The Future of Medicine: The Era of Artificial Hearts

05Between artificial knees, total hip replacements, cataract surgery, hearing aids, dentures, and cochlear implants, we are a society that is fast becoming transhuman. Basically, this means we are dedicated to improving human health through substitution and augmentation of our body parts. Lately, bioprinting has begun offering solutions for replacement organs; but so far, a perfectly healthy heart, has remained elusive.

Heart disease is the number one killer in North America, comparable only to strokes, and claiming nearly 600,000 lives every year in the US and 70,000 in Canada. But radical new medical technology may soon change that. There have been over 1,000 artificial heart transplant surgeries carried out in humans over the last 35 years, and over 11,000 more heart surgeries where valve pumps were installed have also been performed.

artificial-heart-abiocor-implantingAnd earlier this month, a major step was taken when the French company Carmat implanted a permanent artificial heart in a patient. This was the second time in history that this company performed a total artificial heart implant, the first time being back in December when they performed the implant surgery on a 76-year-old man in which no additional donor heart was sought. This was a major development for two reasons.

For one, robotic organs are still limited to acting as a temporary bridge to buy patients precious time until a suitable biological heart becomes available. Second, transplanted biological hearts, while often successful, are very difficult to come by due to a shortage of suitable organs. Over 100,000 people around the world at any given time are waiting for a heart and there simply are not enough healthy hearts available for the thousands who need them.

carmat_heartThis shortage has prompted numerous medical companies to begin looking into the development of artificial hearts, where the creation of a successful and permanent robotic heart could generate billions of dollars and help revolutionize medicine and health care. Far from being a stopgap or temporary measure, these new hearts would be designed to last many years, maybe someday extending patients lives indefinitely.

Carmat – led by co-founder and heart transplant specialist Dr. Alain Carpentier – spent 25 years developing the heart. The device weighs three times that of an average human heart, is made of soft “biomaterials,” and operates off a five-year lithium battery. The key difference between Carmat’s heart and past efforts is that Carmat’s is self-regulating, and actively seeks to mimic the real human heart, via an array of sophisticated sensors.

carmat-artificial-heartUnfortunately, the patient who received the first Carmat heart died prematurely only a few months after its installation. Early indications showed that there was a short circuit in the device, but Carmat is still investigating the details of the death. On September 5th, however, another patient in France received the Carmat heart, and according to French Minister Marisol Touraine the “intervention confirms that heart transplant procedures are entering a new era.”

More than just pumping blood, future artificial hearts are expected to bring numerous other advantages with them. Futurists and developers predict they will have computer chips and wi-fi capacity built into them, and people could be able to control their hearts with smart phones, tuning down its pumping capacity when they want to sleep, or tuning it up when they want to run marathons.

carmat_heart1The benefits are certainly apparent in this. With people able to tailor their own heart rates, they could control their stress reaction (thus eliminating the need for Xanax and beta blockers) and increase the rate of blood flow to ensure maximum physical performance. Future artificial hearts may also replace the need for some doctor visits and physicals, since it will be able to monitor health and vitals and relay that information to a database or device.

In fact, much of the wearable medical tech that is in vogue right now will likely become obsolete once the artificial heart arrives in its perfected form. Naturally, health experts would find this problematic, since our hearts respond to our surroundings for a reason, and such stimuli could very well have  unintended consequences. People tampering with their own heart rate could certainly do so irresponsibly, and end up causing damage other parts of their body.

carmat_heart2One major downside of artificial hearts is their exposure to being hacked thanks to their Wi-Fi capability. If organized criminals, an authoritarian government, or malignant hackers were dedicated enough, they could cause targeted heart failure. Viruses could also be sent into the heart’s software, or the password to the app controlling your heart could be stolen and misused.

Naturally, there are also some critics who worry that, beyond the efficacy of the device itself, an artificial heart is too large a step towards becoming a cyborg. This is certainly true when it comes to all artificial replacements, such as limbs and biomedical implants, technology which is already available. Whenever a new device or technique is revealed, the specter of “cyborgs” is raised with uncomfortable implications.

transhuman3However, the benefit of an artificial heart is that it will be hidden inside the body, and it will soon be better than the real thing. And given that it could mean the difference between life and death, there are likely to be millions of people who will want one and are even willing to electively line up for one once they become available. The biggest dilemma with the heart will probably be affordability.

Currently, the Carmat heart costs about $200,000. However, this is to be expected when a new technology is still in its early development phase. In a few years time, when the technology becomes more widely available, it will likely drop in price to the point that they become much more affordable. And in time, it will be joined by other biotechnological replacements that, while artificial, are an undeniably improvement on the real thing.

The era of the Transhumanism looms!

Source: motherboard.vice.com, carmatsa.com, cdc.gov, heartandstroke.com

Cyberwars: The Heartbleed Bug and Web Security

heartbleed-iconA little over two years ago, a tiny piece of code was introduced to the internet that contained a bug. This bug was known as Heartbleed, and in the two years it has taken for the world to recognize its existence, it has caused quite a few headaches. In addition to allowing cybercriminals to steal passwords and usernames from Yahoo, it has also allowed people to steal from online bank accounts, infiltrate governments institutions (such as Revenue Canada), and generally undermine confidence in the internet.

What’s more, in an age of cyberwarfare and domestic surveillance, its appearance would give conspiracy theorists a field day. And since it was first disclosed a month to the day ago, some rather interesting theories as to how the NSA and China have been exploiting this to spy on people have surfaced. But more on that later. First off, some explanation as to what Heartbleed is, where it came from, and how people can protect themselves from it, seems in order.

cyber_securityFirst off, Heartbleed is not a virus or a type of malware in the traditional sense, though it can be exploited by malware and cybercriminals to achieve similar results. Basically, it is a security bug or programming error in popular versions of OpenSSL, a software code that encrypts and protects the privacy of your password, banking information and any other sensitive data you provide in the course of checking your email or doing a little online banking.

Though it was only made public a month ago, the origins of the bug go back just over two years – to New Year’s Eve 2011, to be exact. It was at this time that Stephen Henson, one of the collaborators on the OpenSSL Project, received the code from Robin Seggelmann – a respected academic who’s an expert in internet protocols. Henson reviewed the code – an update for the OpenSSL internet security protocol — and by the time he and his colleagues were ringing in the New Year, he had added it to a software repository used by sites across the web.

Hackers-With-An-AgendaWhat’s interesting about the bug, which is named for the “heartbeat” part of the code that it affects, is that it is not a virus or piece of malware in the traditional sense. What it does is allow people the ability to read the memory of systems that are protected by the bug-affected code, which accounts for two-thirds of the internet. That way, cybercriminals can get the keys they need to decode and read the encrypted data they want.

The bug was independently discovered recently by Codenomicon – a Finnish web security firm – and Google Security researcher Neel Mehta. Since information about its discovery was disclosed on April 7th, 2014, The official name for the vulnerability is CVE-2014-0160.it is estimated that some 17 percent (around half a million) of the Internet’s secure web servers that were certified by trusted authorities have been made vulnerable.

cyberwarfare1Several institutions have also come forward in that time to declare that they were subject to attack. For instance, The Canada Revenue Agency that they were accessed through the exploit of the bug during a 6-hour period on April 8th and reported the theft of Social Insurance Numbers belonging to 900 taxpayers. When the attack was discovered, the agency shut down its web site and extended the taxpayer filing deadline from April 30 to May 5.

The agency also said it would provide anyone affected with credit protection services at no cost, and it appears that the guilty parties were apprehended. This was announced on April 16, when the RCMP claimed that they had charged an engineering student in relation to the theft with “unauthorized use of a computer” and “mischief in relation to data”. In another incident, the UK parenting site Mumsnet had several user accounts hijacked, and its CEO was impersonated.

nsa_aerialAnother consequence of the bug is the impetus it has given to conspiracy theorists who believe it may be part of a government-sanctioned ploy. Given recent revelations about the NSA’s extensive efforts to eavesdrop on internet activity and engage in cyberwarfare, this is hardly a surprise. Nor would it be the first time, as anyone who recalls the case made for the NIST SP800-90 Dual Ec Prng program – a pseudorandom number generator is used extensively in cryptography – acting as a “backdoor” for the NSA to exploit.

In that, and this latest bout of speculation, it is believed that the vulnerability in the encryption itself may have been intentionally created to allow spy agencies to steal the private keys that vulnerable web sites use to encrypt your traffic to them. And cracking SSL to decrypt internet traffic has long been on the NSA’s wish list. Last September, the Guardian reported that the NSA and Britain’s GCHQ had “successfully cracked” much of the online encryption we rely on to secure email and other sensitive transactions and data.

Edward-Snowden-660x367According to documents the paper obtained from Snowden, GCHQ had specifically been working to develop ways into the encrypted traffic of Google, Yahoo, Facebook, and Hotmail to decrypt traffic in near-real time; and in 2010, there was documentation that suggested that they might have succeeded. Although this was two years before the Heartbleed vulnerability existed, it does serve to highlight the agency’s efforts to get at encrypted traffic.

For some time now, security experts have speculated about whether the NSA cracked SSL communications; and if so, how the agency might have accomplished the feat. But now, the existence of Heartbleed raises the possibility that in some cases, the NSA might not have needed to crack SSL at all. Instead, it’s possible the agency simply used the vulnerability to obtain the private keys of web-based companies to decrypt their traffic.

hackers_securityThough security vulnerabilities come and go, this one is deemed catastrophic because it’s at the core of SSL, the encryption protocol trusted by so many to protect their data. And beyond abuse by government sources, the bug is also worrisome because it could possibly be used by hackers to steal usernames and passwords for sensitive services like banking, ecommerce, and email. In short, it empowers individual troublemakers everywhere by ensuring that the locks on our information can be exploited by anyone who knows how to do it.

Matt Blaze, a cryptographer and computer security professor at the University of Pennsylvania, claims that “It really is the worst and most widespread vulnerability in SSL that has come out.” The Electronic Frontier Foundation, Ars Technica, and Bruce Schneier all deemed the Heartbleed bug “catastrophic”, and Forbes cybersecurity columnist Joseph Steinberg event went as far as to say that:

Some might argue that [Heartbleed] is the worst vulnerability found (at least in terms of its potential impact) since commercial traffic began to flow on the Internet.

opensslRegardless, Heartbleed does point to a much larger problem with the design of the internet. Some of its most important pieces are controlled by just a handful of people, many of whom aren’t paid well — or aren’t paid at all. In short, Heartbleed has shown that more oversight is needed to protect the internet’s underlying infrastructure. And the sad truth is that open source software — which underpins vast swathes of the net — has a serious sustainability problem.

Another problem is money, in that important projects just aren’t getting enough of it. Whereas well-known projects such as Linux, Mozilla, and the Apache web server enjoy hundreds of millions of dollars in annual funding, projects like the OpenSSL Software Foundation – which are forced to raise money for the project’s software development – have never raised more than $1 million in a year. To top it all off, there are issues when it comes to the open source ecosystem itself.

Cyber-WarTypically, projects start when developers need to fix a particular problem; and when they open source their solution, it’s instantly available to everyone. If the problem they address is common, the software can become wildly popular overnight. As a result, some projects never get the full attention from developers they deserve. Steve Marquess, one of the OpenSSL foundation’s partners, believes that part of the problem is that whereas people can see and touch their web browsers and Linux, they are out of touch with the cryptographic library.

In the end, the only real solutions is in informing the public. Since internet security affects us all, and the processes by which we secure our information is entrusted to too few hands, then the immediate solution is to widen the scope of inquiry and involvement. It also wouldn’t hurt to commit additional resources to the process of monitoring and securing the web, thereby ensuring that spy agencies and private individuals are not exercising too much or control over it, or able to do clandestine things with it.

In the meantime, the researchers from Codenomicon have set up a website with more detailed information. Click here to access it and see what you can do to protect yourself.

Sources: cbc.ca, wired.com, (2), heartbleed.com

Cyberwars: Stuxnet and Cryptolocker

cyber_security1It’s been quite the year for cybercops, cybercriminals, and all those of us who are caught in between. Between viruses which continue to involve and viruses that target sensitive information in new ways, it seems clear that the information age is fraught with peril. In addition to cyberwars raging between nations, there is also the danger of guerrilla warfare and the digital weapons running amok.

Consider the Stuxnet virus, a piece of programming that made headlines last year by sabotaging the Iranian nuclear enrichment program. At the time, the target – not to mention its source (within the US) – seemed all too convenient to have been unintentional. However, this year, Stuxnet is once again garnering attention thanks to its latest target: the International Space Station.

ISSApparently, this has been the result of the virus having gone rogue, or at least become too big for its creators to control. In addition to the ISS, the latest reports state that Stuxnet is hitting nuclear plants in countries for which the virus was not originally intended. In one case, the virus even managed to infect an internal network at a Russian power planet that wasn’t even connected to the internet.

According to Eugene Kaspersky, famed head of IT security at Kaspersky Labs, the virus can travel through methods other than internet connectivity, such as via optical media or a USB drive. Kaspersky claims that this is apparently how it made its way aboard the ISS, and that it was brought aboard on more than one occasion through infected USB drives.

computer-virus.istockFor the moment, it is unclear how this virus will be taken care of, or whether or not it will continue to grow beyond any single organization’s ability to control it. All that is clear at this point is that this particular virus has returned to its original handlers. For the time being, various nations and multinational corporations are looking to harden their databases and infrastructure against cyber attack, with Stuxnet in mind.

And they are not the only ones who need to be on their guard about protecting against intrusion. Average consumers are only at risk of having their databases being accessed by an unwanted digital visitor, one that goes by the name of Cryptolocker. Designed with aggressive salesmanship – and blackmail – in mind, this virus is bringing fears about personal information being accessed to new heights.

cryptolockerBasically, the Cryptolocker works by finding people’s most important and sensitive files and selling it back to them. After obtaining the files its needs, it then contacts a remote server to create a 2048-bit key pair to encrypt them so they cannot be recovered, and then contacts the owner with an ultimatum. People are told to pay up, or the virus will begin deleting the info.

When the virus first emerged in October of this year, victims were given three days to cough up roughly $200 via BitCoin or MoneyPak currency transfer. If the virus’ authors did not receive payment within 72 hours, they said, a single line would be deleted from a text file on some hidden foreign server, forever erasing the only string of numbers that could ever bring the affected files back from the dead.

cyber_virusSome users responded by simply setting their system’s internal clock back. A temporary measure, to be sure, but one which worked by tricking the virus into thinking the deadline had not expired. In addition, the three-day deadline worked against the viruses makers, since it’s proven restrictive to the types of people who mostly contract a virus like this – i.e. senior citizens and people working on corporate networks.

Such people are more vulnerable to such scams, but seldom have the computer-savvy skills to to set up BitCoin or other such accounts and transfer the money in time. Meanwhile, infecting a corporate server means that a bloated corporate bureaucracies will be responsible for making the decision of whether or not to pay, not an individual who can decide quickly.

virus-detected-640x353So basically, the designers of Cryptolocker were facing a catch-22. They could not extend the deadline on the virus without diminishing the sense of panic that makes many people pay, but would continue to lose money as long as people couldn’t pay. Their solution: If a victim does not pay up in time, the hackers simply raise the ransom – by a factor of 10!

This allows people more time to mull over the loss of sensitive data and make a decision, but by that time – should they decide to pay up – the price tag has gone up to a bloated $2000. Luckily, this has revealed a crucial bluff in the virus’s workings by showing that all the keys to the encrypted files are in fact not deleted after the three day time limit.

???????????????As such, the security industry is encouraging people to hold on to the useless, encrypted files and waiting for the criminal server to be someday seized by the authorities. Since any ransom paid is a de-facto encouragement to hackers to write a similar virus again — or indeed to re-infect the same companies twice – people are currently being told to simply hold out and not pay up.

What’s more, regular backups are the key to protecting your database from viruses like Cryptolocker. Regular backups to off-network machines that do not auto-sync will minimize the virus’ potential for damage. The best defense is even simpler: Cryptolocker infects computers via a bogus email attachment disguised as a PDF file, so simple email safety should keep you immune.

Alas, its a world of digital warfare, and there there are no discernible sides. Just millions of perpetrators, dozens of authorities, and billions of people fearing for the safety and integrity of their data. One can only wonder what an age of quantum computers, graphene and nanotube processors will bring. But more on that later!

Sources: extremetech.com, (2), fastcoexist.com

The Hacking Continues…

hackers-1Cyberwarfare has been making it into the news quite a bit of late. From the international cyber-spying virus known as “Red October”, to China’s hacking of the New York Times and Bloomberg L.P., to intrusions into major software companies and social utilities, it seems no one is immune or unassailable in the digital age. What’s more, there are indications that it is nation states that may be leading the charge.

The latest victim in the ongoing war was Microsoft, which recently admitted that it too has been targeted by hackers. The announcement came in the midst of such tech giants as Apple, Facebook, and Twitter reporting security breaches linked to a software developer’s website, which would apparently infect programmers’ computers after they visited the site.

hacker_@In a statement posted by general manager Matt Thomlinson, Microsoft experienced intrusions of a similar nature. Though they did not specify who these hackers were, Mike Isaac at AllThingsD recently identified the website in question as iPhoneDevSDK, a site popular with mobile-app developers. In response, iPhoneDevSDK recently told users that it discovered that an administrative account on its site had been hacked, which allowed hackers to inject infectious code into its Web pages.

Once again, there are many who suspect that these attacks are linked to sources in China. In recent years, the Chinese government has been indicted in several attacks on American media chains as well major companies, as part of a wider campaign to steal trade secrets and monitor and manipulate how China is portrayed in the news.

As it stands, it is not yet clear whether this represents a part of that campaign, or if private hackers are simply using extra-covert means to conduct a little anti-corporate mischief on the side. Personally, I hope it’s the latter, as the idea of nations inciting cyberwarfare against each other is not exactly the most comforting notion! But then again, knowing that they are spying on each other kind of gives those of us who are afraid of “Big Brother” a bit of a reprieve doesn’t it?

Source: businessinsider.com

Cyberwarfare: Not Just for Anarchists Anymore!

Hack the Planet by von Shin Kurohoshi
Hack the Planet by von Shin Kurohoshi

For those deeply concerned about internet security and privacy, the year of 2013 certainly opened with a bang. First, there was the news that a cyberspy ring – apparently operating out of Russia – had been spying on embassies, governments and research institutions around the world for the past five years using a virus dubbed “Red October”. This was back in January, when the Moscow-based antivirus firm known as Kaspersky Lab announced the discovery of the international intrigue.

Then, on Jan. 30th, the New York Times announced that they too have been the target of hackers, this time from China. In a statement released by the newspaper, the company claimed that Chinese hackers have been persistently attacking their publication for the last four months, infiltrating its computer systems and getting passwords for its reporters and other employees.

Jin_jiaboaThe timing of the attacks coincided with a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings. The hackers tried to cloak the source of the attacks on The Times by first penetrating computers at United States universities and routing the attacks through them.

With the help of  Mandiant, the internet security company hired by The Times, they were able track the intruders, study their movements and help erect better defenses to block them. In the end, The Times reported that they had successfully expelled the attackers and kept them from breaking back in. However, the fact these hackers were able to infiltrate the network of a private news organization in the first place was much cause for worry.

Cyber-WarFor one, this is not the first time that hackers, originating in China, have used these sort of subterfuge tactics to hack US databases. According to experts at Mandiant, their company has tracked many such intrusions back to the Chinese mainland, all of which used the same approach of cloaking their efforts using US servers. In addition, this incident, which smacked of state-involvement, did not occurr in a vacuum.

Back in 2008, internet security experts indicated that Chinese hackers had begun targeting Western journalists as part of a wider campaign to identify and intimidate their sources and contacts, and to anticipate stories that might damage the reputations of Chinese leaders. The purpose behind this far-reaching and growing spy campaign aimed at corporations, government agencies, activist groups and media organizations inside the US seemed to be for the purpose of controlling China’s public image, domestically and abroad, as well as stealing trade secrets.

cyber-war-1024x843But of course, China is hardly alone in these sorts of covert cyber-warfare. As already mentioned, Russia has already shown signs of developing cyber weapons to assist in spying abroad, and there’s mounting evidence that Israel, Iran and the US are on board too. Starting in 2008, Iran’s main nuclear enrichment plant was hit by a sophisticated computer worm that caused damage to it, thus putting a crink in their efforts to become a nuclear power.

While no one took responsibility for this incident, the evidence seemed to indicate that the worm originated from sources within Israel and the US. Attacks which took place later on American banks and oil companies within the US were believed to have been caused by Iran, in retaliation for the worm that hurt their main source of enriched uranium and a key component in their nuclear program.

anonymous_flagFor some time now, hacking federal databases has become something of a sport for various groups and causes who are seeking to reveal government secrets and expose their inner workings to public scrutiny. The “Hacktivist” group known as Anonymous is a perfect example, a group closely linked to Assange (of Wikileaks) who’s most recent infiltration of the Federal Reserve Bank made the news earlier this month as well.

But as I’m sure all will agree, it’s one thing when private citizen attack domestic and foreign databases, and quite another when nations attack each others. While cyber criminals may constitute a vague and slippery enemy, one which is much harder to identify and prosecute, nation-states constitute a far more frightening one. Not only are their resources far more vast, the consequences of battling them are far greater.

Knowing who your enemy is, and that they have nuclear capabilities and the ability to strike at you physically… Yes, I think that’s a much scarier prospect! While the old ways of plausible deniability and covert action may apply, no one likes the idea of subtle attacks which could escalate into a full-scale conflict. Even if it is waged entirely by computer, the effects are still likely to be felt!

Source: NYTimes.com, money.cnn.com