Hacker Barnaby Jack, dead at 35
July 28, 2013 11:49 AM Subscribe
Barnaby Jack, a hacker and security researcher previously known for his hacks involving ATMs and insulin pumps, has died in San Francisco. He was 35. His death came just days before he was to give a presentation about techniques for hacking implanted heart devices, which could kill a person from 30 feet away.
This is a shame and sketchy.
(And sad to say we'll perhaps never get back or unpack the secret of Barnaby Jack's Heart Attack Hack.)
posted by nevercalm at 11:53 AM on July 28, 2013 [6 favorites]
(And sad to say we'll perhaps never get back or unpack the secret of Barnaby Jack's Heart Attack Hack.)
posted by nevercalm at 11:53 AM on July 28, 2013 [6 favorites]
A murder conspiracy involving heart implants? I'll bet Cheney has his prosthetic claws in this somewhere.
posted by Blazecock Pileon at 12:23 PM on July 28, 2013 [1 favorite]
posted by Blazecock Pileon at 12:23 PM on July 28, 2013 [1 favorite]
Holy shit. A reasonably helthy young man dying suddenly at 35? It's going to be one hell of a month until that autopsy report comes in.
CBC's Spark just repeated an episode last week that touched on the potential for hacking implanted cardiac devices. (You can open a player at that link and jump to the story, which runs just over 25 minutes.) At about 9:20, Nora Young and Kevin Fu (who has been researching and publicizing security issues in medical devices since 2008) discuss Jack's 2012 demo of inducing a massive shock in a remote pacemaker.
So this wasn't the first demo Jack or anyone else gave on this topic. If anyone is thinking that he was killed because he knew too much, then why wasn't he (or Fu) targeted earlier?
posted by maudlin at 12:25 PM on July 28, 2013 [1 favorite]
CBC's Spark just repeated an episode last week that touched on the potential for hacking implanted cardiac devices. (You can open a player at that link and jump to the story, which runs just over 25 minutes.) At about 9:20, Nora Young and Kevin Fu (who has been researching and publicizing security issues in medical devices since 2008) discuss Jack's 2012 demo of inducing a massive shock in a remote pacemaker.
So this wasn't the first demo Jack or anyone else gave on this topic. If anyone is thinking that he was killed because he knew too much, then why wasn't he (or Fu) targeted earlier?
posted by maudlin at 12:25 PM on July 28, 2013 [1 favorite]
A murder conspiracy involving heart implants? I'll bet Cheney has his prosthetic claws in this somewhere.
It's already been a plot point in Homeland.
posted by orange swan at 12:39 PM on July 28, 2013 [2 favorites]
It's already been a plot point in Homeland.
posted by orange swan at 12:39 PM on July 28, 2013 [2 favorites]
.
posted by Samuel Farrow at 1:12 PM on July 28, 2013
posted by Samuel Farrow at 1:12 PM on July 28, 2013
Hmm, I'll be extremely interested to hear about the cause of death here. I hope he had the good sense to publish his findings ahead of the presentation.
posted by Strange Interlude at 1:14 PM on July 28, 2013
posted by Strange Interlude at 1:14 PM on July 28, 2013
The Reuters article mentions he was working with the manufacturer of the affected devices to correct the problem, so the information is probably not lost. It seems the police are not suspecting foul play, and I don't find it hard to believe: as competent a hacker as Barnaby Jack was, somebody else is bound to duplicate his findings if they look hard enough - particularly now that we know where to look. His death brings even more attention to the issue, killing him to keep the vulnerabilities secret does not make sense.
posted by Dr Dracator at 1:38 PM on July 28, 2013 [6 favorites]
posted by Dr Dracator at 1:38 PM on July 28, 2013 [6 favorites]
If this was a mystery novel (which it's not - a young man is really gone) the pacemaker thing would be a red herring, and there'd be something else Jack was working on in secret that precipitated his death.
But this is reality, so his tragic death is probably just a terrible coincidence.
posted by Kevin Street at 2:04 PM on July 28, 2013 [3 favorites]
But this is reality, so his tragic death is probably just a terrible coincidence.
posted by Kevin Street at 2:04 PM on July 28, 2013 [3 favorites]
This story reminds me of Danny Casolaro and The Octopus.
posted by vibrotronica at 2:53 PM on July 28, 2013
posted by vibrotronica at 2:53 PM on July 28, 2013
I have an implanted defibrillator. The electromagnetic field distortion hacks are well known. The benefits of an unsecure device outweigh the risks of adding security, which basically amounts to extra shielding.
posted by Ardiril at 3:29 PM on July 28, 2013 [1 favorite]
posted by Ardiril at 3:29 PM on July 28, 2013 [1 favorite]
The exploit isn't a matter of using an EMP or the like- it's a matter of literally hacking the device using an existing wireless control system.
Added shielding won't do a thing, apart from make the device impossible to adjust once implanted.
posted by anemone of the state at 3:57 PM on July 28, 2013 [1 favorite]
Added shielding won't do a thing, apart from make the device impossible to adjust once implanted.
posted by anemone of the state at 3:57 PM on July 28, 2013 [1 favorite]
I'd seen him talk several times, including his ATM talk at Black Hat in 2010 - I still have some fake ATM cash from it lying around somewhere. He was friendly, funny, and an exceptionally talented security researcher, as well as being a fellow New Zealander. A real loss.
.
posted by inflatablekiwi at 4:18 PM on July 28, 2013 [2 favorites]
.
posted by inflatablekiwi at 4:18 PM on July 28, 2013 [2 favorites]
I have been following him for a few years, as he was a very good researcher and writer, who had a talent for ferreting out potentially very serious flaws. For example, his story on that Homeland episode written for IOActive Labs earlier this year was very thoughtful and interesting.
My twitter timeline was filled with remembrances of him on Friday. Black Hat is apparently leaving his time slot open, and is using as a memorial ceremony instead, which I think is great.
"Black Hat will not be replacing Barnaby's talk on Thursday, Aug. 1. No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life."
posted by gemmy at 4:48 PM on July 28, 2013 [4 favorites]
My twitter timeline was filled with remembrances of him on Friday. Black Hat is apparently leaving his time slot open, and is using as a memorial ceremony instead, which I think is great.
"Black Hat will not be replacing Barnaby's talk on Thursday, Aug. 1. No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life."
posted by gemmy at 4:48 PM on July 28, 2013 [4 favorites]
As someone who has looked at the source code running on some of them heart pumps, I'm not entirely surprised.
posted by Joe Chip at 6:23 PM on July 28, 2013 [3 favorites]
posted by Joe Chip at 6:23 PM on July 28, 2013 [3 favorites]
sad to say we'll perhaps never get back or unpack the secret of Barnaby Jack's Heart Attack Hack.
Have they questioned anyone at Pat 'n' Patti's Backpack Shack?
posted by Strange Interlude at 7:04 PM on July 28, 2013
Have they questioned anyone at Pat 'n' Patti's Backpack Shack?
posted by Strange Interlude at 7:04 PM on July 28, 2013
He also worked on car hacking. Here's a piece from last August: McAfee Hires Famous Computer Hacker To Break Into Cars
And today, there's this: Software experts attack cars, to release code as hackers meet.
posted by homunculus at 7:28 PM on July 28, 2013
And today, there's this: Software experts attack cars, to release code as hackers meet.
posted by homunculus at 7:28 PM on July 28, 2013
.
posted by Soulfather at 8:16 PM on July 28, 2013
posted by Soulfather at 8:16 PM on July 28, 2013
The Washington Post has a new tech-policy column, and one of the first posts is a remembrance of Barnaby Jack.
.
posted by antonymous at 8:51 AM on July 29, 2013 [1 favorite]
.
posted by antonymous at 8:51 AM on July 29, 2013 [1 favorite]
Barnaby Jack remembered fondly at the Black Hat hackers convention: The 35-year-old 'hackers' hacker' died last week at his home in San Francisco and was celebrated with speeches and eulogies
posted by homunculus at 11:13 AM on August 3, 2013
posted by homunculus at 11:13 AM on August 3, 2013
« Older Counterculture legend Mick Farren dies with his... | How I Recovered My Stolen iPad Newer »
This thread has been archived and is closed to new comments
posted by delfin at 11:52 AM on July 28, 2013