[Interest] Segmentation fault on exiting Qt event loop
thiago.macieira at intel.com
Thu Jan 3 22:50:50 CET 2019
On Thursday, 3 January 2019 11:29:14 -02 Roland Hughes wrote:
> Or you architect out everything which could be a security issue. There
> is no command line or terminal. The few medical devices I know of
> removed all support for inbound connections. The only method of
> accessing them is to take the screws out of the case, open it up and
> connect the custom debug board.
Physical access is still an attack vector.
And those devices still have an input mechanism: their scanner ports. It's
possible to send malformed data to their I/O pins to cause an exploit. Heck,
it's theoretically possible to do that with the scanning head itself: paint
your chest with some pattern in UV and when you go for a tomography, bam! the
device gets hacked. Remember how the iPhone 1 was jailbroken by a 1x1 pixel
TIFF image opened in the Safari browser?
But I do understand the cost of re-certifying a medical or avionic device. I'm
not saying people should update every day or every week, but they should still
keep up with the software, in their development tree. So like Konstantin said,
they will not be surprised when the time to update does come.
And please don't forget all other segments, where updating *is* possible and
even necessary, if they are connected to *any* kind of network.
> Do you really want a surgical robot which is cutting on you running a PC
> OS on a PC processor able to connect to the Internet? Some little hacker
> poking around looking for financial/identity information could
> accidentally have it remove your heart instead of your appendix.
Yes, so long as that device does proper security hardening, which includes the
ability to deploy fixes quickly. It also means it's not your regular desktop
OS, but a hardened version, like Safety Critical Linux. We had this discussion
20 years ago, when Linux was getting into telcos, and Carrier-Grade Linux came
Maybe the IoT surgical robot is not a 2019 technology, but there are plenty of
other IoT ones that are. Those MUST update. Frequently. For those, if you're
not able to deploy a fix within one week, do us all a favour and don't sell
> Control systems have to be sealed.
To an extent. I agree that there needs to be sufficient separation. But it
will be short of a full airgap.
See also the Industry 4.0 activities in Europe and China. The OT networks
where control commands are currently transiting is merging with the IT
network. There will still be some separation, bandwidth reservation, priority
queues, etc., but the wire will likely be the same.
Thiago Macieira - thiago.macieira (AT) intel.com
Software Architect - Intel Open Source Technology Center
More information about the Interest