Friday, April 20, 2012

Implantable Chips For Health Purposes Could Now Be Hacker-Proof Thanks To A Wearable Firewall

Millions of people use insulin pumps, pacemakers and other personal medical devices that rely on wireless communication to function. But what happens if someone was to tamper with that vital communication line between the health care provider and the patient?

Researchers from Purdue and Princeton universities have developed a solution to what could be catastrophic problem: a signal-jamming personal firewall for medical devices.

The research team created MedMon (medical monitoring), a firewall that detects potentially malicious communications going into or coming from the wearable or implanted device, such as brain implants under development to control epilepsy and smart prosthetics that make use of electronic chips.

After identifying malicious signals, MedMon employs electronic jamming, similar to technology used in military systems, to prevent any potentially harmful wireless commands from getting through to the device and causing it to falter or accept instructions that that could cause its wearer harm.

The possibility of an attack like this is not the stuff of science fiction. At last summer's Black Hat Security Conference, Jay Radcliffe, using his own wireless insulin pump and body sensor, demonstrated how a hacker could write a maliicous script, use it to intercept the transmission between the sensor and the glucose monitor, and then corrupt the signal and send it back to the sensor with commands to trick the patient — himself, in this case — into believing his blood sugar was off.

The research team highlighted the need for its prototype by replicating, in the lab, an attack on a diabetes monitoring system, which consists of a continuous glucose monitor and an insulin pump that communicate wirelessly with each other.

Analyzing a commercially available glucose monitor, the scientists were able to eavesdrop on the wireless communication sent to the device — they used off-the-shelf software and hardware — and to reverse-engineer the communication protocol, discover the device PIN and send their own malicious data to it, including instructions to start and stop insulin injection.
'[Implantable and wearable devices] are expected to transform health care.'
- Anand Raghunathan, Purdue professor
The relatively easy ability with which they hacked the system was the impetus for MedMon, as they explained in their paper, "Hijacking an Insulin Pump: Security Attacks and Defenses for a Diabetes Therapy System."

Although personal health care technology, namely implantable and wearable devices, "are expected to transform health care by enabling diagnostics, monitoring, and therapy anytime, anywhere on a continuous and personalized basis," the researchers said, they identified a crucial downside to this convenience. "The consequences of security attacks can be extreme, often allowing attackers to cause the appliances to operate in a life-threatening manner."

The MedMon prototype could be worn as a necklace or integrated into the user's cellphone, explained Anand Raghunathan, a Purdue professor of electrical and computer engineering, who worked on the project with Princeton electrical engineering professor Niraj K. Jha and Princeton graduate student Chungxiao Li. MedMon is currently a proof-of-concept device, and would need to be miniaturized, the researchers said. They have filed a provisional patent for the concept.

The researchers realize that it is nearly impossible to prevent all attacks, but MedMon hopes to significantly mitigate the problems posed by hackers who would maliciously target a person's health.

Library In Britian Pays $14.3M For Ancient Gospel Of John

This photo, released by The British Library Tuesday April 17 2012, , shows the St. Cuthbert Gospel, a remarkably preserved palm-sized book which is a manuscript copy of the Gospel of John in Latin which was bought from the British branch of the Society of Jesus (the Jesuits), the library said Tuesday April 17, 2012. The small book - 96 mm (3.8 inches) by 136 mm (5.4 inches) - has an elaborately tooled red leather cover. It comes from the time of St. Cuthbert, who died in 687, and it was discovered inside his coffin at Durham Cathedral when it was reopened in 1104. Photo: AP / The British Library 

LONDON (AP) — The British Library has paid 9 million pounds (US$14.3 million) to acquire the St. Cuthbert Gospel, a remarkably well-preserved survivor of seventh-century Britain described by the library as the oldest European book to survive fully intact.
The palm-sized book, a manuscript copy of the Gospel of John in Latin, was bought from the British branch of the Society of Jesus (the Jesuits), the library said Tuesday.
The book measures 96 mm (3.8 inches) by 136 mm (5.4 inches) and has an elaborately tooled red leather cover. It comes from the time of St. Cuthbert, who died in 687, and it was discovered inside his coffin when it was opened in 1104 at Durham Cathedral.
The British Library said the artifact is one of the world's most important books.
"To look at this small and intensely beautiful treasure from the Anglo-Saxon period is to see it exactly as those who created it in the seventh century would have seen it," said the library's chief executive, Lynne Brindley.
"The exquisite binding, the pages, even the sewing structure survive intact, offering us a direct connection with our forebears 1300 years ago," she added.