Re: [Last-Call] [TLS] Last Call: <draft-ietf-tls-oldversions-deprecate-09.txt> (Deprecating TLSv1.0 and TLSv1.1) to Best Current Practice

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Bill,

On Dec 2, 2020, at 11:23, Bill Frantz <frantz@xxxxxxxxxxxxxx> wrote:

I would like to have a few more examples of "Can't be taken out of production".

One I think I can address are heart pacemakers. These are imbedded in the patients chests. Upgrading them requires surgery. However, they have a limited lifespan due to their batteries running down, I think we're talking about 10 years or so, so there is a time where upgrade is practical.

I am not an expert in pacemakers, but in 2017 the US FDA found that a particular type of implanted pacemakers were vulnerable to an exploit that was considered serious enough to do something about.


The devices were not replaced through surgery by the manufacturer, St Jude Medical, but instead upgraded in-place using what I have seen described as an RF-based, 3-minute procedure, during which time the device operates in "backup mode". The number of deployed devices that were recommended to be upgraded was estimated by the FDA to be 465,000.

This may not be the example you are looking for.


Joe
-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call
[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux