|
Barnaby Jack, psycho hacker
I wonder if anyone here mourns this deceased programmer named Barnaby Jack, as Black Hat conventioneers in Las Vegas hackers reportedly do, or whether LQ members who have an opinion are glad he's gone.
I had never heard of him, but I would not have wanted to know a man who was interested in whether one could kill people by hacking into their pacemakers or other medical devices. He was apparently about to announce his findings on the subject. In which case, his death may temporarily leave the world safer--until someone else like him takes up the question. I didn't know what "Black Hat" was either, so I looked it up and found that it's the subtype of hacker who criminally hacks for fun. Probably nobody would admit to liking Jack or being his type of hacker. |
I'd rather somebody bring these things out into the open and force companies to hacker-proof things like ATMs and pacemakers.
You may want to live in ignorance in a world where only criminals intent on murder or money jack but I'd rather live in one where information is free. |
I feel that my apprehension at the prospect of pacemakers being hacked doesn't warrant suggesting I want to live in ignorance. I definitely would not like to see this information disseminated because it would pressure the device designers to hack-proof them--that's a rationalization. Especially because if there even is such as thing as hacker-proofing, it's strictly temporary. Skilled hackers defeat the proofing in an endless cycle.
|
Somebody out there is hacking these things. Either you hear about it at Black Hat because somebody like Barnaby Jack tells you or you don't hear about it and people die because their pacemakers stop mysteriously and nobody is allowed to tell you why.
If Barnaby Jack wanted to kill people or steal from ATMs he would have been doing that and you wouldn't know about it. Would that really have made you feel safer? |
Quote:
You can think of it in terms of old westerns- the 'black hat' is the bad guy and 'white hat' is the good guy. Black hat hacking is doing it for personal gain or maliciousness. https://en.wikipedia.org/wiki/Black_...king#Black_hat Hacking for fun is something that pretty much all the 'hats' do. As far as software exploits go, the difference is what the intended goals are, and what is done with any vulnerabilities exposed. *edit- and if you look around, you will find refernces to Barnaby Jack being a white hatter- Quote:
Reality isnt black and white, neither are poeple. I would not be suprised if the whole 'Barnaby Jack = black hatter' is mostly due to his going to black hat hacking conferences. With an added dash of 'OMG he was doing what with medical equipement?' From what I've seen of major corporations, sometimes just telling the company(ies) involved that there is a security issue in a quiet and discrete way means nothing changes. Maybe thats just my cynicism comign out..... |
Quote:
|
Quote:
Or, more likely, because either nobody will know or those that do will use it against others or, if they work for a medical company, bury it in fear of shareholder value falling. |
Quote:
|
Quote:
I know moral issues are usually complex. There are surely no good guys here. Certainly not the black hatters. (Say, I wonder whyy it's not "black hackers.") Tell me most hackers won't get drunk on a sense of power. |
Quote:
That would not be what I would do if I wanted to kill someone..it would be far better to use it at a normal voltage level but change the pattern so that it caused a heart attack. That would look like some sort of failure rather than something underhanded. Provided that the hacker cleaned out any connection logs (and I have no idea if pacemarkers would even have them) it would be very difficult to impossible for a ME to even know what caused the problem, let alone report the cause. If some dodgy pacemarker (or other medical hacking method) murder method was used, as far as I know the only thing that could stop it being reported would be pressure from the medical companies. |
Quote:
No corporation will bother to fix something not cutting into their bottom line. The scenario in Fight Club where automotive companies calculate the cost of repair of a defect and the cost of the law suits if they don't may be a little contrived but it's not far off the mark. The criminals here are the corporations allowing equipment like pacemakers and insulin pumps to be sold with no protection whatsoever. That, right there, is criminal negligence in my book and there is no way in hell they would admit it without a push. |
Quote:
Reportedly? We dont know..and never will know..exactly what he was going to tell people in his presentation. All we know for sure it that he was schedlued to make a presentation "in which he would demonstrate shortcomings in medical devices like pacemakers and defibrillators." Considering this- Quote:
I doubt he was going to create a step by step 'this is how you kill with a pacemarker' wiki page. Quote:
Its debateable if Barnaby Jack was a 'good guy' or not, but to make a blanket statement that the are 'no good guys' either shows a lack of knowledge, or a biased position. After all, a large proportion (I'd say almost everyone) who is involved with coding linux, BSD and FOSS software has been called a hacker at some point..... Quote:
Quote:
Quote:
|
I'm not offended, but think that between you quasi-insulting me (have we even met?) and your rage toward corporations (they merely annoy me), I should duck out of this thread or at least not post anymore. Goodbye.
|
Quote:
|
Quote:
This isn't rage -- this is an understanding that corporations are set up to be psychopaths. It's a pretty well-accepted view. I don't hate corporations, personally (I work for a huge one), but I don't trust them at all and think law and independent researchers, whistle blowers and the like are needed to keep them in check. I don't like criminal hackers either but actual criminal hackers tend to keep quiet about their results. |
| All times are GMT -5. The time now is 03:49 AM. |