These days, we're all intricately connected with our electronics. Maybe you love a certain smartphone, wedged permanently into your claw-like grip, dearer than daughter. Or maybe you've fallen for the sultry voice of Miss GPS, she who controls where you steer that giant computer-cum-living pod known as the modern car. Or maybe you've gone further, carrying a wee biomedical gadget in your chest that acts as a latter-day doctor.
Well, you knew all that convenience would come with some vulnerabilities, right? No? Well, you and a lot of manufacturers both. Listen up now, and just maybe you'll survive the impending hack-pocalypse…
A security researcher presenting at this year's Black Hat conference was taking a greater risk than many of the speakers: Jay Radcliffe, a diabetic, has discovered a way to hack insulin pumps and glucose monitors like the ones he is attached to 24/7. "My initial reaction was that this was really cool from a technical perspective," he told AP. "The second reaction was one of maybe sheer terror, to know that there's no security around the devices which are a very active part of keeping me alive."
Insulin pumps aren't alone. There are quite few things out there that you really don't want hacked, but for which protections are, as they say, "to be included in a future release."
One major feature of modern medical devices, wireless remote control capability, is also their Achilles' heel. Jay Radcliffe's insulin pump and implanted devices like pacemakers can take instructions from distant doctors when their flow rate or timing needs to be adjusted. But the data they send is unencrypted, and with just the right set-up, nefarious third parties can reprogram them from distances of up to a half-mile.
If you're thinking, "But that could kill people!" the answer is, "Yep." And it could also, by the way, release individuals' names and diagnosis, since those are also being sent merrily over the airwaves without encryption.
Scientists recently came up with a method for protecting pacemakers with encryption. But it's not clear when, or whether, the industry will catch up with these security measures. In the meantime, you might consider moving to the Sahara and building a two-mile-square compound.
Your car, your love, your sitting duck. Of all the possibilities we're presenting, this one seems most likely to be hacked, due to the obvious fiscal benefits to anyone so tech-savvy as to hijack other people's vehicles and to the extreme simplicity of the required hacks. Did I say "sitting duck"? I meant "dodo bird strapped to a rock."
There are quite a few ways to have your way with today's electronics-heavy cars. Just recently, scientists demonstrated how one can start a Subaru Outback's engine by text message, and security experts have shaken their heads about how two people with radios can walk away with your Prius, no sweat, thanks to that handy key fob that transmits your unlocking code wherever you go. But recent research has also demonstrated that with certain digital infiltrations, such as a few extra lines of code on a CD slipped into your car's player, attackers could sabotage your brakes or get the GPS system to report back on your location.
The ol' horse and buggy never sounded so good.
It's common knowledge that our current electrical grid--aka the dumb grid--is profoundly flawed. Basically, a tendency to break down and a predilection for brownouts are built in to the system, not to mention the difficulty of hooking up sustainable power sources.
But the smart grid, a proposed upgrade involving devices that will allow energy users to track their usage and adjust dynamically to demand, could have its own brand of problems. Last year, researchers found that smart meters, which communicate with the washing machine, the fridge and so on about their usage, are vulnerable to viruses that could spread from meter to meter and turn off the power.
It's just another day in the networked world: Utilities will have to join the growing list of industries putting out digital-security job postings.
Protecting yourself and your gadgetry when you're alive is all well and good. But with the afterlife going digital, your funeral won't mean you're safe from hacking.
Smart gravestones, like the much-discussed but perhaps fictional eTomb that design sites were jawing about last year, or the very real QR code varieties currently being deployed, seem just as vulnerable to hacking as any garden-variety website. With the QR code version, scanning the code on the gravestone sends you to a site covered with memorials to the deceased. But who's to say the deceased didn't have some enemies with digital smarts, or that some young hacker will have the poor taste to target some random dead person in the local cemetery?
Resting in peace may be something of the past.
