back to article Microsoft wants pacemaker password tattoos

A Microsoft researcher has suggested tattooing passwords on patients with pacemakers and other implanted medical devices to ensure the remotely-controlled gadgets can be accessed during emergencies. The proposal, by Stuart Schechter of Microsoft Research, is the latest to grapple with the security of implanted medical devices …


This topic is closed for new posts.
  1. OldDogNewWalk

    Excellent! But...

    I do hope that it does not give the Identity Card mob any ideas.

  2. JC 2

    C'Mon Now MS!

    Let's see it for what it is. MS /really/ wants to implant <CTL><ALT><DEL> keys on everyone's forehead so they can be rebooted.

    1. Anonymous Coward
      Anonymous Coward

      C'Mon Now MS!

      Left nipple = <CTRL>

      Right ripple = <ALT>

      Belly button = <DEL>


  3. Anonymous Coward
    Jobs Horns

    Oh! Oh! Oh!

    Let me be the first to beat the wacko's about how this is the "mark of the beast" ("number of the beast") from the Book of Revelation 13:17-18.

    Of course, I am still waiting for all that Microsoft software in medical devices to start making "General Protection Fault" as a leading cause of death.

  4. Eddy Ito

    No worries

    We just need you to change your tat every 90 days. That said, wouldn't it be easier if "the mark of the beast®" was a bar code that gets scanned by a UV scanner to prevent human error?

  5. Anonymous Coward
    Anonymous Coward

    Micros~1[tm][r][c] Brilliance[tm][r][c]

    I'm sure they'd really want to run some edition or series of what-have-you of windows on your pacemaker too.

    So you too can share the experience and die from a bluescreen of death.

    1. ed 22

      Blue face of death


  6. Trygve Henriksen

    Wrong place...

    It's obvious that the password must be tattooed somewhere else, because as we all know, changing important passwords is a pain in the ...

  7. moylan


    what if the patient has been in a fire? the password would not be readable. rfid as bad as it is would be the only option. surely by now we can make a rfid chip that can only be read within less than a inch or two that can't be intercepted.

  8. Balefire

    In other news

    if you can't remember your password, write it down on a post-it note and stick it to your monitor.

    Was my first thought when reading this.

  9. Anonymous Coward


    > In 2008, researchers demonstrated that heart monitors were susceptible to wireless hacks that caused pacemakers to shut off or leak personal information.

    Are there any documented instances of someone actually doing this?

    Hacking someone's WiFi is one thing, but killing someone by disabling their pacemaker is another thing entirely.

  10. Wallyb132

    how about we...

    Tattoo security, compatibility, interoperability and web standards on steve ballmer's ass... on second thought, his forehead, i wouldn't want to have to look at his ass to see the standards! and his forehead is a platform better suited for the job, god only knows he's got the real estate for it!

  11. TimeMaster T


    If there going to put the password on the person why not add a barcode/machine readable version of it as well? In addition to the UV light on the interface also have a camera to read the info, the doctor/nurse would then confirm it against the human readable info and be ready to go. Faster, more reliable.

    Tux, well, why not?

  12. Anonymous Coward


    Just tattoo NUMPTY on this one.

  13. Anonymous Coward

    How many?

    "and/or be replicated in full on the base of the patient's *leftmost* foot - at the arch."

    1. The Ref

      I thought the same

      but then thought if you had lost your left foot, then the right foot is the left-most. If you have lost both feet then you are SOL ;-)

      If that is the case, maybe you need to carry your foot in your leftmost jacket pocket.

  14. Wokstation

    It'd need to be encrypted...

    ...else you'd be able kidnap someone, read their foot and then use their internal gadgetry in a scene that'd make Criminal Minds write a new episode.

  15. Wind Farmer

    On " the patient's leftmost foot "?

    So, unless they've had their left foot amputated, that would be their left foot then?

  16. Mike Shepherd
    Thumb Down

    Let me be the first to say...

    ...that Schechter should take an aspirin and lie down until this bout of idiocy blows over.

  17. Nate Phillips


    "...on the patients *LEFTMOST* foot"

    Are we only talking about doing this to people who can't dance?

    I'm always a little leery of folks trumpeting medical ideas when they aren't capable of identifying the most basic physiological details.

    1. frank ly

      General Specifications Are Good

      By specifying the 'leftmost' foot, this ensures that people with any number of feet can be dealt with under standard procedures and leads to simpler development of procedures and processes.

      Otherwise, people with one foot, or three, four, etc feet would have to be dealt with as an exception. In an emergency, you don't want physicians and para-medics having to make up new procedures on the fly because that would be prone to error.

      However (as some of you will have noticed), this does not deal with the case where a patient has no feet. In order to deal with this case, the definition of the word 'foot/feet' must be clarified or replaced and agreed by all. I would suggest "The leftmost lower extremity of the body".

    2. This post has been deleted by its author

  18. Kit-Fox

    Idiotic Idea

    And if you need to have something like a pacemaker but dont want the tattoo or have issues about having tattoos??

    What you dont get the life saving treatment?

    Typical stupid ideas punted by stupid people who have no idea of thee real world & therefore should really keep their big damned mouths shut!

  19. Dave 32

    Better approach...

    Why not make all the devices have the same password, but have the device have to have the password encrypted based on something like the patient's retina. Thus, the patient wouldn't have to have anything tattooed onto them, yet the information would be readily available to medical professionals, but not to casual observers.


    1. Trygve Henriksen

      Retina? You're kidding, right?

      If a retina scanner can't reliably recognise a person the day after a 'wet evening' out with his buds, what's the chance it can read it correctly on a person in a coma?

      (A lot of medical conditions will affect the eyes)

    2. Anonymous Coward
      Anonymous Coward

      I was under the impression

      ... that biometrics can really only be used to verify authentication not to provide reliable salts etc for encryption due to the squishy nature of our various bits.

      e.g. retinas can change quite markedly in cases of hypertension (or so I'm told anyway) and a small peice of damage to fingertips changes (albeit temporarily) the fingerprint. Neither of these would yeild a reliable source of encryption fodder.

      But in theory, yes - that'd be a much more sensible way of doing it provided there were mutliple encryption forms.

    3. Destroy All Monsters Silver badge

      PATENT IT!

      You know what to do.

  20. Craig 2
    Thumb Up

    The modern world....

    I find it highly amusing that in this modern technological society, the most reliable and persistant way of communicating information is still considered:


    You just coulden't make this **** up!

  21. Craig 2

    And also.....

    and could also lead to some amusing coroner's `cause of death` reports:

    Patient died due to heart attack & a knot in his shoelace.

  22. Anonymous Coward
    Anonymous Coward


    What about having the password unencrypted on an RFID chip which is attached to the implanted medical device? You put an RFID reader in all compatible control devices so they can read the RFID chip and robert's your mother's brother.

    1. The Indomitable Gall

      Did you even read the article?

      Cos if you did, the whole point is that RFID is hackable and/or snoopable, therefore not suitable for truly private information, particularly if it can be used as an off-button for your heart.

      For pity's sake.....

  23. Unlimited


    Wasn't this problem solved decades ago? I seem to recall people with specific medical conditions wearing a bracelet with the required info on it.

  24. Anonymous Coward
    Anonymous Coward

    Medical Notes?

    I think some people are starting to over complecate things, my suggestion would be have the password in the medical notes!!

    1. Andy ORourke

      Wouldn't work

      Look, if that password is required it is required NOW, also the patient is highly likley to be unconscious.

      If you are lucky enough to be unlucky enough to be taken that ill in your home town then maybe, just maybe the A & E department might have some info on you with which they could track down your doctor to get access to your medical notes and access the password.

      What happens if you get taken ill in another part of the country? it could take a long time to get hold of your records, even worse if you were taken ill in another country all together!

      I know everyone is knocking this because it's Micro$haft so it must be a Fail / joke / insecure / money making scheme etc and we know they will screw it up.

      People have mentioned Medicalert bracelets and that's a good idea but not everyone (who should) wears them, they could also be lost / stolen.

      The idea is sound, everyone here hates it because it's Micro$oft, and I’m guessing if it was a Google idea then people would be queuing up asking where they could get their tattoo!

  25. Grumpy Fellow

    Tattoo: Great Idea!

    I don't currently have a pacemaker, but it might be worth it to get a tattoo of my router's WEP key just for convenience. It would be cool thing, in a geeky way, to show off at the beach! If they increase the key length down the road, I can just add extra hex digits at the end.

  26. Kanhef


    The wording is anatomically ambiguous. If they're thinking of the top of the foot, it might work. But it sounds like they're talking about the sole. Not only would this hurt like hell, it would also wear off and have to be repeated regularly.

  27. Charles 9 Silver badge

    Have they considered miscreants...

    ...who simply pose as doctors or, even worse, really ARE doctors? AFAIK, such people would be capable of defeating every security technique that could be conceived for such a scenario.

  28. Someone

    Insulin pumps?

    While some pumps can be controlled by RF, you will always need physical access. You need to frequently refill an insulin pump with insulin solution. But, if you know any different, please say.

  29. Anonymous Coward

    I'm surprised at The Register

    Tut tut nobody's so far mentioned the big disadvantage that the hospitals are going to be full on the second Tuesday of every month... with all these patients having their security updates downloaded...

  30. John Tserkezis

    Ain't gonna happen.

    "In 2008, researchers demonstrated that heart monitors were susceptible to wireless hacks that caused pacemakers to shut off or leak personal information"

    I seriously doubt this would happen in Real Life - going on malware trends, it is no longer trendy to destroy anything with malware, it's much more likely they want money. So unless that "personal information" is going to lead to the user's wallets, it ain't gonna happen.

    1. Dale 3

      Making malware pay

      "That's a nice pacemaker you have there. It'd be a shame if anything happened to it. We've got your password nice and safe here, but it's gonna cost ya £2000 for "safekeeping". Capiche?"

  31. Anonymous Coward

    Here's an idea

    Instead of asking people to tattoo their password onto their body, why don't the spend their time developing a half decent OS?

    The one they've foisted on us is frankly a load of guff. The only reason it's still going seems to be that brain-dead managers continue to buy it because "it's what we've always used". The masses then get it at home because "it's what I have at work".

    Frankly, if I was continually rodgered at work by a man using a spiky stick, I wouldn't want to upgrade to "spiky stick 2.0". I'd want it to stop! I certainly wouldn't invite him home with me!

  32. A B 3

    Why stop there?

    Tattoo your all your pin numbers and passwords on the bottom of you foot.

  33. Carrierbag Head


    0wnz j00!! H4xx0r3d j00r h34rt, b1tch!!!

    (p.s. do hackers still talk l33t?)

  34. SoltanGris

    What is truely sad ...

    What is sad about all this is nobody posting has bothered to note WHY we need

    such measures. Take note of the state of humanity that you have people out there

    SO FUKIN sick as to mess with a person using a life giving device.

    So sick as to get their pathetic jollies off by doing so.

    I see lots of silly boy outrage directed at those trying to prevent said abuse but where

    is the silly boy outrage directed at the total ass-wipes that DO SUCH ACTS?

    Course this begs the question is there a documented case of such happening?

    THAT would be interesting.

    To all you silly boys, sorry but I find your outrage just a bunch of Nancy activity.

    Go fark yourselves.

    Yours truly, an enraged Texan.

    1. I didn't do IT.

      Re: Enraged Texan

      I agree with you. As the vast majority of attacks are automated, the computer itself is not getting its jollies off of targeting a life saving device. All the scripts do is see a new address, attempt to break in, and then run through some pre-ordained movements that might get money information from a normal computer, but also might shut down an implant.

      The victim just has the unfortunate luck to get too close to a wifi hotspot and boom... what happens anyway? Does this just make the device a carrier of the virus? Does the patient need to get their heart de-wormed?!

      The sad issue here are people this apathetic, to create these fire and forget these systems, hoping that enough is stolen to get them the latest LCD TV or designer shoes for themselves.

  35. Pet Peeve


    Put it on the medicAlert tag a pacemaker wearer will already be wearing if they have an implanted device. Idiots.

  36. the old rang
    Thumb Down

    Nice security idea from the 'security' capital of the world... REDMOND?


    Tattoo on the bottom of the foot, the password to control your heart pacemaker...

    That means you can no longer go to the beach, trust anyone in bed, enjoy an afternoon in the sun by the pool...

    And if people are really out to get you, they would know how, by just taking your socks off...

    Then, if you didn't have Atrial Fibrillation before, you will until they get what they want

    That is even more fun than having software written in Active X!!

    And you thought Microsoft knew nothing about security...

    If you did think they did... this proves you wrong.

    1. Anonymous Coward
      Anonymous Coward


      Did you miss the bit about it being tattooed using UV ink? You need the UV light for it to be visible.

      If someone is out to get you they can just kill you in a multitude of 'standard' ways. Also a lot of people with pacemakers are unlikely to die immediately if they are turned off so forcing someone to give up the password then turning the pacemaker off is a pretty rubbish way of targetting a specific individual.

      This system is designed to stop someone using it to turn the pacemakers off of everyone they pass walking down the street.

  37. Neoc


    Wind Farmer (see above) had it right. "Leftmost" is short-hand for "on the left foot by preference, but if the left foot is missing, then on the right foot."

    Every job has its own jargon to allow for shortcuts in conversation (I remember a rather funny skit about two hi-fi repairman doing their job without using hi-fi-specific jargon like "woofer", "amp", etc). This is just one example of it.

  38. ShaggyDoggy

    Keep to your own area MS

    Microsoft should stick to what they do best.

    Writing software.

    Oh wait ........

    1. Rumcajz
      Gates Horns


      I think you mean collecting tax...

  39. rcdicky

    I think it's quite creepy...

    That this even needs to be considered.

    Having to encrypt someone's pacemaker in case it's hacked and shut down is a horrifying thought.

    Though unlikely to happen in real life, we can't say for cetain that it won't so the need for encryption/passwords is certainly there.

    Not so sure a tattoo is the best way to go about it though :S

    Either a standard bracelet, or possibly even an RSA bracelet would be a better option? At least then the password is going to change every 60 seconds or so?

  40. Peter Simpson 1
    Dead Vulture

    I'm far more worried about

    Microsoft software, of any kind, being in my pacemaker.

    Brings a whole new meaning to the term "Blue Screen of Death", now, doesn't it.

    No, thanks.

  41. John Sturdy
    Black Helicopters

    Frikkin lasers

    How about one of those implanted laser projectors, like in the Bourne Identity?

    Especially if it comes with fighting skill training.

  42. transientcylon

    I'm not a number!

    I'm a free man!

    ...Apologies to Mr. McGoohan

  43. Logics
    IT Angle

    Blind people should not post

    The tattoos are suggested to be done in invisible ink so going to the beach or having some intimate time in bed with a stranger is not a risk of theft of the password (unless you go to her bachelorette pad which has black lights in the bedroom).

    But we are complicating a simple problem. "How do you get access to a secured computer when the regular users who know the passwords are otherwise unavailable?" I know that in our server rooms, we do not keep the password taped to the underside of the leftmost door.

    Instead we have a sealed envelope in a safe in the COO's office that has a username and password with admin privilege. The regular users are informed via e-mail whenever this user logs on. At the next available opportunity, the username and password of this user is changed, placed in a sealed envelope and put in the safe in the COO's office.

    Also, if the safe in the COO's office is broken into, the username and password is changed at the next available opportunity.

    A medical bracelet, dog tags or SIM card in a wallet can do the same thing. If the medical bracelet/dog tags go missing or if the wallet is stolen, Go home, log on to your account and change the information and get a new bracelet, SIM card or dog tags.

    "But what about the time period between the loss and the new tags/bracelets/cards coming?" The old info will still be good until the new info is activated through a 1-800 number and your spare cards/tags/bracelets are at home. That leaves a small window in which to die and we cannot prevent every intrusion. We all must die sometime. (It might be easier for someone bent on killing you to use a bullet than go through all that trouble).

  44. Pirate Dave

    a thought

    why not encode it as little metal bits on a piece of plastic, then attach it to the ribs when putting the pacemaker in? Maybe like a barcode or 2-D code like UPS uses. That way a quick trip through the X-ray machine will reveal the glowing dots of metal that contain the password. Gone are worries about feet getting cut-off or skin being horribly burned. But I dunno if pacemakers are compatible with X-rays or not, so my thought may be moot...

  45. Herby

    Tatoos I've thought of

    I have been saying to friends of mine that the tattoo I'd probably get is one on the bottom of my (nondescript) foot that says:


    As for "Leftmost", yes, there are people without a left foot (my father is one). He lost it in a trolley accident many moons ago. Any more details would be leaking information. Thankfully he doesn't have a pacemaker (even at his advanced age).

  46. Uplink
    Gates Halo

    About ink

    What I know about ink is that it's susceptible to moisture. And what I know about the human body is that it produces a lot of moisture, in the form of sweat. Suddenly, that password can become unreadable quite fast. Especially if put on a foot (as in "under socks that retain moisture AND heat").

    I also read the "been burned / in a fire" argument, which you need to take into consideration. How about a small connector under the skin, in the vicinity of the pacemaker (if the pacemaker is damaged, then the credentials are useless anyway, so that's the safest place to keep info: next to the pacemaker). Instead of surgery, it would require just a simple needle incision, Matrix style, but in the heart rather than the back of the head, and this needle would be used for talking to the device. When done, pop a plastic cap on the plug (this plastic cap should be penetrable with a needle) so when the skin regenerates it doesn't get in there, put a plaster on the incision point, and you're back to normal. That puncture will regenerate (or make good use of minor plastic surgery), cover the rubber plug and the pacemaker interface connector, and off you go.

    As far as I can tell, Microsoft Research did anything but research in this matter.

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2021