Gadgetory

the 359 is sponsored by USB technology the USB implementers forum reminds consumers that USB if' logos are displayed on certified USB products so the next time you're shopping for a reliable USB charger cable or device look for the logos get the whole story at an abling USB org welcome a good morning everybody to the 359 podcast this episode 450 on Wednesday note Tuesday August 28th and today we're experimenting with DNA but not Dino DNA despite the fact that laura dern from Jurassic Park is here hi everyone so yeah we'll be talking about DNA DNA as a way to store passwords and digital data in general field data yeah this is bizarre one of the other stories I've read well cool stories I've read but still really strange I will also be talking about four night madness step of the game they don't have Alfred with us to talk about that but we'll talk about some of the security issues that have come up with for night and particularly the Installer for the Android version of the game as always if you have any questions leave in the comments section Brian will pick out the best and we'll get to them in three minutes and 59 seconds from 3 to welcome to the 359 I'm Roger Tsien and with me a special guest Bridget Carey to talk about well one of the oddest tech stories I've encountered in a while should worry about the ability to store passwords for a crypto currency like Bitcoin in DNA yes in the building blocks of life what how does work alright there's so many levels to us but we'll break it down real simple scientists for a couple years now have found a way to store files computer files in DNA we're talking movies animated gifts gift cards whatever ones and zeros of binary they're really converted to the code of DNA which is four letters GTC an a so you're really talking about a conversion here you know ones and zeros equal ATC and G and so one company has to turn this into a business and said you know what who would want to store something in DNA maybe people who have a lot invested in Bitcoin and want to keep their passwords their keys essentially extra safe and so with the company called Carver you spend a thousand dollars Harbor just appropriately like gruesome chopping up DNA yeah and really you're taking synthetic DNA this is nothing that's alive people think that's the first you think of you say DNA that's students you could print DNA like anything right now you just make up an order of your of your gtcys and A's and and and just just print it out the way you want it in a lab it's synthetic it sits in a tiny vial sometimes suspended in fluid is and has in the case of these customers doing it with Carver and really it's an encrypted password that is transformed into the code of DNA if you want to unencrypted it go to a lab read the DNA then know the secret code to transfer those letters back into ones and zeros and so after all those steps are done then you can maybe go retrieve your key you wouldn't do this not only and how much does this cost yeah transferring data into DNA is a very expensive process right now so just for the 50 bytes of a password right that's $1,000 so it lost $1,000 to do this of course we have a big investment you might want to do it that's why all right so let's talk about for tonight the blockbuster by royale game hit a snag early on when I launched on Android just two days after it became available Google found a vulnerability with the Installer that you really need a download to get the game you can't actually get it on Google Play and so you know epic definitely the developer behind before and I patched up the game but security experts are warning that this is really just the tip of the iceberg for potential security problems for the game yeah like who's gonna go and find the update when there's another problem found this is very complicated you just want to play and just as a bit of background epic wanted to get around Google play's requirement to offer up a 30% cut to Google for any kind of purchases so they decide to just go and force players to download the Installer and let's do what's known side loading a game which generally is bad security practice you can't do that an iPhone androids do let you do that Android phones do but it's not really recommended a lot of them a lot of the programs that you side load tend to be mall wear and so a lot of curious we're saying one this is just bad practice getting people thinking that side loading a game is good but beyond that you know they sort of looked at the number of games or the knock off fortnight games are out there that you can side load and most of them are like spammy have more they're not terrible but most experts say that this is just the start like you'll see more complex and sophisticated malware developed on the line and the fact that you're doing this through this installer makes it a bit more dangerous oh yeah yeah it's easy to fall prey to like a fake fort and I even in me what if the main Google Play Store even has like like now I like the I'm saying yeah exactly so there's just it's just messy I don't like it exactly some of the games they work exactly like for night but they just have like heavy doses of ads so basically someone's taking a ripped off version of it and that's not the worst thing in the world like they're not compromising your security but you can imagine other versions of the game could include malware that's far more dangerous mm-hmm all right for more of these stories chicken sounds CNET I'm Roderick Chang I'm Bridget Carey thanks for listening all right that's a wrap on recording the audio podcast everybody thanks for joining us now I'm gonna jump into the chat and bring out your questions and comments about DNA storage is this a weirdest day we've ever had on the show Bridgette why do you do this to my brain this was such a wild story when I stumbled upon it and it took me a little while to stitch it all together with the research I had to dive in to understand DNA and what's being done right now and kind of why science in general has been looking at why are we putting computer files in DNA like what's the point and it really comes down to the fact that this is a much more efficient way to store you know these big files we as humans are just producing so much data right now these massive farms of servers we're gonna run out of space and and it's just it's just DNA is so tiny and if it's so much the DNA part I mean that's fascinating but I did find interesting and I didn't really think about it the idea that because we generate so much data taking photos emails videos whatever all of that needs to be stored and yes like personally I feel like I'm always running out of space but I didn't really think about it from like a big-picture perspective like as a human race we're like starting to like run out of places to store all this data right it's more like what some research has shown is that by the year I think 2025 2014 we're right if we keep storing things on like hard drives we won't have enough silicon like Worthy you know material to do it so what we're using is magnetic tape like the same tape that's on a cassette tape and a VHS it lasts about 20 max 30 years but before it disintegrates and so it's still a lot of room and but DNA it's very expensive to write DNA the researchers got two megabytes on DNA and cost seven grand so does it the more memory you put or the more data you put onto a DNA strand the more expensive it is it's well it's writing it it's creating the DNA yeah it just takes time and right now it's not cheap to to print out these long strings because the more you have or DNA you have it's possible Microsoft you know got it done recently in February with like like a huge amount but their Microsoft they have a lot of money for research well and you made the point that you shut the store so it's recommending you store this in the freezer like your dear can the DNA go bad yes DNA goes bad if it's out and subjected to heat and and and you know so outside elements but if it's in a cool dry place okay it definitely can last like hundreds of years you know sorry I can't login right now my password has gone stale yeah yeah yeah yeah this is not your main way of logging in right this is something else takes two days to retrieve because you've got to send it to a lab so we could just double click a file right now in the cloud much faster so people were going alright what if I wanted to make this like my long-term backup of like my family's photos and pass that down to generations right you know CD drives no longer in computers I found an old floppy disk you know it took me a bit to be able to find something to play it old floppy technology keeps changing DNA will always be there as long as we have humans and we're reading DNA to store the DNA they are working on ones that are less susceptible to like elements but right now there are yeah you're right refrigerator keep it cool but maybe a wine cellar you know okay and then yeah thousands of dollars in a password you probably can afford the wine so that's not really the only consumer right now because you and I aren't gonna fork over a couple grand just to save a couple baby photos yeah so yeah it's about getting over that cost hurdle and once we do then maybe it could be more feasible for long-term storage not not for a short term but definitely like things you want to save and don't need to pull up for a while historical stuff yes DNA storage and winos the bhujiya stuff technology let's jump into the chat and start taking some questions uh-huh there's just really interesting like real-time development I can give you time codes to sync up to about 20 seconds in the show Jorge comments use DNA to store your passwords heck yeah I'm all over that about 53 seconds into this show that's too complicated and too expensive stick to just remembering new passwords and change all the time yeah well hey is all of us some of the folks who uh like I talked to one customer of of this service who's doing it for his Bitcoin wallet and this is the back up to his backup this is like if his current system goes wrong and every place gets burned down you know the papers gone the harddrive is corrupted at least you know he's got these vials that he put in different locations and he can you know call up a friend and have it sent to a lab so he's that story like in the fridge in his kitchen then it's well maybe one is and maybe one somewhere else you know the thing about having Bitcoin for those who don't know is that all the responsibilities on you if you think your password that's it there's no way to recover it so there's a lot of pressure to be like oh my gosh I better not lose this password or you can't access it ever again and that's why people are motivated to spend a grand I think yeah well if you've got like millions in investment or you think it'll be worth millions you know it's about it's about like this is the long-term retirement plan you know maybe you'll feel sorry for you you never know you never know next comment flying in is coming from Jacob Lombardo he says we accept credit cards a Google pay your DNA I was I was asking can we store the information in her own DNA like are we gay are we at the point we're like right now it's a lab its synthetic it's just a bunch of chemical stitch together when can it be inside myself and of course they said and so I talked to a Genesis to who did this with putting a movie in DNA and her name is Dina szalinski she's in my report and she said alright it's possible but there's so much about DNA we don't know right now so it's not recommended to mess with your genome kids you know but maybe just wear it on your necklace you know the fake you know synthetic deep DNA if you wanted to you know store something on or keep it you know but then again yeah keep it in a cool place it probably the best it's at the end of the day I want a thumb drive to be my actual thumb but yeah but that's our future that was my favorite quote from your video I also like can you just imagine this brings like a whole new level to the concept of like a blood oath uh-huh in fact what if that is a way to do more by authentication of passwords too you know I'd like prick my finger every time yeah well maybe you'll have to access the file - lock my iPhone actually every time you got stabbed yourself to lock your right eye pretty neat iPhone 15 I predict a really really terrible sequel to the fly with this one or some guy like stores his password and turns into a personified credit card just like morphs into like a giant plastic card but I still nominate Jeff Goldblum to play that role he would he would do a bang-up job yeah all right coming in next from Alex Mitchell how was DNA storage not in spy movies already I feel like there was one didn't they didn't do it in Kingsman but wasn't it was like another Rando wasn't like a Jason Statham action movie either but there's something in the back of my brain where I remember seeing it somehow like Brian you know more about movies than me but I am NOT stumbled on I'm not stumbled on this personally and I feel like that's not too far from the future in fact here's something get your really messed up in your head what are my DNA what if a virus could store information that's another rabbit hole I started to go down in my research I really like like a strand - all a different kind of way of thinking about data so yeah there's a lot of weird science going on now guys I'm just saying maybe in five to ten years we could be hearing more about this kind of cold but actually it's it's your password yeah exactly erm joy says what if this is a conspiracy from 23andme for getting your vital passwords when you submit your DNA for genetic testing oh no that's the best conspiracy theory we've had on this show in about three days [Laughter] yeah I'm not about that I'm not gonna give my DNA to anyone just yet I'm pretty good there also thanks for enjoy for the shoutout you could just follow my lead and get everything tattooed on you Alex Mitchell wants us to move on to fortnight he says I would believe that fortnight should just try to make their own phone we'd be going what like those little tiger electronic game are you a are you being a are you being sincere or is that Alex is Alex are you being sincere my phone I mean it's phenomenally successful but it's it's also a game it's one game well know how many people are actually gonna buy a fortnight phone but shout out to Brian for the Tiger reference I had a lot of those Tiger handheld games that's what I picture though it's like the standalone game you throw in your pocket but it's just fortnight but it'd be HD and it'd be fine it also knows that it does nothing else it's just the phone and fortnight and nothing else I mean that's what most people's devices are these days I said actually to be fairly I spent a total of 10 minutes I think 10 or 15 minutes playing fortnight getting killed and then I deleted it since deleted the game because I just I can't it takes time yeah flipping back into DNA this comment just came in from spiral feather it says okay I just tuned in but I came over because of what an amazingly bad idea that sounds like I don't want my password stolen because someone found a strand of my hair on the floor of a Starbucks now just to reiterate this isn't about embedding it in your DNA it's using the genetic code that does constitute definitive DNA without brings up an interesting point in that you know I guess you're storing the DNA in some other secure place yes so let's say someone takes your Nyland DNA right like like you need to have so here talking about what this one company is doing I was like alright what if I just go in your freezer and just take your your your vial of synthetic DNA and not only would someone have to send it to a lab and all they get back is is their version of Gattaca GT a and C and they need to know what that represents in their version of a code like I made up one where a would be zero zero in binary T zero one and you kind of string it together like that but whatever their formula is and then from there you'll get a binary but is that the pass code or is that an encrypted pass codes you need to know there's many layers here so there's another level of encryption that they have to yeah decrypt for you to actually get the legit possible it depends how much you want to go down that rabbit hole of encryption layers but you can make it you don't have to actually give the DNA makers like your actual password at any and the lab that's printing it out for you doesn't even know what they're doing they're just getting a string of letters going okay well here you go because they get it all the time from science students who are like doing experiments and research so they do this another strain right for them they see an anonymous you know order coming in for like a bunch of you know G Tuesday's and C's okay here you go and it's just in a microbial this big and it's just a tiny little drop of liquid huh well there you go let's jump on back over to fortnight for our twitch audience now I've played it a little bit but I've only played it on my switch I have not played it on mobile have we seen other security vulnerabilities like this exploited because somebody got a little big for their britches and wanted to jump around the download store that's a this is a this is a fairly unusual situation most game makers usually the other way around most developers will cooperate and work in the place are because they want that visibility epic is epic and for tonight is a it's an exception because it's already such a phenomenon people know what 4/9 is they want it and so they were able to get around the Play Store with their own installer but that also means things like if Google wants to send down security patch to the game when they do in the Play Store it's just an update to your app here you've got to actually run the game for the Installer to run the update so if you haven't played your game in a while if you haven't touched for a night you haven't load the installer the installer can actually update and actually add the patch to itself so it's still vulnerable so that's a lot of the experts that we talked to say that that's that's not great practice I think I've always heard this the other way around like Angry Birds you know always had a lot of you know fakes that were out that word that on the non App Store or good to beware of like things that were in the App Store that you never heard of a company you know not going to the App Store yep usually it's the point of those app stores I mean it's almost enormous like it's a brand name thing like you know it's safe because it's in Google Play because Google don't always know you don't always know but Google at least takes some effort to vet the the programs the apps that are in the Google Play Store like when it's side loading like this it's the wild wild west like and a majority of Nam George but a lot of the apps that you do side load that aren't from place or typically includes some form of malware and epic was no no no different this come pre-installed on the Samsung phone or is it you had no you had to install it you had to install the side loader as well yeah give it time six months down the line you'll get a fortnight exclusive phone with a exclusive downloaded con Samsung did have like they had exclusive skins for the game like if you bought up you'll be able to pay at two hundred dollars extra at the store and get this preloaded in the whole shebang oh maybe I'm calling it right now life improvement says wait wait wait it was Google who found the vulnerability in fortnight the people they were trying to get around paying yes Google as a Google researcher or engineer who discovers the vulnerability that's said that was vetted by other security researchers it's not like some sort of conspiracy theory that like Google somehow embedded a vulnerability into a installer that they had zero access to I think they just found it and realized that this is this was gonna mess with Android phones and their customers right exactly and the patch is forthcoming uh patches out it's available now there was some back-and-forth you know Google alerted epic immediately epics actually asked for 90 days they for Google to keep it quiet for 90 days so their players could install the patch Google went ahead and just announced it a week later which was actually pretty standard practice the security specific we talked to so that you actually generally want to get the word out to get people to actually be aware of this patch and install it otherwise if they kept quiet about it that no one would known there was an issue yeah and it would just spread like a wildfire yeah why would they sit on that just so that they wouldn't get in there I think it brings the point that I think epic doesn't quite understand and grabs the the magnitude of security issues they're opening up by doing this kind of end around from Google Play wonder if they'll actually kind of sit back and reconsider and then jump on board I doubt it or making too much money this is this is all about money in the end like not having to give up a 30 percent cut on a you know one of the most successful games revenue driving games out there it's that's a lot to give up 30% is a huge cut they do look like fools yeah so to flipside that do you think we're gonna get more and more developers going down this path even yeah exactly you couldn't like if you're just starting out it's be impossible if it's a casual game people aren't gonna you know gonna just do this ya know and hunt out a way to do it for a night for sure has you know there's an anomaly it's an anomaly but also a lot of money went to the game it's definitely a quality title resources went into it so it's not like the standard casual mobile game where you know developers working on it in their house right this is this was a big business for epic DC 147 just points out that he read on our RS that Google only Disko disclosed it so soon because it was in fact fixed if it hadn't been they'd probably have informed epic and waited the standard now yes yes you're right there was a patch available I didn't know there were so many rules to the hole there's an etiquette oh yeah yeah yeah we are just about out of time let's take one for the road this is a mission that we're being sent on by our friends enjoy whoo Elon Musk stored his passwords about a Tesla Roadster let's get on that wait what do you want us to get you on us to do this or do you want us to break into his roadster I'm not really sure what the request is I think we need to do a space heist III would just say I'm not I'm not messing with you on must that guy is pretty pretty unpredictable who knows what he'll do can we at least verify that story do we know that was that with Elon Musk anything is possible sure good and bad all right that's it we are out of time thanks everybody for joining us that was a fun one well I can't wait to hear more about this DNA exploration Brigitte keep us posted thank you if they're looking for for human trials I'll jump in all right well the 359 is available in iTunes tune in stitcher feedburner google play music google podcast the Amazon of course cnet.com we'll see y'all tomorrow bye folks you you