Dailydave mailing list archives
Re: Hacking software is lame -- try medical research...
From: Rich Mogull <rmogull-dd () securosis com>
Date: Fri, 21 Sep 2007 14:12:05 -0700
A big part of the problem is overhead and test environments, but this might change (at least to some degree) in our lifetime. Part of my degree is in molecular biology (undergrad only) and it's a truly amazing and fascinating field. The problem is, the equipment to do any serious research is costly and difficult to obtain, never mind dangerous when working with humans. One nice thing about hacking/ security research is we can just bang away on our own test systems with very low risk. While you can do lightweight bio research at home now (check out the Make issue on home DNA), working on the big issues requires a lot more overhead. Sure, any one of us can run a gel assay at home, but real DNA sequencing or cellular research isn't the kind of thing the average person can do in their basement (yet). So yes, part of it is the challenge of learning new skills and tools, but the other part is that you can't just hack into biology like you can tech. But JS is onto one area where we might be able to contribute without having to go back to school and relearn O-chem. The medical field is relying more and more on bioinformatics and other tech that's within our domain. Partnering with some medical researchers is one way to contribute. It's a bit of a different mindset, when you're dealing with living things you definitely have to be more methodical than most of us probably are with our code. It moves way slower, but can be seriously cool. Even as an undergrad I got to be the first person (with my lab partner) to DNA sequence a particular strain of yeast. Sounds corny, but was weirdly satisfying. Didn't make a good beer though... On Sep 21, 2007, at 12:14 PM, J.M. Seitz wrote:
Kristian,If we consider ourselves decent "hackers", why don't we put our efforts toward helping cure this and other diseases rather than some very simple programming vulnerability? Is it because then we would have to reinvent a whole new slew of tools and re-orient/re-educate ourselves to be successful?This is something I have pondered often, my mother was diagnosed with Alzheimers last year at the age of 54, which is extremely young to have the onset of dementia, she faces 20+ years of slowly losing portions of her brain while maintaining a perfectly healthy body. As I worked my way through vuln-dev, fuzzing, RE'ing, etc. and I read some of the brilliant papers from infosec thought leaders, it occurred to me that it would be interesting to gather a group of them together and hack Alzheimers. There are lots of correlating things we could all do much the same way: learn some physiology (OS internals, x86 assembly), determine how high-level systems interact with the low level systems (data flow analysis, run tracing, debugging),find the genetic or physiological weakspots (exploit development) and determine a means of detection, prevention (developer education, NX bit,binary patching). The unfortunate thing about Alzheimer's is that there is no way to even properly diagnose it until post-mortem (crash dump?) and no drugs are covered by any health plans, as they don't even know if the drugs have any effect on it. But, we do what we can and what we enjoy, it's what helps us all to sometimes escape the harsh reality of the unchangeable things in the real world. Maybe Damian could port ImmunityDebugger to work with a GE MRI machine? I will ask him..... JS jms () bughunter ca _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Hacking software is lame -- try medical research... Kristian Erik Hermansen (Sep 21)
- Re: Hacking software is lame -- try medical research... M. Shirk (Sep 21)
- Re: Hacking software is lame -- try medical research... J.M. Seitz (Sep 21)
- Re: Hacking software is lame -- try medical research... Rich Mogull (Sep 21)
- Re: Hacking software is lame -- try medical research... Philippe Langlois (Sep 21)
- Re: Hacking software is lame -- try medical research... dan (Sep 22)
- Re: Hacking software is lame -- try medical research... Dave Aitel (Sep 21)
- Re: Hacking software is lame -- try medical research... Rich Mogull (Sep 21)
- Message not available
- Re: Hacking software is lame -- try medical research... Kristian Erik Hermansen (Sep 21)