Barnaby Jack was part of the soul of the software security community. He had so many friends. Please today remember that he was a real human being, and that he had friends who might read HN.
Exactly. I mentioned on another submission, that got killed, that it would be a great tribute to the man if one of his friends/associates that new his work well could fill in and give his presentation at the conference. With so little time, I now think that might be unreasonable. Maybe use the time slot to hand out the slides, raise a toast and share some stories. The subject of his talk is incredibly important and should be distributed.
After minor digging, here is his blog about medical device hacking vs. the hollywood version:
No one is suggesting that they are equivalent; they're equally undesirable. Snark is, however, the typical response seen here to the also undesirable conspiracy theory.
In the last couple years he'd become (justifiably) famous for stunt hacks like this, but I think it's important to remember that the guy was the genuine article, genuinely talented, old school in the truest sense. Here's I think a better starting point for his work. Read it on the mailing list, like we all did:
Until there is a cause of death from a thorough autopsy, I think it's too early to say whether this is suspicious or not. I can't believe you are being upvoted for saying this.
For those of you who knew him, do you think he personally would have wanted a day without people being suspicious of their world or comments about conspiracy theories on the internet?
Because he sounds to me like a guy who really loved busting people's assumptions, in your face, and without apology.
Actually without knowing the autopsy results it is the opposite - very suspicious. 35 years old people don't just die at home. Let's hope the results will not be that he died of some kind of drug "overdose".
35 year-olds most certainly do die at home. The mechanism of death could have been something highly personal and highly embarrassing, nothing to do with drugs or conspiracies.
I once learned more than I bargained for when I asked too many questions at a friend's funeral. If his close family members don't want to elaborate on the circumstances surrounding his death, it is probably best not to press them.
To be clear, I wasn't making a comment about Barnaby Jack's death specifically. I have no idea what happened and if the family would like to keep it to themselves, I fully respect their wishes. I was just making an honest observation that whenever someone dies and people won't talk about it, that's always the first thing that pops into my head, particularly when there is a suggestion of embarrassment involved (which pertains to the person I was responding to, but not Barnaby Jack).
My brother died, unexpectedly, at 36. He'd had an apparently long running problem with prescription pills that nobody knew about. I had an aunt (sort of, she died before I was born) who was 25 and went to lie down in the bedroom because she felt unwell; she had an undetected congenital defect in her aorta and bled to death internally. My father in law died of a heart attack at 27 because he had congenital familial hypercholesterolimia. His elder brother died a year later by electrocution.
Young people do just die for unobvious reasons, both to the (comparatively) famous and the obscure.
If you hear hoof-beats, you'd expect a horse, not a zebra (unless you are on a Safari).
It's not that uncommon that 35 year old people die at home. Common causes are suicide, unintentional overdose, aneurysm (brain, AAA), arrhythmia, a fall.
One of the most noxious effects of the recent NSA revelations is that puts whole of Internet Security Land in the realm of conspiracy theory. Our leaders have admitted that they have given us "unknown unknowns" for our benefit.
XYZ event may indeed be just a sad coincidence but circumstances certainly require us to now look at these critically.
And yes, this makes harder to filter out the ravings of the honest-to-god crazies, which is unfortunate.
OK, but I WOULD like to point people to this interesting link:
>"The Naval Surface Warfare Center, Dahlgren Division (NSWCDD) seeks Cooperative Research and Development Agreement (CRADA) Partners that possess the expertise, capabilities, facilities, and experience in the field of manufacturing, testing, and distribution of cardiac pacemakers.
More from the RFP: seeking information from companies capable of providing cardiac pacemakers for government testing, pacemaker programming hardware (loan OK), data and methodology for testing of electromagnetic vulnerability, and data on the demographic distribution of pacemaker devices domestically and internationally
Directed energy (aka "EMP") weapons are said to be useful for disabling computers and electronic devices. Humans are by-and-large highly INsensitive to long electromagnetic waves (radio) until the waves become short enough to heat burn your skin (infrared, lasers) or your retinas. There's evidence of cancer at high exposures to short wavelengths, but causing cancer is not viable as a combat tactic.
But if you're going to deploy a directed energy weapon, you're going to want to have a reasonable idea of the effect on both electronics and the humans in the target area. They have a test range built for this. So it sounds to me like they need some help studying the effect of EMP weapons on people with pacemakers who might just happen to be in the target area. In other words:
Are these non-lethal weapons systems? If not, just how lethal are they?
Should we let an experienced officer continue to serve on a surface ship after he needs a pacemaker? Would he need any special precautions?
If someone dropped one on us, how many civilian casualties would we sustain? ("data on the demographic distribution of pacemaker devices domestically")
If we dropped one on country X, how many? ("and internationally")
I don't think this RFP gives any evidence to suggest that the US Navy is interested in doing the sort of medical device hacking that Barnaby Jack pioneered.
All these young tech people dieing lately is a bit unsettling.
It's a big world. There are thousands of people (many of whom most of us haven't heard of, but a few have) who would get an HN mention if they died, and 20- to 40-year-old people still have a ~0.1% per year death rate.
It's nothing unusual. The Internet just makes people more attuned to it. If you went to a 1000-person high school, you probably only lost two classmates in your whole time and it was a big deal. Now, however, there are so many interesting people in the (amorphously defined) tech community that, yes, interesting young people are going to die all the time.
The U.S. mortality rate is 0.008 per year. That means that in any gathering of 100 people (roughly the number of speakers at Black Hat), there is a 55% chance that at least one will die in the year before the event and a 6.5% chance they would die one month before the event. Over ten years of conferences, the odds that someone would die within one month of speaking is 49%. The under-40 crowd doesn't really appreciate this since death predominantly affects older people.
That doesn't consider that the age and economic status of conference speakers isn't representative of the U.S. as a whole. Not that it's impossible for it to be an accident, but the odds are certainly less than 49%, given that the crowd is mostly urban professionals.
Sorry, I should be clearer: I was calculating based on the general mortality rate. The accident rate is much lower (0.000391). I agree that either measure is skewed, though; this is just a rough calculation. The annual death rate for 35-44 from all causes (see http://www.data360.org/dsg.aspx?Data_Set_Group_Id=587) is 0.002, which puts the odds of a speaker death within one month of the conference at 15% over ten years. Poorer, but then again, this is for only one specific security conference. If you assume five security conferences a year of all sorts, it's back to 50% over ten years. I think it's a bit higher as these speakers live sedentary lifestyles, even for the U.S.
Another thought: Barnaby Jack was one of the top speakers and was to speak on a very controversial subject. I would guess that out of the 5000 speeches that were presented in your scenario only a few of them, maybe 2%, would contain information controversial enough that foul play would appear as a reasonable scenario to an outside observer (and this is being generous).
Let F = foul play occurred in order to disrupt a conference,
D = death of speaker one month before conference
Let P(D) = (.02 deaths per year for 25-35 y.o) / (12 months in a year) = 0.0017
Let P(F|D) = .001 (assuming 1 in 1000 chance foul play was involved given a death of a speaker at a conference)
P(F) = P(F|^D) * P(^D) + P(F|D) * P(D)
= 0 * 0.98 + 0.001 * .02
= 0.00002
Let P(D|F) = 1 (chance of death if foul play is involved, assumed 100%)
So Bayes theorem gives us:
P(F|D) = P(D|F)*P(F)/P(D)
= 1 * 0.00002 / 0.0017
= 0.018 (chance of foul play for a single speech given the speaker died 1 month before)
Let P(C) = 0.02 (probability of a controversial speech)
P(D) = .0017 (from above)
Let P(C&D|F) = .5 (assuming there is a 50% chance the speech was controversial given foul play did occur, and death always occurs from foul play)
P(C&D) = .02 * 0.0017 = 0.000034
P(F) = 0.00002 (from above)
P(F|C&D) = P(C&D|F) * P(F) / P(C&D)
= 0.5 * 0.00002 / .000034
= around a 30% foul play was involved in Barnaby Jack's death
There are a lot of assumptions here that could adjust the final figure up or down, but if I did my math right, foul play does seem a reasonable scenario, (but not a foregone conclusion).
edit: removed line "P(F|D) = 0.00058 (from above)" as pointed out by user 0003. End result didn't change, though.
And this is why Bayesian Decision Theory is utter bullshit. Do you seriously think you can, with any real degree of accuracy, predict how likely it was that foul play was involved?
The use of statistics and such can't really take away from this being a suspicious seeming coincidence. It can, however, show that coincidences are relatively common and so do not automatically imply a hidden hand. However, given that recent revelations have made a hidden hand a less-than-extraordinary event, we can get all Bayesian and say a rise in the prior has increased posterior probability here.
When I originally saw this I posted it with the title as it was on the article. The article itself has been updated with a lot more information than was originally on there and also the title has changed.