The FDA wants the medical device industry to quickly fix cybersecurity issues. An exemption to the Digital Millennium Copyright Act might soon allow the public to legally probe medical devices and find security vulnerabilities. The exemption is not permanent; they must be argued and renewed every three years, which basically means security researchers can take advantage of it for two years. There are right ways and wrong ways to respond to research that exposes holes in medical devices, even if the device is old or was made by a different company. St. Jude has formed a Cyber Security Medical Advisory Board.”]