<br><br><div class="gmail_quote">On Wed, Aug 31, 2011 at 1:49 PM, Mark Saad <span dir="ltr"><<a href="mailto:mark.saad@ymail.com">mark.saad@ymail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
On Mon, Aug 29, 2011 at 9:46 AM, Isaac Levy <<a href="mailto:ike@blackskyresearch.net">ike@blackskyresearch.net</a>> wrote:<br>
> On Aug 29, 2011, at 9:31 AM, Chris Snyder wrote:<br>
><br>
>> On Mon, Aug 29, 2011 at 9:08 AM, Isaac Levy <<a href="mailto:ike@blackskyresearch.net">ike@blackskyresearch.net</a>> wrote:<br>
>>><br>
>>> "Earlier this month, Jay Radcliffe, a computer security professional who is also diabetic, showed how an attacker could remotely control insulin pumps to deliver too much or too little insulin to the individual wearing the device."<br>
>>><br>
>>> <a href="http://www.wired.com/threatlevel/2011/08/medical-device-security/" target="_blank">http://www.wired.com/threatlevel/2011/08/medical-device-security/</a><br>
>>><br>
>>><br>
>>> Rocket-<br>
>>> .ike<br>
>>><br>
>><br>
>> Wow. That really pisses me off.<br>
><br>
> Indeed.<br>
><br>
>><br>
>> As in, everyone responsible for that product should be publicly<br>
>> humiliated and prevented from ever working on medical devices again.<br>
>> And how did it get licensed for use?<br>
><br>
> Not sure if this is a pleasing response, but:<br>
> "I wasn't scared, but I was up there looking around, I realised that I was sitting on a rocket with six thousand components, every one built by the low bidder."<br>
> - Alan Shepard, First American to go to Space<br>
><br>
> Rocket-<br>
> .ike<br>
><br>
><br>
> _______________________________________________<br>
> talk mailing list<br>
> <a href="mailto:talk@lists.nycbug.org">talk@lists.nycbug.org</a><br>
> <a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
><br>
My wife who is a diabetic heard about this and first said "why would<br>
he do that , now nothing will get approved by the FDA" . However she<br>
was looking into how she could listen to her wireless glucose monitor<br>
to have a desktop application that would show here count on the<br>
computer she was working at. My take on this is that the FDA should<br>
publish a RFC for wireless device communications and design a nice<br>
strict protocol for communications . The big issue I see here is each<br>
dumb pharma company wants to copyright their product to make the most<br>
money on their work. If they do a crap job no one will know they keep<br>
all of their work closed and private. With the network they use open<br>
and well designed and freely licensable , big pharma can concentrate<br>
on the nuts and bolts , the the over all quality of the mechanical<br>
parts in the devices, and the software.<br>
<font color="#888888"><br>
--<br>
Mark Saad | <a href="mailto:mark.saad@ymail.com">mark.saad@ymail.com</a><br>
_______________________________________________<br>
talk mailing list<br>
<a href="mailto:talk@lists.nycbug.org">talk@lists.nycbug.org</a><br>
<a href="http://lists.nycbug.org/mailman/listinfo/talk" target="_blank">http://lists.nycbug.org/mailman/listinfo/talk</a><br>
</font></blockquote></div><div><br></div><div>When I get older I will probably be on wiki's and php BB for tips on over-clocking my pacemaker :)<br></div><div><br></div><div>I feel that the consumer should not be able to demand a product to open source. This topic boggles my mind. I do believe open source make the best code, but I saw an apache/BSD licence on a pacemaker with that no warranty clause. I might opt for closed source. Also the domain specific knowledge of such a product is so large getting critical mass for an open source project seems difficult. </div>
<div><br></div><div>I do like your point about designing parts of the wireless protocol around RFC. </div><div><br></div><div><a href="http://www.wired.com/threatlevel/2011/08/medical-device-security/">http://www.wired.com/threatlevel/2011/08/medical-device-security/</a> <- This makes me think of sandra bullock and the net. My general perception is that the world is lax on computer security, then again this is just as true outside of computers. We all say things like "a real care thief can defeat this alarm" and most door locks can be foiled with a credit card. Can we hold medical devices to some higher standard when most of our non-technical friends will turn off their writeless-routers wap and security features just to make life that much easier?</div>