Google Glass hacked by a simple QR code: New tech means new exploits

As we continue to empower more of our live with connected devices, the door is wide open for new attacks from hackers

As wearable technology and the internet of things continue their slow-but-steady invasion of our daily lives, there’s one aspect of their presence that is sometimes overlooked: doesn’t new technology just provide new opportunities for hackers?

Researchers at Lookout, a mobile security company, certainly think so, and have proven their point with the development of a malicious QR code capable of hacking Google Glass.

Up till now QR codes have needed specialised software to scan them and turn the code into an executable command (usually a redirect to a webpage) but Glass automatically processes any QR codes it detects when taking a picture.

Taking advantage of this, Lookout created a QR code that – when snapped – directs the device to connect to a certain wi-fi network. Given this entry point the researchers were able to intercept data passing through Glass, and even stream live images to a remote display.

"We could become the middleman, and if we needed to strip out the encryption on the connection,” Mark Rogers, principal security analyst at Lookout, told The Guardian. “Then we could see the pictures or video that it's uploading. We could also direct it to a site on the web which exploits a known vulnerability in Android 4.0.4 which hacked Glass at it browsed the page."

This particular exploit is no longer a ‘threat’ to the rare-breed of Glass owners (Rogers disclosed the information to Google who fixed the problem with a software update back in May) but it’s certain that other, similar, vulnerabilities exist – and Google won’t be able to find them all before release.

Rogers says that Google’s slow release of Glass via its Explorer program has helped diminish this threat: "Every piece of software and hardware has flaws. What's particularly impressive is that Google realised there's a limited subset of people capable of finding these bugs, and has seeded Glass to them before releasing it to consumers." 

As technology becomes even more entwined with the fabric of daily life, consumers need to be aware that if something connects to the internet or to other devices then it can be hacked.

In 2011, for example, US medical devices giant Medtronic received heavy criticism after it was revealed that its automatic insulin pumps could be hacked from a distance of 300 feet, allowing attackers to order the pumps to stop working or even administer a fatal overdose to an unsuspecting victim.

The advent of the internet of things will also prove a threat, as the capacity to connect to a larger network becomes a selling point for a range of household objects – from thermostats to locks to ovens.

Writing for tech-site Digital Trends, Matt Davis describes the challenge as one for manufacturers as much as consumers: “Security is often an afterthought in the design of connected devices. It’s not something that most consumers are educated about, and it’s often hard to describe in a bullet point or checkbox fashion.”

This suggests that exploits like Rogers’ QR code will continue to be found for a whole range of products, as making new objects ‘digital’ means creating entirely new methods of exploits as well as offering a greater number of opportunities in the first place.

Whilst for many this seems like just another price we have to pay for greater convenience and service in our daily lives, there are sure to be incidents less cheery than the a ‘naughty’ QR code along the way.

News
Russia Today’s new UK channel began broadcasting yesterday. Discussions so far have included why Britons see Russia as ‘the bad guy’
news

New UK station Russia Today gives a very bizarre view of Britain

News
people
Voices
Left: An illustration of the original Jim Crowe, played by TD Rice Right: A Couple dressed as Ray and Janay Rice
voices

By performing as African Americans or Indians, white people get to play act a kind of 'imaginary liberation', writes Michael Mark Cohen

Arts and Entertainment
music
PROMOTED VIDEO
Life and Style
ebooksA superb mix of recipes serving up the freshest of local produce in a delicious range of styles
Life and Style
ebooksFrom the lifespan of a slug to the distance to the Sun: answers to 500 questions from readers
News
i100
Life and Style
fashion
Arts and Entertainment
Hand out press photograph/film still from the movie Mad Max Fury Road (Downloaded from the Warner Bro's media site/Jasin Boland/© 2014 Warner Bros. Entertainment Inc.)
films'You have to try everything and it’s all a process of elimination, but ultimately you find your path'
Arts and Entertainment
Imelda Staunton as Dolores Umbridge in the Harry Potter films
books

New essay by JK Rowling went live on Pottermore site this morning

News
people

Top Gear presenter is no stranger to foot-in-mouth controversy

News
i100
Latest stories from i100
Have you tried new the Independent Digital Edition apps?
Independent Dating
and  

By clicking 'Search' you
are agreeing to our
Terms of Use.

ES Rentals

    iJobs Job Widget
    iJobs Gadgets & Tech

    Trainee Recruitment Consultant - SThree Group - Bristol

    £18000 - £23000 per annum + Uncapped Commission: SThree: SThree Group has been...

    Trainee Recruitment Consultant - Real Staffing - Leeds - £18k+

    £18000 - £27000 per annum + Commission: SThree: The SThree group is a world le...

    Senior Automation Tester – Permanent – West Sussex – Circa £40k

    £35000 - £40000 Per Annum plus excellent benefits: Clearwater People Solutions...

    Trainee Recruitment Consultants

    £20000 - £25000 per annum + OTE £35K: SThree: We consistently strive to be the...

    Day In a Page

    The drugs revolution starts now as MPs agree its high time for change

    The drugs revolution starts now as MPs agree its high time for change

    Commons debate highlights growing cross-party consensus on softening UK drugs legislation, unchanged for 43 years
    The camera is turned on tabloid editors in Richard Peppiatt's 'One Rogue Reporter'

    Gotcha! The camera is turned on tabloid editors

    Hugh Grant says Richard Peppiatt's 'One Rogue Reporter' documentary will highlight issues raised by Leveson
    Fall of the Berlin Wall: It was thanks to Mikhail Gorbachev that this symbol of division fell

    Fall of the Berlin Wall

    It was thanks to Gorbachev that this symbol of division fell
    Halloween 2014: What makes Ouija boards, demon dolls, and evil clowns so frightening?

    What makes ouija boards and demon dolls scary?

    Ouija boards, demon dolls, evil children and clowns are all classic tropes of horror, and this year’s Halloween releases feature them all. What makes them so frightening, decade after decade?
    A safari in modern Britain: Rose Rouse reveals how her four-year tour of Harlesden taught her as much about the UK as it did about NW10

    Rose Rouse's safari in modern Britain

    Rouse decided to walk and talk with as many different people as possible in her neighbourhood of Harlesden and her experiences have been published in a new book
    Welcome to my world of no smell and odd tastes: How a bike accident left one woman living with unwanted food mash-ups

    'My world of no smell and odd tastes'

    A head injury from a bicycle accident had the surprising effect of robbing Nell Frizzell of two of her senses

    Matt Parker is proud of his square roots

    The "stand-up mathematician" is using comedy nights to preach maths to big audiences
    Paul Scholes column: Beating Manchester City is vital part of life at Manchester United. This is first major test for Luke Shaw, Angel Di Maria and Radamel Falcao – it’s not a game to lose

    Paul Scholes column

    Beating City is vital part of life at United. This is first major test for Shaw, Di Maria and Falcao – it’s not a game to lose
    Frank Warren: Call me an old git, but I just can't see that there's a place for women’s boxing

    Frank Warren column

    Call me an old git, but I just can't see that there's a place for women’s boxing
    Adrian Heath interview: Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room

    Adrian Heath's American dream...

    Former Everton striker prepares his Orlando City side for the MLS - and having Kaka in the dressing room
    Simon Hart: Manchester City will rise again but they need to change their attitude

    Manchester City will rise again but they need to change their attitude

    Manuel Pellegrini’s side are too good to fail and derby allows them to start again, says Simon Hart
    Isis in Syria: A general reveals the lack of communication with the US - and his country's awkward relationship with their allies-by-default

    A Syrian general speaks

    A senior officer of Bashar al-Assad’s regime talks to Robert Fisk about his army’s brutal struggle with Isis, in a dirty war whose challenges include widespread atrocities
    ‘A bit of a shock...’ Cambridge economist with Glasgow roots becomes Zambia’s acting President

    ‘A bit of a shock...’ Economist with Glasgow roots becomes Zambia’s acting President

    Guy Scott's predecessor, Michael Sata, died in a London hospital this week after a lengthy illness
    Fall of the Berlin Wall: History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War

    Fall of the Berlin Wall

    History catches up with Erich Honecker - the East German leader who praised the Iron Curtain and claimed it prevented a Third World War
    How to turn your mobile phone into easy money

    Turn your mobile phone into easy money

    There are 90 million unused mobiles in the UK, which would be worth £7bn if we cashed them in, says David Crookes