I was trying to link my headphones with my phone and a strange device was displayed. It looked like the ID for my wife's pacemaker. Is this possible if the pacemaker is quite close to the phone. I realise that it will only happen if the phone is searching.

kerryalan - 2021-09-17 09:19:00

I dunno is the pacemaker Bluetooth capable?

nice_lady - 2021-09-17 09:24:00

https://www.science.org/news/2015/02/could-wireless-pacemake
r-let-hackers-take-control-your-heart

gyrogearloose - 2021-09-17 09:30:00

gyrogearloose wrote:

https://www.science.org/news/2015/02/co
uld-wireless-pacemaker-let-hackers-take-control-your-heart[/
quote]

Thats BS. Yes, they are BT controlled but there is so much encryption involved that only a very dedicated device can 'talk' to the pacemaker.

tegretol - 2021-09-22 23:31:00

tegretol wrote:

Thats BS. Yes, they are BT controlled but there is so much encryption involved that only a very dedicated device can 'talk' to the pacemaker.

you keep believing that... For the entire history of IT, security has generally been one of the last factors considered in product development, usually because the security risks aren't apparent until some dick actually exploits them - much more important to get that 'killer' tech idea to market...

Besides social engineering is more commonly used than someone actually breaking encryption algorithms

Edited by king1 at 12:17 am, Thu 23 Sep

king1 - 2021-09-23 00:12:00

king1 wrote:

you keep believing that... For the entire history of IT, security has generally been one of the last factors considered in product development, usually because the security risks aren't apparent until some dick actually exploits them - much more important to get that 'killer' tech idea to market...

Besides social engineering is more commonly used than someone actually breaking encryption algorithms

I work in this area and would be 100% happy to have a BT pacemaker in me (if it was required). Do you know what the tech specs are wrt the encryption in these devives? Do you even believe that they are visible to other devices? Do you know what erp they are? Do you know how the r/w process takes place?

tegretol - 2021-09-23 09:17:00

Wear aluminised mylar suit, block the radio waves.

tygertung - 2021-09-23 09:17:00

tegretol wrote:

I work in this area and would be 100% happy to have a BT pacemaker in me (if it was required). Do you know what the tech specs are wrt the encryption in these devives? Do you even believe that they are visible to other devices? Do you know what erp they are? Do you know how the r/w process takes place?

It's irrelevant what I know of the technical specs of these devices, just as its irrelevant you 'working' in the area makes it any less plausible.

The underlying technology can always be exploited by people with the right incentives. Sure you and I probably aren't going to be targets, not worth the effort, but for some prominent business CEOs and Heads of State, it might be an attack vector worth exploring by a bad actor.

Another couple of real world examples - not theoretical, its real and happening...
https://www.wired.com/story/pacemaker-hack-malware-black-hat
/
https://www.cbc.ca/news/world/cybersecurity-heart-devices-im
plantable-1.3930997

Yes security of these devices will improve over time (hopefully), but calling it BS is just plain wrong and only contributes to the problem

Edited by king1 at 9:37 am, Thu 23 Sep

king1 - 2021-09-23 09:37:00

tegretol wrote:

I work in this area and would be 100% happy to have a BT pacemaker in me (if it was required).

I wouldn't. I was watching a paramedic doco yesterday and the poor guy was getting continual shocks, it's painful and dangerous, it was malfunction. So I went looking...and found a lot of articles on it...rather scary the stats...and sheer numbers of fails they get with these things. It is mainly the ones that shock your heart, not the ones that just keep a slow rhythm adjustment.

lythande1 - 2021-09-23 11:35:00

lythande1 wrote:

I wouldn't. I was watching a paramedic doco yesterday and the poor guy was getting continual shocks, it's painful and dangerous, it was malfunction. So I went looking...and found a lot of articles on it...rather scary the stats...and sheer numbers of fails they get with these things. It is mainly the ones that shock your heart, not the ones that just keep a slow rhythm adjustment.

You're talking about an ICD implant, not a regular pacemaker. And believe me, if you were in a position to choose whether to have an ICD, the alternative would likely be worse than the occasional (or even Rare) inappropriate firing of the device. Well, that's IMO anyway. Death, vs. the rare zap that wasn't meant to happen? Hmmmmm.....

Edited by lyl_guy at 12:27 pm, Thu 23 Sep

lyl_guy - 2021-09-23 12:22:00

kerryalan wrote:

I was trying to link my headphones with my phone and a strange device was displayed. It looked like the ID for my wife's pacemaker. Is this possible if the pacemaker is quite close to the phone. I realise that it will only happen if the phone is searching.

Yes it is possible in devices such as Medtronic that have the bluetooth capability to transmit data. It's not a problem, as it can't be used to 'connect' to anything other than the technician's app / device that they use to interrogate the data. Unless of course, as above, you're the POTUS (or similar) and a hacker is trying something dodgy, lol!

lyl_guy - 2021-09-23 12:27:00

i have a Medtronic pacemaker and use bluetooth speakers with no problems the advice i was given was to keep electronic devices at least 6 inches away from your pacemaker but i dont notice any difference

mouse265 - 2021-09-23 12:37:00

tegretol wrote:

I work in this area and would be 100% happy to have a BT pacemaker in me (if it was required). Do you know what the tech specs are wrt the encryption in these devives? Do you even believe that they are visible to other devices? Do you know what erp they are? Do you know how the r/w process takes place?

If it's broadcasting packets, it's “hypothetically” sniffible/crackible. That said, even publicly available PGP requires something in the order of 10 billion years to brute force, given the current state of computing. And then there are the non-public mil spec encryptions, which I'd think(guess) is more likely what's deployed in pacemakers. So yes, technically impossible.

However, as king points out the weakest link is the wetware, the people in the loop, always vulnerable to social engineering.

It's all a sliding scale of probability, like everything else.

ronaldo8 - 2021-09-23 12:45:00

So, who can pick up the BBC on their fillings then ?

ronaldo8 - 2021-09-23 12:47:00

lyl_guy wrote:

You're talking about an ICD implant, not a regular pacemaker. And believe me, if you were in a position to choose whether to have an ICD, the alternative would likely be worse than the occasional (or even Rare) inappropriate firing of the device. Well, that's IMO anyway. Death, vs. the rare zap that wasn't meant to happen? Hmmmmm.....

Shocking

ronaldo8 - 2021-09-23 12:51:00

https://trademe.tmcdn.co.nz/photoserver/full/1616369087.jpg

gyrogearloose - 2021-09-28 17:41:00

Someone should use google more before they spout off what they think is secure...
https://www.zdnet.com/article/black-hat-how-your-pacemaker-b
ecomes-an-unintended-insider-threat-in-secure-spaces/

https://www.wired.com/story/pacemaker-hack-malware-black-hat
/

bitsnpieces2020 - 2021-09-29 08:35:00