TY - JOUR
T1 - RFID Malware: Truth vs. Myth
AU - Rieback, M.R.
AU - Crispo, B.
AU - Tanenbaum, A.S.
PY - 2006/7
Y1 - 2006/7
N2 - The issues related to RFID malware along with proof-of-concept RFID virus are discussed. RFID exploits are traditionally hacking attacks that are identical to those found on Internet, such as buffer overflow, code insertion, and SQL injection attack. RFID warms copy the original exploit code to newly appearing RFID tags. An RFID virus can self replicate without an Internet connection by copying itself into back-end database. The tags are simply data carriers, just like floppy disks and USB sticks, which are prone to attacks by various hackers. It is recommended that RFID middleware vendors must have independent experts audit their code for vulnerabilities and practice safe programming practices. RFID equipment manufacturers must invest more energy in prototyping improved cryptography on low-cost RFID tags. Lawmakers and the average person should demand security and privacy measures in the RFID technology.
AB - The issues related to RFID malware along with proof-of-concept RFID virus are discussed. RFID exploits are traditionally hacking attacks that are identical to those found on Internet, such as buffer overflow, code insertion, and SQL injection attack. RFID warms copy the original exploit code to newly appearing RFID tags. An RFID virus can self replicate without an Internet connection by copying itself into back-end database. The tags are simply data carriers, just like floppy disks and USB sticks, which are prone to attacks by various hackers. It is recommended that RFID middleware vendors must have independent experts audit their code for vulnerabilities and practice safe programming practices. RFID equipment manufacturers must invest more energy in prototyping improved cryptography on low-cost RFID tags. Lawmakers and the average person should demand security and privacy measures in the RFID technology.
UR - http://www.scopus.com/inward/record.url?scp=33747270668&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33747270668&partnerID=8YFLogxK
U2 - 10.1109/MSP.2006.102
DO - 10.1109/MSP.2006.102
M3 - Article
SN - 1540-7993
VL - 4
SP - 70
EP - 72
JO - IEEE Security & Privacy
JF - IEEE Security & Privacy
IS - 4
M1 - 1668007
ER -