Security problems will continue to plague new technologies as they come into the mainstream and attract the attention of devious computer hackers; it is a problem that has dogged PCs, mobile devices and radio-frequency identification tags throughout their maturation, says Gadi Evron, a security researcher who specializes in assessing computer vulnerability. Evron raised the issue at last year's Chaos Communication Camp international hacker gathering in Berlin, Germany, via a presentation entitled, "Hacking the Bionic Man: Science fiction or security in 2040?"
"All of the same security mistakes are made again and again," Evron says. "As long as people write [software], there will be bugs and vulnerabilities because secure design is never really followed."
Protecting implanted medical aids is tricky because manufacturers must avoid security measures that could cause the devices' batteries to run down or otherwise impede their lifesaving functions. The researchers propose that makers incorporate "zero-power" defenses into future designs, such as radio-frequency identification tags that create vibrations or audibly alert the patient of possible tampering without sapping battery power.
"The first thing to do is not scare people," Evron says, noting that such mischief is unlikely at this point. But he says it's important to keep on top of the issue, given the potential for trouble. "We should bring computer and security development into the realm of medical devices," he says, "so we aren't faced with security risks 10 or 15 years from now."