Avi Rubin is Professor of Computer Science at Johns Hopkins University. He offers a TEDx talk in which he discusses hacking of devices. Would you be surprised if?
- A defibrillator pacemaker could induce fibrillation wirelessly (Dick Cheney would be more fun at parties)? Or the device could be disabled remotely?
- The brakes on your car could be engaged, or disabled through your car radio?
- Your car could be located via GPS, remotely have the doors unlocked, anti-theft bypassed, and started (so it’s warm, or cool when stolen)?
- Your car could be used for covert surveillance? E.G. use GPS to track vehicle on a map, stream audio from the in-cabin microphone. Without knowledge.
- Someone could record video of you using a smart phone on a bus or plane, then later use that video to decode your passwords via reflections in your glasses? Or even neighbors phones reflected in those same glasses?
- A $15 device could jam secure police communication?
- An iPhone 4 placed next to a keyboard could detect characters typed on the keyboard via vibrations detected by its accelerometer? By the way, the accelerometer is not a registered device requiring developers to request permission.
- A voting machine left in a hallway unattended could have Pacman installed, without breaking its tamper resistant seals?
Profit is the major motivator of today’s hackers. Let’s face it, there’s little profit in someone hacking your car’s brakes. However, it doesn’t take much imagination to realize how a smart phone could be used to compromise an otherwise very secure password. Devices need to be adopted only after consequences have been considered, and security needs to be included from the start. It’s an interesting talk worthy 17 minutes of your time.