"Holypager", an artwork that eavedrops on unecrypted pager messages

Originally published at: https://boingboing.net/2017/12/28/holypager-an-artwork-that.html

Medical records archives are notoriously insecure. That said, reading pagers would be an incredibly cumbersome and inefficient way to steal patient data when you can just hack a medical database.

2 Likes

I suspect that it isn’t the biggest risk from a compromise standpoint(at least for people boring enough not to send paparazzi after, this isn’t an expensive or difficult attack by those standards); but I imagine that from a compliance standpoint it looks bad.

EMRs are notorious for failing at actually being secure; but their operators can incur legal exposure if they don’t follow a suitably cumbersome set of best practices for being insecure. It is hard to imagine that broadcasting a steady drip of plaintext meets even the most minimal standards of diligent incompetence.

(One also wonders, given the large number of structures conveniently built for good RF coverage, steady power, and decent backhaul; among other mounting sites, if the fact that eavesdropping on cleartext pager traffic is probably legal; unlike breaking into even pitifully defended but CFAA-covered computer systems, has made doing it in bulk worth the while of some creepy data broker types. The protocols were designed with fairly minimal bandwidth in mind; so dumping all the chatter to disk just in case someone can think of something profitably unethical to do with it would be comparatively inexpensive.)

Every year I get the HIPAA training, and every year I wonder why anybody would want to steal medical data? I mean sure, if it happens to tell you Congressman Bork has one month to live, maybe you could… I dunno, place some bets? Is there a bookie for dead congressmen? But really, all you’re likely to see is Mrs Grundy takes levothyroxine, which is about as boring as data can be.

1 Like

Given the enthusiastic market for ‘prescriber reports’ used to calibrate drug marketing and judge its effectiveness; I suspect that someone is quite interested in that. Only question is whether they are already getting it in more convenient form from one of the aggregators involved; not whether they care.

1 Like

Courts have never been shy about insanely broad interpretations of the CFAA. Without expensive legal representation (of the sort that News Corp can afford after it hacks the phones of dead soldiers, terrorist attacks victims, and obstructing a pedophilia murder investigation for a scoop), you can get locked up or driven to suicide to further a sociopathic prosecutor’s career even if you do nothing actually illegal. As such, I wouldn’t count on the courts excluding pager networks from the CFAA.

Self-evidently as this artwork demonstrates. Making useful sense of the data however would take a large team of people drudging through it and trying to put the mother of all puzzles back together with no promise it will contain anything valuable. Databases are only useful because they’re indexed and organized.

It’s HIPAA, not HIPPA

1 Like

Blackmail over std’s, recovery treatment - therapy. Prospective employers trying to not hire people with conditions or lgbt people. Alt right targeting people over lgbt status, whether they’ve had an abortion.

2 Likes

I also wouldn’t talk about it in mixed company if I were listening to this sort of ‘we assume it’s secure because we can’t see it’ traffic; but given their lobbying clout, I suspect that some of the potentially interested parties would be well into the Murdoch zone of substantial impunity.

As for utility; I suspect that pager traffic is among the dirtier options(obtaining it from the entities that purchase it from pharmacies is probably a lot more neatly formattted); but it isn’t without its virtues: much less cumbersome than ingesting paper records, since it’s all digital and a mixture of text and assorted codes and control characters, no audio to deal with; and since the design of the pager system relies on the broadcast indicating exactly which pager a given message is for, so the others can ignore it; which offers a very handy layer of metadata to help organize the chatter.

Persistent (to the degree the hardware survives) identifiers; timestamps and recipient IDs on all messages(though location data isn’t terribly granular, messages are broadcast and client devices don’t transmit); and it’s a boring-but-important legacy thing which probably means that heavy users don’t change behavior/switch vendors/etc. all that rapidly.

As noted; probably not the best option if you have alternatives; but for what little it would cost to systematically collect it is unlikely to be anywhere near the top of the list in terms of worthless logs people keep.

Clever.  

This topic was automatically closed after 5 days. New replies are no longer allowed.