The debate here isn't about hacked firmware. The firmware isn't updatable, just the settings, either through the wireless or otherwise. I'm sure they could probably flash it back at the factory, but there's no way for me or my doctor to do it.
What else would a hack simulate but the signal source? In my first two instances, bad data is introduced, but there is no danger to the patient. In the third, bad instructions may be sent, but they are echoed by the pump before starting. In the fourth, you not only have to have a valid serial to simulate, but you have to address it directly to another serial.
Did you read the article? The would-be hacker HAS the serials of his own devices, and still hasn't figured out how to hack them.
I realize many of these points are pointed out in the article, and I will be repeating them here for those of you who didn't read it:
There are several types of wireless communication built into my pump (A Minimed 722 with a CGMS sensor):
1.) Sensor (inserted elsewhere into body) sends current glucose level to pump
- Requires the sensor serial to be entered into the pump
- If hacked, would report a false glucose level to the pump. The pump NEVER acts on it's own, it only informs you of what the level is, so no danger. Also, for any treatment you are supposed to double check the level with a finger-poke as below.
- Also, if a level is reported that is out-of-pattern with the rest of values that the pump has been receiving, the pump assumes that the sensor is out of calibration or failing, and has you re-calibrate the sensor with a finger-poke.
2.) Meter (regular old finger-pokes) sends current glucose to monitor
- Requires meter serial to be entered into the pump.
- If hacked, the meter and the pump would show different numbers, making the manipulation obvious. Also, if someone randomly started sending values to my pump, I would know due to the fact that I wasn't currently checking my glucose.
3.) Remote sends instructions to deliver insulin
- Requires remote serial to be entered into pump
- Pump still vibrates/beeps to confirm delivery and dosage. Not exactly discrete.
- I'm not sure what other safeguards this has. I don't use it. I do know that if you don't have any serial numbers entered, it turns this feature off.
4.) USB Device gathers reports/programs pump
- Requires pump serial to be entered into computer.
- The 'USB Device' mentioned in the article is almost certainly a Carelink USB Upload device, used to upload data from the pump to a computer for gathering reports on glucose trends, patterns, other ways to fine-tune your treatment.
- I do know that these CAN be used to upload new settings to the pump, as I've seen them do it at my doctor's office.
- User software doesn't feature upload capability, so hackers would need to steal a copy of the 'pro' software from a doctor's office (additional security through obscurity?)
Of the four, the last two are the only ones that could alter insulin delivery, and the last one is the only one that would do it without notifying the user. You would have to develop a profile that had a high basal rate (background, continuous insulin delivery). Again, you would still need to get the serial number off the pump to initiate the upload.
In the 'Stuff to watch' category though, I've found this developer working on hacking his GM HSCAN bus to the point that he can remote start his car from his Android phone with a bluetooth OBDII dongle. He's working on releasing a couple of Android apps, but everything looks good so far. Website http://gtosoft.webs.com/ and Blog http://gtosoft.blogspot.com/
...what we can do for free without their hardware (yeah, Verizon, I'm looking at YOU).
In some cases, we can do it for free WITH their hardware, too. I had a Motorola E815 a few years ago. Motorola designed it with a bunch of features (Bluetooth OBEX, microSD usage, Dialup tethering, music player off internal memory, etc.) that Verizon disabled so that you would have to pay and use their Get It Now service.
Fortunately, it was fairly easy so seem-edit the phone, and with the USB tether for the phone and a few questionably-legal programs you could re-enable all of the features. If you were really dedicated to the task, you could mash some of the alltel firmware in, and run Java (though I never did).
I would have replaced it with another of the same model (it was falling apart from wear and tear), but of course it had been replaced by the 'newest and greatest.'
Oh, and the best part of the phone? It DIDN'T run Verizon's OS.
The real choice is, do you adjust your battle plans to include all of your troops, or cut your force by one third?
"As it accelerates, several rails around the body of the car glow blue, a wormhole generator on top of the car makes a wormhole in front of the car."
As I remember, the car does shoot a couple of sparks or something forward just before the jump.
A verbal contract isn't worth the paper it's written on. -- Samuel Goldwyn