Hey, Glasshole: That cool app? It has turned you into a SPY DRONE Security researchers have created prototype Google Glass spyware that is capable of snooping on everything the user is looking at without tipping off victims that anything is amiss. Mike Lady and Kim Paterson – graduate researchers at California Polytechnic San Luis Obispo – created an app that takes a picture every 10 seconds …
Wow.
I didn't expect my comment from not even a month ago to become reality already..
It's also much more likely to become reality because of their fashion deal with the like of Ray Ban etc.
We're in for a season of Glassholes after all :(
"Security researchers have created prototype Google Glass spyware that is capable of snooping on everything the user is looking at without tipping off victims that anything is amiss."
Just watch that battery level drop like a stone - that's a good clue it's doing something intensive (camera + encoding + transmission) when it's not supposed to be.
"Yep, that's a security flaw. Definitely not an undocumented feature. No, Google never spotted this, thanks for pointing it out before we went live. No, we never realised that it was possible to have the Glass snoop on everything its user sees without them knowing..."
...
...
...
... "right, the press has gone. Back to the drawing board lads - and see if you can sort out that battery drain too, it's a dead giveaway..."
Pictures are taken every 10 seconds, but the images may only be uploaded occasionally - such as when you're already accessing the internet. Think you'd notice the difference if it saved the uploading for when you're accessing Google or Facebook?
The software could upload very fuzzy images and allow the attacker to request full resolution versions as desired. Such as to catch the moment when you pick up your credit card and the CVV2 code is visible.
This is a "proof of concept" attack now, which isn't too useful with a single picture every 10 seconds. But that's mainly due to the absolutely shitty battery life of Glass. The 2020 version may have battery life and storage sufficient to take a picture every second, and could grab the Glasshole's PIN number, computer passwords, etc. It isn't attractive if there are only a few weirdos who use it like today, but if they managed to get it to catch on it becomes an attractive target for hackers because seeing everything someone else sees means you can steal from them very effectively porn.
The lesson here is that it doesn't matter whether the "recording" light is on or not. Everyone knows that you always treat any tape recorder, microphone or camera as if it is recording, even if you've been told it's off; same goes for Google Glasses. See the final episode of Yes, Prime Minister "The Tangled Web" inter alia.
If someone is wearing Google Glasses, assume they are recording. If you're not comfortable with that, either ask them to take them off or move elsewhere.
I love the idea of having a wearable computer with the usage promise that glass offers.
I absolutely hate the idea that security is such an issue. How long until various governments decide they "need" to be able to access any individual glass device in order to get a view of what's going on at a particular location to satisfy "security" concerns?
I can absolutely see the probability of every country making such demands. After all, why put up security cameras at various intersections when you could just access the images of a particular user on demand?
It doesn't take much to imagine that state intelligence agencies would love to be able to keep at least 30 days of image and gps data on anyone wearing such a device. It also doesn't take much to know that those same intelligence agencies could require the manufacturers to build such capabilities into the products and for telecom businesses to hide the data transfer and to force those businesses to keep their mouths shut about it.
Glass, and future products like it, represents an incredible opportunity for any state actor to spy on every one, whenever they want. As such, I won't be wearing one and will insist that anyone doing such put them in a bag when I'm around.
No! It's the last remnants of our privacy, flying away in the distance. And about to break the sound barrier too.
I mean, come on, there's not too much room for optimism here, is there?. An 82.3% of mobile computing devices users don't understand how computing devices work. A 79.6 % don't understand the implications of losing their privacy -e.g. giving their personal data to "WIN PRIZES!!!". A 91.2 never read the EULAs before accepting them. *
In a few years, after the creation of several killer apps, a price reduction and a big publicity campaign, the only way we'll be able to keep our privacy is by walking with a paper bag over our heads. And that will probably be outlawed soon.
* Note: All the above statistics were taken straight from my ars magic eight ball, but added one decimal position to raise their credibility. ;-)
I can just see it, Google Mark 1 Androids 'your friendly home help' sent to the shop will be hijacked by QR codes stuck on lampposts and the like, just lurking to be logged by the cameras used for vision. This will not be a documented feature of course but a 'clever' way to deliver upgrades and online servicing of the units.
Icon chosen as the closest one to that red light that goes on in I Robot.
Just a question ? Is it possible to hide a QR code via stenographic methods and then have an app that reconstructs and decodes ? If so, you could be looking at a billboard ad for soap powder or the like and be hijacked in the process. A definitely scary situation and something right up the NSA's alley.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
