The rise of online healthcare
The internet is an integral part of our everyday lives and almost any nugget of information, no matter how obscure, can be found on the World Wide Web. People ‘surf the net’ for a number of reasons; social networking, to access news or to shop. An emerging market in cyber-space is the world of healthcare, as people are increasingly searching for health information and advice. Within this quest there has been one type of website that has become a must-see for the health conscious; self diagnostic websites.
A recent US study found that 59 percent of all adults in the US search for healthcare advice and information online. The topics searched for can vary from illness and disease, information on a particular hospital or doctor or environmental hazard and food recalls. The results of the study reflect how accessible health information has become by going online and it is incredibly popular amongst the younger generations of society. Eighty-one percent of college graduates look online for health information and the age group which is most active for searching for such web content is the 18-29-year-olds. Meanwhile, 83 percent of people who have a household income of at least US$75,000 dollars are amongst those most likely to self-diagnose online, potentially suggesting that for those leading busy working lives online healthcare is the answer.
Self-diagnosis is not a new idea; people must have always exercised some level of self-diagnosis when buying over-the-counter remedies or medication and these products are sold with the assumption that people know what is making them ill. However, in recent years self-diagnosis has gone to a new level and some would argue it has ‘cut out the middle man’; doctors. There are a whole host of websites that are designed for people to diagnose their illness without visiting a healthcare professional. Established names such as netdoctor.co.uk, yourdiagnosis.com, NHS direct and FamilyDoctor.org are just a few of the many self-diagnostic websites that are out there.
“Health and wellness websites can be a great resource for people who want to learn more about a specific disease or health condition or for tips on staying healthy,” says Susanna Guzman, the director of Online and Custom publishing for the American Academy of Family Physicians (AAFP). She explains such websites have become increasing popular in recent times, citing FamilyDoctor.org as an example: “FamilyDoctor.org has more than four million unique visitors each month,” Guzman says, adding: “FamilyDoctor’s ‘Search by Symptoms’ tool is one of the most popular categories of content on the site, with more than five million page views each month.”
However, despite self-diagnostic sites being so in demand, as with anything nowadays the information presented may not be what it seems and users need to exercise a sense of caution when it comes to acting on medical and advice. “Users should always verify the source of information,” explains Guzman. “Was the information written by or reviewed by a physician or healthcare professional?” FamilyDoctor is one website that has a stringent process before publishing any new content; everything is authored by a professional clinical or healthcare writer, before being reviewed by a medical editor with a speciality in family medicine. Although exercising caution about listening to certain pieces of advice may sound trivial to some, where health is concerned it can quite literally be a case of life or death.
On that basis, Guzman feels that “health websites and self-diagnostic tools are not meant to replace or substitute an ongoing personal relationship with a physician who knows the patient and their health history.” Many people regard the internet to be the future of everything; shopping, learning, working. While the AAFP supports online interactions between patients and physicians, its guidelines on virtual e-visits state they should only be conducted between patient and doctor who have an already established healthcare relationship.
As the internet is becoming more mobile thanks to the rising popularity of smartphones, self-diagnostic tools have started to take the form of apps and there is no doubt that access to medical advice and information will continue to be revolutionised. Despite whatever innovations or advances may be in store for the world of self-diagnostics, the message remains clear and Guzman concludes by saying virtual access to healthcare services is “not meant to replace professional medical advice from a physician.”
Peloton vulnerable to cyber attacks, McAfee research finds
Peloton, the popular exercise bikes, were found to be vulnerable to cyber attacks in the latest research from McAfee.
Peloton is a brand of electric bikes that combines high end exercise equipment with cutting-edge technology. Its products use wi fi to connect to a large tablet that interfaces with the components of the exercise device, and provides an easy way for physical activity enthusiasts to attend virtual workout classes over the internet several times a week.
Peloton has garnered attention recently around the privacy and security of its products. So McAfee decided to take a look for themselves and purchased a Peloton Bike+.
Researchers looked at the Android devices and uncovered a vulnerability that could allow an attacker with either physical access to the Bike+ or access during any point in the supply chain to gain to hack into the bike’s tablet, including the camera, microphone and personal data.
For the person using it there would be no indication the Bike+ has been tampered with, potentially putting Peloton’s 16.7 million users at risk.
The flaw was found in the Android Verified Boot (AVB) process. McAfee researchers were able to bypass the Android Verified Boot process, which normally verifies all code and data before booting. They were then able to get the device to boot bypassing this step.
This could potentially lead to the Android OS being compromised by an attacker who is physically present. Even worse, the attacker could boot up the Peloton with a modified credential to gain privileges, granting them access to the bike remotely.
As the attacker never has to unlock the device to boot it up, there would be no trace of their access on the device. This type of attack could also happen at any point from construction to warehouse to delivery, by installing a backdoor into the Android tablet without the user ever knowing.
Given the simplicity and criticality of the flaw, McAfee informed Peloton while auditing was ongoing. The vendor was sent full details, and shortly after, Peloton confirmed the issue and released a fix for it.
Further conversations between McAfee and Peloton confirmed that this vulnerability had also been present on the Peloton Tread exercise equipment.
Peloton’s Head of Global Information Security Adrian Stone, commented on the research: “This vulnerability reported by McAfee would require direct, physical access to a Peloton Bike+ or Tread. Like with any connected device in the home, if an attacker is able to gain physical access to it, additional physical controls and safeguards become increasingly important.
"To keep our members safe, we acted quickly and in coordination with McAfee. We pushed a mandatory update in early June and every device with the update installed is protected from this issue.”