2015-07-25 5:38 GMT+09:00 Cathal Garvey
   <[1]cathalgarvey@cathalgarvey.me>:

   Without getting into the issue of whether patents encourage
   innovation.. I do think that medical devices are a special case. If you
   have a heart implant, that thing needs to be "unhackable", but also
   totally verifiably safe. So there should be firmware signing, no
   mutable state, verifiable memory safety...but the code should be open
   source, and if need be the firmware signing key for each device (needs
   to be different for each device!) should be accessible by a legitimate
   owner.
   So, no more remote-hackable heart implants, but doctors and cardiac
   technicians can still apply critical patches and inspect the source for
   sanity.

   Why should a heart implant be different than a car? Because there's
   experts involved? There's always experts involved! Because it's so life
   critical? It's always "so life critical"!
   Legally difficult is the differences between "owner" and "user". I
   think whomever actually uses the device should be the one to be able to
   hack it. That includes leases, rents, corporate ownership, and
   everything else. "I drive it, I decide the software it runs". This
   follows from the idea that "the software's choices are my choices" - in
   case of such direct life affectors that choice should never be taken
   away.
   It's funny; I think this evolved into an equivalent of the "forced
   inoculation" argument... There's some point to be made for experts
   truly knowing better, and nobody having any reason to go against the
   experts' opinions. I think that, in that case, any rational person
   should be able to reach that same conclusion. If they don't, well,
   that's a more general problem to be approached separately.

References

   1. mailto:cathalgarvey@cathalgarvey.me