Hackers Remotely Kill a Jeep on the Highway
Lodewijk andré de la porte
l at odewijk.nl
Fri Jul 24 14:07:20 PDT 2015
2015-07-25 5:38 GMT+09:00 Cathal Garvey <cathalgarvey at cathalgarvey.me>:
> Without getting into the issue of whether patents encourage innovation.. I
> do think that medical devices are a special case. If you have a heart
> implant, that thing needs to be "unhackable", but also totally verifiably
> safe. So there should be firmware signing, no mutable state, verifiable
> memory safety...but the code should be open source, and if need be the
> firmware signing key for each device (needs to be different for each
> device!) should be accessible by a legitimate owner.
>
> So, no more remote-hackable heart implants, but doctors and cardiac
> technicians can still apply critical patches and inspect the source for
> sanity.
>
Why should a heart implant be different than a car? Because there's experts
involved? There's always experts involved! Because it's so life critical?
It's always "so life critical"!
Legally difficult is the differences between "owner" and "user". I think
whomever actually uses the device should be the one to be able to hack it.
That includes leases, rents, corporate ownership, and everything else. "I
drive it, I decide the software it runs". This follows from the idea that
"the software's choices are my choices" - in case of such direct life
affectors that choice should never be taken away.
It's funny; I think this evolved into an equivalent of the "forced
inoculation" argument... There's some point to be made for experts truly
knowing better, and nobody having any reason to go against the experts'
opinions. I think that, in that case, any rational person should be able to
reach that same conclusion. If they don't, well, that's a more general
problem to be approached separately.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/html
Size: 2307 bytes
Desc: not available
URL: <https://lists.cpunks.org/pipermail/cypherpunks/attachments/20150725/10684643/attachment-0002.txt>
More information about the cypherpunks
mailing list