| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by rdl 4888 days ago

1) You realize the Elcomsoft attacks were largely mitigated for iPad 2, iPhone 4S and later, right? If I were drchrono, I'd either require those devices (or later), or at least require informed consent by the administrator of an office to allow earlier devices.

I'd bet on iOS vs. stock Android for security-critical bugs at this point, but it's kind of a wash. You could maybe audit Android better, but that would be a serious engineering effort.

2) drchrono makes EHR. They don't make a secure tablet OS, and they don't (as far as I know) distribute tablets/phones to the doctors. Being a software/services business vs. a full consultancy is a big difference. Being a HW/OS developer is a big jump beyond even consultancy.

I'd love it if someone decided to build a SE Android + HW security Android distribution (maybe with device virtualization like from Bromium built in, too). And centralized management per-organization (i.e. not by Google or Apple or a carrier, but yourself). Essentially a Blackberry that didn't suck. Unfortunately, no one is doing that, and it would essentially require being Samsung or HTC to build the hardware, and someone like Google to build the software. Google's Android team has repeatedly shown themselves to be at best indifferent and more likely hostile to any real enterprise security features; they barely have a sandbox (in contrast to Chrome and the SSL teams at Google, and corp security, who are pretty much world-class for security).

I'm pretty sure if someone were building that, it wouldn't be drchrono, though.

3) No one cares about $500 vs. $300 for a tablet once they've made the decision to buy for a doctor's office, at least from my experience with doctors. Pretty much anything <$1k is the same. This is admittedly mainly in the US, but that's where most healthcare spending happens, and where the "meaningful use" incentive happens ($50k to adopt an EHR/EMR).

iPad 2 would be a legitimate deployment platform, and those are cheap (you'd really want a 10" in a medical environment), if you really care about cheap. I'd also want an IPS display for wide viewing angle.