Posted on 03/15/2006 1:23:25 PM PST by nickcarraway
Get breaking Reg news straight to your desktop - click here to find out how.Dutch researchers have warned that RFID tags small microchips, which can be used to tag products or animals - can be infected with computer viruses.
A group under the guidance of Andrew Tanenbaum at the Amsterdam Free University made the world's RFID "malware" publicly available. "We hope to convince the experts that the problem is serious and better be dealt with, the Dutch researchers say.
As RFID chips only have a limited memory capacity, it was widely assumed they could not become infected with a virus, but researchers discovered that if certain vulnerabilities exist in RFID software a RFID tag can be (intentionally) infected with a virus, which could infect the backend database used by the RFID software. From there it can easily spread to other RFID tags, researchers explained today at the Annual IEEE Conference on Pervasive Computing and Communications in Pisa, Italy.
One possible target could be airports. From May 2006, RFID tags at Las Vegas Airport will be attached to suitcases to speed up the baggage handling process. If someone attaches an infected RFID tag to these cases, the entire system could be disrupted, researchers warn.
They stress that developers must introduce measures to check their RFID systems and implement safety procedures to prevent widespread infection.
I would think that buffer over-run would be a likely path.
Very light on details. My guess is that it's more of an overwritting or spoofing of the data than an actual virus. But then again, nothing today shocks me anymore.
ping
Posted here too:
http://www.freerepublic.com/focus/f-news/1596825/posts
LOL
Bam. Bam. Bam.
Doesn't sound like much of a real threat.
http://www.difrwear.com/purchase.shtml
Agree. This story is stretching things. You might as well say, ANY data *could* store a virus. Well, yeah, but so what?
You can get a HUGE virus in 96 bits of data.
Like about 14 characters worth. Idiots.
A virus must be executed to infect. A character string is treated as a character string. It is not executed.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.