It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
A tag infected with a worm and attached, for example, to a piece of luggage could rapidly infect other luggage in an airport, the Dutch researchers say. "On arrival at other airports, these cases will be scanned again and within 24 hours, hundreds of airports throughout the world could be infected," they said in a statement issued by the university.
The Dutch researchers add that a malicious RFID tags could also bypass physical security measures by fooling a computer into thinking it has just received a different identification code. In the hypothetical airport example, this would provide "the perfect solution for smugglers and terrorists wanting to send suspicious luggage across the world without being noticed," they add.
Originally posted by Valhall
This appears to be affecting the chips in pets as well. They are having signals all of a sudden disappear, or move to an erroneous location.
The "RFID Virus" is absolutely laughable.
If you read the "paper", here's what they do:
1. Construct an RFID middleware system, intentionally design it to have some really obvious security flaws, ones that even most basic web developers know to avoid, namely the two security no-nos of implicitly trusting external data, and treating data as code.
2. Knowing the exact nature of those two obvious security flaws, including the exact implementation of the flaws, send malicious data that exploits those flaws.
This is so laughably stupid, but somehow it got picked up by the news outlets because it contains buzzwords: "RFID" and "Virus".
Really, what they're doing is the equivalent of:
1. Designing a barcode system to automatically self-destruct if it ever reads a barcode of 1337 1337, for no reason other than to prove it's dangerous.
2. Broadcasting to the world that the barcode system will self-destruct if it ever reads a barcode of 1337 1337.
3. Intentionally reading a barcode of 1337 1337.
4. Claiming that barcodes are dangerous.
RFID Tags, just like barcodes are just data. Nothing more than data. If you intentionally design a system to be vulnerable to certain data, then intentionally expose the system to that data, then yup, you'll have a problem.
I'm surprised the music industry hasn't tried this with MP3s. Design a MP3 player that will format your hard drive if it sees a certain often-downloaded song, download that song, show the drive getting formatted, then claim that MP3s are dangerous because they might format your hard drive.
Just because the chip is simple does not mean it cannot be "hacked". Web designers and code writers make mistakes all the time, they only have to gte it wrong once and someone could exploit it.
Originally posted by AgentSmith
OK my knowledge is limited, but I know you can write exploits that you input as a line of code (say in the 'name' field) which somehow (knowledge limited) executes when inputted into the database.
If the string is storded on the RFID, then when it is scanned it will be inputted into the database (say an SQL based one) and will then execute,