RFID Personal Firewall

JanMark writes "Prof. Andrew Tanenbaum and his student Melanie Rieback (who published the RFID virus paper in March) and 3 coauthors have now published a paper on a personal RFID firewall called the RFID Guardian. This device protects its owner from hostile RFID tags and scans in his or her vicinity, while letting friendly ones through. Their work has won the Best Paper award at the USENIX LISA Conference."

Demo Video

[AugustZephyr]

Video of The Guardian in action: http://www.rfidguardian.org/videos/rfid-guardian-0 250.mov

Link to PDF

[tttonyyy]

For those that want more detail than the videos provide:

http://www.cs.vu.nl/~melanie/rfid_guardian/papers/ acisp.05.pdf

Tanenbaum's theory is false

[crucini]

I read Tanenbaum's paper when it came out. One of the soundbites:

RFID malware is a Pandora's box that has been gathering dust in the corner of our 'smart' warehouses and home.

This is not true. There is no Pandora's box. Read the paper and you'll see why.

Tanenbaum and his co-authors exploited vulnerabilities in RFID middleware - the software that connects to an RFID reader. What makes this less interesting is that they wrote the middleware. Yes, they deliberately built in vulnerabilities like SQL injection, then crafted RFID tags to exploit them.

Tanenbaum's team did not find any weaknesses in any commercial RFID middleware. And their entire premise is flawed. The weaknesses they scanned for, such as SQL injection, are not going to exist in the dominant RFID system, which is EPC. An EPC tag contains a binary number (frequently 96 bits). This bit vector is divided into fields for manufacturer, part number, and serial number. It is binary, not text. There is no way a malformed number could trigger an SQL injection vulnerability.