RFID Viruses: Wake Up Call or Non-Story?
By Rick Moss
In the last week, since the release of a white paper written by a group of researchers from the University of Amsterdam describing the possibility of embedding RFID tags with code viruses, headlines have circled the globe and RFID experts have weighed in on the legitimacy of the threat.
As reported in rfidwatch weekly, on the “just hold on a minute” side are those who say there is not much relevance to the claims.
“It’s of hypothetical interest but not much more,” says Bill Colleran, president and CEO at Impinj, a maker of RFID tags and readers. “I think it’s been kind of overblown and I don’t anticipate that we’ll see much problem with viruses. There’s very little data on a tag and secondly, it’s data – not programmable code.”
Others point out that, although a technical possibility, fundamental design safeguards and procedures would certainly prevent such incidents – facts that were side-stepped by the authors of the white paper.
“In other words, the researchers built a system with a weakness and then proceeded to show how the weakness could be exploited,” commented Dan Mullen, president of AIM Global. “Not surprisingly, poor system design, whether capturing RFID tag information, bar code information or keyboard-entered data will create vulnerabilities.”
Nevertheless, some say that the researchers’ warnings are not without merit.
“Most systems that are out there today would not be vulnerable to these types of virus attacks because of the way they are architected,” says Jeff Woods, vice president of research at Gartner Inc. “However, in order to avoid these kinds of attacks, systems have to be properly implemented. And if people are not thinking about these types of security issues, the systems inevitably end up with these types of holes in them.”
Moderator’s Comment: Is the RFID virus theory nothing more than overblown speculation, or does it hold an important message for the industry to remain
As far fetched as an RFID virus may sound, hackers have a tendency to get even more inspired when experts say, “It can’t be done.” Somehow, I don’t think
we’ve heard the last of these scares. –
Rick Moss – Moderator