1 comment

[ 2.1 ms ] story [ 22.7 ms ] thread
From my experiences as an ex-pumper and builder of class-I/II medical devices, while this is important and needs to be done eventually, I don't think this is going to help - just obfuscate things and bring more issues into play.

It's incredibly difficult to get devices to test unless you have the medical condition - that needs to change.

Want to fix all of the garbage I see? Just update the HIPAA laws to allow some percentage of fines to be collected by security researchers, and forget adding more "self-policing" style of FDA regulation out of it. If a bluetooth implementation of a handshake leaks data, it's no problem, just a $25,000 per incident fine.