Kevin Fu, 33

Even more notable, Fu's software radio was capable of completely reprogramming a patient's ICD while it was in his or her body. The researchers were able to instruct the device not to respond to a cardiac event, such as an abnormal heart rhythm or a heart attack. They also found a way to instruct the defibrillator to initiate its test sequence--effectively delivering 700 volts to the heart--whenever they wanted.

Fu doesn't like to think of himself as h­aving built a heart-attack machine, or even of discovering that such a thing could be built. Though he is an academic who doesn't shy away from pursuing real-world applications for his theoretical technologies, that "real world" is usually at least 10 years in the future. But the ramifications of the ICD-programming radio were both immediate and chilling: the device could be easily miniaturized to the size of an iPhone and carried through a crowded mall or subway, sending its heart-attack command to random victims.

A heart-attack machine? Really? It would be foolish, Fu says, not to recognize that there are depraved people out there, more than capable of building and using such a machine to inflict harm on random innocents "just for kicks." To this extent, the issue of protecting remote programming access to ICDs is directly related to the issue of protecting RFIDs. Encrypting the communication is the only way to shield millions of people from random risks. It doesn't take a Fu to come up with practical solutions, but by exposing the security dangers he has provided a valuable, perhaps even life-saving, alert to manufacturers.

Fu is too smart to engage in speculation about how the technology could be abused, except to say that he'd be very surprised if there weren't "people already working on this." In the best case, we'll never know how foresighted he was; medical-device maker­s will eliminate the threat before hackers ever exploit it. "Kevin is a computer scientist who also has the ability to look at problems like a medical doctor and like a patient," says Maisel. "The work Kevin is doing now--relating to medical-device security and privacy--has the potential to impact millions of people."

How about the more dramatic scenario­s? Imagine a spy agency using printed circuitry to put a heart-attack machine into a news­paper, delivered with morning coffee to a foreign leader with a pacemaker. Or a Lex Luthor-like supervillain who retrofits a radio tower to broadcast his death ray to entire populations.

Kevin Fu--professor, researcher, scientist--rolls his eyes. "All I can say about that one," he says with a laugh, "is it might make a pretty good movie." --Charles Graeber