Google Glass privacy risks discovered by hackers


Google Glass may present huge threats to the privacy of the wearer due to the lack of security features like a PIN code or authorization system.


Hackers could be able to take control of the Google Glass via a smartphone in their possession, allowing the cybercriminals to see and hear everything the Google Glass wearer is doing.


According to Jay Freeman, a programmer specialising in hacking Android and iOS smartphone security, Google Glass has a “root” functionality that can be activated by connecting it to a computer and inputting certain commands.


“Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer: they have control over a camera and a microphone that are attached to your head,” explains Freeman. “A bugged Glass doesn’t just watch your every move: it watches everything you are looking at (intentionally or furtively) and hears everything you do. The only thing it doesn’t know are your thoughts.”


The privacy of the Google Glass wearer would then be severely compromised, as the hacker could monitor all their activities.


“It knows all your passwords, for example, as it can watch as you type them. It even manages to monitor your usage of otherwise safe, old-fashioned technology: it watches you enter door codes, it takes pictures of your keys, and it records what you write using a pen and paper. Nothing is safe once your Glass has been hacked.”


However, Freeman suggest that a security system such as a PIN lock code or biometric authorization system using the voice or iris for Google Glass would prevent such privacy risks.


“Sadly, due to the way Glass is currently designed, it is particularly susceptible to the kinds of security issues that tend to plague Android devices. The one saving grace of Android’s track record on security is that most of the bugs people find in it cannot be exploited while the device is PIN-code locked. Google Glass, however, does not have any kind of PIN mechanism: when you turn it on, it is immediately available.”


With the current Google Glass Explorer Edition, Freeman estimates it would take a hacker 10 minutes to install the rooted version of the Google Glass software, enabling them to take remote control of the augmented reality device.


Google will have to fix these security issues before the general Google Glass release date, which is tipped to be at least a year away.


Still loving Google’s futuristic headgear? Watch our roundup of the best Google Glass videos.



Via:
Guardian