So if you aren't in the know, this woman Nancy Guthrie got kidnapped. I don't really understand the why or what's going on and that's not why we are here. Sunday I saw a tweet from security researcher Dave Kennedy, Dave's research created a bluetooth scanner to track Nancy's pacemaker. Cool right? Scary right? Two things can be true. I won't talk about his research much, but I've linked everything I read in the resources at the end. ## My Blab about IoT (you can skip) When I graduated ugrad I was very into IoT due to Dr. Shetty (s/o to him! I wouldn't be here without him). I'd go home on breaks and talk to him about things I was doing or reading in my free time. At one point in time I worked in healthcare and I started wondering if healthcare is so far behind then that means people are vulnerable in a "safe place". Dr. Shetty once asked me if I think about how hard it is to replace IoT devices like an AC unit. Once he mentioned it and pacemakers were the new hotness of medical IoT (even before the glucose monitors) I started thinking about how the most dangerous thing to have in your body is a pacemaker. Imagine your heart being hacked for ransom. Can they get malware? Since they technically need to be online all the time, are there built in firewalls? I wouldn't say I would be comfortable with having one in, but sometimes life happens. IoT is like exploring the ocean. Lots of things are possible, but maybe not everything is safe. ## Dave's research is cool This research is super cool because think of how many people this can help! It's also super cool to me because I presented something like this in college, but I was theorizing how to hack a drone on the move. As bad as this sounds, a pacemaker (or any connected medical device/tracker) is like putting a find me tracker in your family member. With the advancements and the rise of biohackers I'm sure people have also probably but actually trackers in their body but I digress. This is a situation where a woman got kidnapped. No phone but finding her from her pacemaker mac address could change the tides of amber and silver alerts. I really don't want to repeat Dave, but if you aren't going to read...Nancy's pacemaker is usually connected to a phone to pull data. When the pull doesn't happen it starts broadcasting for a connection. He is using these facts to help law enforcement find Nancy's pacemaker by looking for that MAC's specific broadcast. As a researcher that is soooo cool, but on the other hand... ## Dave's research is scary That's the great part about security. It's a fun but scary thing. Dave is a good person, but could you image pissing someone off and they are like "cool a tool to mess with you". Let's also not forget about Ring admitting yet again that they have a backdoor into your camera that they use as they see fit. With everything going on in the world...we should all just go offline and stop letting the internet into our lives. Circling back to Nancy this news that kinda scares me could save her life. That's what I like about tech. Some random thing your into can really turn things around for someone or a group of people. Again I haven't kept up on the news but I do help that this can help track her down so she is returned safely. ## Resources - https://x.com/hackingdave/status/2023092885172978032?s=46&t=qMFN_nhMzq_-Dd-FAYYbeg - https://x.com/hackingdave/status/2023079529569214868?s=46&t=qMFN_nhMzq_-Dd-FAYYbeg - https://x.com/hackingdave/status/2022387495095148923?s=46&t=qMFN_nhMzq_-Dd-FAYYbeg - https://x.com/intcyberdigest/status/2023036477542748431?s=46&t=qMFN_nhMzq_-Dd-FAYYbeg