Symantec claims QR codes are just the tip of the iceberg when it comes to hacking Glass
Earlier this week, Lookout Media released a report suggesting that Google’s ambitious augmented reality glasses, called Glass, could be hacked using nothing more than simple QR codes. This particular vulnerability has since been rectified by Google with the help of Lookout Media, but QR codes are not the only thing that represents a risk to Glass. Leading security firm Symantec has announced that Google’s Glass is susceptible to attacks that are not based on QR codes.
Glass manages to gain support with augmented reality, but lacks security features
Glass has managed to attract a great deal of support from tech-savvy consumers due to its use of augmented reality technology. Google has billed the device as a tool that can help people see the world around them in an entirely new way. Glass boasts of a wide range of features that leverage the capabilities of augmented reality and many of these features involve social media and other forms of entertainment. Symantec suggests that Glass has a relatively fragile security structure, however, which could be problematic for the device’s future.
Symantec claims that Glass can be hacked by hijacking WiFi connections
According to Symantec, QR codes are only one attack vector through which Glass can be compromised. In fact, Symantec suggests that there are easier ways to breach Glass’ security than through the use of the codes. The firm notes that most mobile devices have their WiFi access enabled at all times, which makes them inherently vulnerable to exploitation as these devices constantly connect to various network hotspots throughout the day. These devices can be directed to connect to a rogue network with relative ease, thus putting a consumer’s information at risk of exploitation.
WiFi hijacking presents major problem for Glass
Symantec notes that Glass could be compromised simply through the names attributed to WiFi networks. For instance, a person may name the connection they use at home as “myPrivateWiFi,” and have this connection set as their preferred network. This means that their device will try to connect to this network no matter where it goes. A hacker can easily respond to the probes sent out by the device to find its preferred network by posing as the network and offering WiFi connectivity. Once connected, the hacker then has access to the device.