Tag: computer security

Bioethics News

Scientists Took Over a Computer by Encoding Malware in DNA

August 10, 2017

Be the first to like.
Share

DNA is fundamentally a way of storing information. Usually, it encodes instructions for making living things—but it can be conscripted for other purposes. Scientists have used DNA to store books, recordings, GIFs, and even an Amazon gift card. And now, for the first time, researchers from the University of Washington have managed to take over a computer by encoding a malicious program in DNA.

Strands of DNA are made from four building blocks, represented by the letters A, C, G, and T. These letters can be used to represent the 1s and 0s of computer programs. That’s what the Washington team did—they converted a piece of malware into physical DNA strands. When those strands were sequenced, the malware launched and compromised the computer that was analyzing the sequences, allowing the team to take control of it.

“The present-day threat is very small, and people don’t need to lose sleep immediately,” says Tadayoshi Kohno, a computer security expert who led the team. “But we wanted to know what was possible and what the issues are down the line.” The consequences of such attacks will become more severe as sequencing becomes more commonplace. In the early 2000s, it cost around $100 million to sequence a single human genome. Now, you can do it for less than $1,000. The technology is not just cheaper, but also simpler and more portable. There are even pocket-sized sequencers that allow people to analyze DNA in space stations, classrooms, and jungle camps.

The views, opinions and positions expressed by these authors and blogs are theirs and do not necessarily represent that of the Bioethics Research Library and Kennedy Institute of Ethics or Georgetown University.

Bioethics News

DNA Testing Data Is Disturbingly Vulnerable to Hackers

August 10, 2017

Be the first to like.
Share

In a new study that will be presented next week at the 26th USENIX Security Symposium in Vancouver, University of Washington researchers analyzed the security practices of common, open-source DNA processing programs and found that they were, in general, lacking. That means all that super-sensitive information those programs are processing is potentially vulnerable to hackers. If you think social security fraud is bad, imagine someone hacking your genetic code.

“You can imagine someone altering the DNA at a crime scene, or making it unreadable. Or an attacker stealing data or modifying it in a certain way to make it seem like someone has a disease someone doesn’t actually have,” Peter Ney, a co-author of the peer-reviewed study and Ph.D. student at the school’s Computer Security and Privacy Research Lab, told Gizmodo.

… Read More

Image: Wikimedia Commons

Be the first to like.
Share

Gizmodo

Tags: , , , , , ,

The views, opinions and positions expressed by these authors and blogs are theirs and do not necessarily represent that of the Bioethics Research Library and Kennedy Institute of Ethics or Georgetown University.

Bioethics Blogs

Coming Face to Face with the New Normal in Internet Research

by Elizabeth Buchanan, PhD, Endowed Chair in Ethics, University of Wisconsin-Stout

On Thursday, October 30, PRIM&R will host a webinar, The Future of Internet Research: What We Can Learn from the Facebook Emotional Contagion Study, which will explore the Facebook emotional contagion study and some of the questions that it raised related to internet and social media research. In advance of that webinar, we are sharing different perspectives on the controversy. Last week, PRIM&R’s executive director, Elisa A. Hurley, PhD, explored the reasons for the public outcry, and in this week’s post, webinar presenter Elizabeth Buchanan, PhD, explains what the Facebook study can teach us about the “new normal” in internet research. 

When news of the Facebook contagion study hit, I was presenting a session on research ethics to the VOX-Pol summer school at Dublin City University. I had intended to discuss the Belfast Project as an example of social, behavioral, and educational research gone badly—indeed, this project had international intrigue, raised serious issues related to participant privacy and consent, and pushed research regulations to their limits. But, suddenly, with news of Facebook’s newsfeed manipulations, there was a hot new case in internet research to consider. The first responders were quick to call attention to the “creepiness” of the study (the name of the article itself might be responsible for the creepiness factor: “Experimental evidence of massive-scale emotional contagion through social networks”); those responses were quickly followed by questions about user/participant consent and the ethics of deception research. Initial reactions seemed to center around several points:

  • This research was definitely “wrong”—individuals should have been told about the research.

The views, opinions and positions expressed by these authors and blogs are theirs and do not necessarily represent that of the Bioethics Research Library and Kennedy Institute of Ethics or Georgetown University.