Scientists have finally worked out a “cloaking” device or a shield for existing Implantable Cardioverter Defibrillator (ICD) devices, following a report detailing weaknesses in the communications mechanism that can lead to leak of patient information and risk of loss of life. ICDs are similar to pacemakers and used by heart patients to slow down the heart.

Earlier this year in May, a team of researchers from were able to exploit a weakness in the wireless communications protocol used by ICDs operating in the 175kHz frequency range. The research team was able to intercept the wireless signals used to communicate with the ICD and reprogram the signals, and even retrieve patient information. The complete research can be found here (pdf).

Figure: Communications between an ICD and ICD Programmer (computer)

The cloaking device, invented by Dr Tamara Denning, a computer scientist at the University of Washington in Seattle, is designed to resist any instructions that come from anyone other than the doctor. The device itself is wearable like a wrist watch and technical working details have not been released.

Is this really a practical solution? Not everyone thinks so:

However, Dr William Maisel of Harvard University, who led the pacemaker hacking experiment earlier this year, said the cloaker was unrealistic.

In an emergency, a cloaker could be hidden in clothing and be hard for doctors to find.

‘You’re asking hundreds of thousands or millions of people to wear something every day for a theoretical risk,’ he said.

Meru Networks has introduced RF Barrier, a solution for wardriving threat that uses wireless technology itself to produce a barrier to protect corporate wireless networks.

The RF Barrier system involves mounting a specialized Wireless Access Point on the inside Wireless perimeter with an advanced antenna extending to the outside of the Wireless perimeter. The technology inspects the traffic in real time to differentiate the “sensitive” (internal) traffic from the outside traffic. Sensitive traffic is protected by the RF Barrier by simultaneously transmitting harmless, but stronger RF waves through the external antenna. The stronger RF waves in turn degrade the sensitive traffic outside the internal wireless perimeter, leaving the wardrivers with very weak or no signals to work with.

The official press release states:

RF Barrier is the first solution using exclusively 802.11 technology to offer wireless perimeter protection for organizations with regulatory requirements or policies regarding data privacy, such as retailers, financial and government institutions, manufacturers and health-care organizations.  RF Barrier protects clients with legacy security mechanisms, such as handhelds and scanners equipped only with WEP or WPA/TKIP, as well as modern WPA2- and EAP-based networks, where it helps prevent the exposure of potentially exploitable information such as user identities.  Furthermore, it provides physical wireless security in remote branch offices where no IT personnel are present to detect or stop an attack from outside the site’s physical boundaries.

(more…)