Google glass is oft criticized for the device’s implications on security and privacy. Its popular feature to allow wearers to take photos and videos has not only raised some eyebrows, it has even gotten the gadget banned from some establishments and one wearer claimed to have been assaulted because of her Glass.
The discomfort surrounding the photo and video capabilities is reasonable; users can discretely capture images of subjects without their knowledge—it’s not particularly obvious when a photo is being taken. Of course, there is a tiny light that turns on when the camera is activated, but how secure is this, really?
New spyware created by security researchers Mike Lady and Kim Paterson has changed the game, making users themselves the ones whose privacy could be compromised. Through their app, the researchers have demonstrated there isn’t much security behind the camera’s indicator light, and have finagled a way around it.
“The scary thing for us is that while it’s a policy that you can’t turn off the display when you use the camera, there’s nothing that actually prevents you from doing it,” Paterson told Forbes.
The app, which they are calling Malnotes, would trick users into downloading it on the pretense that it is a note-taking software. After downloading, it takes a photo every ten seconds, even when the Glass’s indicator light is off, so the wearer and any potential subjects can’t tell the camera is working. The app can then access the internet and upload the captured photos to a server.
As a result, Malnotes creators can potentially see everything from users’ location, company, activity, passwords as they are typed out, and more. Luckily for Glass owners, Lady and Paterson only created the app as a concept to raise the topic of security and are not actually malicious hackers.
However, Lady and Paterson aren’t the only ones who have thought of Glass’s potential to be hacked. Android and iOS developer Jay Freeman discovered a similar flaw in the security of the device.
“It knows all your passwords, for example, as it can watch you type them. It even manages to monitor your usage of otherwise safe, old-fashioned technology: it watches you enter door codes, it takes pictures of your keys, and it records what you write using a pen and paper,” Freeman blogged. “Nothing is safe once your Glass has been hacked.”
All it takes is for someone with malicious intent to use this knowledge to exploit Glass owners. So while aesthetics have recently taken up some of the spotlight on tech’s gadget du jour, with the recent announcement of a partnership with Oakley and Rayban, users should not forget to be extra cautious of app downloads and to always keep security in mind.