@LoganDice "and I hope YOU'VE learned to sanitize your inputs!"
@LoganDice Are we sure this is not the plot of a CSI episode?
Like.... what is happening here, is it a strange buffer overflow or something?
@LoganDice Like this has to be a flaw in the software
@LoganDice Yep, buffer overflow
@LoganDice "going to"? XD
😂I want to see a hack thru face recognition. It would be hilarious if somebody crashes the airport with his face.
@LoganDice just to add, there are poisons that are made by combining to benign substances. Maybe somebody can make a computer viruse that works the same way using somebody's face as an ingredient.
@LoganDice DNA FS when
@LoganDice this has white-collar gov't espionage written all over it, holy shit
@LoganDice The researchers on this project modified the source code of the program they were actually attacking though. Yes they did find some vulnerabilities in other DNA sequencing software, but when you read the full details this doesn't sound that scary.
@LoganDice considering the state of auto-correct, humans are really ready to scr*w the p00ch
@LoganDice In a way, it's logical, from the analyzing program's point of view, the DNA only ever is input data, but still… wow.
@LoganDice Repeat after me: NO USER INPUT IS SECURE.
@LoganDice Proof of concept might be a bit generous. Contrived hypothetical more like it.
Maybe get a mysql engineer to audit that sequencer code?
@LoganDice AS A BIOLOGIST THIS IS BS CLICKBAIT, THX
@LoganDice That's just sensationalist nonsense. Obviously, even if the gene sequencers were developed by people stupid enough not to have anticipated this, it's a simple software/firmware update to make it impossible.
Essentially, they're simply describing the equivalent of adding a partially quoted SQL command to a form field to mess with a web server's database.
These days, all important web servers escape data in a way that makes this impossible.
@LoganDice how do you even manage to exec() literal nucleotide sequences
@LoganDice If that's an article based on the paper I remember reading eons ago: it's 20 levels of theoretical, and barely even qualified as a proof of concept…
@LoganDice imagine something like that targeting 23andMe and shopping genetic sequences for clients. They require you to use a "real" name when you use the service too...
@LoganDice this is the most cyberpunk shit EVER
@LoganDice DNA, RNA, and DRM.
@LoganDice Wow, that is crazy indeed. Smart though...
@LoganDice this is fucking brilliant, I'm not even mad
@LoganDice Thinking about a scenario...
@LoganDice this sounds like a high level of renaming your kid to a mysql injection string
@LoganDice This sounds very much like something that would happen in Orphan Black, the best sci-fi thriller series for learning about genetics and what evil uses DNA can be put to.
@emi cyberpunk criminal whose DNA is encoded with malware that hacks the CSI computers that try to analyze it
@fariparedes getting an ~SQL Injection~ full of viruses that slip a database-wiping script into your blood cells
just in case you get shot on a run
I'm pretty sure that most of my DNA is malware.
@LoganDice As a bioinformatician, I see these sequences everyday. I think it‘s still much easier to hack the target machine directly than to smuggle in synthetic DNA into the library.
@LoganDice Sounds like a great tool for wrecking proprietary DNA databases that use our collective genetic info for a variety of benign and nefarious purposes!
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!