Hacker Exposes Major Google Glass Vulnerability
July 19, 2013 - 2 minutes readGoogle Glass may still be in its early stages of product development but hackers seem to be having a field day exploiting the device and underlying Android software that powers it.
According to tech blog Slash Gear, “Google has quietly patched a Glass security exploit that could have allowed hackers to take control of the wearable by showing it a QR code. The exploit, discovered by Marc Rogers, Principal Security Researcher at Lookout Mobile Security, took advantage of Glass’ streamlined setup process that saw the camera automatically – and transparently to the wearer – spot QR codes in images and use them to trigger WiFi connections and other configurations. By creating malicious codes, and hiding them in images, Rogers was able to get Glass to connect to a compromised network, show details of all network traffic from the wearable, and even take full remote control.”
The hacking incident highlights the numerous hacking vulnerabilities within the Android operating system and Glass API that allow malicious software to gain control of the device. The Google Glass device is controlled mainly by visual cues and audio instructions as the keyboard has been taken out of the equation. Commands from visual images like QR codes can instruct the device to act automatically on cues, leaving the user vulnerable to privacy intrusions and even device hijacking.
As a Glassware App Developer this hack can be seen as a positive sign for the platform. Ethical hacking plays a key role in finding software vulnerabilities and encouraging Google’s development team to keep personal privacy and security features at the forefront.
There has been quite a buzz within the San Francisco iPhone app developer community as creative teams have taken notice of Google Glass and the endless opportunities this new innovative platform presents to the future of the mobile app ecosystem.
Tags: glass api, Google, google glass explorer edition, google glass hack, google glassware, hacker, hacking, mobile security, privacy, qr codes, security