« Checkpoint Showcases a Spychipped Shoe | Main | Coast to Coast listeners are the best! »

March 15, 2006

RFID Vulnerable to Viruses!

sneezing RFID tag1.jpg

Melanie Rieback, a Ph.D. student at the Vrije Universiteit in Amsterdam, delivered a wake-up call to RFID proponents March 15 at the Fourth Annual IEEE Conference on Pervasive Computing and Communications in Pisa, Italy. She gave a live demonstration of how hackers could deploy rogue RFID tags programmed with a virus to wreak havoc on associated databases--possibly even facilitate a terrorist attack.

Read all about it in our latest press release by clicking here.

- Liz McIntyre

Here are more relevant links:

The researchers' website
http://www.rfidvirus.org/

Their paper
http://www.rfidvirus.org/papers/percom.06.pdf

Their press release in english
http://www.rfidvirus.org/papers/press_release.pdf

Here's the link to the BBC article...
Mikko Hypponen, chief research officer at anti-virus firm F-Secure, said: "RFIDs with embedded computers are suspectible to basically all the same threats any other computers are. Unfortunately."
http://news.bbc.co.uk/1/hi/technology/4810576.stm

(Thanks to Trevor for compiling these links.)

Posted by liz at March 15, 2006 12:03 AM

Comments

I found the info on RFID & viruses on The Terrorism Research Center site (http://terrorism.com/) just before hearing Kathleen talk on Geo Noory last night. I'll bet you already know about the site, but just in case......

PS If you need the exact info that was posted there, I can run it down, let me know.

Lu

Posted by: lu at March 16, 2006 12:31 PM

it seems to me that RFID VULNERABLE TO VIRUSES is a blessing to those of us who dont want these chips around, some one could make the rfid's with the virus's and volunteers can drop one in every store that uses them, eventually they may be forced to stop using them,or come up with a different system!
there has to be a way to stop these chips from happening

Posted by: james at March 17, 2006 8:40 AM

I would be interested in the details of the "live demonstration". Technically, viruses only spread via writable memory with a duplex communication link. The maicious intent of same is only manifested in Von Nueman memory. The most ubiquitous RFID will be the Hitachi 400uM pitch part that just reads out a unique number that must be compared to a database for meaning. It has neither Von Neuman memory nor duplex link. These parts don't actually store any new data (besides the possibility of activation or deactivation state), they just report thier burnt in content. They don't even have a program so to speak, they are hardware state machines. Just because they are not vulnerable to viruses doesn't mean that they are not intrinsically evil in what they enable.

There are more intelligent devices that actually run code and store data. These devices will then be vulnerable to virus infestation and transmission. Even then, It should be a simple matter to secure the systems by limiting system functionality. That is a commercial decision that will be determined by the greed and carelessness of the technology and value-added vendors. I will bet on the false confidence of the vaporware vendors that this is an eventuality for those devices.

Posted by: Brian at March 17, 2006 3:12 PM

Post a comment




Remember Me?

(you may use HTML tags for style)