IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New RFID Viruses
[link|http://www.rfidvirus.org/index.html|http://www.rfidvirus.org/index.html]

Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software, and certainly not in a malicious way. Unfortunately, they are wrong. In our research, we have discovered that if certain vulnerabilities exist in the RFID software, an RFID tag can be (intentionall) infected with a virus and this virus can infect the backend database used by the RFID software. From there it can be easily spread to other RFID tags. No one thought this possible until now. Later in this website we provide all the details on how to do this and how to defend against it in order to warn the designers of RFID systems not to deploy vulnerable systems.

While we have some hesitation in giving the "bad guys" precise information on how to infect RFID tags, it has been our experience that when talking to people in charge of RFID systems, they often dismiss security concerns as academic, unrealistic, and unworthy of spending any money on countering, as these threats are merely "theoretical." By making code for RFID "malware" publicly available, we hope to convince them that the problem is serious and had better be dealt with, and fast.
---------------
Will this slow adoption? I doubt it.



"Whenever you find you are on the side of the majority, it is time to pause and reflect"   --Mark Twain

"The significant problems we face cannot be solved at the same level of thinking we were at when we created them."   --Albert Einstein

"This is still a dangerous world. It's a world of madmen and uncertainty and potential mental losses."   --George W. Bush
Expand Edited by tuberculosis Aug. 21, 2007, 06:37:23 AM EDT
New Neat. Viruses mimicing viruses.
[link|http://www.washingtonpost.com/wp-dyn/content/article/2006/03/14/AR2006031402039.html|Washington Post]:

Wednesday, March 15, 2006; Page A01

When Daniel Hickey's doctor suggested he have a microchip implanted under his skin to provide instant access to his computerized medical record, the 77-year-old retired naval officer immediately agreed.

"If you're unconscious and end up in the emergency room, they won't know anything about you," Hickey said. "With this, they can find out everything they need to know right away and treat you better."

[...]

The two D.C. residents are among just a handful of Americans who have had the tiny electronic VeriChip inserted since the government approved it two years ago. But the chip is being aggressively marketed by its manufacturer, which is targeting Washington to be the first metropolitan area with multiple hospitals equipped to read the device, a persuasive factor for Fischer and Hickey. Within weeks, the first hospital is expected to announce plans to start routinely scanning all emergency-room patients.

Some doctors are welcoming the technology as an exciting innovation that will speed care and prevent errors. But the concept alarms privacy advocates. They worry the devices could make it easier for unauthorized snoops to invade medical records. They also fear that the technology marks a dangerous step toward an Orwellian future in which people will be monitored using the chips or will be required to have them inserted for surveillance.

"It may seem innocuous, but the government and private corporations could use these devices to track people's movements," said Liz McIntyre, who co-wrote a book warning about the dangers of such radio-frequency identification (RFID) technology. "It may sound paranoid, but this is bound to be abused."

[...]


I can see it now - Your medical records get erased and you start spamming your neighbors' and coworkers' RFID chips after you go through a checkout at Target. :-/

And Peter worries about National ID cards...

Cheers,
Scott.
(Who thinks that, yet again, a useful technology is galloping ahead of privacy protections.)
     RFID Viruses - (tuberculosis) - (1)
         Neat. Viruses mimicing viruses. - (Another Scott)

Most of our entire ruling junta.
95 ms