Author Archives: Felix

I recently needed to test which Content Types a web application was able to accept in a few different forms. This isn’t a particularly difficult task but I realised that there is no single list of content types in a nice easy-to-use fashion. So I made it…

You can download that list here.

This is a sample of what it looks like:

application/1d-interleaved-parityfec
application/3gpdash-qoe-report+xml
application/3gppHal+json
application/3gppHalForms+json
application/3gpp-ims+xml
application/A2L
application/ace+cbor
application/ace+json
application/activemessage
application/activity+json

As you can see, it is just a line delimited list of mime types.

I discovered that essentially it is possible to make up a mime type if you are a developer. This means that my list is guaranteed to be incomplete. At the time of writing, this list had a little over 2000 Content Types / Mime Types in it. If you notice any missing, please get in touch!

In the latest episode of “You Gotta Hack That,” host Felix delves into the captivating realm of smart prosthetics, shedding light on the groundbreaking fusion of technology and healthcare. Imagine prosthetic limbs that are not only functional but also connected to the internet, providing users with an unprecedented level of control and convenience. Join Felix as he explores the evolving landscape of prosthetics, discussing their potential benefits, security concerns, and the exciting possibilities they offer.

The episode introduces us to two remarkable individuals whose experiences shape the discussion: one, an amputee who has embraced the transition to a smart leg after losing their limb in a motorcycle accident four decades ago, and the other, a visionary working on smart technology to aid those at risk of limb loss due to severe diabetes. Both cases exemplify how technology is revolutionizing the lives of individuals with limb impairments, paving the way for a more accessible and interactive future.

The advent of smart prosthetics is made possible by the convergence of advanced computation and miniaturized batteries. These prosthetics can now execute complex functions, such as walking down slopes and stairs, and even react to stumbles to maintain balance. Felix explores the various modes these devices offer, including skiing and cycling modes, giving users a customizable experience tailored to their needs.

While the conversation with these inspiring individuals reflects a general sentiment that smart prosthetics may not be a prime target for cyberattacks, Felix raises thought-provoking questions about potential vulnerabilities and privacy concerns. He delves into the intricacies of Bluetooth connectivity, highlighting the risk of unique identifiers being exploited for tracking or data breaches. With regulations like GDPR in play, the protection of sensitive medical data takes center stage, prompting critical considerations for both users and manufacturers.

The podcast also emphasizes the importance of understanding the potential risks associated with smart prosthetics. Felix discusses potential attack surfaces, including Bluetooth security, application interfaces, smartphone apps, and physical interfaces. The cumulative effect of combined attacks serves as a reminder of the intricate balance between innovation and security in the rapidly evolving field of healthcare technology.

As the episode draws to a close, listeners are left pondering the future implications of smart prosthetics. While the threat landscape may evolve, the overarching theme is one of optimism and progress. The discussion underscores the transformative power of technology to enhance the lives of individuals facing physical challenges, encouraging us to embrace innovation while remaining vigilant about safeguarding our privacy and security.

Tune in to this thought-provoking episode of “You Gotta Hack That” to gain a deeper understanding of the fascinating world of smart prosthetics, and discover how these remarkable advancements are reshaping the intersection of healthcare and technology. Whether you’re interested in the future of medical devices or simply intrigued by the potential of human-machine interfaces, this podcast offers a compelling glimpse into a future where technology empowers us to overcome physical limitations like never before. Subscribe, listen, and embark on an enlightening journey into the realm of connected healthcare innovation.

In the latest episode of “You Gotta Hack That,” host Felix delves into the intricate world of medical imaging devices, shedding light on their crucial role in modern healthcare and the potential cybersecurity risks they pose. Felix takes listeners on a journey through the complexities of these devices, offering insights into their components, operating systems, and the standards that govern their communication. This episode is a wake-up call for both the general public and the medical industry, underlining the importance of securing these devices against potential threats.

Felix begins by introducing medical imaging devices (MIDs), which encompass X-ray machines, MRI scanners, and CT scanners, revolutionizing healthcare by providing non-invasive ways to visualize the human body’s inner workings. These machines consist of intricate systems, including image acquisition, electromechanical components, host controllers, and image reconstruction machines. The episode highlights the significance of these technologies in speeding up diagnosis, enabling minimal invasiveness, and enhancing patient care.

While the advantages of medical imaging devices are evident, Felix delves into the vulnerabilities that these systems may face in terms of cybersecurity. He discusses the potential motivations of attackers, from ransomware and medical insurance fraud to intellectual property theft. The podcast goes on to explore the disturbing notion of attackers deliberately altering patient data or medical images, raising questions about patient safety and treatment outcomes.

Felix emphasizes the importance of industry standards and certifications, focusing on DICOM (Digital Imaging and Communications in Medicine) and HL7 (Health Level 7) protocols. He discusses the implications of vulnerabilities within these standards and the challenges of the certification process, which can hinder prompt security updates. Despite efforts to enhance security, Felix points out the ongoing uncertainties surrounding the effectiveness of certification in the rapidly evolving landscape of cybersecurity.

Listeners are provided with a comprehensive overview of known vulnerabilities within medical imaging devices. Felix dissects specific vulnerabilities like stack-based buffer overflows, path traversals, and remote code execution. He critically examines the implications of these vulnerabilities, discussing both their technical aspects and potential real-world consequences. Furthermore, the episode sheds light on issues with communication protocols such as V2 and V3 messaging, which are susceptible to deserialization flaws.

As the medical industry embraces modernization, Felix discusses the shift towards cloud-based systems for data sharing and storage. He highlights the attractiveness of cloud platforms offered by AWS, Google, and Microsoft, which provide scalability and expertise. However, this transition introduces a new set of vulnerabilities and challenges, including web-based security concerns and the aggregation of sensitive medical data.

In conclusion, “You Gotta Hack That” delivers a thought-provoking analysis of the cybersecurity landscape surrounding medical imaging devices. The episode underscores the critical need for securing these technologies to safeguard patient health and privacy. While acknowledging the complexities and challenges, Felix encourages listeners to engage in discussions, raise awareness, and contribute to ensuring the robustness of medical imaging device cybersecurity.