Wireless Technology and Implants

I will admit that I have not yet made it through the entire forum yet so I hope that this has not been brought up before. 

I have seen people mention in this forum, casual conversations, and sci fi shows/books, using implants that are either bluetooth or WiFi for updating or interface purposes. The question that I pose is this: If you have an implant of some kind that generates a wireless signal of some sort, what is the chance that someone with a fair amount of computer knowledge would be able to hack it for their own purposes? As we all know, computer capabilities is ever increasing and every new generation of human seems to have a greater understanding and capability utilizing them. 
The more I learn about the underlying architecture of computing and programming the more I see the possible security issues that may be faced in the future. 

Opinions?
Tagged:

Comments

  • Implanting a device has little or no impact on the software or operation, particularly if it is designed according to standardized protocols like Wi-fi or Bluetooth. The security issues present with any wireless implants are identical to those faced by any other similar device, the fact that it's implanted doesn't inherently change anything.

    That being said, if the implant can be interacted with wirelessly, it may be possible (depending on how any particular implant is implemented) to reprogram it or update whatever software is running on it wirelessly, so you can "stay up to date" with security by implementing new fixes or security features as new vulnerabilities arise. The physical nature of the device should be distinct from its software operation, so again the fact that it's an implant really has no impact on security any more than, say, what color your computer's housing is.
  • well one big difference is you'd notice if someone tries to get physical access to the device in order to manipulate it.
    at least for my current design, i keep overall complexity so low that i can be sure it's not used in any unintentional ways.
    if you allow your hardware to be able to reprogramm itself it sure opens the same security holes as on any other platform. in that case, it really just is a regular computer as zombiegristle mentioned.
  • "The security issues present with any wireless implants are identical to
    those faced by any other similar device, the fact that it's implanted
    doesn't inherently change anything."

    It seriously changes one big thing.  It's easy to replace your computer/phone/tablet if it gets infected/ages/etc.  It would not be so easy to replace an implanted Bluetooth 1.0 with a 2.0 version..If it can handle it in the software yes, but the hardware no.
  • @zombiegristle

    Realistically it depends on the kind of device you are implanting. If we are talking about finger magnets its obviously irrelevant, but I can think of a dozen proposed projects that could be compromised. 

    A good RL example of this would be the vulnerabilities shown in pacemakers, allowing advanced hackers within 50 meters of a person to initiate cardiac arrest article here

    Another example I can think of would be a more advanced version of directorX's implanted headphones gone wireless. If someone figured out how to send a screeching burst of sound to standard wireless headphones it would be shocking and you would rip them off. What do you do when the deafening sound is coming from within your body? 

    I second iexiak's point as well - if there is some hack that can seriously impact you, and there are no know patches then you are left with the uncomfortable option of pulling your implant out or walking around with a known vulnerability. 

  • All of these are reasons I think we should be consistently looking for new ways to do a viable transdermal implant.  I'm sure everyone's watched at least part of H+ on youtube. 

    And of course, hacking data-collecting implants could be a new form of black-hatting. What need to hold a gun to the man you're mugging when you can set off his defibrillator, etc?
  • "It seriously changes one big thing. It's easy to replace your computer/phone/tablet if it gets infected/ages/etc. It would not be so easy to replace an implanted Bluetooth 1.0 with a 2.0 version..If it can handle it in the software yes, but the hardware no."

    I was under the impression from reading the OP that he was asking specifically about the "hackability" of Bluetooth or Wi-fi implants, not upgradability or physical security concerns. Implanting an antenna doesn't change how easy it is to transmit to, or receive from, it.
  • the less code, the less security holes. and i'd prefer <500 loc of a microcontroller over the >3000000 loc of some OS.
    having hardware and software dedicated to a single job helps cutting down the attac vectors a lot. what remains is securing the existing mechanisms (like audio playback in case of a headphone implant) against abuse. but there are means to help with that, like cryptographic methods to sign data packages etc. in some cases adding hardware to prevent software failures from causing harm may be possible too.

    in the end it's a matter of trust. do you trust the person who engineered an implant for it to be save, or do you not. and in case you don't: do you have means to check if the work he did was good or not.
  • "I was under the impression from reading the OP that he was asking
    specifically about the "hackability" of Bluetooth or Wi-fi implants, not
    upgradability or physical security concerns. Implanting an antenna
    doesn't change how easy it is to transmit to, or receive from, it."

    Think of it like old wireless routers.  They started with no encryption, then to get encryption (WEP) you had to buy a new router.  WEP became weak so they came out with new routers with WPA.  Then WPA became weak so they came out with WPA2, which again required new hardware.  It is a software weakness that required new hardware to overcome.
  • That does make sense, I see your point now.
  • I was indeed speaking of potential hackability of implants as well as bringing up the point of general security concerns. Many people focus on the alteration and implantation aspects and don't think security conerns, its nice to know that many of you have thought more on the subject. 

    ThomasEgi - You make a great point on having the implants be self contained and doing single jobs. My question to you is how complex of an implant before you have to have some sort of operating system?

    Meanderingman - Thank you for that article, I had never seen it.
  • @Tellari as long as you run a single main-loop ,or task, you can get away with no OS. if you need more functionality, there is a range of embedded operatings to chose from. so as long as your implant only does one thing at a time. no need for an OS at all.
    my guess would be that most OS would consume more recources and energy than desired anyway.
  • Good to know, I will definitely keep that in mind. :)
Sign In or Register to comment.