| "You are missing the point, if the entropy is sufficiently low then it is feasible to guess." not really - if entropy is low in a lot of things - it's feasible to implement a disaster scenario. wireless systems across lots of things are not encrypted and so the same logic applies. "you might know a bit about them" we'll you really 'would' have to know 'a lot' about them if these devices had high entropy. which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ? evidentiary burden then progresses. i'm not disagreeing with you in the seriousness of the discovery - i just think that these devices live in a nano-constrained world. implementing increased data encryption increases cost, power usage and the like - it's a difficult balance. now this has world attention - even 'basic' encryption is really useless since even it could be hammered. so do you implement serious encryption - but in doing so - reduce the utility of the device so that it lacks the means to do what it is designed to do ? deliver insulin. On the basis of a huge number of "if's" involved. i'm not convinced. |
That is why I'm asking what kind of entropy the serial numbers have.....
"which - if a person was indeed killed by this method - an autopsy would show either a spike or lapse in delivery of insulin. such a lapse would immediately lead to an investigation as to why the unit did not respond ?"
I'm confused how that is related to the entropy of the serial numbers.