I recently bought a Near Field Communications (read: magnetic field) shield from Adafruit industries (www.adafru.it) to plug into my arduino so that I could start playing with RFID chips. With the excellent libraries already made by adafruit, programming the various tags was a cinch.
I was alarmed to find out the lack of controls built into the newest Android OS. Programming a URL onto my tag and then waving it underneath (yes you do have to be quite close) the droid beam sensor pops open the browser and the website without any user interaction. The only user control in place by default is that someone can turn it on or off. With droid being the latest malware target it seems to me that this would open a new angle of attack for pushers of drive by exploits, blachole, etc.
Hypothetical attack angle 1: Place RFID stickers with a url hosting malcode on the arm of the chairs on the subway. People that have their phone in the outside pocket would brush up next to it. If the phone is unlocked it pops open the browser, runs the exploit, and then forwards to a benign address like google if it can’t close the browser. Sure the odds of someone coming close enough may be small, but if you put stickers on each seat in a train car on Sunday morning the amount of traffic generated during the week would surely net some success. As RFID chips become even cheaper than they already are and phones come with it enabled stock (iPhone 6?? – maybe not) then this could become a new threat.