I attended the 32c3 last year and watched the talk “Unpatchable“, a talk which is related to hacking medical devices. In this case it wasn’t hearing aids, but pacemakers. Interestingly, the speakers raised similar questions as I did in my talk at 28c3.
The questions being for example:
- This device is part of my body, why do I not know what code is in it?
- How can I trust that the device is not vulnerable from the outside?
- Does a doctor have to tell me when he flashes the firmware or that the device is tracking my very personal data?
Agreeable, the consequences for patients wearing pace makers are more impactful than for patients wearing hearing aids or cochlear implants. However, I still found the talk worth watching, I hope you do too.