Gneumatic

23andMe is a genetics company founded by Sergey Brin’s wife, Ann Wojcicki. The company is

“a web-based service that helps you read and understand your DNA. After providing a saliva sample using an at-home kit, you can use our interactive tools to shed new light on your distant ancestors, your close family and most of all, yourself.”

I must admit I am rather fascinated at the prospect of being afforded this kind of knowledge about myself. At the same time, there is no way to predict how such knowledge might alter the course of one’s life. A New York Times columnist depicts a generally positive experience with the service, but balks at the notion of signing up her three year-old daughter

“because I didn’t want to regard anything about her as predestined. If she wants to play the piano, who cares if she lacks perfect pitch? If she wants to run the 100-meter dash, who cares if she lacks the sprinting gene? And did I really want to know — did she really want to know someday — what genes she got from which parent and which grandparent?”

Personally, I am less concerned about how such information might lead to self-fulfilling prophecies than I am about the legal and privacy implications. Once this data is available and known, how does one retain their rights to it? What’s to prevent insurance companies from requesting access to it? And why, beyond Brin’s and Wojcicki’s marital relationship, is Google interested in it?

Bruce Schneier writes that the U.S. government released a new standard for random number generators this year. Random numbers are used in creating encryption keys and in other aspects of cryptography. One of those new standards, championed by the NSA, has been demonstrated to have a back door exploit. It uses a list of constants to define the encryption algorithm, but the source of these fixed numbers is not explained. Researchers have shown that

“these numbers have a relationship with a second, secret set of numbers that can act as a kind of skeleton key. If you know the secret numbers, you can predict the output of the random-number generator after collecting just 32 bytes of its output…. Of course, we have no way of knowing whether the NSA knows the secret numbers that break Dual_EC-DRBG. We have no way of knowing whether an NSA employee working on his own came up with the constants — and has the secret numbers. We don’t know if someone from NIST, or someone in the ANSI working group, has them. Maybe nobody does.”

Read the rest of this entry »