Rooting exploit could turn Google Glass into secret surveillance tool

[nsane.forums]

"Nothing is safe once your Glass has been hacked," hacker warns.

A smartphone hacker has provided conclusive proof that the futuristic computing headset known as Google Glass can be surreptitiously modified to give anyone with physical access almost complete control over the device. He called on Google engineers to improve the security of Glass—which is currently only available to developers—before it becomes available to the general public.

Google engineers have stressed that the head-mounted computing device—which can capture nearby conversations and images and transmit them over the Internet—was meant to be hacked. But until now, it has been easy for end users to know when their all-seeing, all-hearing headsets were modified. All that has changed now that security consultant Jay "saurik" Freeman has fashioned an alternative way to gain almost unfettered "root" control. Using an exploit discovered seven months ago to root smartphones running Google's Android operating system, it takes him less than five minutes to hack the new device. From there, he can install a customized operating system that silently monitors everything the device sees or hears.

Because it requires a device to be put into a special "debug mode," the exploit isn't considered much of a security threat for smartphone users. After all, debug mode can be invoked only after a user has unlocked the handset using a PIN code or other security mechanism. Glass, by contrast, has no form of screen lock, making it possible for someone with even brief access to a headset to make persistent changes.

"With the security exploit, I can pick up your Glass, turn on debug mode, and get root access on it in a way that doesn't leave a trace," Freeman told Ars in a telephone interview. "Then I can modify any of the software on your device. I can make it so that for the rest of your Glass' lifetime I'm in there, too, able to get access to your camera, listen in on your microphone. I can turn off debug mode and make it look like there's nothing changed from your perspective. And when you get it back, you're screwed."

Asked to comment on Freeman's claims, Google officials issued a statement that read: "We recognize the importance of building device-specific protections, and we're experimenting with solutions as we work to make Glass more broadly available. It's also important to understand that Glass doesn’t access many parts of a Google Account, including settings or many products. And your personal MyGlass site allows you to change the content that you see on Glass or, if you misplace it, wipe all the data off your device."

It's reassuring to know that Glass gives users the ability to control much of the content stored in their Google accounts. Still, the scenario painted by Freeman is unsettling. It suggests users who let the headsets out of their physical control for even a few minutes can't be sure the devices won't be turned into sophisticated spying devices that will relay intimate conversations and sensitive data to hackers.

"Once the attacker has root on your Glass, they have much more power than if they had access to your phone or even your computer," Freeman, who developed the Cydia app store for jailbroken iOS devices, wrote in a 6,000-word blog post published Tuesday. "They have control over a camera and a microphone that are attached to your head. A bugged Glass doesn't just watch your every move: it watches everything you are looking at (intentionally or furtively) and hears everything you do. The only thing it doesn't know are your thoughts."

He went on to describe how a hacked Glass headset could have a broad consequences for users. Since glass sees passwords and PIN codes being entered, the security of computers and smartphones is affected. Even physical security is impacted, since Glass can record building access codes and take pictures of keys that are detailed enough to allow copies to be made. "Nothing is safe once your Glass has been hacked," he warned.

The grim assessment was accompanied by a blow-by-blow account of how Freeman was able to gain root on one of the first Glass devices to become available. Within seconds of turning it on last week, he noticed a "debug mode" buried in the settings menu. The adb—short for Android Debugging tool—allowed him to use a USB-connected computer to issue commands to his Google Glass headset, in much the way the Command prompt or Terminal window permit users to send and monitor internal processes running on Microsoft Windows and Apple Mac machines.

With additional investigating, he stumbled upon the Android exploit and figured out how to use it to get root on his Glass headset. For a step-by-step tutorial, see the section subtitled "How can I use this exploit myself?"

While Glass provides visual cues that its microphone and video camera are activated, Freeman said it wouldn't be hard for a skilled hacker to create a custom version of the OS that suppressed those warnings. It could also be possible to introduce code that takes pictures every 30 seconds or activates recording when the device detects certain key words are spoken.

In Tuesday's treatise, Freeman called on Google to equip Glass with a screen lock of some sort and to provide a foolproof way for users to know when the headset is recording still pictures, video, or audio. He proposed a "little sliding plastic shield" that would make it clear to both user and near-by people when they're being monitored. It wouldn't be surprising to see Glass get the security overhaul the security consultant is recommending. Fortunately, the company still has time to take action before the device gets in the hands of the masses.

View: Original Article

[stylemessiah]

Im just waiting to see which town, city or country even will be the first to ban Glassholes. Glass will be the biggest invasive tool to ever be released. Of course it will also have to be worn by a tool as well....