REGISTER | LOGIN
Breaking News
News & Analysis

New Security Worry: DNA-borne Malware

Researchers use biohacked DNA strand to attack a computer
8/16/2017 00:51 AM EDT
4 comments
NO RATINGS
More Related Links
View Comments: Newest First | Oldest First | Threaded View
elizabethsimon
User Rank
Author
Re: Sanitize your inputs
elizabethsimon   8/17/2017 11:53:15 AM
NO RATINGS
Ron,

The point that Relaxe was attempting to make was that the DNA input should be "just data". Systems should be designed so that no possible data inputs can leak across into the code to cause an infection.

This is akin to the "buffer overflow" method of injecting malware that has been used on PCs. The fact that this effect can be caused by synthesized DNA simply means that we need to exercise more diligance in protecting against unusual inputs no matter what they are.

Ron Neale
User Rank
Author
Re: Sanitize your inputs
Ron Neale   8/17/2017 6:54:03 AM
NO RATINGS
Relaxe; It is more than "just a "data input" into the software". It is now possible to create a string of biological DNA which contains malware. Attempts to decode the biological string will cause the data infection, the following might help:

http://www.eetimes.com/author.asp?section_id=36&doc_id=1331610

R_Colin_Johnson
User Rank
Author
Re: Sanitize your inputs
R_Colin_Johnson   8/16/2017 11:30:40 AM
NO RATINGS
The DNA hacker here is the same guy who blew the whistle on hacking automobiles, so he is deadly serious about keeping your genetic information accurate, but I appreciate the joke in your link. Thanks for the comment.

 

relaxe
User Rank
Freelancer
Sanitize your inputs
relaxe   8/16/2017 8:53:15 AM
NO RATINGS
The DNA in this case is just a "data input" into the software.

Thinking a forged input could cause a security issue leading to privilege escalation is kind of overblown imho....

The trick is just to sanitize your input, as cleverly demonstrated here:

https://xkcd.com/327/

 

 

Most Recent Comments
rick merritt
 
Tim R Johnson
 
ewertz
 
antedeluvian
 
ewertz
 
perl_geek
 
R_Colin_Johnson
 
perl_geek
 
R_Colin_Johnson
Most Recent Messages
11/19/2017
3:31:42 PM
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed