Accessories

Growing pains: Google Glass security exploit found and quickly patched up [VIDEO]

3

 

glass-pod-exploded

When Google began inviting I/O attendees to try out Google Glass (for a very expensive entry fee), it’s safe to say everyone who dived in knew what they were getting themselves into. Essentially beta testing the hardware, Google didn’t bother beating around the bush calling these first run early adopters their Google Glass “Explorers.” Before a consumer release can ever hope to take place, the hardware will need to mature and with that comes the growing pains.

Lookout has made a name for themselves for discovering new security exploits, using them not only alert system admins and users, but tout their own security software in the process. Recently their team of hacky do-gooders had little trouble taking advantage of a security exploit in Glass that, worse case scenario, could allow for someone to intercept data and take full control over the device using a known Android 4.0.4 security hole.

For those unaware, every time you take a picture with Glass, the headset scans said image for a QR code. This is actually used during the setup process to configure the headset to access a WiFi network (given there is no input method on Glass). Assuming a Glass user were to scan a “malicious” QR code, Glass could then be told to access a hostile WiFi access point, and even connect to a web page where a hacker could take control of Glass using that Ice Cream Sandwich exploit we’ve heard so much about (Glass’ current Android firmware).

Sure, that doesn’t sound like a big security hole and you’d have to jump through a lot of hoops to make something like that happen, but it’s one Google took seriously and per Lookout’s suggestion, patched up quickly about 2 software updates ago (XE6). Easy peasy. Lookout even made a nifty video talking about this and uploaded to YouTube. Take a look.

[Lookout]

Chris Chavez
I've been obsessed with consumer technology for about as long as I can remember, be it video games, photography, or mobile devices. If you can plug it in, I have to own it. Preparing for the day when Android finally becomes self-aware and I get to welcome our new robot overlords.

AT&T HTC One Mini pictured in the wild, Snapdragon 400 processor and other specs confirmed

Previous article

LG officially confirms G2 name, announces all future premium handsets will carry “G” branding

Next article

You may also like

3 Comments

  1. Wait, so the security hole has ALREADY been patched?

  2. tinyurl.com/nc6x6hg

  3. Video got taken down, does anybody have a link to it on another site maybe?

Leave a reply

Your email address will not be published. Required fields are marked *

More in Accessories