RFID malware demonstrated (and DIY axis of crypto)

Welcome to today's IT Blogwatch, in which RFID tags can infect your back end -- sounds nasty [You're fired -Ed.] Not to mention a DIY Enigma cypher machine ...

RFID tags not scary enough for you already? Let's hear it for Vrije Universiteit Amsterdam and a project under the seminal Andrew S. Tanenbaum. Jeremy Kirk has the 411-not-404: "Viruses embedded in radio tags used to identify and track goods are right around the corner, a danger that so far has been overlooked by the industry's high interest in the technology ... attacks can come in the form of a SQL injection or a buffer overflow attack even though the tags themselves may only store a small bit of information ... The purpose of the exercise, the authors wrote, is to encourage RFID middleware designers to be more careful when writing code ... RFID systems may be attractive to criminals since the data contained on them may have a financial or personal nature, such as information stored on digital passports. In addition to causing damage to computer systems, RFID malware may have an effect on real-world objects."

» Tim Finin asks, "Is Your Cat Infected With a Computer Virus? And you thought mad cow disease and bird flu were scary… [the paper] introduces the possibility that RFID tags with bad data can introduce a virus into an RFID reader which could propagate via writable RFID tags. This prospect may seem unlikely today, but will get much more plausible as tags with high data capacity become more common, especially if they include writable data segments."

» Ed Felten thinks it's simply diabolical: "The underlying technical argument is pretty simple ... Simple RFID tags are quite simple and only carry data ... Tags cannot themselves be infected by viruses. But they can act as carriers ... If RFID readers run complicated software, then they will inevitably have bugs. One common class of bugs involves bad handling of unexpected or diabolical input values ... Suppose that some subset of the world's RFID readers had an input-processing bug of this general type, so that whenever one of these readers scanned an RFID tag containing diabolically constructed input, the reader would be hijacked and would execute some command contained in that input ... A virus attack might start with a single RFID tag carrying evil data. When a vulnerable reader scanned that tag, the reader’s bug would be triggered, causing the reader to execute a command specified by that tag. The command would reconfigure the reader to make it write copies of the evil data onto tags that it saw in the future ... Designers of RFID-based systems will have to engineer their systems much more carefully than we had previously thought necessary."

» Geek News Central can't resist a dig at Kevin Warwick: "Imagine you're one of those idiots that had RFID chips implanted in their arms so that they could access computer equipment, well it seems they may now need to jack in from time to time and make sure they have not picked up a virus. Or here is one better, you know that load of plasma televisions that are in a container headed to the US? Well someone could inject data into them so that the load of 100 plasmas could register as 50. Do you think running Cigarettes is bad wait till crooks can mess with inventory control. Competitor walks into a Walmart and with a hand held device changes the inventory numbers of every item in the store triggering massive over ordering forcing the store into supply issues. Think it can't happen? Well just wait."

» WSJ columnist Jeremy Wagstaff blogs: "My instinct would be to take these guys seriously. As with Bluetooth security issues such as Bluesnarfing, the tendency is for the industry itself not to take security seriously until someone smarter than them comes along and shows them why they should do."

» The last word goes to Marshall Kirkpatrick, who makes one up: "RFID is likely one key part of the future of digital identity. Glad the conversation is complexifying beyond surveillance/civil liberties concerns and people without those concerns. I know I don't want to be wrongfully accused of hording an illicit number of unregistered Gillette razors in my bathroom."

[For the full scoop, check out the researchers' website.]

Buffer overflow:

And finally... DIY Enigma

Richi Jennings is an independent technology and marketing consultant, specializing in email, blogging, Linux, and computer security. A 20 year, cross-functional IT veteran, he is also an analyst at Ferris Research. Contact Richi at blogwatch@richi.co.uk.

Copyright © 2006 IDG Communications, Inc.

Shop Tech Products at Amazon