Jack, who became famous after demonstrating an ATM hack, died on Thursday – but coroners did not give details
- guardian.co.uk, Friday 26 July 2013 13.37 EDT
Barnaby Jack, a hacker who was due to present his findings on the security vulnerabilities of implanted medical devices, has died.
The San Francisco medical examiner’s office said Jack, 35, died in the city on Thursday – but did not provide details on the circumstances surrounding his death.
Jack had exposed a security flaw in insulin pumps that could be made to dispense a fatal dose by a hacker 300ft away, pushing some medical companies to review the security of these devices.
He was also a popular and respected figure in the information security scene. Within that small scene, reverse engineers are especially close, said Matthieu Suiche, a friend of Jack’s and chief scientist at CloudVolumes Inc in an email. “We pretty much all know each other, or have lots of common friends,” Suiche said. “It’s almost like we all grew up together.”
He added: “There isn’t much to say except that Barnaby was one of the rare people in InfoSec who was a brilliant researcher but also a good friend to many of us.”
Suiche met Jack at the Black Hat conference a few years ago and said they had been really good friends since. He said he had drinks with Jack and his girlfriend in San Francisco just over a week ago.
He called his friend “brilliant”, and said Jack’s latest research on medical devices could help save the lives of many people. “In this world full of people fearfully complying and worrying, very few people are crazy enough to challenge the rules, to approach life in an unconventional paradigm and to speak up to contribute to change this world,” Suiche said.
Jack was due to speak at the Black Hat conference, which starts Saturday in Las Vegas. His presentation, “Implantable medical devices: hacking humans,” would have explained how these devices could be compromised and would have suggested ways to improve device security.
Black Hat said the room his discussion was meant to take place will instead be used as a place for his friends and colleagues to gather and remember him on 1 August, when the session was set to take place.
Black Hat said in a statement:
We have lost a member of our family. Everyone would agree that the life and work of Barnaby Jack are legendary and irreplaceable. Barnaby had the ability to take complex technology and intricate research and make it tangible and accessible for everyone to learn and grow from. Beyond his work in our industry, Barnaby was an incredibly warm hearted and welcoming individual with a passion for celebrating life. We all have a hilarious and upbeat story about Barnaby. He is truly a shining example of what we love about this community.
Black Hat will not be replacing Barnaby’s talk on Thursday, Aug. 1. No one could possibly replace him, nor would we want them to. The community needs time to process this loss. The hour will be left vacant as a time to commemorate his life and work, and we welcome our attendees to come and share in what we hope to be a celebration of his life. Barnaby Jack meant so much to so many people, and we hope this forum will offer an opportunity for us all to recognize the legacy that he leaves behind.
Our deepest sympathies go out to Barnaby Jack’s family and loved ones. Words cannot adequately describe how much he will be missed, but it is certain that Barnaby will NEVER be forgotten.
At the time of his death, Jack was director of embedded security research at security firm IOActive. On Twitter, the company said: “Lost but never forgotten our beloved pirate, Barnaby Jack has passed. He was a master hacker and dear friend. Here’s to you Barnes!”
Categories: Cyber Security, Hmmm?