DNA virus infects computer that reads it
08-15-2017, 03:17 PM
#1
Senior Member
Thread Starter
Join Date: Apr 2002
Location: Oceanside, CA
Posts: 102
Likes: 0
Received 0 Likes
on
0 Posts
Vehicle: 2000 tiburon
DNA virus infects computer that reads it
This is pretty bizarre.
https://www.extremetech.com/internet...computer-reads
Computers run on a binary stream of electrical impulses that alternates between OFF and ON: 0 and 1. As a consequence, executable code has to go through the binary state on some level. Reading the DNA sequence got the malicious code into the computer that was doing the read, and from there it took advantage of a buffer overflow and got loose in the system to grab for privileges.
“The conversion from ASCII As, Ts, Gs, and Cs into a stream of bits is done in a fixed-size buffer that assumes a reasonable maximum read length,” explained co-author Karl Koscher in an email exchange with TechCrunch.
“The exploit was 176 bases long,” Koscher wrote. “The compression program translates each base into two bits, which are packed together, resulting in a 44 byte exploit when translated.”
“Most of these bytes are used to encode an ASCII shell command,” he continued. “Four bytes are used to make the conversion function return to the system() function in the C standard library, which executes shell commands, and four more bytes were used to tell system() where the command is in memory.”
In other words: feed this strand of DNA into a compiler and it’s Hello World in 176 nucleobases. Three lines of math, indeed.
“The conversion from ASCII As, Ts, Gs, and Cs into a stream of bits is done in a fixed-size buffer that assumes a reasonable maximum read length,” explained co-author Karl Koscher in an email exchange with TechCrunch.
“The exploit was 176 bases long,” Koscher wrote. “The compression program translates each base into two bits, which are packed together, resulting in a 44 byte exploit when translated.”
“Most of these bytes are used to encode an ASCII shell command,” he continued. “Four bytes are used to make the conversion function return to the system() function in the C standard library, which executes shell commands, and four more bytes were used to tell system() where the command is in memory.”
In other words: feed this strand of DNA into a compiler and it’s Hello World in 176 nucleobases. Three lines of math, indeed.
https://www.extremetech.com/internet...computer-reads
08-15-2017, 03:31 PM
#2
Moderator
Don't believe the article. It's entirety does not make sense. A computer doesn't read DNA. When it does, it uses an application and hardware. The application would need to be poorly designed in order to process data as instructions. This appears to be just complete nonsensical clickbait for those who don't understand DNA, Computers, or Exploits.
I'm a senior embedded systems security engineer. Its my job to hack systems.
I'm a senior embedded systems security engineer. Its my job to hack systems.
08-15-2017, 07:12 PM
#3
Super Moderator
I am not a security engineer, and even I can tell this article is gibberish from someone who probably doesn't understand how malware works.
08-15-2017, 10:46 PM
#4
Moderator
I'm not saying it's gibberish. I'm saying they focused on the wrong thing. The problem isn't a set of DNA. It's a program which is designed to read DNA which is processing the DNA as instructions. It's likely a very specific problem in a very specific system and this is very specific clickbait.