Because of their proprietary nature and narrowly-specified license and
approval guidelines, medical devices are actually more at risk of catching
computer viruses because they are often outdated, unprotected, and unable
to be modified or upgraded.
learns that not just the patients
in a hospital have viruses
Criminals no longer need to stake out a home or a business to monitor the
inhabitants' comings and goings. Now they can simply pick up wireless
signals broadcast by the building's utility meters… Because energy usage often drops to near zero when a house is empty, the readings could be used to identify which owners are at work or on holiday.
We demonstrate that SSL certificate validation is completely broken in many security-critical applications and libraries. Vulnerable software includes Amazon's EC2 Java library and all cloud clients based on it; Amazon's and PayPal's merchant SDKs responsible for transmitting payment details from e-commerce sites to payment gateways; integrated shopping carts such as osCommerce, ZenCart, Ubercart, and PrestaShop; AdMob code used by mobile websites; Chase mobile banking and several other Android apps and libraries; Java Web-services middleware - including Apache Axis, Axis 2, Codehaus XFire, and Pusher library for Android - and all applications employing this middleware. Any SSL connection from any of these programs is insecure against a man-in-the-middle attack.
-- From a paper by M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, and V. Shmatikov
to post comments)