Scan me and I'll get you!
RFID security expert Lukas Grunwald now wants to claim for electronic passports what Andrew Tanenbaum demonstrated about a year ago with his RFID virus for Oracle software. Grunwald has used a cloned RFID chip and a modified JPG image similar to the ones embedded in an e-passport to crash the software that supports several RFID readers. According to Wired magazine, Grunwald suggests that an easily triggered buffer overflow may also allow injection and execution of malicious code. However, so far he hasn't managed to achieve this. The results of his research are to be discussed in his lecture "First We Break Your Tag, Then We Break Your Systems" at the DefCon hacker conference in Las Vegas.
If it were possible to execute malicious code on the reader, the information offered by the chip could also be manipulated, for example to give an immigration official the on-screen impression of a valid passport even though the passport is actually invalid. Grunwald doesn't want to name the affected RFID readers but says that they are in use at several airports. He believes it likely that other vendors' products contain the same vulnerability since they probably use the same (vulnerable) software for JPEG2000 image processing as the readers he tested.
- Scan This Guy's E-Passport and Watch Your System Crash, report in Wired