Free Republic
Browse · Search		 News/Activism
Topics · Post Article

Skip to comments.

RFID tags can be infected with a virus
The Register ^ | Wednesday 15th March 2006 | Jan Libbenga

Posted on 03/15/2006 1:23:25 PM PST by nickcarraway

Get breaking Reg news straight to your desktop - click here to find out how.Dutch researchers have warned that RFID tags – small microchips, which can be used to tag products or animals - can be infected with computer viruses.

A group under the guidance of Andrew Tanenbaum at the Amsterdam Free University made the world's RFID "malware" publicly available. "We hope to convince the experts that the problem is serious and better be dealt with,” the Dutch researchers say.

As RFID chips only have a limited memory capacity, it was widely assumed they could not become infected with a virus, but researchers discovered that if certain vulnerabilities exist in RFID software a RFID tag can be (intentionally) infected with a virus, which could infect the backend database used by the RFID software. From there it can easily spread to other RFID tags, researchers explained today at the Annual IEEE Conference on Pervasive Computing and Communications in Pisa, Italy.

One possible target could be airports. From May 2006, RFID tags at Las Vegas Airport will be attached to suitcases to speed up the baggage handling process. If someone attaches an infected RFID tag to these cases, the entire system could be disrupted, researchers warn.

They stress that developers must introduce measures to check their RFID systems and implement safety procedures to prevent widespread infection.

TOPICS: Business/Economy; Constitution/Conservatism; Culture/Society; Miscellaneous; News/Current Events
KEYWORDS: firmware; rfid; security; virus

1 posted on 03/15/2006 1:23:28 PM PST by nickcarraway
[ Post Reply | Private Reply | View Replies]
To: nickcarraway

I would think that buffer over-run would be a likely path.


2 posted on 03/15/2006 1:29:23 PM PST by gondramB (Render unto Caesar that which is Caesar's and unto God that which is God's.)
[ Post Reply | Private Reply | To 1 | View Replies]
To: nickcarraway

Very light on details. My guess is that it's more of an overwritting or spoofing of the data than an actual virus. But then again, nothing today shocks me anymore.


3 posted on 03/15/2006 1:29:47 PM PST by SengirV
[ Post Reply | Private Reply | To 1 | View Replies]
To: ShadowAce; martin_fierro

ping


4 posted on 03/15/2006 1:30:03 PM PST by nickcarraway (I'm Only Alive, Because a Judge Hasn't Ruled I Should Die...)
[ Post Reply | Private Reply | To 1 | View Replies]
To: SengirV
"Very light on details. My guess is that it's more of an overwritting or spoofing of the data than an actual virus. But then again, nothing today shocks me anymore."

There is definitely that problem - the data isn't encrypted
5 posted on 03/15/2006 1:31:51 PM PST by gondramB (Render unto Caesar that which is Caesar's and unto God that which is God's.)
[ Post Reply | Private Reply | To 3 | View Replies]
To: nickcarraway
Was *this close* to pinging you earlier.
6 posted on 03/15/2006 1:32:02 PM PST by martin_fierro (< |:)~)
[ Post Reply | Private Reply | To 1 | View Replies]
To: nickcarraway
Similar article
7 posted on 03/15/2006 1:32:11 PM PST by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]
To: nickcarraway

Posted here too:

http://www.freerepublic.com/focus/f-news/1596825/posts


8 posted on 03/15/2006 1:32:21 PM PST by Ramius (Buy blades for war fighters: freeper.the-hobbit-hole.net --> 1100 knives and counting!)
[ Post Reply | Private Reply | To 1 | View Replies]
To: Ramius

LOL

Bam. Bam. Bam.


9 posted on 03/15/2006 1:33:07 PM PST by Ramius (Buy blades for war fighters: freeper.the-hobbit-hole.net --> 1100 knives and counting!)
[ Post Reply | Private Reply | To 8 | View Replies]
To: nickcarraway
So if there are certain vulnerabilities in the host software, and certain vulnerabilities in the RFID tag, a virus could conceivably be spread between those tags and hosts running vulnerable software.

Doesn't sound like much of a real threat.

10 posted on 03/15/2006 1:34:51 PM PST by untrained skeptic
[ Post Reply | Private Reply | To 1 | View Replies]
To: nickcarraway
RFID blocking wallets (now, if they can only find a way to keep my teen aged daughter out!!)

http://www.difrwear.com/purchase.shtml

11 posted on 03/15/2006 1:35:53 PM PST by llevrok (The answer is often in the question.)
[ Post Reply | Private Reply | To 1 | View Replies]
To: untrained skeptic

Agree. This story is stretching things. You might as well say, ANY data *could* store a virus. Well, yeah, but so what?


12 posted on 03/15/2006 1:55:48 PM PST by tentmaker
[ Post Reply | Private Reply | To 10 | View Replies]
To: tentmaker

You can get a HUGE virus in 96 bits of data.

Like about 14 characters worth. Idiots.

A virus must be executed to infect. A character string is treated as a character string. It is not executed.


13 posted on 03/15/2006 5:29:51 PM PST by Sleeping Hampster
[ Post Reply | Private Reply | To 12 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search		 News/Activism
Topics · Post Article
FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson