| The lesson is, business people will gladly let safety lapses occur with software because 1) software is complex and they don't understand it, and 2) good software is expensive, and they would rather that money go in their bonuses than into a real testing and verification budget, so they'll get less-than-qualified people to do the job for less money. Those rules will apply to your non-smartphone device sure as any other device. Smartphones are a juicy target but they're also fairly hardened for the case of one person's use. It's a scary thought, sure, but there is a dearth of attackers who have exploited security or reliability weaknesses of these devices to injure or kill someone in the wild. Most of those guys are far happier making credit card scanners, social engineering their way into your bank account, or helping Russia evade sanctions by holding your data hostage in exchange for crypto. Contrast that with some sort of microcontroller-based device that hasn't had 15 years of security research done on it, and definitely won't at any point because the device manufacturer doesn't have the will or ability to make that sort of thing happen. And then you're going to get into the practicality of that sort of device. People take their smartphones with them everywhere. They will not forget the thing that helps them manage their medical conditions. I'm less likely to remember to put the random weird device in my pocket when I leave the house or keep it charged. It's a better solution to the problem if you do it right. Source: 10 years of personal experience in the medical software industry. |
I'm going to stop you right there and refer you back to the 4lb hammer. If you are being pushed around to build violently shitty stuff you are part of the problem.