Yes, benchtop devices have significant ramifications!
Agreed, storing the database on-device does sound much harder to secure than some kind of distributed storage. Though, I can imagine that some customers will demand airgapped on-device solutions, where this challenge could present itself anyway.
Agreed, sending exact synthesis orders from devices to screeners seems undesirable/unviable, for a host of reasons.
But that’s consistent with my comment, which just meant to emphasise that I don’t read Diggans and Leproust as advocating for a fully “public” hazard database, as slg’s comment could be read to imply.
If your benchtop device user can modify the hardware to attempt to defeat the screening mechanism, the problem becomes orders of magnitude harder. I imagine that making a DNA sequence generating device that can’t be modified to make smallpox even if it’s in the middle of Pyongyang and the malicious user is the North Korean government is an essentially unsolvable problem—if nothing else, they can try to reverse engineer the device and build a similar one without any screening mechanism at all.
A bit tangential, but this raises an important point: in general, you’re looking for things that raise the bar for causing harm. If you can take smallpox synthesis from something where anyone who works in a lab with a benchtop can synthesize it without even opening in the machine to one where they would have to disassemble it, but that already increases the chance that someone else in the lab would notice.
It would be great to get to a place where we have systems that will provide reliable protection even from well-funded state actors, but (a) a lot of the risk comes from much easier cases like it becoming easier for an individual to cause harm and (b) we are so far from having that kind of protection that efforts to improve the situation there should be much lower priority than ones that handle the easier cases.
Yes, benchtop devices have significant ramifications!
Agreed, storing the database on-device does sound much harder to secure than some kind of distributed storage. Though, I can imagine that some customers will demand airgapped on-device solutions, where this challenge could present itself anyway.
Agreed, sending exact synthesis orders from devices to screeners seems undesirable/unviable, for a host of reasons.
But that’s consistent with my comment, which just meant to emphasise that I don’t read Diggans and Leproust as advocating for a fully “public” hazard database, as slg’s comment could be read to imply.
If your benchtop device user can modify the hardware to attempt to defeat the screening mechanism, the problem becomes orders of magnitude harder. I imagine that making a DNA sequence generating device that can’t be modified to make smallpox even if it’s in the middle of Pyongyang and the malicious user is the North Korean government is an essentially unsolvable problem—if nothing else, they can try to reverse engineer the device and build a similar one without any screening mechanism at all.
A bit tangential, but this raises an important point: in general, you’re looking for things that raise the bar for causing harm. If you can take smallpox synthesis from something where anyone who works in a lab with a benchtop can synthesize it without even opening in the machine to one where they would have to disassemble it, but that already increases the chance that someone else in the lab would notice.
It would be great to get to a place where we have systems that will provide reliable protection even from well-funded state actors, but (a) a lot of the risk comes from much easier cases like it becoming easier for an individual to cause harm and (b) we are so far from having that kind of protection that efforts to improve the situation there should be much lower priority than ones that handle the easier cases.