Vale security researcher Barnaby Jack

By on
Vale security researcher Barnaby Jack

Medical device hacker remembered.

A week before he was set to demonstrate a major security vulnerability in wireless pacemakers and defibrillators that could harm or even kill patients, renowned researcher Barnaby Jack has died, his employer confirmed on Friday morning.

News of the New Zealand native's death stunned the security and privacy community, many of whom will be attending next week's Black Hat conference in Las Vegas. Jack was scheduled to present "Implantable Medical Devices: Hacking Humans" at 2:15 p.m. PST on Thursday.

Jack, 35, the director of embedded device security for services firm IOActive, died in San Francisco, according to Reuters, quoting the city's medical examiner. The office provided no other details.

Black Hat officials said Friday morning that the conference will not replace Jack's talk with another. Instead, the session room will be left open so attendees can view photos of the researcher and share stories.

Jack was a fixture in the research speaking circuit, and was heavily focused on uncovering vulnerabilities in increasingly automated and network-connected embedded devices, including those found in cars and SCADA systems.

Most recently, he shifted his focus to medical devices and had been working with the U.S. Food and Drug Administration on his most recent discovery.

In 2011, at the Hacker Halted show in Miami, Jack, then working at McAfee, demonstrated how implantable insulin pumps made by Medtronic could be compromised to deliver a fatal dose of the hormone to diabetics.

A year earlier, in perhaps his most famous public hack, Jack brought two ATMs onto the stage at Black Hat and delivered commands that forced them to spit out twenty-dollar bills while playing music. A year earlier, he was forced to postpone the talk because of vendor concerns. 

Arian Evans, vice president of strategy at WhiteHat Security, knew Jack for more than a decade. He said Jack was driven lately by an interest in learning about the security issues of devices "that protect our lives".

He was becoming a consumer advocate in the vein of Ralph Nader, Evans said.

“It's stating the obvious that he was exciting and sensational,” Evans said of Jack's reputation as a charming and vivacious hacker and showman.

“But in the last few years of Barnaby's life, he chose to focus more on what kind of hacking would impact people's lives rather than what would make more money."

Another friend, Jayson Street, who is a senior partner at Krypton Security, said Jack's energy was contagious.

“I've never seen him without a smile on his face,” Street said.

“He was always up for shenanigans, and it was very hard to be sad around him. He was just a genuinely nice person. He wasn't trying to be the funny guy for a conference. That's just who he was.

"The security community didn't just lose a great researcher, I think everybody really lost a great fellow human being.” 

Friends and peers of Jack also took to Twitter to remember him.

Always had an amazing time with Barnes. Stomach usually hurt from laughing and drinking all night: http://t.co/zzSVCZQoCO

— Chris Valasek (@nudehaberdasher) July 26, 2013

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?