The news for proponents of RFID tags just keeps getting worse.
Now comes word that a virus has been successfully inserted into an RFID tag. A group of European researchers presented their finding at the annual Pervasice Computing and Communications Conference in Pisa, Italy, on Wednesday.
Such “creativity” was thought to be impossible, since RFID chips hold such a small amount of information (as little as 128 characters). But here the virus is, and it raises a whole host of new questions about the usability and desirability of the new information storage technology.
Why is this such an issue? It’s not the size of the virus or the tag that is important; rather, it’s what the vulnerability of the tags means. A tag that can be compromised, its data signalling scuttled by a virus, will emit no signal when prompted by an RFID reader. Thus, a person who had something with an RFID tag on it but wanted to evade detection could do so by installing a virus in that RFID tag, thereby disabling it. In such a way could a smuggler avoid having smuggled goods detected by airport security systems.
The researchers also published protocols for protecting RFID tags for such viral attacks, also arguing that such viral attacks would require specialized knowledge that the great majority of people do not have or have access to. Still, it’s another blow to a technology that many have tapped as the UPC code of the future. Who cares if “the majority of people” can’t hack it, if it can be done, its bad enough.