Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Privacy Databases Security The Internet

DNA Databases Are a National Security Leak Waiting To Happen (technologyreview.com) 35

schwit1 writes: A private DNA ancestry database that's been used by police to catch criminals is a security risk from which a nation-state could steal DNA data on a million Americans, according to security researchers. Security flaws in the service, called GEDmatch, not only risk exposing people's genetic health information but could let an adversary such as China or Russia create a powerful biometric database useful for identifying nearly any American from a DNA sample. GEDMatch, which crowdsources DNA profiles, was created by genealogy enthusiasts to let people search for relatives and is run entirely by volunteers. It shows how a trend toward sharing DNA data online can create privacy risks affecting everyone, even people who don't choose to share their own information.

"You can replace your credit card number, but you can't replace your genome," says Peter Ney, a postdoctoral researcher in computer science at the University of Washington. Ney, along with professors and DNA security researchers Luis Ceze and Tadayoshi Kohno, described in a report posted online how they developed and tested a novel attack employing DNA data they uploaded to GEDmatch. Using specially designed DNA profiles, they say, they were able to run searches that let them guess more than 90% of the DNA data of other users. The founder of GEDmatch, Curtis Rogers, confirmed that the researchers alerted him to the threat during the summer.
"The same attack wouldn't work on other genealogy sites, like 23andMe, because they don't permit data uploads," the report notes. "Others, like MyHeritage, do allow uploads but don't give users as much information about their matches."

"The problem with GEDmatch is the browser is too good, and searches too deeply," says Erlich. "If I were them, I would remove it, fix it, then put it back."
This discussion has been archived. No new comments can be posted.

DNA Databases Are a National Security Leak Waiting To Happen

Comments Filter:
  • by duckintheface ( 710137 ) on Friday November 01, 2019 @06:41PM (#59371298)

    Funny that the author is worried about China using DNA data to identify any American they get a DNA sample from. I'd be much more concerned that the US government would use such data as part of an existing system that spys on our phone calls, emails, tracks our phones and cars, etc, etc. As we move toward fascism in this country, DNA is just one more tool to control people.

    • by AHuxley ( 892839 )
      The US gov places spies in low end and unassuming embassy jobs.
      That gives them embassy paperwork in that nation a cover for their expert Russian/Chinese language skills. Skills that are totally hidden by the CIA/US gov by swapping/creating an educational/social media past.
      One worker is created and the actual education of another person stays hidden. Worked for generations and blocked any other nations internal US gov/mil database search. Every record was a match when found. But now that new family D
    • Well, if the CIA stopped with nepotism, they wouldn't find relatives spying in their country.

      At this point, the Chinese have the OPM hack, Aetna and other hospital chain hacks, and a number of other hacks regarding identities and pictures, relatives, etc.

      Okay, maybe now they find illegitimate kids, and surprise, surprise, the spies are worried they might be outed?

      Try keeping your pants zipped up.

      It wouldn't take much to get DNA from spies by offering something to their kids, or just chatting up their siblin

    • by AmiMoJo ( 196126 )

      China is the current boogieman, along with Communists. Useful distractions from the way the US government abuses its own citizens. Just look at all the pearl clutching on Slashdot, used to justify the extreme measures that the government is taking. The site has swung from strongly pro-freedom and privacy in the Snowden era to immediate what-about-China-ism.

    • by gweihir ( 88907 )

      Indeed. The whole fear about "China" is obviously a bad misdirection in this case. Looking at history, the US is already in an advanced state of introducing fascism.

  • Sorry to disappoint you guys, but your genome isn't that interesting. It's really not very valuable at all.

    And none of the big players that most people use for genetic testing actually test the whole genome. They actually report very little of it, well less than 1%. So if you are worried about someone getting your genome, they won't be able to clone you.

    • Further, the typical response is that insurers will use it to raise premiums. Forgetting the fact that your genes are not destiny, literally everyone, everyone, 100% of people are a high genetic risk of something awful. So if insurers are going to raise rates, they are just going to raise rates on everyone.

      Your genome is not interesting.

    • by AHuxley ( 892839 )
      All the other nation has to do is find the family name. It won't match the one the US embassy created for US in the nation.
      The other trick the CIA likes to do is create a fake husband and wife team.
      Two names get joined so a CIA spy can enter a nation with the full cover of been with an embassy worker.
      Their education won't match what the created "team" education was.
      Gone is the years of languages. Welcome to the very average "art" "sport" and "history" cover story..
      Find the DNA and cover names given
  • I got news for you. Nothing waited. This is happening.

  • by nehumanuscrede ( 624750 ) on Friday November 01, 2019 @08:17PM (#59371474)

    There are some genetic marker(s) in there somewhere that, when correctly read, can give a pretty accurate picture about you. Where you're from,
    your ancestry, etc. etc.

    Now you or I don't really give much of a damn about where someone was born, but at the secret weapons development level, those who might be interested
    in building a bio-weapon that ONLY targets a very specific group of people based on a regional genetic profile would be VERY interested in such data. The
    more data available to you, the faster the pattern becomes recognizable and the easier it is to start isolating your target.

    Find a genetic marker found only in Nationality X and you can work on building a virus that only becomes lethal in folks who possess that particular marker.

    • by AHuxley ( 892839 )
      The total brain drain in that nation :)
      No IQ over 110.
      What was 1950-1060's fiction is now a real hunt for a nations expert DNA.
      Wonder what the USA has been buying up from labs all over Russia and China over the past decade?
      That very private US company so happy to share all their secrets with the gov of China could just have wanted nation wide DNA?
      China might have got some new US tech out of the side deal but the US gov/mil got the needed DNA access...
      Now other advance nations are doing the same to
      • New London Connecticut police discriminate based on IQ.

        I know what you are thinking. Its unfair to dumb people. But you got it backwards. [globalresearch.ca] They discriminate against high IQ people.

        Robert Jordan, a 49-year-old college graduate, scored a 33 on an intelligence test he took as part of the application process to become a police officer in the town of New London, Connecticut. The score meant Jordan had an IQ of 125. The average score for police officers was a 21-22, or an IQ of 104. New London would only inter
        • by AHuxley ( 892839 )
          Would make a fun movie.
          All the smart people unable to work due to some genetic marker found by another nation.
    • those who might be interested
      in building a bio-weapon that ONLY targets a very specific group of people based on a regional genetic profile would be VERY interested in such data

      This only makes sense to someone who doesn't really understand the complexities of genetics. Unless you are talking about a population of clones, such a specific biometric weapon is unfeasible. Our DNA is much too unique and varied to be targeted as a group by such a theoretical weapon. Even in a parent-child relationship, the genetic crossovers number in the millions. A "targeted" weapon might hurt you, and not your father or mother, because there are so many differences in your genetics.

      There is no geneti

    • by dissy ( 172727 )

      Find a genetic marker found only in Nationality X and you can work on building a virus that only becomes lethal in folks who possess that particular marker.

      The US is among the least vulnerable to such an attack vector.

      Any possible marker you use from USA samples will guaranteed kill off a percentage of every nation on earth, including the attackers.
      Any other nations markers targeted would at best kill a very tiny portion of the US population.

      In other words they would do far more harm to their home country than any other, and far less harm to the US than all others.

      The nationalities such an attack would work best on would not be aided in the slightest with a US

  • If it’s truly a “National Security” issue then fly by night, vulture capitalist, sell their mother for a dollar thieves should not even be allowed to collect this information.
    But, ya, the potential for profit is huge, so, sorry, ain’t gonna get fixed.
  • should not be investigated by the police due to "China" and "Russia"?
    Give the police in the USA the tools and support they need to find criminals from the 1960-1990's who feel they got away with crimes for decades.
    Do the testing and track them all down.

    What is the CIA expecting other nations to do?
    Test some US embassy "worker" DNA and find out their real wealthy family had the best education on offer and that their embassy ID is fictional?
    That the embassy staff went to college under a different na
    • should not be investigated by the police due to "China" and "Russia"? Give the police in the USA the tools and support they need to find criminals from the 1960-1990's who feel they got away with crimes for decades. Do the testing and track them all down.

      This is just another species of "if you aren't doing anything wrong, you don't have anything to worry about". It sounds great right up until the point that the people at the top decide that "doing something wrong" includes things like your particular party membership or, in the case of genetic databases, your racial background. Once this particular genie is out of the bottle, it's not a question of "if" it will be abused, but "when".

      • by AHuxley ( 892839 )
        Thats DNA left all over discovered by police.
        Should police not look at CCTV, do finger pints due to the numbers it adds to federal "racial background" database stats?
        Not look at crime al all as the results and convictions show the reality of "racial background"?
        Every decades and generation police get more tools to find criminals with.
        Fingerprints, create card fraud tracking, CCTV, advanced city wide smartphone tracking, voiceprints
        The ability to triangulate weapons fire in a city and respond.. compu
        • You have to have the single most ironic user handle I have ever encountered on any message board anywhere.
    • I got news for you. When DNA is used for decades old crime, and they find that the person convicted of the crime wasn't guilty, the police and the prosecutor still argue that the person is guilty.
      • by AHuxley ( 892839 )
        Thats great too, it finds the results of poor police work. DNA works both ways. Keep on testing and show the world the results.
        Criminals get found.
        Lazy police work gets detected decades later.
        The media learns of another "person convicted of the crime wasn't guilty"...
        The police and the prosecutor have to then try and talk their way out of the results of new DNA testing..
        All great reasons to keep on testing :)
  • I did so after I heard about the use of this site to catch the "Golden State Killer" a few years ago. I would love it if my DNA could lead Law Enforcement to bring someone to justice.

    There are always those who foresee a future like the dystopia in 1984. The truth is, technology always brings with it great potential for both good and evil. It's not the technology that's the problem. It's who is in power and how they treat people. Oppressive governments exist with or without technology. Likewise good governme

Avoid strange women and temporary variables.

Working...