"You are missing the point, if the entropy is sufficiently low then it is feasible to guess."
not really - if entropy is low in a lot of things - it's feasible to implement a disaster scenario. wireless systems across lots of things are not encrypted and so the same logic applies.
"you might know a bit about them"
we'll you really 'would' have to know 'a lot' about them if these devices had high entropy. which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?
evidentiary burden then progresses.
i'm not disagreeing with you in the seriousness of the discovery - i just think that these devices live in a nano-constrained world. implementing increased data encryption increases cost, power usage and the like - it's a difficult balance. now this has world attention - even 'basic' encryption is really useless since even it could be hammered.
so do you implement serious encryption - but in doing so - reduce the utility of the device so that it lacks the means to do what it is designed to do ? deliver insulin.
On the basis of a huge number of "if's" involved. i'm not convinced.
"we'll you really 'would' have to know 'a lot' about them if these devices had high entropy."
That is why I'm asking what kind of entropy the serial numbers have.....
"which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?"
I'm confused how that is related to the entropy of the serial numbers.
not really - if entropy is low in a lot of things - it's feasible to implement a disaster scenario. wireless systems across lots of things are not encrypted and so the same logic applies.
"you might know a bit about them"
we'll you really 'would' have to know 'a lot' about them if these devices had high entropy. which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?
evidentiary burden then progresses.
i'm not disagreeing with you in the seriousness of the discovery - i just think that these devices live in a nano-constrained world. implementing increased data encryption increases cost, power usage and the like - it's a difficult balance. now this has world attention - even 'basic' encryption is really useless since even it could be hammered.
so do you implement serious encryption - but in doing so - reduce the utility of the device so that it lacks the means to do what it is designed to do ? deliver insulin.
On the basis of a huge number of "if's" involved. i'm not convinced.