Once a week.
Subscribe to our weekly newsletter.
Inviting Machines Into Our Bodies
By Chris Arkenberg
In what amounts to a fairly shocking reminder of how quickly our technologies are advancing and how deeply our lives are being woven with networked computation, security researchers have recently reported successes in remotely compromising and controlling two different medical implant devices . Such implanted devices are becoming more and more common, implemented with wireless communications both across components and outward to monitors that allow doctors to non-invasively make changes to their settings. Until only recently, this technology was mostly confined to advanced labs but it is now moving steadily into our bodies. As these procedures become more common, researchers are now considering the security implications of wiring human anatomy directly into the web of ubiquitous computation and networked communications.
Barnaby Jack, a researcher at McAfee, was investigating how the wireless protocols between implants and their remote controllers opened up potential vulnerabilities to 3rd party attacks. Working with instrumented insulin pumps he found he could compromise any pump within a 300-foot range. “We can make that pump dispense its entire 300 unit reservoir of insulin and we can do that without requiring its ID number”, he noted, adding that making the device empty its entire cartridge into a host’s bloodstream would cause “deep trouble”. Previously, independent security researcher Jerome Radcliff, a diabetic and insulin pump recipient himself, showed a crowd at the 2011 Black Hat Security Conference how he could wirelessly hack into his own pump to obtain its profile, then alter it in a way that would modify his prescription when sent back to the device.
In another case, computer science researcher and professor at the University of Massachusetts Amherst, Kevin Fu, found that by interrogating an implantable heart defibrillator he could capture its signal and use the identifier to remotely turn the device on & off. This would have potentially catastrophic effects for a patient relying on such a device to maintain a steady heart rhythm. Many new pacemakers include wireless components and remote authentication schemes that are open targets for potential attackers. A near-future wireless implant ecosystem might become a target for scripts looking to scour data or add more microcontrollers to their botnets.
Over the past 15 years these types of malevolent attacks have become the driver for a suite of best-practices used to design security into wireless consumer goods. Until recently, little thought was given to the same challenges in connected devices implanted into our bodies, mainly because there wasn’t much reason to do so. Both the threats and the devices were mostly the province of science fiction and outlier scenarios. But with the advancing pace of convergence & computation we’re now at the advent of a new era marked by the steady ingression of such devices into our bodies, used to manage chronic conditions and preserve us from untimely expiration.
There are now numerous examples of in-the-field connected implants. Stanford researchers have developed a wireless retinal implant that allows the blind to recover the beginnings of sight. The implant takes a video feed from a camera mounted on a pair of eyeglasses and beams it as near-infrared light to a chip implanted at the back of the eye, stimulating retinal nerves to pass visual data to the cortex. In trials, blind users were able to see rudimentary lines and shadows. This device overcomes existing power limitations via a wireless connection to its battery pack. If the power to such a device is cut, the user returns to darkness. Perhaps future devices might allow capture of the visual stream entirely (while hopefully defending against intrusive feed-jacking and advert bill-boarding).
The UK company, Retina Implant, is conducting human trial’s of its own technology that improves on the Stanford implementation by removing the need for an external camera. To treat those with blindness due to retinitis pigmentosa their device uses a microcontroller that includes a pixel array and two photocells sitting at the back of the retina. As light comes in it is transduced and passed as electrical signals to the optic nerve. Although not implemented in their initial trial, the next-generation device will receive its power from a wireless source. It would seem a fairly simple proposition to extend wireless control to include modification of brightness & contrast settings, addition of new visual filters, and sensing capabilities to report on energy use, heat levels, or perhaps the robustness of surrounding cellular structures. Once the transduction language is optimized it would be possible to draw additional images onto the optic nerve, such as alpha-blended head’s-up annotations, rendering augmented reality directly onto the optic nerve.
I spoke with a surgeon at the University of Florida working in pain management who told me of an implanted mat that wraps around a part of the spine in a way that interfaces with nerves targeting a specific locus of chronic pain, such as a joint injury. The mat can be remotely programmed to provide varied modulation of the nerves to assist in pain relief. When I suggested it won’t be long before you can control your pain management mat with your iPhone he didn’t even blink, saying simply “Oh, yeah”. Remote microcontrollers are extended by the supercomputers in our hands and will draw 3rd party services into this new relationship.
These somewhat rudimentary examples are notable not only because they signal the evolution of implantable medical devices to include wireless components and over-the-air authentications but also because they illustrate the flow of capital investments into such technologies. The past 10 years have shown countless research papers published out of labs working to bring more sophisticated microcontrollers into alignment with real-time remote communication protocols. Now this research has moved out of the labs as viable commercial applications finding their way into our bodies. On the wave of capital flowing from the aging Boomer generation ride innumerable start-ups seeking funding rounds to finance their biomedical devices. As this young industry matures, regulatory agencies and standards bodies are taking notice.
To manage the frequency needs of these new connected implants the FCC has proposed to set aside a spectrum of wireless bandwidth reserved specifically for their use.
The IEEE recently published a new standard, IEEE 802.15.6(TM)-2012, “optimized to serve wireless communications needs for ultra-low power devices operating in or around the human body”. The Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) published a report provocatively titled “Attack Surface: Healthcare and Public Health Sector” [PDF] offering guidance for addressing the apparent oncoming onslaught of hackers seeking to compromise our implants. Offering a bit of a twist on implant-enabled attack surfaces, the TSA recently diverted a US Airways flight when a passenger told a steward that she had special needs due to a surgical implant.
It seems the TSA is growing concerned about implanted explosive devices. No doubt additional regulatory structures will evolve to address wireless implant tech though such controls may not reach the back-alley biotech shops in Bangalore, Lagos, Sao Paolo and similar destinations across the developing world less encumbered by such oversight.
Wiring up our medical implants to remote processes provokes discussion of many significant implications. Security is obviously a concern and the recent movement of government agencies to address the issue reinforces the imminence of its arrival while hopefully re-assuring potential recipients that such devices will be adequately secured and quality-controlled. As we instrument ourselves and connect to standard digital communication protocols 3rd parties will inevitably move into the interstitial space. While some may be malevolent, many will be motivated by the same somewhat uneasy combination of self-interest and do-gooder-ness that drives the rest of our economy. Service layers will be built to manage the patient-implant-doctor relationship, enabling more precise on-demand control while sending real-time data to medical analytics dashboards. Messaging will pass event commands to your devices and notifications to your doctors. As this data flows off of 3rd party micromachines and through 3rd party service providers questions of data access & ownership will further erode the boundaries between our bodies and the web of information in which we’re embedding.
Like all good service platforms, API’s will be developed around these device-data ecosystems to make them standardized, interoperable, and social. It’s safe to assume that some sort of mobile application layer will evolve to give us greater insight and more immediate control over our biological processes. Inviting the Internet of Things into our bodies may very well reveal much more information about physiology and biochemistry while potentially opening up entirely new behaviors & capabilities. Efforts in brain-machine interface are opening up the likelihood of bionics to replace lost limbs and to overcome motor disorders. As neural implants mature and the precision of their capture & transduction capabilities converges with wireless communication, how long might it be until we have some rudimentary degree of telepathy based simply on familiar http & REST protocols dancing across the FCC-approved wireless implant spectrum? Will a time come when we fall asleep counting electric sheep streamed directly into our brains from the devices on our bedside?
It’s worth considering those who are already moving into this new relationship, like Cathy Hutchinson who recently overcame 15 years of paralysis by using her mind alone to direct a robotic arm to deliver a cup of coffee to her lips. What sort of future cybermorphology might she be stepping into? Might the aging western nations invest their 1st World retirement savings into biocybernetics, stepping away from the un-augmented masses across some future transhuman gap?
Computation has reliably gotten smaller and more powerful, instrumented with greater capacity to sense surrounding conditions and to communicate across the air with a global mesh of sympathetic devices. We now hold incredible amounts of computational power in our hands and these devices sit adjacent to literally billions of sensing & communicating microcontrollers embedded into infrastructure, machines, tools, goods and garments. On top of this mesh we’ve built vast service layers to stretch greater utility across their abstracted functional landscapes. Our never-ending medical needs seem to compel us to draw these solutions into our own bodies in hopes of some great cybernetic control to stave off infection, malaise, chronic suffering, and untimely demise. As we grow more comfortable with them we’ll inevitably begin self-tuning for optimizations, enhancements, and special powers. Yet, if we are to jump into the technological convergence, instrumenting and extending and connecting ourselves through a sort of soft machine hybridization, network security will be only one concern on the road to a new form of humanity that may challenge our very notion of what it means to be human.
Chris is a researcher at the Hybrid Reality institute. He is an independent researcher, analyst, and innovation strategist in the San Francisco Bay Area. Follow him @chris23
An open letter predicts that a massive wall of rock is about to plunge into Barry Arm Fjord in Alaska.
- A remote area visited by tourists and cruises, and home to fishing villages, is about to be visited by a devastating tsunami.
- A wall of rock exposed by a receding glacier is about crash into the waters below.
- Glaciers hold such areas together — and when they're gone, bad stuff can be left behind.
The Barry Glacier gives its name to Alaska's Barry Arm Fjord, and a new open letter forecasts trouble ahead.
Thanks to global warming, the glacier has been retreating, so far removing two-thirds of its support for a steep mile-long slope, or scarp, containing perhaps 500 million cubic meters of material. (Think the Hoover Dam times several hundred.) The slope has been moving slowly since 1957, but scientists say it's become an avalanche waiting to happen, maybe within the next year, and likely within 20. When it does come crashing down into the fjord, it could set in motion a frightening tsunami overwhelming the fjord's normally peaceful waters .
The Barry Arm Fjord
Camping on the fjord's Black Sand Beach
Image source: Matt Zimmerman
The Barry Arm Fjord is a stretch of water between the Harriman Fjord and the Port Wills Fjord, located at the northwest corner of the well-known Prince William Sound. It's a beautiful area, home to a few hundred people supporting the local fishing industry, and it's also a popular destination for tourists — its Black Sand Beach is one of Alaska's most scenic — and cruise ships.
Not Alaska’s first watery rodeo, but likely the biggest
Image source: whrc.org
There have been at least two similar events in the state's recent history, though not on such a massive scale. On July 9, 1958, an earthquake nearby caused 40 million cubic yards of rock to suddenly slide 2,000 feet down into Lituya Bay, producing a tsunami whose peak waves reportedly reached 1,720 feet in height. By the time the wall of water reached the mouth of the bay, it was still 75 feet high. At Taan Fjord in 2015, a landslide caused a tsunami that crested at 600 feet. Both of these events thankfully occurred in sparsely populated areas, so few fatalities occurred.
The Barry Arm event will be larger than either of these by far.
"This is an enormous slope — the mass that could fail weighs over a billion tonnes," said geologist Dave Petley, speaking to Earther. "The internal structure of that rock mass, which will determine whether it collapses, is very complex. At the moment we don't know enough about it to be able to forecast its future behavior."
Outside of Alaska, on the west coast of Greenland, a landslide-produced tsunami towered 300 feet high, obliterating a fishing village in its path.
What the letter predicts for Barry Arm Fjord
Moving slowly at first...
Image source: whrc.org
"The effects would be especially severe near where the landslide enters the water at the head of Barry Arm. Additionally, areas of shallow water, or low-lying land near the shore, would be in danger even further from the source. A minor failure may not produce significant impacts beyond the inner parts of the fiord, while a complete failure could be destructive throughout Barry Arm, Harriman Fiord, and parts of Port Wells. Our initial results show complex impacts further from the landslide than Barry Arm, with over 30 foot waves in some distant bays, including Whittier."
The discovery of the impeding landslide began with an observation by the sister of geologist Hig Higman of Ground Truth, an organization in Seldovia, Alaska. Artist Valisa Higman was vacationing in the area and sent her brother some photos of worrying fractures she noticed in the slope, taken while she was on a boat cruising the fjord.
Higman confirmed his sister's hunch via available satellite imagery and, digging deeper, found that between 2009 and 2015 the slope had moved 600 feet downhill, leaving a prominent scar.
Ohio State's Chunli Dai unearthed a connection between the movement and the receding of the Barry Glacier. Comparison of the Barry Arm slope with other similar areas, combined with computer modeling of the possible resulting tsunamis, led to the publication of the group's letter.
While the full group of signatories from 14 organizations and institutions has only been working on the situation for a month, the implications were immediately clear. The signers include experts from Ohio State University, the University of Southern California, and the Anchorage and Fairbanks campuses of the University of Alaska.
Once informed of the open letter's contents, the Alaska's Department of Natural Resources immediately released a warning that "an increasingly likely landslide could generate a wave with devastating effects on fishermen and recreationalists."
How do you prepare for something like this?
Image source: whrc.org
The obvious question is what can be done to prepare for the landslide and tsunami? For one thing, there's more to understand about the upcoming event, and the researchers lay out their plan in the letter:
"To inform and refine hazard mitigation efforts, we would like to pursue several lines of investigation: Detect changes in the slope that might forewarn of a landslide, better understand what could trigger a landslide, and refine tsunami model projections. By mapping the landslide and nearby terrain, both above and below sea level, we can more accurately determine the basic physical dimensions of the landslide. This can be paired with GPS and seismic measurements made over time to see how the slope responds to changes in the glacier and to events like rainstorms and earthquakes. Field and satellite data can support near-real time hazard monitoring, while computer models of landslide and tsunami scenarios can help identify specific places that are most at risk."
In the letter, the authors reached out to those living in and visiting the area, asking, "What specific questions are most important to you?" and "What could be done to reduce the danger to people who want to visit or work in Barry Arm?" They also invited locals to let them know about any changes, including even small rock-falls and landslides.
What makes some people more likely to shiver than others?
Some people just aren't bothered by the cold, no matter how low the temperature dips. And the reason for this may be in a person's genes.
Eating veggies is good for you. Now we can stop debating how much we should eat.
- A massive new study confirms that five servings of fruit and veggies a day can lower the risk of death.
- The maximum benefit is found at two servings of fruit and three of veggies—anything more offers no extra benefit according to the researchers.
- Not all fruits and veggies are equal. Leafy greens are better for you than starchy corn and potatoes.