funsec mailing list archives
Re: RFID World Still Reacting Strongly To Virus Research
From: Valdis.Kletnieks () vt edu
Date: Mon, 20 Mar 2006 02:49:14 -0500
On Sat, 18 Mar 2006 08:47:17 EST, "Richard M. Smith" said:
Those disagreeing with the research findings believe the paper assumes an architectural design not in use today. England calls attention to system-level inaccuracies. RFID tags store numbers, not executable code. The RFID reader expects the RFID tag <http://www.techweb.com/encyclopedia/defineterm.jhtml?term=tag&x=&y=> to transmit numbers. Not an executable command. If a reader receives executable code via a virus, it's highly unlikely it would accept the data.
So since a PHP script expects (say) a street address rather than executable code, it's highly unlikely it would be vulnerable to a PHP/SQL/XSS injection. I understand fully.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RFID World Still Reacting Strongly To Virus Research Richard M. Smith (Mar 18)
- Re: RFID World Still Reacting Strongly To Virus Research Nick FitzGerald (Mar 18)
- RE: RFID World Still Reacting Strongly To Virus Research Blanchard_Michael (Mar 21)
- Re: RFID World Still Reacting Strongly To Virus Research Valdis . Kletnieks (Mar 19)
- Re: RFID World Still Reacting Strongly To Virus Research Lionel Ferette (Mar 20)
- <Possible follow-ups>
- RE: RFID World Still Reacting Strongly To Virus Research Kohlenberg, Toby (Mar 18)
- Re: RFID World Still Reacting Strongly To Virus Research Nick FitzGerald (Mar 18)