Requires remote serial to be entered into pump
- Pump still vibrates/beeps to confirm delivery and dosage. Not exactly discrete.
- I'm not sure what other safeguards this has. I don't use it. I do know that if you don't have any serial numbers entered, it turns this feature off.

4.) USB Device gathers reports/programs pump
- Requires pump serial to be entered into computer.
- The 'USB Device' mentioned in the article is almost certainly a Carelink USB Upload device, used to upload data from the pump to a computer for gathering reports on glucose trends, patterns, other ways to fine-tune your treatment.
- I do know that these CAN be used to upload new settings to the pump, as I've seen them do it at my doctor's office.
- User software doesn't feature upload capability, so hackers would need to steal a copy of the 'pro' software from a doctor's office (additional security through obscurity?)

Of the four, the last two are the only ones that could alter insulin delivery, and the last one is the only one that would do it without notifying the user. You would have to develop a profile that had a high basal rate (background, continuous insulin delivery). Again, you would still need to get the serial number off the pump to initiate the upload.

Comment Actually (Score 1) 270

I've just been looking at this for the past week or so, too! I've been looking at doing something like this for a while, and finally decided to order one of the cheap ELM327 clones off ebay for ~$20. I've been having a terrible time finding anything as far as decent free software for it. Scantool does offer a free version, but I can't get it to compile. The only thing that I've heard consistently good comments about is GPSDrive, but I haven't had time to fight to get that to compile either.

In the 'Stuff to watch' category though, I've found this developer working on hacking his GM HSCAN bus to the point that he can remote start his car from his Android phone with a bluetooth OBDII dongle. He's working on releasing a couple of Android apps, but everything looks good so far. Website http://gtosoft.webs.com/ and Blog http://gtosoft.blogspot.com/

Comment Re:Welcome to 1995 (Score 1) 254

...what we can do for free without their hardware (yeah, Verizon, I'm looking at YOU).

In some cases, we can do it for free WITH their hardware, too. I had a Motorola E815 a few years ago. Motorola designed it with a bunch of features (Bluetooth OBEX, microSD usage, Dialup tethering, music player off internal memory, etc.) that Verizon disabled so that you would have to pay and use their Get It Now service.

Fortunately, it was fairly easy so seem-edit the phone, and with the USB tether for the phone and a few questionably-legal programs you could re-enable all of the features. If you were really dedicated to the task, you could mash some of the alltel firmware in, and run Java (though I never did).

I would have replaced it with another of the same model (it was falling apart from wear and tear), but of course it had been replaced by the 'newest and greatest.'

Oh, and the best part of the phone? It DIDN'T run Verizon's OS.

Comment Re:Doesn't need to be a spaceship (Score 2, Informative) 436

Actually, it looks like you're pretty close:

From http://en.wikipedia.org/wiki/DeLorean_time_machine#Operation

"As it accelerates, several rails around the body of the car glow blue, a wormhole generator on top of the car makes a wormhole in front of the car."

As I remember, the car does shoot a couple of sparks or something forward just before the jump.

Space

Submission + - Arecibo Observatory's Future in Doubt

NewYorkCountryLawyer writes: "The future is hazy for the legendary Arecibo radio observatory in Puerto Rico, a 'jewel of space instruments'. The New York Times reports that the National Science Foundation, which pays for the observatory's operation, has slashed Arecibo's annual budget from $10.5 million to $8 million, and may close it altogether in four years, imperiling its historic work, including its detection of the near-Earth asteroid KW4 eight years ago. "The planetary science community is in danger of losing one of its instrumental crown jewels," Donald K. Yeomans, a scientist at NASA's Jet Propulsion Laboratory, told the House subcommittee on space and aeronautics."
Media

Submission + - FOX News content too racy for Digg and YouTube (bravenewfilms.org) 1

Leighton Woodhouse writes: "Hi, my name is Leighton Woodhouse and I'm the Communications Director at Brave New Films. Last week, we had an experience with our latest YouTube video release that we thought you might be interested in hearing about.

The editors at Digg.com temporarily banned Brave New Films from posting on their site, and YouTube flagged our latest video as inappropriate for minors. We've been penalized for submitting "Adult Content" to each of the web sites.

What did we post? Clips from FOX News.

A little background: Brave New Films is the producer of "OutFoxed: Rupert Murdoch's War on Journalism." Following on the success of that feature length documentary, BNF has been busy producing short online videos highlighting FOX's flagrant biases and the speciousness of its claim to be a real news organization. The series is called "FOX Attacks."

We've produced videos focused on FOX's racism, its warmongering, its global warming denial, and numerous other issues. Our latest video, which has garnered well over half a million views and counting, focuses on FOX's technique of driving up ratings by featuring explicit sexual content, frequently in stories denouncing the moral depravity of the "liberal media" for broadcasting that very material. The video, as you will see, masquerades as adult entertainment:

http://foxnewsporn.com/

You might wonder, as we did: Are the editors at Digg and YouTube just clueless, and incapable of understanding parody? After all, we weren't posting actual "adult content," just content lifted from FOX News programs that we facetiously labeled X-rated. Right?

Apparently not, according to one such Digg editor, who patiently explained to us that "that submission was Adult content. Yes, it was against our TOS, even though it was broadcast on FOX."

We thought we were doing parody, but apparently we weren't. According to Digg, FOX News IS porn. No irony necessary.

Our question is: Could Digg have banned BNF to cozy up to the News Corp., owner of FOX News, which they're rumored to be courting for a possible acquisition?

http://www.techcrunch.com/2006/10/24/digg-does-the-acquisition-dance-with-news-corp/

Our privileges have now been reinstated at Digg, after we were forced to promise that we wouldn't post FOX News' inappropriate content again. And after a minor rebellion by Digg users, Digg founder Kevin Rose was even forced to post a personal apology for censoring us.

YouTube, however, still has our sample of FOX News' footage behind an adult content firewall.

If you're interested in learning more about this story, please let me know. We'd like people to learn about this ridiculous episode, and I'm happy to help however I can."

Slashdot Top Deals

Get hold of portable property. -- Charles Dickens, "Great Expectations"

Working...