A report by the Guardian last week suggests that Google's Glass wearable device poses a serious threat to user privacy, as it does not have a PIN or authentication system.
The paper quoted a blog post by a programmer, Jay Freeman, who specialises in cracking smartphone security. Freeman said this leaves the door open for hackers to access the Glass owner's personal information through its "root capability", which connects the device to a desktop computer.
"Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer: they have control over a camera and a microphone that are attached to your head," said Freeman.
He said without a PIN or authentication system, it would take a hacker just 10 minutes to gain access to the "root" software installed in the Glass device.
Shattering glass
CEO of Fuseware Mike Wronski said the security implications of Glass not having a PIN are endless. "A compromised Glass device can give a hacker access to the owner's search history, media, contacts, social networks and past whereabouts. This can cause a tremendous amount of damage if used maliciously."
Wronski added the security of a network of trusted devices is only as strong as its weakest link. "It's scary to think that a device that can literally see and hear everything you do can be compromised so easily, but Google has given a high priority to security, and many of the bugs will be patched by the time it goes to market."
He said while this could deter consumers from buying the device, it has to be kept in mind that Glass is still in beta phase and is going through rounds of extensive testing. "Beta products will always have flaws and security concerns, and these glaring security issues should be patched by the time it goes to market in 2014, most probably through biometric fingerprinting."
Wronski said users of smart devices need to take extra care when it comes to security of their devices, as many smartphones are connected to e-mail, messages and social media without security restrictions.
"Anybody that gains access to these phones has a tremendous amount of information at their disposal that could be used for phishing and identity theft, hacking bank accounts and unscrupulous snooping. Many people only have a basic level of security, such as a PIN lock, which can be easily bypassed by a skilled hacker," he noted.
Wronski said security should be a priority as there are plenty of apps available, which often take only a few minutes to install. He suggested a bare minimum security set-up of a PIN lock, anti-virus, an app that synchronises data to the cloud, and an app that remotely erases the phone's data should it be stolen.
"Thankfully, there are all-in-one security apps that give you a complete solution, such as Avast Mobile Security, Lookout or Trustgo."
More concerns
Last month, Google chairman Eric Schmidt spoke about the Glass device on BBC Radio 4, and was questioned about some of the privacy issues raised on the recording of people without their knowledge. He responded, saying body-wearable devices, of which Glass is an example, will bring in a whole bunch of such concerns.
"And the fact of the matter is that we will have to develop some new social etiquette. It's obviously not appropriate to wear these glasses in social situations where recording is not correct, and indeed you have this problem already with phones."
He added that while Google has an important responsibility to keep people's information private, the public has a responsibility to understand what they are doing and how they are doing it.
Wronski said the smartphone era has already raised the expectation of being recorded in public. "I think people understand that they have no privacy in public; the general rule is to not do anything in public that you wouldn't want to see watched by millions on YouTube."
He said Glass, however, takes this to a more deceptive level, where the recording of videos and shooting of photos are done secretly. "In Russia and Ukraine, Glass is classified as a 'spy device' and is illegal to use. I imagine many places will ban Glass usage altogether, including airports, company offices and even shopping malls."
This is but one of the concerns about Glass, as the company's terms and conditions on the device caused a stir last month, as it revealed the eyewear cannot be resold, loaned or transferred to someone else.
The company said in its terms of sale: "Unless otherwise authorised by Google, you may only purchase one device, and you may not resell, loan, transfer, or give your device to any other person."
It then goes on to issue a warning: "If you resell, loan, transfer, or give your device to any other person without Google's authorisation, Google reserves the right to deactivate the device, and neither you nor the unauthorised person using the device will be entitled to any refund, product support, or product warranty."
Share