RFID tags can spread viruses
Andrew Tanenbaum, Melanie Rieback and Bruno Crispo of The Free University of Amsterdam have demonstrated the feasibiliy of spreading of a computer virus by having RFID tags inject SQL commands into a database, something which until now had been presumed to be impossible. RFID (Radio Frequency ID) tags will probably be increasingly used, not only by supermarkets to track the movement of items in the store and of shipments, but in many other areas – for example to identify the owners of pets and of people crossing international borders (embedded in passports), to route baggage at airports, to check books out of libraries, and for fee collection on roads and when using public transport.
The virus, only 127 bits long, was able demonstrate corrupting data in a database. The researchers described it as a “proof of concept” demonstration showing the need for manufacturers of the tags to develop better security features, before hackers and consumer activists start creating havoc with supply chains, customs databases, airport baggage-hanlding systems and so on.
Read lots more detailed information from the researchers, including their paper (in English or Dutch), here. Well worth reading.