Warning over medical implant attacks

Many medical implants are vulnerable to attacks that could threaten their users' lives, according to studies.

Security researchers have developed attacks that locate and compromise implants used to manage conditions such as diabetes and heart disease.
One attack identified a radio signal that, if re-broadcast, would have switched off a heart defibrillator.
Researchers say more work needs to be done to secure implants and protect against malicious actions.
Radio grab For increasing numbers of people an active life is only possible thanks to a medical implant that monitors their vital signs and which intervenes when needed.
Pacemakers that regulate heart beats, pumps that deliver insulin and defibrillators that watch for abnormal cardiac rhythms are being fitted to many more people to help them manage these chronic conditions.
Barnaby Jack, a researcher at security firm McAfee, has discovered that the wireless links used to interrogate and update these devices left them open to attack.

In two weeks of work he found a way to scan for and compromise insulin pumps that communicate wirelessly.

"We can influence any pump within a 300ft [91m] range," Mr Jack told the BBC. "We can make that pump dispense its entire 300 unit reservoir of insulin and we can do that without requiring its ID number."
Mr Jack said diabetics typically needed a dose of 5-10 units of insulin after a heavy meal to help regulate blood sugar. Making the device empty its cartridge into a host's bloodstream would cause "deep trouble".
In similar work Prof Kevin Fu, a computer scientist at the University of Massachusetts Amherst, has found that is possible to capture a signal that controls the working of a heart defibrillator.
During his research Prof Fu discovered that implanted defibrillators are tested using a specific radio signal when first placed inside a patient. The signal turns the device on and off.
Lab work revealed that it was possible to capture this signal as it was broadcast. Re-broadcasting it turned off a device close by.
Prof Fu said the limited battery life of medical devices meant they could not use any authentication or encryption to protect signals passing to and from the device - leaving them open to attack in the future.

Many hearts are kept beating thanks to a medical implant

"Patients are much better off with these devices than without," said Prof Fu, but added that the work he and others were doing was signalling forthcoming problems that needed to be addressed now.
"Future devices will be much more connected, much more connected to the internet and will have much more use of wireless technology," he said.
Manufacturers needed to think about security as they designed products and harden them against future problems, he said.
"There is no silver bullet, it's not that these problems are easy to address," he said. "But there is technology available to reduce these risks significantly."
The UK's Medicines and Healthcare products Regulatory Agency said it had never received any reports of medical implants being hacked.
"We closely monitor the safety and performance of all medical devices and take action to ensure the safety of patients," said an MHRA spokesman.

US sues Apple and publishers over e-book prices

Technology giant Apple and major book publishers are being sued by the US Department of Justice over the pricing of e-books.

The US accuses Apple and Hachette, HarperCollins, Macmillan, Simon and Schuster and Penguin of colluding over the prices of e-books they sell.
This lawsuit is over the firms' move to the agency model where publishers rather than sellers set prices.
But Hachette, HarperCollins and Simon and Schuster have already settled.
The case will proceed against Apple, Macmillan and Penguin "for conspiring to end e-book retailers' freedom to compete on price", the Justice Department said.
"As a result of this alleged conspiracy, we believe that consumers paid millions of dollars more for some of the most popular titles," Attorney General Eric Holder said.
'Effectuate their conspiracy'

"To effectuate their conspiracy, the publisher defendants teamed up with defendant Apple, which shared the same goal of restraining retail price competition in the sale of e-books," according to papers filed in New York's Southern District court on Wednesday morning.

"Apple facilitated the publisher defendants' collective effort to end retail price competition by coordinating their transition to an agency model across all retailers."
Apple, which sells books through its iBooks platform on the iPad and iPhone, declined to comment.
Hachette said that it remained "confident that we did not violate the anti-trust laws" while adding it "reluctantly" joined the settlement.
But Macmillan's chief executive, John Sargent, said "the terms the DOJ demanded were too onerous" to settle and would allow Amazon "to recover the monopoly position it had been building before our switch to the agency model".
Meanwhile, the European Commission has also been probing e-book price fixing.
Apple, Hachette, HarperCollins, Macmillan and Simon and Schuster have now made proposals to settle that probe.
"The European Commission has received proposals of possible commitments from Apple and four international publishers," said the EU's competition commissioner Joaquin Almunia.
"I welcome the fact that these five companies are making proposals to reach an early resolution of the case, so promptly after we opened proceedings in December 2011," he added.
Agency versus wholesale Electronic books are sold according to a different formula from that governing the sales of physical books.

For most physical books publishers set a wholesale price, often about half the cover price, and then let a retailer decide how much they actually want to charge for the title.

This model was initially adopted for e-books but has since been changed for what is known as an agency model.
Under this scheme, publishers set the price of a book and the agent selling it gets a 30% cut. The agency model was adopted by publishers largely at the prompting of the late Steve Jobs.
The shift to agency pricing was also seen as a protective measure to head off attempts by Amazon to corner the market in e-books. It had been aggressively cutting prices to win customers over to its Kindle e-book reader.
Amazon once tried to apply the wholesale model on book publishers - by selling all books at $9.99 - but was rebuffed by the publishers.
In the complaint, the Justice Department said that Amazon "capitulated" when publishers and Apple teamed up to offer e-books on agency terms.
The retailer faced the prospect of having fewer books on its Kindle platform if it did not agree to publishers' terms.
Apple founder Steve Jobs described the strategy as an "aikido move" according to a biography published after his death.
"We were not the first people in the books business," Mr Jobs told his biographer, Walter Isaacson, in the book.
"Given the situation that existed, what was best for us was to do this aikido move and end up with the agency model. And we pulled it off."
The lawsuit comes a day after Apple surpassed $600bn (£379bn) in value, affirming its position as the world's most valuable firm.

Bug hits new Nokia Lumia 900 smartphone

A software bug in the latest Nokia smartphone is causing some handsets in the US to occasionally lose their data connection, the company has said.

The Finnish manufacturer said a fix for the Lumia 900's "memory management issue" would be issued on 16 April.
In the meantime, affected customers are being offered $100 (£63) in call credits.
Analysts say the setback could hit Nokia's hopes of regaining market share from rivals Apple and Google.
Nokia is still the world's largest mobile manufacturer, but is losing out significantly in the smartphone market.
The Lumia 900, which was released in the US on Sunday, runs Microsoft's latest Windows Phone software. The phone is expected to launch in the UK by the end of the month.
'Prudent measure' In a blog post, Nokia said the phone had enjoyed a "positive response" since its release, but that problems soon emerged.
"After this flagship device began selling, we identified a software issue," the company wrote.
"In short, a memory management issue was discovered that could, in some cases, lead to loss of data connectivity.

Continue reading the main story

“Start Quote

It's like they stalled their engine when everybody is looking at them”

Carolina Milanesi Analyst

"This issue is purely in the phone software, and is not related to either phone hardware or the network itself. As a proactive and prudent measure, we decided to take immediate action."

The company said that users who wanted the update immediately could trade in their handsets for a model already running the software fix.
Gartner analyst Carolina Milanesi said it was a worrying start for a product which Nokia had promoted with a considerable marketing effort.
"It's like they stalled their engine when everybody is looking at them at the start of their race," Ms Milanesi said.
However, others praised Nokia's speed in dealing with the bug once it was identified.
"I have been impressed by their forthright, aggressive, and undoubtedly costly response," said Boston-based analyst John Jackson from CCS Insight.
Also on Wednesday, Nokia warned it expected to post losses in the first and second quarters of this year, news which saw the company's shares drop by 14%.

Apple develops tool to 'detect and remove' Flashback Trojan

Apple has said it is developing a tool to "detect and remove" a Trojan that is said to have infected more than half a million Mac computers.

It said it is working with internet service providers (ISPs) to disrupt the command network being used by hackers to exploit the malware.
Trojans are infections that can expose computers to control by hackers.
It is Apple's first statement on the threat. It issued patches to prevent the malware's installation last week.
The two security updates were released eight weeks after Java's developer Oracle issued a fix for other computer systems.
In a message posted on Apple's website's support section, the company said it had fixed a "Java security flaw for systems running OS X v10.7 and Mac OS X v10.6".
It suggested users of Macs running earlier versions of its system software should disable Java in their web browser preferences.
In addition, Apple said it was working with ISPs to shut down networks of servers hosted by the malware authors, which the code - known as Flashback - relies on "to perform many of its critical functions".
Macs 'being targeted' Russian anti-virus firm Dr Web, which has tracked the scale of the botnet, said it believed around 650,000 machines had now been infected.
The company's chief executive, Boris Sharov, told the BBC that since the Trojan was publicised, they have seen downloads of their anti-virus software increase by 28,000%.
"The thing that we have proven to the community is that people should care about their security, even on Macs," he said.
According to a timeline of events posted on its website, Dr Web said activity surrounding the virus began as far back as February.
Traditionally, Apple has promoted the fact that its Macintosh line is largely free from viruses and other similar threats due to the fact almost all malicious software is designed to exploit computers running on Microsoft Windows.
McAfee Labs' Dave Marcus told the AFP news agency: "All the stuff the bad guys have learned for doing attacks in the PC world is now starting to transition to the Mac world."
"Mac has said for a long time that they are not vulnerable to PC malware, which is true: they are vulnerable to Mac malware."
The security firm F-Secure has posted detailed instructions about how to confirm if a machine is infected and how to manually remove the Trojan

Sony sheds 10,000 staff in major reorganisation

Electronics firm Sony is to shed 10,000 jobs as part of a major reorganisation, chief executive Kazuo Hirai has said.

The cuts, which represent 6% of the global workforce, will be made over the next 12 months.
The reduction includes staff working in businesses that are being sold, such as its chemicals division.
Sony has been struggling to compete in the television business with South Korea's Samsung and LG, while Apple has challenged it in audio gear and phones.
On Tuesday, Sony forecast a record annual loss of $6.4bn (£4bn), double its previous estimate. Its share price has fallen 40% over the past 12 months.
Entrepreneurial spirit Sony says it will focus its business on three areas - digital imaging, games consoles and mobile devices.
It hopes the changes will help to generate sales of $10.5bn by the financial year ending in March 2015, with a profit margin of 5%.

Continue reading the main story

“Start Quote

Mr Hirai wants Sony to find a new path by creating products that are really going to wow people. But saying that is one thing, doing it is another”

Roland Buerk BBC News, Tokyo

• Japanese electronics: The future

In the last financial year, Sony reported sales of $7.9bn.

"We have heard a multitude of investor voices calling for change. Sony will change," Mr Hirai - who took over as chief executive earlier this month - said at a press conference.
"Sony has always been an entrepreneurial company. That spirit has not changed," he said.
The reorganisation will cost Sony $926m (£581m) during the current financial year.
But analysts have been underwhelmed by Mr Hirai's announcement.
"I for one was expecting more," said Pelham Smithers, who runs his own consultancy specialising in the electronics industry.
Continue reading the main story

Sony Corp

Last Updated at 12 Apr 2012, 18:59 GMT

price	change	%
18.73	- -0.02	- -0.11

"This presentation has the same feel as a presentation made three to four years ago when the previous chief executive, Howard Stringer, tried to restructure."

"But back then Samsung and Apple were not as powerful as they are today," he said.
Toshiyuki Kanayama, senior market analyst at Monex, said: "I don't see anything new here. They've talked before about bringing the TV business back to profits. The comments about the electronics business are the same."
"Nothing has changed from what they've flagged in the past, including the M&A plans in the medical field," he said.
Sony's television business has lost money for the past eight years. Analysts say that while it sells about 20 million TV sets a year, it is still not big enough to be profitable.
To tackle that problem Sony is planning to cut costs in the business by 60% by March 2014.
"If they're planning to cut fixed costs by 60%, that signifies the closure of one factory, and the business can shrink. That's not necessarily a bad thing," said Kikuchi Makoto, chief executive at Myojo Asset Management.
"The problem is that the plan is lacking in specifics on the plus side."
The BBC's Tokyo Correspondent, Roland Buerk, said: "Mr Hirai wants Sony to find a new path by creating products that are really going to wow people."
"But saying that is one thing, doing it is another."
Rival Japanese TV maker Sharp is also forecasting hefty losses. It expects an annual loss of $4.7bn this year.

Google+ revamped with Facebook and Twitter-like features

Google has unveiled a revamp of its social network, Google+, borrowing heavily from rival networks Twitter and Facebook.

The search-engine giant has introduced trending topics and cover pictures, as well as a more "dynamic" navigation menu.
The company said more than 170m people have "upgraded" to the social network so far.
But critics say the number of regular visitors is much lower.
In a blog post, Google's Vic Gundotra wrote: "It's still early days, and there's plenty left to do, but we're more excited than ever to build a seamless social experience, all across Google."
He said the new features included "full bleed" media - showing pictures and video in full-size and quality - and "conversation 'cards'", which would make it easier to have threaded conversations, similar to the format found in Google's email service, Gmail.
Stand-out features The service now displays a list of the most commonly discussed subjects, known as trending topics. This feature mirrors microblogging site Twitter, which first introduced trending-topic lists on its site in 2010.

Continue reading the main story

“Start Quote

You can use many more of the features more intuitively”

David Philips Social media expert

Also borrowed - from Facebook - is the cover-photo feature - a large image displayed behind a user's profile picture.

Cover photos were introduced to Facebook profiles as part of its timeline redesign and rolled out to its users over the past few months.
David Philips, a social-media and PR lecturer, told the BBC he believed the revamp had made it easier for Google+ users to use the network's stand-out features.
"It opens up the architecture of Google Plus so you can use many more of the features more intuitively," he said.
"I think it's now becoming a serious small-business tool, and also a very interesting tool for families where they can have lots of information shared among members of the family."
He added that while Google+ might struggle to stand out among its bigger, more active rivals, the breadth of integrated services would soon begin to work in the network's favour.
"I think this is a development that helps it carve a niche because it allows people to use so many different tools at the same time," he said.

EU investigates internet's spread to more devices

The European Commission is extending a probe into the spread of the internet.

The regulator says it expects an explosion in the number of household appliances and other devices connected to the net before 2020.
It is launching a consultation over controls of the way information is gathered, stored and processed, saying it wants to "ensure the rights of individuals are respected".
The public is being invited to send in its views before a 12 July deadline.
The commission says that the average person living within the 27-nation bloc has at least two devices connected to the net at present - typically a computer and smartphone.
It expects the figure to rise to seven by 2015, with a total of 25 billion wirelessly connected to the net worldwide. By the end of the decade it says that could climb to 50 billion.
"If a university teacher cancels a morning lecture because they are sick, students' alarm clocks and coffee machines could automatically be reset," it gives as an example.
"If an elderly person forgets to take an essential pill, a warning message could be sent to a close family member."
"People need to know and trust that this sort of change is one they are comfortable with, and it's important to have that conversation now," a spokesman told the BBC.
Energy-efficient chips The spread of wireless-connected devices has been dubbed "the internet of things" and has previously identified as potential catalyst to the economy.
Arm Holdings - the British computer chip designer - is at the forefront of efforts to spur on the tech.

Continue reading the main story

“Start Quote

Sharing highly sensitive personal data... automatically creates certain risks and vulnerabilities”

Emma Draper Privacy International

It announced a new "Flycatcher" architecture in March, paving the way for licensees to build the "most energy-efficient microprocessors" to date.

The US chip-maker Intel also announced a partnership with the Institute of Automation of Chinese Academy of Sciences earlier this week to create a research centre in Beijing to create related core technologies.
Risk and reward Previous technological advances have led to new legislation.
A recent example is the EU's Privacy and Data Communications Directive which requires users to give permission for websites to install tracking-cookies into their browsers. The directive was introduced last year and comes into effect in the UK on 26 May.
"From a legal point of view the internet of things is the next big thing," said Dai Davis, an information technology lawyer at Percy Crow Davis.
"Usually European legislation lags years behind technology - we have seen that with recent data privacy regulation. It is worth noting that this won't be the first time the EU has consulted on the subject - but we have yet to see significant action."
London-based campaign group Privacy International said it intended to take part in the process.
"Technologies like these need to be carefully designed if they are to enhance our private lives, not endanger them," said spokeswoman Emma Draper.
"Sharing highly sensitive personal data - like medical information - to a network of wireless devices automatically creates certain risks and vulnerabilities, so security and privacy need to be built in at the earliest stages of the development process."
The commission said it plans to publish its recommendations by the summer of 2013.