back

Unpatchable

Living with a vulnerable implanted device

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
01:00:15
Language
English
Abstract
Gradually we are all becoming more and more dependent on machines, we will be able to live longer with an increased quality of life due to machines integrated into our body. However, our dependence on technology grows faster than our ability to secure it, and a security failure of a medical device can have fatal consequences. This talk is about Marie's personal experience with being the host of a vulnerable medical implant, and how this has forced her to become a human part of the "Internet-of-Things".

Marie's life depends on the functioning of a medical device, a pacemaker that generates each and every beat of her heart. This computer inside of her may fail due to hardware and software issues, due to misconfigurations or network-connectivity.

Yes, you read that correctly. The pacemaker has a wireless interface for remote monitoring forcing the patient to become a human part of the Internet-of-Things. As a security-professional Marie is worried about her heart's attack surface. How can she trust the machine inside her body, when it is running on proprietary code and there is no transparency? This is why she went shopping on eBay to acquire medical devices that can communicate with her pacemaker, and started a hacking project together with her friend Éireann.

This talk will be focused on the problem that we have these life critical devices with vulnerabilities that can't easily be patched without performing surgery on patients, Marie's personal experience with being the host of such a device, and how the hacker community can proceed to work with the vendors to secure the devices.

Talk ID
7273
Event:
32c3
Day
2
Room
Hall G
Start
11 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Eireann Leverett
Marie Moe
Talk Slug & media link
32c3-7273-unpatchable

Talk & Speaker speed statistics

Very rough underestimation:
155.5 wpm
849.8 spm
While speaker(s) speak(s):
162.6 wpm
889.1 spm
185.2 wpm
1017.6 spm
147.3 wpm
802.7 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
155.5 wpm
849.8 spm
heartmedicaldevicespacemakerdevicesecurity.peopletalkthingspatientslaughingsoftwarecodepatientdoctorinsidepointimplantquestionvendorsfuturebodycoupleinformedcasetimeimplantsthingdatabitpacemakersopenapplauseyearsangelprogrammersstartedquestionsrunningaccesslivescoursetalkinginterestinghackingbeatworkissuesimagine
While speakers speak:
162.6 wpm
889.1 spm
medicalheartpacemakerdevicesdevicesecuritythingscodepeoplepatienttalkinside.pointdoctorcoupledatafuturebitlaughingquestionsimplantsimplantvendorsimagineinformedstartedpacemakersthingpatientsprogrammerstimebodyyearstalkinghackingsoftwareaccesslivesworkrunningmarieshe'strustmarie'stelemetrycoursesafetytypewrong
Eireann Leverett:
185.2 wpm
1017.6 spm
devicesmedicaltalkheartpeoplethingspointbitquestionsdeviceshe'scodefuturesecuritytalkingimaginemarierestmarie'sstuffprogrammersdoctorcoupleconcernsissuesinsidehackingimplantlaughinginterestingpacemakerworkyearssupportfirmwarequestiondetailsinformedindustrialdatamomentaskedpersonalstorysafetyprivacyenjoyhappenthingspace
Marie Moe:
147.3 wpm
802.7 spm
pacemakerheartmedicalsecuritydevicepatientdevicesthings.insidecodedataimplantsaccessbodypacemakerslaughingtypepatientspulsestartedtrustimplantdoctorcouplesoftwarethingvendorstimewrongstairsrunningstartingcoursecommunicationinformedtelemetrypeoplelivesfuturehalfinternetcasebeatbackupbeats/minworkingresearchersyearscheckups