As the individual states struggle to define how best to reopen in a manner that minimizes the renewed spread of the novel coronavirus/COVID-19, the subject of contact tracing has become a major focus. To aid in this effort, Apple and Google announced late last week a joint contact tracing project that would leverage Bluetooth technology to identify and selectively alert individuals who have been in close proximity to someone who tested positive for COVID-19. Once alerted, that user could self-isolate or seek testing. Individuals who are diagnosed with COVID-19 can self-report their diagnosis, and any users who have been in recent contact with that individual will receive a notification. Public health agencies would be responsible for checking and verifying test results provided by users in order to prevent spoofing or fabrication. Continue reading “Contact Tracing: COVID-19”
In the last week, both the Dept. of Homeland Security and the Food and Drug Administration have issued a consumer alert about the potential hacking risk regarding cardiac devices, specifically because those devices have no encryption on their software. The devices in question are implantable cardiac devices, clinic programmers and home monitors which are used to regulate one’s heartbeat rate – to speed it up or slow it down, as needed. The focus this time is on the Medtronic Conexus Radio Frequency Telemetry Protocol. Given this latest notice, one has to wonder what will be the impact of the California IoT law.
What both federal agencies had to say is short range access allows interference with, generation, modification or interception of communications. There is also the ability to read/write any valid memory location on the implanted device and, therefore, impact its intended functionality. Continue reading “CA IoT Law: Devices at Risk?”