Tag Archives: Radio Frequency

How To Infect An Airport

Could it be possible to use Radio Frequency ID tags, or RFID, to transmit viruses? Some researchers reckon so. Unstrung reports that a paper presented at the Pervasive Computing and Communications Conference in Pisa, Italy, the researchers from Vrije Universiteit in Amsterdam, led by Andrew Tanenbaum, show just how susceptible radio-frequency tags may be to malware. “Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify backend software, and certainly not in a malicious way,” the paper’s authors write. “Unfortunately, they are wrong.”

According to The New Scientist the Vrije Universiteit team found that compact malicious code could be written to RFID tags by replacing a tag’s normal identification code with a carefully written message. This could in turn exploit bugs in a computer connected to an RFID reader. This made it possible, the magazine says, to spread a self-replicating computer worm capable of infecting other compatible, and rewritable, RFID tags.

An RFID tag is small — roughly the size of a grain of rice, the New Scientist says, and contains a tiny chip and radio transmitter capable of sending a unique identification code over a short distance to a receiver and a connected computer. They are widely used in supermarkets, warehouses, pet tracking and toll collection. But it’s still in the early stages of development. Which leaves it vulnerable. Until now, however, it was thought the small internal memory would make it impossible to infect. Not so, say the researchers.

So what would happen, exactly? RFID virus would then find its way into the backend databases used by the RFID software. The paper, Unstrung says, outlines three scenarios: a prankster who replaces an RFID tag on a jar of peanut butter with an infected tag to infect a supermarket chain’s database; a subdermal (i.e., under-the-skin) RFID tag on a pet used to upload a virus into a veterinarian or ASPCA computer system; and, most alarmingly, a radio-frequency bag tag used to infect an airport baggage-handling system. A virus in an airport database could re-infect other bags as they are scanned, which in turn could spread the virus to hub airports as the traveler changes planes.

So how likely is this? Not very, Unstrung quotes Dan Mullen, executive director of AIM Global, a trade association for the barcode and RFID industries, as saying. “If you’re looking at an airport baggage system, for instance, you have to know what sort of tag’s being used, the structure of the data being collected, and what the scanners are set up to gather,” he explains. Red Herring quotes Kevin Ashton, vice president of marketing for ThingMagic, a Cambridge, Massachusetts-based designer of reading devices for RFID systems, as saying the paper was highly theoretical and the theoretical RFID viruses could be damaging only to an “incredibly badly designed system.” Hey, that sounds a bit like a PC.

But he does make a good point: because RFID systems are custom designed, a hacker would have to know a lot about the system to be able to infect it. But that doesn’t mean it can’t be done, and it doesn’t mean it won’t get easier to infect. As RFID becomes more widespread, off-the-shelf solutions are going to become more common. And besides, what will stop a disgruntled worker from infecting a system he is using? Or an attacker obtaining some tags and stealing a reader, say, and then reverse engineering the RFID target?

My instinct would be to take these guys seriously. As with Bluetooth security issues such as Bluesnarfing, the tendency is for the industry itself not to take security seriously until someone smarter than them comes along and shows them why they should do.

RFIDs And Shoplifters

Could RFID tags be used by shoplifters?

Robert Lemos of CNET’s News.com writes from Las Vegas that a German technology consultant believes the Radio Frequency Identification tags “could be abused by hackers and tech-savvy shoplifters”. He quotes Lukas Grunwald, a senior consultant with DN-Systems Enterprise Internet Solutions GmbH, as telling a discussion at the Black Hat Security Briefings that thieves could fool merchants by changing the identity of goods, he said.In time-honored fashion, Grunwald had the tools to prove it, unveiling during the session “a new software tool that he helped create that can be used to read and reprogram radio tags”.

The basic idea, it seems, is that such software — called RFDump, or sometimes RF-Dump — could be used on a PDA or laptop to mark expensive goods as cheaper items, allow underage folk to bypass age restrictions on alcoholic drinks and adult movies or create confusion in shops by randomly swapping tags.

How much of a threat is this to RFID? On first flush it sounds major. But I suspect that if it is going to be an issue it’s going to be more closely related to security than shoplifting. How many doors are already being opened by RFID? How many security passes are RFID? Luggage tags in airports? Of course these are probably encrypted but could these be reprogrammed?

Are Privacy Fears About RFID Tags Just Hype?

Reports that delegates to the World Summit on the Information Society conference in Geneva were unwittingly wearing RFID tags which could have tracked their movements, attendance at meetings or seminars, visits to the john etc etc has raised some debate about RFID (Radio Frequency ID), privacy, security and the rights of the individual to know what the tag around their neck actually tells people about them.

My posting, which didn’t actually make any specific comment about the news, prompted this from Mike Rowehl of Bitsplitter who says, among other things, that “sure, there are plenty of issues to be worked through with RFID, but it’s hardly the boogeyman that everyone makes it out to be. A cell phone can just as easily (and in the future, more easily most likely) be used to determine a users location”.

Actually, Mike, I’m not sure that’s right. Cellphones work in large areas, and can narrow the location of a phone (and its user) down to quite a small area, but RFID works in small, enclosed areas. As one of the delegates, Olivier Piou of Axalto told the conference last Friday:

Wireless technologies also present a similar threat to privacy: while it is relatively easy to turn off a cellular phone (because all of them have an ON/OFF button!), radio-frequency identification systems – also known as RFID or contactless systems – are activated from a distance. It becomes so very easy to install a reading antenna, in the subway or in any place like in this conference room, to detect who is there without awareness and consent.

Numerous books and movies have predicted that our civil society would not be wise enough to protect its basic universal human rights in this digital age. However, the more we have powerful tools available to us, the more we have the duty to use them for the best of humanity. This is why I wanted to raise your awareness today.

This is why also, we at Axalto believe that it is essential that digital identity be designed to ensure trust and confidence in modern digital systems, and that it be combined with conventional physical identity into a secure portable object that citizens can voluntarily present to be identified, to authorities in the physical world and to on-line services in the virtual world.

That this comes from an industry insider — Axalto is the new name of Schlumberger unit SmartCards, of which Olivier Piou has been president since 1998; he has been in the smart card business since 1994. (Smart cards are microprocessor cards used mainly for ID) — should give some weight to concerns raised by the use of RFID at the summit. That the summit itself, supposedly concerning itself with the information society, should not be more aware of a) the privacy aspects of its tags and b) unable to answer questions raised by privacy advocates, does not inspire confidence.

While I don’t agree with the more outlandish claims that RFID is a new kind of big brother, there’s little doubt in my mind that it’s a technology which needs some serious attention before it can be deployed in public.

RFID Secretly Tags The Internet Summit

The Washington Times has an interesting piece about the the Internet and technology summit in Switzerland last week. Delegates, it says, were unknowingly bugged with RFID tags, according to researchers who attended the forum.

RFID is Radio Frequency ID, which means the tags could have contained and given off all sorts of information, including the wearer’s exact location. The badges were handed out to more than 50 prime ministers, presidents and other high-level officials from 174 countries, including the United States. Researchers questioned summit officials about the use of the chips and how long information would be stored but were not given answers.

The three-day forum focused on Internet governance and access, security, intellectual-property rights and privacy.

News: RFID Notes

 A longish piece from Slate on our old friends RFIDs — Radio Frequency Identification Devices — which are feared and admired for their ability to hold all sorts of data about what you’re doing, buying, washing or eating. Earlier this month Hitachi announced the release of a tiny wireless ID chip that can be “easily embedded in bank notes.”
 
Although the story doesn’t focus on it, it makes a good point: Whereas privacy advocates — fearing these things may hold data about our purchases etc well after we left the shop — may be silenced by the idea of a ‘kill switch’ which disables the tag at checkout, presumably the same wouldn’t really be a good idea in currency. So why exactly should we have RFIDs in our currency, and what does it mean for us? More anon.

Update: Gillette Said To Abandon Tag Trials

 From the This Sounds Like A Good Thing, Or Are We Being Luddites? Dept comes news that privacy protests against the trial of RFID tags by Gillette at a Tesco store in Cambridge have prodded Gillette to abandon their trial, according to Indynews. RFID (Radio Frequency ID) tags are small tags containing a microchip which can be ‘read’ by radio sensors over short distances.
 
 
Recent trials involving attaching these tags to products have raised concerns about privacy, as information on the tag could be read long after the product was purchased. Tesco is also testing RFID tags in its DVD range at the Extra store in Sandhurst, Berkshire.

News: Fired Up About Laundry Tags

 It’s interesting to see how RFID — the technology behind product tagging that I’ve banged on about here before — enflames passions. News on ZDNET that chipmaker Texas Instruments has announced a wireless identity chip for clothing which can survive the dry cleaning process has unleashed dozens of comments, most of them about the potential for tracking folk and abusing their privacy.
 
The Laundry Transponder, from TI Radio Frequency Identification Systems, is a thin 13.56MHz radio frequency identification (RFID) chip with a circumference of 22mm that can be attached or sewn into fabric. Its plastic casing is capable of withstanding industrial cleaning processes, making it practical for dry cleaners to track items through to customer delivery, ZDNET says. But more interesting are the comments that follow the article (scroll down to the bottom to read them). Steel yourself for some forthright language.
 
What we need is a reasoned debate on both sides so everyone knows what they’re dealing with. That may be about to happen, at least in the UK: ZDNET quotes Labour MP Tom Watson as saying he has submitted a motion for parliamentary debate on the regulation of RFID devices, and is confident that it will be debated in September.