Google Glass hacked by a simple QR code: New tech means new exploits

As we continue to empower more of our live with connected devices, the door is wide open for new attacks from hackers

As wearable technology and the internet of things continue their slow-but-steady invasion of our daily lives, there’s one aspect of their presence that is sometimes overlooked: doesn’t new technology just provide new opportunities for hackers?

Researchers at Lookout, a mobile security company, certainly think so, and have proven their point with the development of a malicious QR code capable of hacking Google Glass.

Up till now QR codes have needed specialised software to scan them and turn the code into an executable command (usually a redirect to a webpage) but Glass automatically processes any QR codes it detects when taking a picture.

Taking advantage of this, Lookout created a QR code that – when snapped – directs the device to connect to a certain wi-fi network. Given this entry point the researchers were able to intercept data passing through Glass, and even stream live images to a remote display.

"We could become the middleman, and if we needed to strip out the encryption on the connection,” Mark Rogers, principal security analyst at Lookout, told The Guardian. “Then we could see the pictures or video that it's uploading. We could also direct it to a site on the web which exploits a known vulnerability in Android 4.0.4 which hacked Glass at it browsed the page."

This particular exploit is no longer a ‘threat’ to the rare-breed of Glass owners (Rogers disclosed the information to Google who fixed the problem with a software update back in May) but it’s certain that other, similar, vulnerabilities exist – and Google won’t be able to find them all before release.

Rogers says that Google’s slow release of Glass via its Explorer program has helped diminish this threat: "Every piece of software and hardware has flaws. What's particularly impressive is that Google realised there's a limited subset of people capable of finding these bugs, and has seeded Glass to them before releasing it to consumers." 

As technology becomes even more entwined with the fabric of daily life, consumers need to be aware that if something connects to the internet or to other devices then it can be hacked.

In 2011, for example, US medical devices giant Medtronic received heavy criticism after it was revealed that its automatic insulin pumps could be hacked from a distance of 300 feet, allowing attackers to order the pumps to stop working or even administer a fatal overdose to an unsuspecting victim.

The advent of the internet of things will also prove a threat, as the capacity to connect to a larger network becomes a selling point for a range of household objects – from thermostats to locks to ovens.

Writing for tech-site Digital Trends, Matt Davis describes the challenge as one for manufacturers as much as consumers: “Security is often an afterthought in the design of connected devices. It’s not something that most consumers are educated about, and it’s often hard to describe in a bullet point or checkbox fashion.”

This suggests that exploits like Rogers’ QR code will continue to be found for a whole range of products, as making new objects ‘digital’ means creating entirely new methods of exploits as well as offering a greater number of opportunities in the first place.

Whilst for many this seems like just another price we have to pay for greater convenience and service in our daily lives, there are sure to be incidents less cheery than the a ‘naughty’ QR code along the way.

Life and Style
ebookNow available in paperback
ebooks
ebookA delicious collection of 50 meaty main courses
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Recruitment Genius: Partner Manager - EMEA

    £50000 - £100000 per annum: Recruitment Genius: A Partner Manager is required ...

    Recruitment Genius: Regional Sales Manager - OTE £100,000

    £45000 - £100000 per annum: Recruitment Genius: A Regional Sales Manager is re...

    Recruitment Genius: IT Support Engineer

    £18000 - £22000 per annum: Recruitment Genius: The company provides IT support...

    Recruitment Genius: IT Manager

    £45000 - £55000 per annum: Recruitment Genius: This manager is for a successfu...

    Day In a Page

    Sepp Blatter resignation: The beginning of Fifa's long road to reform?

    Does Blatter's departure mean Fifa will automatically clean up its act?

    Don't bet on it, says Tom Peck
    Charles Kennedy: The baby of the House who grew into a Lib Dem giant

    The baby of the House who grew into a Lib Dem giant

    Charles Kennedy was consistently a man of the centre-left, dedicated to social justice, but was also a champion of liberty and an opponent of the nanny-state, says Baroness Williams
    Syria civil war: The harrowing testament of a five-year-old victim of this endless conflict

    The harrowing testament of a five-year-old victim of Syria's endless civil war

    Sahar Qanbar lost her mother and brother as civilians and government soldiers fought side by side after being surrounded by brutal Islamist fighters. Robert Fisk visited her
    The future of songwriting: How streaming is changing everything we know about making music

    The future of songwriting

    How streaming is changing everything we know about making music
    William Shemin and Henry Johnson: Jewish and black soldiers receive World War I Medal of Honor amid claims of discrimination

    Recognition at long last

    Jewish and black soldiers who fought in WWI finally receive medals after claims of discrimination
    Beating obesity: The new pacemaker which helps over-eaters

    Beating obesity

    The new pacemaker which helps over-eaters
    9 best women's festival waterproofs

    Ready for rain: 9 best women's festival waterproofs

    These are the macs to keep your denim dry and your hair frizz-free(ish)
    Cycling World Hour Record: Nervous Sir Bradley Wiggins ready for pain as he prepares to go distance

    Wiggins worried

    Nervous Sir Bradley ready for pain as he prepares to attempt cycling's World Hour Record
    Liverpool close in on Milner signing

    Liverpool close in on Milner signing

    Reds baulk at Christian Benteke £32.5m release clause
    On your feet! Spending at least two hours a day standing reduces the risk of heart attacks, cancer and diabetes, according to new research

    On your feet!

    Spending half the day standing 'reduces risk of heart attacks and cancer'
    With scores of surgeries closing, what hope is there for the David Cameron's promise of 5,000 more GPs and a 24/7 NHS?

    The big NHS question

    Why are there so few new GPs when so many want to study medicine?
    Big knickers are back: Thongs ain't what they used to be

    Thongs ain't what they used to be

    Big knickers are back
    Thurston Moore interview

    Thurston Moore interview

    On living in London, Sonic Youth and musical memoirs
    In full bloom

    In full bloom

    Floral print womenswear
    From leading man to Elephant Man, Bradley Cooper is terrific

    From leading man to Elephant Man

    Bradley Cooper is terrific