|
| Authored by: Anonymous on Friday, June 14 2013 @ 03:17 PM EDT |
“it’s not difficult to imagine how these types of events could lead to patient
harm.”
If it's not difficult to imagine THAT, then it SHOULDN'T be difficult to realize
that these systems have no business being online. Endangering golden eggs (in
this case, "medical information" as well as "patient's
lives") for the comfort of working in a bath-robe seems a bit off-balance
to me.
I realize I may be a bit old fashioned, but no one has been able to explain
(with anything that resembles sound judgment) how that comfort outweighs the
value of the golden egg.
[ Reply to This | Parent | # ]
|
| |
| Authored by: Anonymous on Monday, June 17 2013 @ 03:33 PM EDT |
Let's start with my work setup, which isn't medical, but pretty similar anyway:
A Windows computer compiling for an 8051 target with an EPROM. The program
itself is secure; changing the program requires someone to physically pull out
the EPROM chip and put in a new one, and, even if it is communicating on-line,
the program won't change. At this point, there is no space on the chip (all of
64K) to support a virus.
But, my system is controlled by 10 or 20 parameters. The minute these
parameters can be updated remotely, I have a problem. The remote system is
undoubtedly a PC, or a laptop, or a phone. These devices can undoubtedly be
hacked, a la stuxnet.
The only reasonable solution I can find is to require something that can only be
done at my machine before the parameters can be updated, and a local way (not
involving insecure PCs, etc) to verify the results. That solves only half the
problem -- now, at least, we know that someone had to decide that new parameters
are OK.
But it doesn't solve the other half of the problem -- the man-in-the middle
attack on the programming device (again, PC, phone, tablet -- widely available
computer).
<Rant>
I see no good theoretical way out of that problem. We all know how trustworthy
Windows isn't. Linux and FOSS have the right attitude (bugs are hunted for and
not tolerated), but I am sorry, a million lines of kernel code is about 900,000
to many for anyone to audit, and, even if they are all correct, very few of us
have the time to master all the details of using it so we actually own the
machine running it.
I claim that a ground-up re-thinking of the fundamentals of the operating system
is required, along the lines of Andrew Tannenbaum's Minix. What has to happen
is that the inputs, outputs, and storage of every program, except the operating
system, have to be controlled and well-bounded by the owner of the computer.
</Rant>
I don't see this happening until some hospital gets sued by a patient for
criminal negligence when someone hacks a medical device through the internet.
Of course, the hacker will be thrown into jail under CFAA first...
[ Reply to This | Parent | # ]
|
|
|
|
