University of Washington CSE PhD student Dan Halperin et al.‘s paper on the security and privacy for pacemakers and implantable defibrillators just received the Best Paper Award at the annual IEEE Symposium on Security and Privacy (a.k.a. the “Oakland” conference).
Dan and the rest of the team from UW, UMass Amherst, and Harvard Medical School found that an implantable cardioverter defibrillator can leak private information and can allow unauthorized parties to modify settings that control, among other things, shock therapies.
You can read Dan’s full paper and the FAQ, as well as his earlier work on the topic of medical device security. You can also read summaries of Dan’s work in The New York Times, the Wall Street Journal, Reuters, and the Associated Press. Bruce Schneier also provides excellent commentary.
Congratulations Dan!
Great paper Dan. I see it too as a matter of time before pacemakers become more advanced with wifi type technology to report its status and or to control even its functions. When that happens I wonder how secure it will become, will it have RSA style encryption: http://www.paloneks.ca/ Palonek Security Wiki