From: Cathal Garvey <cathalgarvey@cathalgarvey.me>
>Without getting into the issue of whether patents encourage innovation.. 
>I do think that medical devices are a special case. If you have a heart
>implant, that thing needs to be "unhackable", but also totally
>verifiably safe. So there should be firmware signing, no mutable state,
>verifiable memory safety...but the code should be open source, and if
>need be the firmware signing key for each device (needs to be different
>for each device!) should be accessible by a legitimate owner.

>So, no more remote-hackable heart implants, but doctors and cardiac
>technicians can still apply critical patches and inspect the source for
>sanity.

It should be fairly simple to protect against heart-implant hacks.  First, communication with them is probably limited to inductively-coupled signalling, at a fairly high level.  Secondly, it should be based on a two-way challenge/response system:  The external device signals a code, call it a password, to which the implant would respond with a reply, which itself includes a randomized code.  The external device reads that randomized code, processes it in some way (presumably a hash), and retransmits it to the implant.  Only if the implanted device receives what it considers the correct code, would it allow further manipulation.  Presumably, any attempt to illegitimately access such a device wouldn't be close enough to read the implant's reply signals, and thus couldn't proceed further.

"Do you have have a match?".   "No, but I have a lighter".  "Even better".   "Until they go wrong".

         Jim Bell