Hacking the Personal Area Network
posted by:Jason Millar // 10:37 AM // June 03, 2005 // TechLife
Innovations in wireless technology are spawning new implantable and wearable devices that will communicate with one another, resulting in the emergence of the Personal Area Network (PAN). Bluetooth, a wireless communication standard, is fast emerging as the means by which these devices will communicate since it is specifically designed for short-range wireless communication between small devices. Examples of Bluetooth devices of this sort include cochlear implants for the deaf, insulin pumps and blood glucose monitors for diabetics, and full body montioring systems that continuously monitor critical bodily functions and communicate the information to medical professionals. Other Bluetooth devices include cell phones, PDAs, headsets, notebook computers--all of which could be be communicating sensitive physiological data or controlling the associated physiological processes over the PAN.
Although the benefits of PAN devices are obvious they also increase the potential for harm to the person by virtue of the fact that they provide access to highly personal sets of data. Ian Kerr recently discussed some implications of PANs at a conference in Ottawa, during his presentation entitled "Still Feelin' 'icky': The Utopias of Conrad Chase, Kevin Warwick and other Digital Angels". Compromised security in the PAN could result in any range of problemtatic outcomes, such as an invasion of privacy, descrimination based on knowledge of physiological conditions, or the loss of control of physiological processes vital to the well-being of the individual. Imagine a hacker suddenly broadcasting audio into a cochlear implant or publishing the details of your personal medical conditions on the World Wide Web.
A recent security hole in Bluetooth technology was discovered by cryptographers in the UK, which allowed them to take control of a Bluetooth network (a PAN for all intents and purposes) and manipulate the communications within it. Combined with the potential that Bluetooth offers for locating and identifying a person solely based on the unique IDs of their PAN devices, the technology raises serious privacy concerns.
Hacking the PAN will not simply result in lost productivity or a trip to the store to buy the latest anti-virus software. Designers of Bluetooth devices, and members of the Bluetooth Special Interests Group need to be aware of the unique, potential risks, posed by PAN technology so that they can adopt design features that respect and strengthen individuals' privacy within the PAN.
Trackback Pings
TrackBack URL for this entry:
http://www.blogonnymity.com/powerblog/mt-tb.cgi/56
Comments
Great post. Oh the obvious puns that come to mind about giving new meaning to getting a computer virus or needing to defragment oneself or crashing for the day. I could keep going on, but I'll stop here.
Posted by: Clayton Gardiner at June 3, 2005 04:06 PM
