The ISC is running an interesting note from Craig Goranson today about penetration testing’s potential effects on Bluetooth-enabled medical devices.
In the past, some medical device manufacturers have played it fast and loose with the rules or best-practices. For instance the FCC gave medical devices an exception for radiation, so they didn’t bother to shield anything. And so when wireless network devices started getting near some of these, they went haywire, since they accept interference as well as they restrict it. I know of a respirator that just stopped working when an 802.11b device went near it.
I hope that things have changed recently (I’ve been out of medical for a few years), but I imagine if a rough service scan for bluetooth didn’t take out a device, fuzzing one would. I’d guess that the device manufacturers don’t write their own Bluetooth stacks, and the upstream provider might not have life-critical systems in mind when designing it. I hope I’m wrong on both counts. And I further hope they’re properly watchdogged to reset after a crash. This would make a good study.
It would also be interesting to know what kind of reviews were done on these kinds of devices for some of the high profile people who have them. Do groups like the Secret Service study these things, know how far Bluetooth signals can be transmitted, etc.? There are some crazy implications for security done wrong here.