First Spyware Application Developed for Google Glass
Google Glass, the smart device that you wear on your face, has had its first spyware application developed. The popular smart glasses developed by Google show the glasses can indeed be hacked.
Google Glass is the new smart technology that Google has developed. It allows users glasses to record video, browse the web, take pictures, text, make calls, and do all sorts of smart tasks, staying hands free. Google Glass is still begin developed and in very limited stock.
The popular product has been the recent target for hackers to see if its exploitable, and to no surprise it is. Two California Polytechnic graduate researchers, Mike Lady, 22, and Kim Paterson, 24, developed the first spyware for the product. If installed, the spyware takes a photo every 10 seconds without notifying the user, and uploads the images to a remote server, Forbes reported. The Google Glass user’s session appears uninterrupted and as if nothing appeared. The user is unaware their life is virtually begin live streamed to the stranger.
The app masquerades itself as a note taking software named Malnotes, users must accept the permissions of the application, granting it permission to take photos and access the internet. Once the malware has been installed, it allows images to be captured every 10 seconds when the Glass display is powered off, and upload them to a remote server.
Google’s developer policy explicitly bans apps that capture images while the device is powered off, the two researchers stated there is no real security measures to enforce such policy.
While a Forbes reporter did a short video interview with the developers, Lady’s Google Glass running Malnotes, snapped over 150 pictures without notifying Lady or the reporter.
“The scary thing for us is that while it’s a policy that you can’t turn off the display when you use the camera, there’s nothing that actually prevents you from doing it,” says Paterson. “As someone who owns Glass and wants to install more apps, I’d feel a lot better if it were simply impossible to do that. Policies don’t really protect us.”
The developers successfully uploaded their application into the Google play store. While their professor tweeted Google about the news, Google removed it immediately and requested the source code of the malicious application. Lady and Paterson did not proceed in trying to upload it to MyGlass, the Google Glass application store.
While the application was removed the Developers talked about how the application could still be installed. They talked about users leaving their Google Glass unattended, in debug mode, or even installing applications on the Glass just off the web. Lady and Patterson said it only takes seconds to upload the type of malware they developed.
After Lady and Patterson received a rigorous reply from Google’s team, they are now getting help from the Electronic Frontier Foundation if any lawsuits arise. After Forbes contacted the Google team, a spokesperson noted they are always doing their best to secure their products. Google’s official statement read,
“Right now Glass is still in an experimental phase, and has not been widely released to consumers. One goal of the Explorer program is to get Glass in the hands of developers so they can hack together features and discover security exploits. We value this kind of security research and feel badly if we came across as overly forceful to the grad students at Cal Poly. All of this work ultimately contributes to making Glass a better and more secure product ahead of a wider consumer launch.”
Google Glass will be the next venture hackers are loading up for once Glass goes public. Hackers could start to directly spy on your personal life, through your own eyes.