Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Read my original comment:

  "2. "all he requires to perpetrate the hack is the target pump's
  serial number."

  Do we know how much entropy is in those? They could very
  well be sequential or date derived.
As you can clearly see, I am objecting to the apparent assertion that requiring the serial number should be considered a mitigating factor if we don't know anything about the entropy of these serial numbers. Without additional information, we should not be comforted by this.

Allow me to be perfectly blunt to get across my point once and for all: I don't give a shit about insulin. I don't give a shit about insulin pumps. I care misconceptions about security, and improper security implementation. This article serves as nothing to me other than a vehicle to discuss these things.

Most importantly: I am more concerned with your apparent suggestion that "a serial number is probably a sufficient shared secret" than I am with anything in the story. Serial numbers, as a general rule, make terrible shared secrets.



"more concerned with your apparent suggestion"

where have I made any such "apparent suggestion" in any of my comments. i haven't - i've stated that, and at least I believed I made quite clear, that the risk and practicality of using this hack is negligible. i haven't stated that it does not exist or that it should not be fixed. to the contrary - it should be fixed.

you're focusing on a singular aspect in a vacuum. "improper security implementation." - yes in this singular vacuum - you're correct and that's great - it's a concern. But what point is there focusing on security implementations in a vacuum when your dealing with real devices on real people and the practicality of using such improper implementations. The entire BlackHat conference is about exposing hacks in vendor-neutral software and devices that affect the real world. As I stated:

"Get realistic - security loopholes are only as important as what you are trying to practically protect and at what cost with what risk. This is what I am trying to make evident."

i'm focusing on the practicality in the real world as is the entire point of the BlackHat Security Conference. Arguably any device which opens itself to wireless communication could be hacked - and a device like this should have some cryptographic system requiring two separate keys - but at what practical cost is my point.

as hanslemen says in his article - the easiest way to resolve this is just to build in upper and lower limits of insulin delivery. at least you can't kill someone - but I acknowledge that even controlling it is a concern.

[peace, not trying to get all up and hot in here :)]




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: