The FDA is finally doing something about the medical device security dumpster-fire


#1

Originally published at: https://boingboing.net/2018/04/20/say-cyber-again.html


#2

Have they even fixed the floor cleaner problem? :smirk:


#3

acronym needs more letters


#4

The problem with public-private partnerships is they’re halfway to regulatory capture from the moment of inception. (That’s not to say we should pre-judge this effort, but rather we should be prepared to judge it.)


#5

Mandating firmware updates is going to get a lot more disquieting as the availability and complexity of neurally interfaced devices increases.


#6

Improving security by having all passwords set to the impenetrable pA$$w0rD.


#7

"they may choose to address potential defects by sandboxing or airgapping devices, rather than by updating them "

Not a bad solution. The need for medical devices to be networked may be overrated.


#8

You can be assured Trump will do something about this. Can’t have any pesky regulations cutting into corporate profits.


#9

It looks to be beautifully designed to be a memory hole for security flaw reports. With, of course, devastating penalties for even mentioning discoveries in any unofficial way.


#10

Most critical devices already have a functional air gap design built in. Pacemakers for example have an underlying hardware-only, uneditable set of parameters that are enabled whenever there is a fault or unknown validity of the programmed settings. It can’t be hacked and represents a safe mode of operation. It isn’t ideal for all patients, but it’s safe until they can be seen and the problem diagnosed.

Recently, devices like hemodialysis and infusion pumps have introduced similar designs. These were mandatory changes drafted by industry/clinical working groups and adopted as guidance by FDA.


#11

C4nn0+ 4v7h3n7|Ka73 H3VRT: Switching to Hatsune Miku Live! Show Function
License Exceeded: Heart 5 ‘Gladiola Pony’ refused.

My fave today from Advanced Electronic Materials is the SrPbI3 component (not sure it was Sr) of some new memristor nvRAM that, as part of disposable electronics, would -Dissolve in DI water- in about 60 seconds. I had hoped that their going on about transient behavior was about protecting the cool components by failing replaceable, but not so much! On the other hand the homeopathic cure for not having forgot the horrors of Film 244 (Avenger’’'s Lead Humbucker) production might work too well.


#12

Holy carp, electronics that dissolve in water? What happens to the metals?


#13

If it took off like those 20-90 layer flash things, either it would wick in and stay until the waste stream got to it, or maybe IT would insist on drawing off the memory stuff and bootstrapping some derring-do like their CTO is Magneto, but for II-IV-VII hydrites.
What’s the lede though, ‘We can forget about it for you wholesale?’ ‘The Party are confident you can think of something to call yourselves that rolls off the tongue easier than Uiguhr, all the rating is just to workshop that.’ ‘Instagram it naked from your own memory after a few years, why don’t you?’


#14

This topic was automatically closed after 5 days. New replies are no longer allowed.