The RFID virus claims aren’t just hooey, they’re mega-double-ultra-hooey. As mentioned on Slashdot and in BoingBoing’s HOWTO make an RFID virus, it’s possible to be really stupid with RFID. It’s also possible to be stupid with barcodes, knives, and chocolate bunnies.

The assumption by the researchers is that an RFID tag could contain some code in its data that could be read and accidentally executed by an application. The application would have to be flawed, and the tag would have to contain code that exploted the flaw. The broken application, in theory, could then read the data and become ‘infected’.

The researchers missed the obvious protections possible in the tags and readers themselves. Oddly, I haven’t heard mention of any of the security features anywhere:

• Most tags can only contain a few hundred bytes of data
• These blocks of data can be permanently locked, so that they can never be rewritten
• The data can also be encrypted in hardware using standard, secure, strong encrypion methods
• Applications reading the data generally read only a fixed number of bytes

In a situation where security matters, a tag can be both encrypted and immutably write protected. As well, the applications can be tested for security limitations. This is a software problem like most security issues.

How Simple Sharing Extensions Will Change the Web. This is one of the fudamental fantasies of Web2.0, that it will change the web. Hello, the web has already changed (and will) — outside of Microsoft, VC funding, or any of the Web2.0 madness. Get with the program: Microsoft and Web2.0 are a reaction, not the cause.

“There are a lot of people using Ajax,” says Mike Gilpin, an analyst at Forrester Research. While Ajax apps don’t have the interactivity of software written with Microsoft’s Windows technologies, Macromedia’s Flash player, or the open-source Eclipse tools for Java, Ajax doesn’t require developers to download a set of tools or media players from any one software vendor. That’s attractive to some savvy programmers, but makes Ajax programming labor intensive. “Not everyone can justify the amount of effort it takes to create that kind of user interface,” says Gilpin. “Not everyone is Google.” — Microsoft Plans Support For Ajax

Labor intensive? The most labor intensive aspect of Ajax is that IE is not compatible with standards ([foldoc: Xhtml], CSS2, DOM2, etc.). The fundamental mechanics of rich web applications are trivial, and are designed to make development easy. JSP, ASP, etc., are heavier approaches that don’t address the problems of rich applications, they instead focus on simplifying large-scale projects.

It’s obvious when Microsoft intends to crush something, they poke fun of it while rushing to add related features.