Now even DNA can be used to hack computers!

in #science7 years ago

A team at the University of Washington recently announced that they have successfully hacked a computer by encoding malicious code into DNA, and executing it on any computer that transcribes the DNA. 

So how does this attack work?

Basically, the application that transcribes the DNA has a fixed size buffer in which the data read from the DNA is stored. This means that the system is susceptible to a buffer overflow attack. 

What is a buffer overflow attack?

In a buffer overflow attack, the attacker knows the memory structure of the system to be hacked. The attacker sends a more-than-normal amount of data to the system. If the system isn't actually checking the length of the data received, it can end up overflowing the space in memory alloted to that data, and some part of the data to be written ends up in memory locations assigned to a different process or application. So, if you know that a certain memory location contains code that is executed with root privileges, you can write over that code with your own malicious code. The next time that memory location is accessed, instead of the original code, your malicious code is executed with root privileges. 

The researchers used this very attack, by encoding the buffer overflow code in the DNA. The malicious code, when run with root privileges, executes other code, which is the one that actually does whatever damage you want to do to the system.

How much of a threat is this for normal computer users?

Unless you have instruments that transcribe data from DNA, your computer has no risk. But this shows, that any system that can be used to transport information, can also be used to transfer malicious code and infect the system. Today, this is not a big deal, but say 20 years from now, we're using DNA as a means of authentication, or even as a general purpose storage medium; the possibilities of this wrecking authentication systems is immense. 

Now, to be fair, buffer overflow exploits are some of the oldest hacks in computing, so they are pretty easy to fix on most systems.Also, most high-level languages will never give you access to the low-level memory functions required to run this exploit. I think that's what they should have done - never let the transcribing software access to low-level memory functions.

Conclusion

This is the kind of exploit where you wonder, "that would make a great plot point in a sci-fi movie", but in real life, at least right now, there is no practical danger from this exploit for almost anyone reading this post. 


Thank you for reading this post. If you liked it, please upvote and resteem it. Follow me for more content like this :-)

@harshallele


Sources: 

Techcrunch: https://techcrunch.com/2017/08/09/malicious-code-written-into-dna-infects-the-computer-that-reads-it/ 

Cover image from pixabay.

#technology #genetics #security
7 years ago in #science by
$0.58
  • Past Payouts $0.58, 0.00 TRX
  • - Author $0.45, 0.00 TRX
  • - Curators $0.13, 0.00 TRX
9 votes
Reply 5
Sort:  
  • Trending
    • [-]
     7 years ago 

    Thank you for the information, wah.... Is very dangerous if this can happen, but what is the advantage in this device?, and if this happens ho took from the dna the we are like a machine in control, even though quite easily fixed on most systems. Good blog thank you.....

    [-]
     7 years ago 

    Thanks for reading and commenting :-)

    As I said in the blog, the advantage is not today but in the future. Today, DNA is not used at all in computing. But we already know that it is excellent at storing large amounts of data. So if DNA becomes a storage medium in the future, these kinds of hacks will become very effective.

    [-]
     7 years ago 

    Congratulations! This post has been upvoted from the communal account, @minnowsupport, by harshal from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, theprophet0, and someguy123. The goal is to help Steemit grow by supporting Minnows and creating a social network. Please find us in the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.

    If you like what we're doing please upvote this comment so we can continue to build the community account that's supporting all members.

    $0.00
      Reply
      [-]
       7 years ago 

      This post has received a 0.52 % upvote from @drotto thanks to: @banjo.

      $0.00
        Reply
        [-]
         7 years ago 

        Congratulations @harshallele! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

        Award for the number of upvotes

        Click on any badge to view your own Board of Honor on SteemitBoard.
        For more information about SteemitBoard, click here

        If you no longer want to receive notifications, reply to this comment with the word STOP

        By upvoting this notification, you can help all Steemit users. Learn how here!

        $0.00
          Reply

          Coin Marketplace

          STEEM 0.17
          TRX 0.13
          JST 0.027
          BTC 59046.50
          ETH 2654.73
          USDT 1.00
          SBD 2.50