Or the Season 3 primer of Rick and Morty where Rick invents a fictional backstory with the secret the federation was looking for replaced with exploit code.
Technically this might be accurate? Someone could in theory naturally have a specific sequence in their DNA which could cause the same effect. Fuzzing is... oh never mind.
"The diskette in my hand. Rain on the river. I knew, but I couldn't
face it. I put the code for that meningial virus back into your purse and
lay down beside you.
So Moenner died, along with other Hosaka researchers. Including
Hiroshi. Chedanne suffered permanent brain damage.
Hiroshi hadn't worried about contamination. The proteins he punched
for were harmless. So the synthesizer hummed to itself all night long
building a virus to the specifications of Maas Biolabs GmbH. Maas. Small,
fast, ruthless -- All Edge."
> "Rather than exploit an existing vulnerability in the fqzcomp program, as real-world hackers do, they modified the program's open-source code to insert their own flaw allowing the buffer overflow."
So really, this is not as interesting as the headline would have you believe. Storing data in DNA is nothing new, and these researchers are just using it as input to a program that was deliberately written to improperly handle that data.
The concept itself is interesting in its own right and this is still a very innovative proof of concept that combines techniques from biochemistry and computer security.
One of the interesting insights to come out of this is that to ensure a higher probability that the sequencer reads the code correctly, it should be a palindrome.
Though, really, is that interesting? Yes, you should treat all input data as data no matter where it came from. And you should have checks in place to reject any data that is out of size/whatever constraints for your software.
And for the love of secure software, never blindly execute code from a serialized source without damned good reasons for thinking that source is safe.
Yes. Trusting human DNA is something that WILL absolutely, 100%, no-doubt-about it happen in the future and you will hear about it. People are good at finding ways to screw things up.
I remember that perl has (had?) a feature where all variables would be "tainted". Using a tainted variable would make the program exit in an error and the only way to clean them is to pass them through a regex.
Tainted is a terribly flawed concept unfortunately. At least the way it's implemented normally.
Strings are never universally tainted. They're tainted for a specific purpose. One language will treat backticks as a string quote, another as a subshell substitution. One will think $ is ok, another will interpolate the string. But in most cases I've seen, tainted flag is just used for "Ah, we quoted the ' in the string - you're safe now" :-(
Not a digital camera, but I had once written some poor vision processing code that would segfault when it recognized a certain pattern. It was interesting to think about, that I could break my program by showing it a pciture.
You can use adversarial neural networks to make a special picture that looks like noise or junk, but a certain neural network will recognize e.g. a dog in it. You basically train the ANN to make something that the other NN classifies as dog, but humans don't.
I often wonder if you could do that with humans. I don't think you can crash a human brain a la Snow Crash or Basilisk, but I think it is plausible to craft an abstract picture that creates fear, arousal, or some other "primitive" response.
There's ongoing work in adversarial examples for neural networks. This could conceivably be used to exploit self-driving cars, making it see things that aren't there.
retarded useless research. Just the same principles as any exploit on an arbitrary interface.
Just ask yourself, who would build a dns sequencying laboratory and be able to sequence dna would want to hack a dna sequencing lab.... obviously they already know how it works.... can't they spend some time on researching a solution to an actual problem?
1. Gene sequence injects malware to take control of DNA sequencer. 2. Compromised sequencer searches local network for DNA synthesisers. 3. Malware modifies synthesiser software to insert novel retrovirus into output DNA. 3. Wait for DNA to be executed inside a cell.
In 2045 Interpol's Genetic Crime Division grapples with a new type of crime: illicit genetic editing -- and it isn't long before the fight gets personal.
47 comments
[ 3.7 ms ] story [ 110 ms ] threadhttps://www.themarysue.com/malware-uploaded-from-bone-bones/
Malware is 3d printed on to a bone they scan in or something.
Reality imitating art I guess.
What a world we live in.
If we can just get malware that can prompt a personal computer to burst into flames.
So Moenner died, along with other Hosaka researchers. Including Hiroshi. Chedanne suffered permanent brain damage.
Hiroshi hadn't worried about contamination. The proteins he punched for were harmless. So the synthesizer hummed to itself all night long building a virus to the specifications of Maas Biolabs GmbH. Maas. Small, fast, ruthless -- All Edge."
Written in 1981.
So really, this is not as interesting as the headline would have you believe. Storing data in DNA is nothing new, and these researchers are just using it as input to a program that was deliberately written to improperly handle that data.
One of the interesting insights to come out of this is that to ensure a higher probability that the sequencer reads the code correctly, it should be a palindrome.
And for the love of secure software, never blindly execute code from a serialized source without damned good reasons for thinking that source is safe.
Yes. Trusting human DNA is something that WILL absolutely, 100%, no-doubt-about it happen in the future and you will hear about it. People are good at finding ways to screw things up.
Exploring ways it can hurt you in DNA? Yeah, fun thought experiment.
Strings are never universally tainted. They're tainted for a specific purpose. One language will treat backticks as a string quote, another as a subshell substitution. One will think $ is ok, another will interpolate the string. But in most cases I've seen, tainted flag is just used for "Ah, we quoted the ' in the string - you're safe now" :-(
Cool to see it getting academic "recognition" though!
http://www.infinityplus.co.uk/stories/blit.htm
[edit] more in the series:
http://ansible.uk/writing/c-b-faq.html
http://www.lightspeedmagazine.com/fiction/different-kinds-of...
It's also the plot of a good book:
https://en.wikipedia.org/wiki/Snow_Crash
I often wonder if you could do that with humans. I don't think you can crash a human brain a la Snow Crash or Basilisk, but I think it is plausible to craft an abstract picture that creates fear, arousal, or some other "primitive" response.
Visit a modern art museum - I think one can find many examples.
Just ask yourself, who would build a dns sequencying laboratory and be able to sequence dna would want to hack a dna sequencing lab.... obviously they already know how it works.... can't they spend some time on researching a solution to an actual problem?
Stuxnet for DNA.
In 2045 Interpol's Genetic Crime Division grapples with a new type of crime: illicit genetic editing -- and it isn't long before the fight gets personal.