1. "This is a key fob that looks like a car alarm beeper that some pump users use to discretely give themselves insulin doses. However, I feel the need to point out as a pump wearer myself that:
Not every Insulin Pump has a remote control feature.
Not every remote-controllable insulin pump has that feature turned on. Mine does not, for example."
2. "all he requires to perpetrate the hack is the target pump's serial number. This is like saying "I can open your garage door with a 3rd party garage door opener. Just give me the numbers off the side of your unit..."
3. If you are a diabetic on a pump who is concerned about this kind of thing, my suggestion is to turn off your pump's remote control feature (which is likely off anyway) and turn off your sensor radio when you are not wearing your CGM. Most of all, don't panic. Call the manufacturer and express your concern. In my experience, pump manufacturers do not mess around with this stuff. I'm not overly concerned.
"Do we know how much entropy is in those? They could very well be sequential or date derived."
Even if entropy is low are - how are you going to randomly select a person, and know their serial ID ? Unless you know what units are distributed to what hospitals/doctors - at exact times - at exact shipments and then from the sample delivered know the exact unit given to any person at any particular time.
Sure, if you know a "set of id's" you could try each one sequentially until you finally get a hit - but even then, you must somehow ensure the person being targeted has remote connection turned on. I'm pretty sure walking up to them and saying "oh, hai 'dere! ... plz turn on ur remotz connetz'n 4 me?" [ said in this voice - http://www.youtube.com/watch?v=xh_9QhRzJEs ] - is going to make them pretty suspicious.
There's a lot of "ifs" in there and frankly - if your aim was kill them - it would be a lot faster to do it some other way because to actually get all these things to line up perfectly .... your chances are pretty slim.
"how are you going to randomly select a person, and know their serial ID ? "
You are missing the point, if the entropy is sufficiently low then it is feasible to guess.
Besides, presumably if you want to kill a particular person, you might know a bit about them.
Anyway, with low entropy serial numbers is that potentially it could be feasible to just create a device that runs through all of them in a matter of a couple of minutes or so. For example, you could check google news to get a guestimate of approximately when perhaps a high profile politician had one of these installed. If this is a friend or family member then that step just gets even easier. If part of the serial number is a year/month combo (a common way to do it) and the rest is sequential, then it will be pretty easy to figure out. Are there easier ways? Sure, I imagine so. A hands off wireless approach certainly is appealing though isn't it? Probably worth at least trying before you move on to more hands on techniques.
"it would be a lot faster to do it some other way "
If you are taking the time to plan out a homicide, which is going to be more important: doing it fast. doing it so you don't get caught.
"You are missing the point, if the entropy is sufficiently low then it is feasible to guess."
not really - if entropy is low in a lot of things - it's feasible to implement a disaster scenario. wireless systems across lots of things are not encrypted and so the same logic applies.
"you might know a bit about them"
we'll you really 'would' have to know 'a lot' about them if these devices had high entropy. which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?
evidentiary burden then progresses.
i'm not disagreeing with you in the seriousness of the discovery - i just think that these devices live in a nano-constrained world. implementing increased data encryption increases cost, power usage and the like - it's a difficult balance. now this has world attention - even 'basic' encryption is really useless since even it could be hammered.
so do you implement serious encryption - but in doing so - reduce the utility of the device so that it lacks the means to do what it is designed to do ? deliver insulin.
On the basis of a huge number of "if's" involved. i'm not convinced.
"we'll you really 'would' have to know 'a lot' about them if these devices had high entropy."
That is why I'm asking what kind of entropy the serial numbers have.....
"which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?"
I'm confused how that is related to the entropy of the serial numbers.
I would think that protection (on the pump side) against the user sitting on the remote or the remote going haywire (e.g. rate limiting dosages) would prevent any fatalities.