Posted on 08/12/2017 8:17:29 AM PDT by AdmSmith
The rapid improvement in DNA sequencing has sparked a big data revolution in genomic sciences, which has in turn led to a proliferation of bioinformatics tools. To date, these tools have encountered little adversarial pressure. This paper evaluates the robustness of such tools if (or when) adversarial attacks manifest. We demonstrate, for the first time, the synthesis of DNA which when sequenced and processed gives an attacker arbitrary remote code execution. To study the feasibility of creating and synthesizing a DNA-based exploit, we performed our attack on a modified downstream sequencing utility with a deliberately introduced vulnerability. After sequencing, we observed information leakage in our data due to sample bleeding. While this phenomena is known to the sequencing community, we provide the first discussion of how this leakage channel could be used adversarially to inject data or reveal sensitive information. We then evaluate the general security hygiene of common DNA processing programs, and unfortunately, find concrete evidence of poor security practices used throughout the field. Informed by our experiments and results, we develop a broad framework and guidelines to safeguard security and privacy in DNA synthesis, sequencing, and processing.
Just an experiment: Writing a computer program in DNA code.
Thanks.
I hear tell you can punch holes in cards and affect a computer.
Urban legend. Snopes debunked.
Perhaps for a OCR scan
http://www.overclock.net/t/1031999/spicewrks-malicious-code-injection-via-ocr-scan
(I have not checked if it is a real threat)
If depends on how the data from the OCR reader is handled. If it is stored as a data file that can be used as input in the program then it might be problem.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.