Back when I was doing road-shows to raise money for the start-up that didn’t happen, several of the venture capitalists we met with said things like, “right now, we’re investing in blockchain.” As far as I am concerned, they could just have easily said “quantum.”
Over here, it seems to be “tactical” is another cool word to add to anything, to make it sound better than it is. Do you want a tactical quantum blockchain, as used by special forces operators?
Briefly: blockchain is an open ledger. That’s it. It’s an open ledger that is maintained with successive checksums to make alteration obvious to anyone who cares to check. When those VCs were saying they were investing in blockchain, they were saying that they were investing in tamper-resistant data – hey, that is a good idea, but it gets filed under “duh.”
I first encountered the idea of blockchain back in the early cypherpunks days, when someone came up with the clever hack of publishing successive hashes of a file in the classified section of a newspaper – that way it would be impossible to wind back the clock and change the sums without them contradicting the published sums in the newspaper. That was around 1992 or 1993; I forget. When I was consulting for Taser back in 2009, I suggested that they use that technique to deflect any questions about the integrity of body-cam data; it’s a pretty obvious application of a very clever idea.
Rawstory has a story: [rawstory]
Now new blockchain-based marketplaces could give individuals control over access to their encrypted DNA data, and the ability to sell it to research companies for their own profit.
The ‘Google Of Personalised Health Care’
Consumer DNA testing saw unprecedented public demand in 2017. By one estimate, 10 million genetic tests were conducted on individuals by companies such as AncestryDNA.
People using these services may not realise that the real money for some of these companies could lie in the sale of genetic data to third parties for medical research. A 23andMe board member reportedly explained this in 2013:
The long game here is not to make money selling kits… Once you have the data, [the company] does actually become the Google of personalised health care.
Ask Henrietta Lacks! [wikipedia] The usage of patient (and customer!) data is a gray area – or, more precisely, it has been caused to be a gray area – if you use 23andme or have your blood drawn, or that lump in your neck removed: do you still own it? It’s your genome, right? The short form is: no. This stuff is all being taken care of using contract law, and is being regulated in favor of and for corporate interests. We will never have the option of owning our own genomic data, not if it’s worth something.
The premise appears to be that people will have their DNA sequenced, then upload it to secure servers with mumble mumble blockchain magic and mumble somehow their data will be protected. But doesn’t that presuppose that whoever is doing the sequencing doesn’t keep a copy? That’s exactly what happened when Johns Hopkins Hospital’s doctors kept a copy of Henrietta Lacks’ cancer cells – and started selling them. It makes no sense to assume that I’m going to ship a swab of my epithelial cells to some lab that will sequence my DNA and securely transmit me a copy of my DNA (without keeping a copy!) and that I’m going to then care enough to store it somewhere, only to – years later – transmit it to… what, exactly? I can’t give it to my doctor to read in their computer (without keeping a copy!) or stick it on a cloud server (where the FBI can’t subpoena it?) etc.
But, hey: blockchain!
At the same time, genomic data can reveal highly personal information about us (and our relatives), especially when paired with our very private health data. There are competing interests between individuals, corporations, and the research community.
How Could Blockchain-Based DNA Marketplaces Address These Issues?
Marketplaces for buying and selling DNA data would be established by the creation of dedicated cryptocurrency “tokens”
People will be able to sell their (encrypted) genomic data to researchers for tokens, which they can cash out or use to buy services, such as disease risk reports.
All of that presupposes that your sharing your data means they won’t copy it and re-share it. Which, they are already doing. So this whole thing depends on “first, we must get them to stop ripping off our data.” Which depends on “first, we must get the courts to agree that it is our data.” That’s a problem of approximately the same magnitude, I’d say, as keeping Equifax from not selling (or leaking!) your data to marketing firms. Which is a problem of the same magnitude of getting an unfriendly dragon to give you its gold-hoard without a fight. Because, for them, it’s a fight to the death.
But once that’s all done: blockchain!
Information security practitioners know that once you give someone else your data, you’ve got questions of trust that you need to answer; also questions of trust delegation: do you trust Apple to hold your txt messages? What about whoever keeps Apple’s backups? At a certain point I can say with some confidence that if you want to be the only person with a copy of your genome, you’ll have to sequence it yourself and be very careful whose processor chips are in the sequencing-machine you buy.
This is another case of blockchain – a solution – looking for a problem.
h/t to Caine, who pointed me toward this story.
My old friend Dan Geer once defined “privacy” in the digital age as “having control over the time and rate at which your information is disclosed.” It’s an interesting definition because Geer didn’t consider revoking access as possible; it’s typical of Dan’s subtle approach to security – he hides everything you need to know right there in the definition.
I’ll try to do a post one of these days regarding my old-school security practitioner’s view of bitcoin. Hint: it’s ugly.
David Chaum was doing interesting stuff (of course!) with blind signatures and digests back in the 80s: [chaum]
Original bitcoin paper announcement in cipherpunks [cp]
cvoinescu says
That article is beyond daft. It’s a mishmash of vaguely related information, with the word “blockchain” tactically splattered about. It’s the new magic self-healing server pixie dust! Idea boring? Sprinkle blockchain, idea looks good again. Use it regularly, and your startup funding stays healthy.
There’s one good tidbit: “You can remove your genome from the service (and future access) whenever you want, but any use previously granted would continue.” Well, duh. They have a copy of the plaintext now.
Marcus Ranum says
cvoinescu@#1:
That article is beyond daft.
Yep. I was afraid I was being a bit harsh on it. But the more I look at it the wronger it looks.
But, hey, blockchain!
Marcus Ranum says
Wasn’t there some donut shop or something that changed their name to “bitcoin exchange” or something, and their stock temporarily jumped through the roof?
PZ needs to figure out how to work blockchain! into evolutionary biology and do a video about it. It’d be yuge!
Hey, actually, DNA is kinda like a … blockchain that has been storing transactions in an open ledger for a billion years or so. O.M.G. This is gonna be bigger than The Selfish Gene – it’s The Blockchain Gene!!
Caine says
Daft is one word for it. My eyebrow was raised so high reading that article it damn near fell off the back of my head. And you’re so right about the blockchain – quantum thing. It’s just that to too many people, a type of “magic!”, so they’ll do anything which involves it.
Caine says
Marcus:
Oh gods, don’t give idiots ideas! Can you imagine what would happen it the evo-psych crowd gets ahold of this one?
Marcus Ranum says
One of the things I love about Dan Geer’s comment is that it obliquely says that (since revocation doesn’t work) “digital rights management” will never work.
The idea of having a market for data makes no sense at all unless the data either loses its value once it’s disclosed, or you’ve solved data revocation. This is a very real problem that companies like Garmin, and Lexis/Nexis wrestled with for years and failed to solve. It just means that retainers/aggregators like Equifax and Experian will put themselves in as intermediaries and cache all the answers, eventually copying the entire dataset.
lanir says
Revocation has a well known solution. Like a lot of other solutions, it’s generally only within the reach of governments. Essentially you’re just talking about making something that was once secret secret again (don’t think we’ll sell many hats over it though: Make Secrets Secret Again / MSSA doesn’t really flow that well). Benjamin Franklin obliquely referenced the way to do that but generally governments frown on anyone else murdering people.
Dunc says
I have to admit that I haven’t bothered investing the effort to really understand how blockchain works, but “a solution looking for a problem” seems to sum it up. And yeah, it has very obviously become this year’s pointless technology fad, increasingly propelled by people who wouldn’t know a hash function from a hash brown.
I think this article does a pretty good job of summing up the situation: Ten years in, nobody has come up with a use for blockchain. The short version is: while there are problems you could solve with blockchain, they all have simpler, better solutions, and introducing blockchain causes more problems than it fixes.
Some choice quotes to whet the appetite:
This is what happens when you get more enthusiastic about the technology itself than the problems you’re supposedly trying to solve with it.
lumipuna says
Hey, I have a tactical blockchain! It prevents home invaders from prying my door open.
Lofty says
Blockchain explainer:
https://www.theguardian.com/commentisfree/2018/feb/06/blockchain-explained-by-crypto-expert-f-onthemoon
felicis says
Seagate put out a press release saying they were going to do somthing with blockchain and their stock went up 20% the next day… That was when Bitcoin was trading at $18k or so. I wonder if it would do anything today?
Apropos (along the lines od Dunc’s @ 8 link):
http://www.arnoldkling.com/blog/blockchain-as-a-solution-in-search-of-a-problem/
cvoinescu says
You’ll know the blockchain has come into its own when there are blockchain wellbeing treatments and supplements, and blockchain cancer cures.
Marcus Ranum says
cvoinescu@#11:
You’ll know the blockchain has come into its own when there are blockchain wellbeing treatments and supplements, and blockchain cancer cures.
Goop is opening a blockchain spa.
bmiller says
I’m looking for Quantum Homeopathic Blockchain myself.
I see a future IT Department operating like this: https://www.youtube.com/watch?v=bgxzSUxxRzE
grahamjones says
Marcus said: “Wasn’t there some donut shop or something that changed their name to “bitcoin exchange” or something, and their stock temporarily jumped through the roof?”
Something very like that, yes. Long Island Iced Tea to Long Blockchain Corp. John Oliver – BLOCKCHAIN https://www.youtube.com/watch?v=D70g122myWo
Marcus Ranum says
grahamjones@#15:
Long Island Iced Tea to Long Blockchain Corp.
Well that sounds legit!