Google Glass hacked by a simple QR code: New tech means new exploits

As we continue to empower more of our live with connected devices, the door is wide open for new attacks from hackers

As wearable technology and the internet of things continue their slow-but-steady invasion of our daily lives, there’s one aspect of their presence that is sometimes overlooked: doesn’t new technology just provide new opportunities for hackers?

Researchers at Lookout, a mobile security company, certainly think so, and have proven their point with the development of a malicious QR code capable of hacking Google Glass.

Up till now QR codes have needed specialised software to scan them and turn the code into an executable command (usually a redirect to a webpage) but Glass automatically processes any QR codes it detects when taking a picture.

Taking advantage of this, Lookout created a QR code that – when snapped – directs the device to connect to a certain wi-fi network. Given this entry point the researchers were able to intercept data passing through Glass, and even stream live images to a remote display.

"We could become the middleman, and if we needed to strip out the encryption on the connection,” Mark Rogers, principal security analyst at Lookout, told The Guardian. “Then we could see the pictures or video that it's uploading. We could also direct it to a site on the web which exploits a known vulnerability in Android 4.0.4 which hacked Glass at it browsed the page."

This particular exploit is no longer a ‘threat’ to the rare-breed of Glass owners (Rogers disclosed the information to Google who fixed the problem with a software update back in May) but it’s certain that other, similar, vulnerabilities exist – and Google won’t be able to find them all before release.

Rogers says that Google’s slow release of Glass via its Explorer program has helped diminish this threat: "Every piece of software and hardware has flaws. What's particularly impressive is that Google realised there's a limited subset of people capable of finding these bugs, and has seeded Glass to them before releasing it to consumers." 

As technology becomes even more entwined with the fabric of daily life, consumers need to be aware that if something connects to the internet or to other devices then it can be hacked.

In 2011, for example, US medical devices giant Medtronic received heavy criticism after it was revealed that its automatic insulin pumps could be hacked from a distance of 300 feet, allowing attackers to order the pumps to stop working or even administer a fatal overdose to an unsuspecting victim.

The advent of the internet of things will also prove a threat, as the capacity to connect to a larger network becomes a selling point for a range of household objects – from thermostats to locks to ovens.

Writing for tech-site Digital Trends, Matt Davis describes the challenge as one for manufacturers as much as consumers: “Security is often an afterthought in the design of connected devices. It’s not something that most consumers are educated about, and it’s often hard to describe in a bullet point or checkbox fashion.”

This suggests that exploits like Rogers’ QR code will continue to be found for a whole range of products, as making new objects ‘digital’ means creating entirely new methods of exploits as well as offering a greater number of opportunities in the first place.

Whilst for many this seems like just another price we have to pay for greater convenience and service in our daily lives, there are sure to be incidents less cheery than the a ‘naughty’ QR code along the way.

PROMOTED VIDEO
Life and Style
ebookA wonderful selection of salads, starters and mains featuring venison, grouse and other game
Sport
Laura Trott with her gold
Commonwealth Games
Arts and Entertainment
Gal Gadot as Wonder Woman
film
News
Bryan had a bracelet given to him by his late father stolen during the raid
people
Sport
France striker Loic Remy
sportThe QPR striker flew to Boston earlier in the week to complete deal
Extras
indybestSpice up your knife with our selection of delicious toppings
Independent
Travel Shop
the manor
Up to 70% off luxury travel
on city breaks Find out more
santorini
Up to 70% off luxury travel
on chic beach resorts Find out more
sardina foodie
Up to 70% off luxury travel
on country retreats Find out more
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    SQL DBA (2005/2008/2012, projects, storage requirements)

    £45000 - £50000 Per Annum + excellent benefits package: Clearwater People Solu...

    Senior Java Developer

    £45000 - £60000 per annum + competitive: Progressive Recruitment: Leading Sof...

    SAP Finance Systems Analyst

    competitive: Progressive Recruitment: This is an exciting opportunity for a PE...

    Solutions Consultant / Project Manager / Business Analyst

    £45 - 60k: Guru Careers: We are seeking a Solutions Consultant (Big Data / IT ...

    Day In a Page

    A new Russian revolution: Cracks start to appear in Putin’s Kremlin power bloc

    A new Russian revolution

    Cracks start to appear in Putin’s Kremlin power bloc
    Eugene de Kock: Apartheid’s sadistic killer that his country cannot forgive

    Apartheid’s sadistic killer that his country cannot forgive

    The debate rages in South Africa over whether Eugene de Kock should ever be released from jail
    Standing my ground: If sitting is bad for your health, what happens when you stay on your feet for a whole month?

    Standing my ground

    If sitting is bad for your health, what happens when you stay on your feet for a whole month?
    Commonwealth Games 2014: Dai Greene prays for chance to rebuild after injury agony

    Greene prays for chance to rebuild after injury agony

    Welsh hurdler was World, European and Commonwealth champion, but then the injuries crept in
    Israel-Gaza conflict: Secret report helps Israelis to hide facts

    Patrick Cockburn: Secret report helps Israel to hide facts

    The slickness of Israel's spokesmen is rooted in directions set down by pollster Frank Luntz
    The man who dared to go on holiday

    The man who dared to go on holiday

    New York's mayor has taken a vacation - in a nation that has still to enforce paid leave, it caused quite a stir, reports Rupert Cornwell
    Best comedians: How the professionals go about their funny business, from Sarah Millican to Marcus Brigstocke

    Best comedians: How the professionals go about their funny business

    For all those wanting to know how stand-ups keep standing, here are some of the best moments
    The Guest List 2014: Forget the Man Booker longlist, Literary Editor Katy Guest offers her alternative picks

    The Guest List 2014

    Forget the Man Booker longlist, Literary Editor Katy Guest offers her alternative picks
    Jokes on Hollywood: 'With comedy film audiences shrinking, it’s time to move on'

    Jokes on Hollywood

    With comedy film audiences shrinking, it’s time to move on
    It's the best of British art... but not all is on display

    It's the best of British art... but not all is on display

    Voted for by the British public, the artworks on Art Everywhere posters may be the only place where they can be seen
    Critic claims 'I was the inspiration for Blanche DuBois'

    Critic claims 'I was the inspiration for Blanche DuBois'

    Blanche Marvin reveals how Tennessee Williams used her name and an off-the-cuff remark to create an iconic character
    Sometimes it's hard to be a literary novelist

    Sometimes it's hard to be a literary novelist

    Websites offering your ebooks for nothing is only the latest disrespect the modern writer is subjected to, says DJ Taylor
    Edinburgh Fringe 2014: The comedy highlights, from Bridget Christie to Jack Dee

    Edinburgh Fringe 2014

    The comedy highlights, from Bridget Christie to Jack Dee
    Dame Jenny Abramsky: 'We have to rethink. If not, museums and parks will close'

    Dame Jenny Abramsky: 'We have to rethink. If not, museums and parks will close'

    The woman stepping down as chair of the Heritage Lottery Fund is worried