Personal Tech Pipeline | RFID Tags Can Carry Viruses - Researchers

White Papers

Sponsor Resources

Free Newsletter GlossaryContact UsAbout Us
Players & CamsPhones & PDAsHome & AutoOnline

March 15, 2006

RFID Tags Can Carry Viruses - Researchers

Courtesy of TechWeb News

Page 1 of 2

Radio frequency identification tags (RFID) can be used to spread computer viruses and attack middleware applications and the databases behind them, a group of Netherlands-based scientists said Wednesday.

At an IEEE' conference on pervasive computing in Pisa, Italy, Melanie Rieback, a third-year PhD student at Amsterdam's Vrije Universiteit, presented a paper that outlined the threat to RFID systems and laid out how the small amount of memory in a tag -- in some cases as little as 128 bytes -- could be used to corrupt databases.

RFID tags have been promoted as a more efficient and economical way of tracking products -- from manufacturers to end-users -- and have been thought to be immune from such hacks.

Not so, said Rieback, a U.S. citizen who has studied in the Netherlands for the past five years. "This is a real threat, and it's going to be a larger threat if it's not taken care of," she said Wednesday after presenting her paper "Is Your Cat Infected with a Computer Virus?"

Once a hacker has created a miniature virus -- and perhaps planted a malicious tag on a product in store -- the attack begins as soon as the RFID tag is scanned. Attacks on middleware and the back-end databases, she said, could take the form of buffer overflows, code insertions, and SQL injections (a type of specialized code insertion that tricks a database into running SQL code).

To combat such attacks, middleware and database creators -- including big names like Oracle and SAP -- must harden their products to account for viral infections.

"We wanted to get the message out," she added. "Now they have warning."

Viruses could spread from tag to database, then to other tags in settings where RFID chips are written to, leading to scenarios where one incoming malicious tag leads to a factory sending out millions of infected chips to its customers.

"There are real-world consequences here," said Rieback. "Some car plants use tags on chassis to identify what color the car is to be painted. If a virus instructs the database to write tags that tell [the machinery to] switch colors, you're talking about destroying cars."

Andrew Tanenbaum, Rieback's supervising professor at Vrije Universiteit, had even more dire attacks in mind.

E-mail This Story
Print This Story
Reprint This Story

Page 2: next page

Page 1 | 2

Get the latest Personal Tech news, product info, and trends every week.

Related Content

  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Main RSS Feed
  Right-click and choose Copy to extract RSS Feed URL  Personal Tech Pipeline's Blog RSS Feed

Keeping Up To Date On Enterprise Server Tech?
Review our compilation of columns on server security, database software, and Linux issues.
Unleash the Power & Opportunity of Grid Computing
Experts will identify trends in grid computing, provide
examples and examine solution options.
Using Current Performance to Shape
Future Results

Hear new strategies for improving business
performance and results.

Editor's Picks

Well, Microsoft has "unfolded" its "Origami" ultra-mobile PC platform Thursday. It turned out to be a full-featured PC smaller than a tablet but bigger than a PDA. Are you impressed?
Yes! I want one!
Sort of. We'll see.
No! It's too big for a pocket and too small for real computing. What's the point?

In search of personal tech products? See our new Product Finder, where you'll find personal computing devices, communications solutions, security products, and more.

TESSCO, Your Total Source� in a wireless world.
TESSCO has everything today�s wireless professionals need to do business. Our TESSCO Solutions Guide features over 34,000 products from 350�world-class brands in one big book. Request your free copy today.

SENA Device Servers and Terminal Servers
Sena is a manufacturer of terminal servers, serial device servers, and wireless device servers, for device networking solution in the areas of IT/Telco, retail/POS, industrial automation, building automation, and medical automation.

Mobile and Wireless Accessories from LaptopParts offers a large variety of mobile computing parts, replacements, and more.

Fast, Firewall Piercing Support Tools from LogMeIn
Whether you need temporary or permanent access to remote PCs, LogMeIn has your solution: LogMeIn IT Reach for automatic maintenance of remote and mobile systems, and LogMeIn Rescue for instant, web-based remote access without pre-installing software.

Laptop Battery
Go Electronic has a great selection of professional and consumer electronics at low prices. Including a vast selection of laptop batteries for everyday and hard to find computer models.

Buy a Link Now

Top ten search terms from the TechWeb TechEncyclopedia
Stellent eSeminar "Approaches to Metadata Design" on March 23
Mobilized Solutions Guide: Find and compare solutions for your business
Top Requested White Paper Categories from TechWeb White paper Library
Top ten search terms from the TechWeb TechEncyclopedia