Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

NYT: Study says RFID tags are vulnerable to viruses

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread		 This topic is archived.
Home » Discuss » Archives » General Discussion (01/01/06 through 01/22/2007) Donate to DU
 
harpo Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:34 AM
Original message
NYT: Study says RFID tags are vulnerable to viruses
By John Markoff
The New York Times

Published: March 14, 2006, 11:05 PM PST

A group of European computer researchers have demonstrated that it is possible to insert a software virus into radio frequency identification tags, part of a microchip-based tracking technology in growing use in commercial and security applications.

In a paper to be presented Wednesday at an academic computing conference in Pisa, Italy, the researchers plan to demonstrate how it is possible to infect a tiny portion of memory in the chip, which can hold as little as 128 characters of information.

Until now, most computer security experts have discounted the possibility of using such tags, known as RFID chips, to spread a computer virus because of the tiny amount of memory on the chips.

http://news.com.com/Study+says+RFID+tags+are+vulnerable+to+viruses/2100-1029_3-6049872.html?tag=nefd.top
Printer Friendly | Permalink |  | Top
soothsayer Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:36 AM
Response to Original message
1. Good!
Printer Friendly | Permalink |  | Top
 
Gormy Cuss Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:42 AM
Response to Reply #1
5. Heh!
I hope they're only slightly more prone to viruses than MS operating systems.
:evilgrin:
Printer Friendly | Permalink |  | Top
 
rpgamerd00d Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:38 AM
Response to Original message
2. Unless they are magic RFID tags, they are also vulnerable to...
... electro-magnets.

One good de-gaussing and they are fried and useless just like any other pieces of computer hardware.
Printer Friendly | Permalink |  | Top
 
tanyev Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:39 AM
Response to Original message
3. Hmmm...isn't Wal-Mart using these things extensively?
It sure would be a shame if something crashed their entire system.
Printer Friendly | Permalink |  | Top
 
harpo Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 11:53 AM
Response to Reply #3
12. yes they are...I want a "perimiter zapper" so I can...
go walk through one of their stores and zap all their crap
Printer Friendly | Permalink |  | Top
 
libertypirate Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:42 AM
Response to Original message
4. Something that might be possible in the future
Software errors

"We have not found specific flaws" in the commercial RFID software, Tanenbaum said, but "experience shows that software written by large companies has errors in it."

Fear Fear Fear....

Does any really understand how many characters 128 are? This includes spaces.

This post is more than 128 characters.
Printer Friendly | Permalink |  | Top
 
leveymg Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:43 AM
Response to Original message
6. What kind of a virus can exploit such small memory chips?
All it could do, I suspect, is corrupt the signal. Wouldn't you need some long lines of code to change the RFID message in a meaningful way, and how would one change the coding after the chip is implanted?
Printer Friendly | Permalink |  | Top
 
rpgamerd00d Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:45 AM
Response to Reply #6
7. Observe, Grasshopper. :)
128 characters.
A "character" is actually a byte. A byte its two bits.
That's 256 bits of code.
In assembler language, you could read the rfid code and change it randomly, with about 100 bits of code.

The problem would be distributing the virus, since RFID chips don't talk with each other.
Printer Friendly | Permalink |  | Top
 
leveymg Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:48 AM
Response to Reply #7
8. So, it could corrupt the code, but not in any meaningful way?
Printer Friendly | Permalink |  | Top
 
rpgamerd00d Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:50 AM
Response to Reply #8
9. Meaningful, because the RFID tag is now useless.
You now have 10,000 unmarked packages which you must sort by hand instead of by computer.

FUBAR.
Printer Friendly | Permalink |  | Top
 
leveymg Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 10:54 AM
Response to Reply #9
10. But, you can't change the ID of package A so it reads as Package B?
Printer Friendly | Permalink |  | Top
 
rpgamerd00d Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 11:55 AM
Response to Reply #10
13. Depends. If it added 1 to all tags, then yes, A could read as B, etc.
Printer Friendly | Permalink |  | Top
 
harpo Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 11:56 AM
Response to Reply #13
14. so instead of paying for for productA with productA pricing, it thinks
its productB which may be a different price
Printer Friendly | Permalink |  | Top
 
harpo Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 11:49 AM
Response to Reply #9
11. or 10,000 pounds of nuclear material that is now missing
Edited on Wed Mar-15-06 11:51 AM by harpo
that was bound for India. That's what can and will happen if they start relying on this technology as the only means to track...aka saving someone money by eliminating the "person" that would normally watch and keep an eye on it.
Printer Friendly | Permalink |  | Top
 
Harald Ragnarsson Donating Member (366 posts) Send PM | Profile | Ignore Wed Mar-15-06 11:57 AM
Response to Reply #9
16. Or maybe insert RFID info of the $1000 TV set into the $3000 one.
The modern technological equivalent of switching price tags on items?
Printer Friendly | Permalink |  | Top
 
Deja Q Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Mar-15-06 11:56 AM
Response to Original message
15. Duh
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Tue Apr 30th 2024, 12:13 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Archives » General Discussion (01/01/06 through 01/22/2007) Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC