Saturday, October 19, 2013

Censorship in Science reports that a new type of botulism toxin has been discovered. Botulinum is the product of the bacterium Clostridium botulinum, and as little as 13 billionths of a gram can kill an adult human.

However, what makes this story of immediate interest to me is the news that, in a first for science, the DNA sequence of the bacterium is being withheld "for security reasons" because there is no antidote at present.

I'm familiar with the argument. It's used all the time in computer security... mostly by people who aren't very good at computer security. The idea is that if you release the details of a security exploit or computer virus, then the "bad guys" will be able to wreak havok with it before the exploit is patched, and before antivirus software can detect it. The problem with the argument in computing is that it's shit. Publishing as many details as widely as possible means in practice that the maximum number of software vendors and security specialists can work on the problem of detection and patching the exploit as possible. Instead of one cloistered group, everyone with a security stake attacks the problem. And a "cure" is created that much faster. That is why open publication is a best practice in security, and why "security through obscurity" is roundly denounced in my industry as a very bad practice. 

And keep in mind, my industry is one in which a faithful copy of the dangerous code is only a few keystrokes, gestures, or mouse clicks away. We don't have "DNA printers". We can't yet enter a DNA sequence into a Star Trek replicator and magically materialize a Petri dish full of made-to-order bacteria. Those without detailed specialized knowledge who wish to mis-use this bacterium will need a physical sample. BUT... the equipment used in molecular biology is becoming sophisticated. 

But here's where it gets dicey. Botulism toxin doesn't have an antidote anyway. Even the ridiculously diluted variant Botox leaves damage that ranges from permanent, to requiring weeks or months for the body to repair. The very best we can do is administer antitoxins to slow or arrest the effects. And those antitoxins don't work on this new form of the protein. None of them do. And this is the most acutely deadly substance known.

Old science fiction movies often had the theme "there are some things that Man is not meant to know."  As late as in Jurassic Park, Jeff Goldblum's character, channeling that sentiment, questions whether you should do a thing just because you can

In this case, I find myself agreeing with him, and here's why. In computer science, you mess up, you lose some data, you lose some money. In this case, if you mess up you could lose a city. It being a living organism,  you could lose more than that.

I think it's worth pointing out here that the fact that these data are not published does not necessarily that they're not shared. There is nothing to prevent researchers from picking up a phone and calling Steve Arnon or the CDPH or the CDC and asking for that information. They then have the ability to choose who it goes to, confining it to (hopefully) those researchers who have the facilities and the expertise to prevent their experimentation from getting away from them. 

No comments:

Post a Comment