There was a bit of a stir today around a British scientist, Dr. Mark Gasson. In the BBC article Dr. Gasson was touted as the “First Human ‘Infected With a Computer Virus’”. I let this one stew around for a few seconds and I have to say that this isn’t what it’s cracked up to
There was a bit of a stir today around a British scientist, Dr. Mark Gasson. In the BBC article Dr. Gasson was touted as the “First Human ‘Infected With a Computer Virus’”. I let this one stew around for a few seconds and I have to say that this isn’t what it’s cracked up to be – it’s more like “Bytes of Malware Sample Stored in RFID Chip Memory”.
Let’s decompose this into its basic parts so that everyone understands what this news really means. RFID (Radio Frequency ID) is exactly what its name implies – namely, it is a system where you have the following:
- intelligent system to take action on IDs obtained from RFID chips (PC, embedded processor, etc)
- RFID reader
- transponder (chip)
Here’s a quick-and-dirty “RFID 101”. RFID chips may be passive or active. Passive chips become energized at set frequencies when they are within the range of the antenna. The range varies with the frequency that the chip is attuned to. Active chips are battery-powered and can transmit at farther distances (think of toll passes). Once a chip is read, the stream of data is received and matched against a database of stored IDs. Once a match is made some action is taken – i.e. deduct money from the account for toll passes, open doors, deduct an item from inventory, et cetera.
The bottom line is that you can store the raw bytes of a small executable as hex values in the RFID chip – and you can do the same thing in notepad. The real fact is that you cannot simply copy those bytes out of the RFID reader, into the PC and run them as an executable program on any control system.
Here’s a snippet of the raw hex dump of a “Hello World” application that I just compiled under Mac OS X Snow Leopard. I would have to write the raw bytes into the memory of the chip, read them back on another system and attempt to reconstruct them into a running “hello world” application all over again.
If a picture says a thousand words, then the below video (from BBC World News) will most-likely have you walking away with more questions than answers.
(In case you were wondering, the transponder shown in the video is passive)
As a former developer of RFID systems, I’ve had my share of reading and writing to various chips and decoding the embedded data. You would have to literally create a new system to take advantage of the store bytes of malcode being carried around in the transponders. I still have quite a bit of RFID equipment in my research lab – maybe I’ll wedge a transponder onto my
Actually, If you walked around with a small lithium battery powering a Bluetooth radio (or Wi-Fi) with an embedded processor (such as a gumstix) and transmitted malware to whatever system you connected to – it would be much more effective. Also, the malware wasn’t integrated into his biological system, it’s code had to reside on another system in order for this to work. It was that system, implanted into his body, not any organ or tissue in his body, that provided the platform to transport the malcode.
More devices (including implantable ones) are sporting embedded processors, communications channels and data storage (even the storage of small amounts of data is enough for someone to “poison the well”). I recall at DefCon 2008 researchers discussed the vulnerabilities associated with remotely disabling pacemakers. A colleague and Security researcher, Gadi Everon, addressed this topic in a 2007 Wired article entitled, “Will the Bionic Man Have Virus Protection?"
While the importance of the implications should not be ignored, the story was a little over the top. Regardless, this is going to touch more areas of our world, personal and otherwise, as we hurtle toward “The Internet of Things”.
Sr. Research Director
p.s. This reminds me of the bad, but interesting movie “Johnny Mnemonic.” where cybernetically-enhanced humans were data “couriers”.