Stanford Identifies Potential Security Hole In Genomic Data-Sharing Network

An anonymous reader writes: Sharing genomic information among researchers is critical to the advance of biomedical research. Yet genomic data contains identifiable information and, in the wrong hands, poses a risk to individual privacy. If someone had access to your genome sequence — either directly from your saliva or other tissues, or from a popular genomic information service — they could check to see if you appear in a database of people with certain medical conditions, such as heart disease, lung cancer or autism. Work by a pair of researchers at the Stanford University School of Medicine makes that genomic data more secure. Researches have demonstrated a technique for hacking a network of global genomic databases and how to prevent it. They are working with investigators from the Global Alliance for Genomics and Health on implementing preventive measures.

Giving your life away

You're flat-out an idiot if you give your DNA to any database of any kind anywhere. Electronic medical records are likely just as bad though, I have no doubts that all your EMRs are going straight into a government (FBI, NSA, etc) database as just one more means to track the average citizen. Of course just giving a blood sample is probably getting you into a government shadow DNA database anyway so I guess it doesn't matter.

Re:Giving your life away

[ve3oat]

You're flat-out an idiot if you give your DNA to any database of any kind anywhere.

I disagree. The "standard" 67 Short Tandem Repeat (STR) Y-chromosome markers used for paternal-line genealogy are perfectly safe, with one exception. The exception is an extremely rare mutation of one of the markers (DYS410) which carries significant medical information, but it is so rare I have never heard of anyone having this mutation (although someone must have or we wouldn't know about it). So Y-chromosome testing for genealogical purposes is pretty safe. Dozens, hundreds, even thousands of men all share the same values for these 67 markers.

Re:Giving your life away

So Y-chromosome testing for genealogical purposes is pretty safe.

Unless you happen to live in a country where adultery is punishable by death.

You're right that some of the older DNA tests are really all that informative or specific. But full genome sequencing is now available for about $1,000 - from just a small sample of saliva. And full genome sequencing provides enough information to go back many generations. Let's say that some country in the middle east sets up a program to sequence everyone at birth. But then it turns out that one of the great-grandfathers wasn't who the great-grandmother claimed he was. Well, next thing you know, great-grandma is getting stoned to death for adultery.

Re:Giving your life away

Might I ask what medical information would carried by a mutation like that? Google certainly won't tell about it :P

This doesn't make sense.

Recognizing that a particular genome contains sequences related to heart disease or lung cancer in no way makes it identifiable or linked to a particular person. This is just another scare mongering story, probably clickbait ... nothing to see here, please move along.

Re:This doesn't make sense.

[RDW]

Recognizing that a particular genome contains sequences related to heart disease or lung cancer in no way makes it identifiable or linked to a particular person.

It's the other way around. Here you already know the identity of the person and their genome sequence, and are trying to work out if that genome is present in a database of genomes devoted to, say, heart disease, implying that this person (or perhaps a family member) has the condition. Although the 'beacon' databases that the attack targets release only small pieces of anonymous data, the results of multiple queries can be combined to figure out if the database contains the genome of interest.

This is just another scare mongering story, probably clickbait ... nothing to see here, please move along.

Judge for yourself - here's the original paper:

http://www.cell.com/ajhg/fullt...

Re:This doesn't make sense.

Some sequence variants are very common and other sequence variants are very rare. Just a few sufficiently rare sequence variants are enough to uniquely identify a particular individual.

But TFA is about something a bit more subtle. Suppose you apply for life insurance in a couple years and are required to get your genome sequenced as part of the application process. And suppose that your genome essentially comes up clean - no variants that give you a risk of dying young. But there's always a chance that even though your genome doesn't contain any known disease variants that you still have some other medical condition that increases your risk of dying young. For example, maybe your mother fed you nothing but bacon when you were a child and you ended up with colon cancer.

Well, people are starting to put together databases of people who have certain diseases where you can publicly query whether there's anyone in that database who has a particular sequence variant. So let's say there's a database of people who got colon cancer at a young age. Well, certain forms of colon cancer are hereditary: they are caused by certain rare sequence variants. So, if you're a biomedical researcher trying to understand why some new patient got colon cancer at a young age then one thing you might try is to see if your new patient shares any rare variants with anyone else who got colon cancer at a young age. I'm a bit light on details. But it's an incredibly powerful approach.

The problem, though, is that the hypothetical life insurance company mentioned above can also query these databases - using whatever rare variants happen to occur in your genome. And, essentially, it becomes possible for life insurance companies to use your genome sequence to figure out whether you had colon cancer - even if that colon cancer was caused by environmental factors and didn't have any genetic basis.

These new "beacon" sequence variant servers are incredibly useful for biomedical research. But they also put people's medical privacy at risk - albeit in a fairly subtle way.

Re:This doesn't make sense.

[L'Ange+Oliver]

Very well resumed!

So what's the lesson here?

[WOOFYGOOFY]

The lesson, which the world teaches you daily in the headlines is once data and PID is in electronic form, unless it's encrypted and never decrypted (and thus useless for analysis using today's technology) then it is not safe and WILL be exposed, revealed, possibly leveraged against you in both likely and forseen and unlikely and unforeseen ways.

The lesson is- never believe anyone who tells you that your data is secure.

The implications are- anything you say or do may be used against you. So act as though that's true.

Re:So what's the lesson here?

[gstoddart]

As long as there are no data privacy laws, and until there are very harsh penalties for failing to keep your data safe, your data pretty much isn't safe and never will be.

Between people doing a bad job of anonymizing, or companies wanting to monetize your information, there is no incentive to keep your data secure, and no penalty for failing to do so.

You are completely correct, this stuff will get tied to you, it will get used for things you never consented to, and it will come back to bite you in the ass.

We can't trust corporations with our email addresses or our credit card information. Trusting them with our genetic information is bordering on idiotic.

Much like all those secret spy powers which were only supposed to be used to fight terrorists are now being used to do every other aspect of law enforcement ... this stuff will be used for everything you can imagine.

Once that genie is out of the bottle, you can kiss goodbye the idea of this staying private or not getting abused.

Re:So what's the lesson here?

Hah "We made a clone of you for testing purposes that then broke out of the lab and killed four people. You are being held liable since it is your genomic data"

Re:So what's the lesson here?

As long as there are no data privacy laws, and until there are very harsh penalties for failing to keep your data safe, your data pretty much isn't safe and never will be.

I'm not opposed to privacy, per se. But, when it comes to personal medical information, I'm not sure that privacy is the right thing to focus on.

If you don't want life insurance companies to deny coverage to people with particular genetic conditions or sequence variants, then make it illegal to deny coverage for such reasons. Using privacy to prevent misuse of personal medical information is a bit like trying to fight slavery by making it illegal to reveal a person's race.

Re:So what's the lesson here?

[WOOFYGOOFY]

Yeah or we stole your DNA and now we will replicate it and plant it at the scene of a crime. It's not impossible and probably not even far fetched. Maybe it's even happened already.

Re:They should use APPS!

[jeffmflanagan]

I'd be disappointed if the stupid app posts aren't automatically posted by an app. It would be too sad if a person is manually posting that to every article.

Re:They should use APPS!

[gstoddart]

Dynamite is for cows, you're all cows ... send in the cows, there ought to be cows.

In Soviet Russia, meme pukes you!

Get over it. Slashdot has always had the drivel, and has always had people complaining about the drivel.

Just be glad time cube guy and the poop guy have slowed down.

Re:They should use APPS!

[kheldan]

Hey buddy, I wouldn't mind if the trolls and shitposters would show a little creativity and originality, but it's the same copypasta over and over again, like they're high-functioning autism-spectrum disorder sufferers or something; if it's going to be noise instead of signal, can it at least be interesting noise?

Re:They should use APPS!

[gstoddart]

LOL .... awww, I suppose you want a puppy, a pony, a unicorn, and red rider BB gun with a compass in the stock and a thing which tells time?

If they posted interesting stuff, they wouldn't be trolls and shitposters, now, would they?

Deep breath, and repeat after me ... the internet is full of stupid, and there's nothing I can do about that.

You're gonna hurt yourself if you keep on like that.

Re:They should use APPS!

[kheldan]

Oh for fuck's sake, dude.. I suppose you think I'm frothing at the mouth and covering my monitor with spittle or something in anger over shitposters on slashdot? Please. And, there's nonsense, then there's interesting, entertaining nonsense. This repetitive 'apps' crap is neither, it's just boring.

Real Genomic Security Issues

(I realize I'm a day late to this thread, but this is worth getting on the record)

This is genomics 101: your genome is unique to you. This is no different than saying if someone had a picture of you they could identify you in other pictures. Given that genomes and photos are digitized, from a computational perspective there's really no difference. Lesson: if you don't like posting your photo publically, don't post your genome.

Now, the real problem with genomic data security is that there isn't any and it's much uglier than what you can glean from public databases. A few examples:

- Most sequencing instruments (which contain decent computers and sometimes small clusters) still use the default vendor passwords
- All instruments run out of date operating systems (old Ubuntu for ION Torrent, about-to-be-eol'd Windows 7 for Illumina)
- Bioinformatics has a fetish for virtual machines running everything as root and misplaced trust in docker - in both cases, to access the large filesystems needed for processing genomes, they simply mount the filesystems and bypass standard security checks
- Many popular packages make system calls that are vulnerable to inject attacks
- Most server tools encourage running everything as a privileged user, often explicitly claiming that it's to "make things easier for the user"

The list goes on. What's scary is that we're building our clinical genomics infrastructure on top of these tools and practices. The only good news is that the black hat community is probably more interested in using these resources for bot nets rather than anything genomically nefarious.