funsec mailing list archives

Re: RFID World Still Reacting Strongly To Virus Research

From: Valdis.Kletnieks () vt edu
Date: Mon, 20 Mar 2006 02:49:14 -0500

On Sat, 18 Mar 2006 08:47:17 EST, "Richard M. Smith" said:

Those disagreeing with the research findings believe the paper assumes an
architectural design not in use today. England calls attention to
system-level inaccuracies. RFID tags store numbers, not executable code. The
RFID reader expects the RFID tag
<http://www.techweb.com/encyclopedia/defineterm.jhtml?term=tag&x=&y=>  to
transmit numbers. Not an executable command. If a reader receives executable
code via a virus, it's highly unlikely it would accept the data.


So since a PHP script expects (say) a street address rather than executable
code, it's highly unlikely it would be vulnerable to a PHP/SQL/XSS injection.

I understand fully.

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

RFID World Still Reacting Strongly To Virus Research Richard M. Smith (Mar 18)
- Re: RFID World Still Reacting Strongly To Virus Research Nick FitzGerald (Mar 18)
  - RE: RFID World Still Reacting Strongly To Virus Research Blanchard_Michael (Mar 21)
- Re: RFID World Still Reacting Strongly To Virus Research Valdis . Kletnieks (Mar 19)
- Re: RFID World Still Reacting Strongly To Virus Research Lionel Ferette (Mar 20)
- <Possible follow-ups>
- RE: RFID World Still Reacting Strongly To Virus Research Kohlenberg, Toby (Mar 18)