hackers can steal your brain waves
Last Updated : GMT 09:03:51
Almaghrib Today, almaghrib today
Almaghrib Today, almaghrib today
Last Updated : GMT 09:03:51
Almaghrib Today, almaghrib today

Hackers can steal your brain waves

Almaghrib Today, almaghrib today

Almaghrib Today, almaghrib today Hackers can steal your brain waves

Brain waves
Tehran - FNA

Attackers can already get between brain-waves and hospital kit, and it's just going to get worse according to IOActive senior consultant Alejandro Hernández.

Hernández says the ability to steal, manipulate, and replay brain waves used in electroencephalography (EEG) is already emerging, with consumer-grade kit already able to be hacked and the health care industry taking few precautions to properly protect recorded brain waves, The Register reported.

After decades in labs and hospitals, encephalography is steadily being implemented in lightweight consumer headsets and other devices that as yet remain largely experimental or gimmicky.

In clinical settings, EEG-recording devices are a useful tool for diagnosing seizures and sleeping disorders like narcolepsy.

Researchers think recorded brain waves have the potential to score the mental faculties of murderers, create brain-to-brain interfaces where conscious thoughts are transmitted over the internet and unconsciously enacted by another person or see drones flown by neural impulses.

Before we get there, we'll need to lock down EEG devices. Hernández says a year's research taught him how to find discover holes in EEG equipment and come to the recognition that recorded brain waves should be considered sensitive data and therefore encrypted. The researcher worked with a US$80 MindWave device pitched as a tool to help measure how students' brains work when doing maths and other problems.

Hospital-grade machinery remains out of reach of hackers without deep pockets and the required intricate knowledge of which brain waves can be modified for a given outcome.

Nevertheless, Hernández asserts that dangerous vulnerabilities exist in home and likely hospital kit, including data stream stealing and application holes, and garden-variety man-in-the-middle and denial-of-service attacks.

The required knowledge too is not exotic or unobtainable for a determined hacker.

The hacker demonstrated at the BruCon conference last week a live man-in-the-middle attack on his own brain signals using the unsupported but still very widely used open-source EEG NeuroServer package.

“Years ago no-one was worried about SCADA networks just that it works, and a decade later we are talking about [SCADA] security… I am finding exactly the same thing with EEG and now is the best time to put security in the technology,” Hernández told the conference.

“If you can sniff brain data in the wire, you can do replay attacks [such as] if there is no security mechanism between an operator and a drone [or by] tampering with EEG data so it is not the same that was recorded by the electrodes.

“Or how about instead of spammers, there are EEG data neural marketers?”

EEG data also poses more prosaic risks. Hernández told Vulture South of an un-named hospital's EEG file shares, saying the server could be found exposed by using the popular Shodan hacker search engine.

These attacks are part speculation, part tested, but all built on the evidence that EEG like so many emergent technology fields has left security in the dust of capability progress. Hernández has however popped the mental locks of popular gear within the realms of the everyday hacker.

Mind bending

EEG's security problems are depressingly familiar results of bad software design, Hernández told this reporter. The ENOBIO EEG device (which rather resembles rugby headgear) is vulnerable to man-in-the-middle attacks. He found less-severe application vulnerabilities and ordinary crashes in EEG software including Persyst Advanced Review; Natus Stellate Harmonie Viewer; NeuroServer; BrainBay, and SigViewer.

“For example, some applications send the raw brain waves to another remote endpoint using the TCP/IP protocol, that by design doesn’t include security, and therefore this kind of traffic is prone to common network attacks such as man-in-the-middle where an attacker would be able to intercept and modify the EEG data sent,” Hernández says.

Further, components like the acquisition device, middleware, and endpoints lack authentication meaning an attacker can connect to a remote TCP port and steal raw EEG data. That same flaw lets attacks pull off the more dangerous reply attacks.

Hernández cannot speak for the state of security of hospital-grade EEG kit, which is harder for hackers to access and test. But his research is bad news for those who advocate EEG readings as an authentication mechanism.

The good news, the researcher says, is that the vulnerabilities he's found can be nixed with known best practices: “This is a big yes – best practices from the technology perspective, secure design, and secure programming should be followed”.

 

almaghribtoday
almaghribtoday

Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

hackers can steal your brain waves hackers can steal your brain waves

 



Name *

E-mail *

Comment Title*

Comment *

: Characters Left

Mandatory *

Terms of use

Publishing Terms: Not to offend the author, or to persons or sanctities or attacking religions or divine self. And stay away from sectarian and racial incitement and insults.

I agree with the Terms of Use

Security Code*

hackers can steal your brain waves hackers can steal your brain waves

 



Almaghrib Today, almaghrib today Skincare PR Performance Full Year 2017

GMT 09:22 2018 Monday ,22 January

Skincare PR Performance Full Year 2017
Almaghrib Today, almaghrib today New hunt for flight MH370 gets under way

GMT 11:03 2018 Wednesday ,24 January

New hunt for flight MH370 gets under way
Almaghrib Today, almaghrib today Modern colorful bedroom renovation

GMT 10:57 2017 Thursday ,21 December

Modern colorful bedroom renovation
Almaghrib Today, almaghrib today Puigdemont candidate for Catalan president

GMT 13:56 2018 Tuesday ,23 January

Puigdemont candidate for Catalan president
Almaghrib Today, almaghrib today Turkey detains dozens more

GMT 10:47 2018 Wednesday ,24 January

Turkey detains dozens more

GMT 07:26 2017 Tuesday ,18 April

MP stresses need for facing social problems

GMT 11:54 2017 Saturday ,04 November

Russia saved Assad but Syria peace settlement elusive

GMT 18:03 2016 Thursday ,13 October

Spanish counselor found dead in Islamabad

GMT 10:21 2018 Tuesday ,02 January

Salah named Arab football player of the year

GMT 05:55 2015 Thursday ,26 November

Turkish military did not know downed jet was Russian

GMT 20:55 2016 Friday ,08 January

18 Iraqi troops killed in clashes with Daesh

GMT 05:33 2014 Thursday ,25 September

Radiohead hints at new album
Almaghrib Today, almaghrib today
 
 Almaghrib Today Facebook,almaghrib today facebook  Almaghrib Today Twitter,almaghrib today twitter Almaghrib Today Rss,almaghrib today rss  Almaghrib Today Youtube,almaghrib today youtube  Almaghrib Today Youtube,almaghrib today youtube

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©

.almaghribtoday .almaghribtoday .almaghribtoday .almaghribtoday
almaghribtoday almaghribtoday almaghribtoday
almaghribtoday
بناية النخيل - رأس النبع _ خلف السفارة الفرنسية _بيروت - لبنان
almaghribtoday, Almaghribtoday, Almaghribtoday