Wednesday, May 1, 2013

Google Glass Jailbroken: Hacker Says Security Is Ineffective


It didn’t take long but the high profile Google Glass has already been jailbroken. Infamous Android and iOS hacker Jay Freeman (otherwise known as Saurik) has told the community that he has ‘rooted’ his Google Glass headset.

He published a picture online showing his jailbroken device. He published a detailed online report of how the exploit was achieved. This means other people can copy the procedure to jailbreak theirs if they want. He also highlighted how poor the security on the device is.

ZDNET writer Jason Perlow spoke to Freeman and said “ As Freeman explained to me during a phone interview, although there’s no recording indicator per se, if you are being recorded, it’s readily apparent from video activity being reflected off the wearer’s eye prism that something is going on, particularly if you are in close proximity to the person.

But that can be changed once a Glass headset is rooted. Because Glass is an Android device, runs an ARM-based Linux kernel, and can run Android user space programs and custom libraries, any savvy developer can create code that modifies the default behavior in such a way that recording can occur with no display activity showing in the eye prism whatsoever.

And while the default video recording is 10 seconds, code could also be written that begins and stops recording for as long as needed with a custom gesture or head movement, or even innocuous custom voice commands like: “Boy, I’m tired” to begin, and “Boy, I need coffee” to end it.

You could write and side load an application that polls the camera and takes a still photo every 30 seconds, should you say … want to “case” and thoroughly photodocument a place of business prior to committing a crime, or even engage in corporate espionage. Or simply capture ambient audio from unsuspecting people around you.”

No comments:

Post a Comment