Lookout Security has discovered a way of getting Google Glass to connect to a malicious wireless network by just taking a picture of a QR code. Google Glass has a feature that allows you to connect the device to a network through QR codes, which makes it really easy to do so. But the security company found out that you can make it to connect to a malicious network and download all data from the device.
Lookout discovered the vulnerability on May 16th and reported it directly to Google, which released a fix on May 4th. It seems like nobody exploited the vulnerability, as we didn’t read any reports about it. Fortunately, Google did a good job fixing it and now Google Glass users are safe. This is probably one of the many reasons for delaying the release date, as the product is not yet ready for public release.
Google didn’t want to comment specifically about this vulnerability, but stated that it’s still a limited testing product and its goal is to receive feedback from the users in order to prepare the final product. At the moment there are around 10,000 Google Glass users, though the number should increase significantly once Google releases it for everyone.
A Lookout rep noted that they are every pleased with Google’s response. Also they’ve published this in order to warn the other similar companies of the dangers they are facing with the connected devices. And it’s a really good thing, considering we keep seeing vulnerabilities everywhere.
This proves that Google is very committed to privacy and security and it’s probably the company with the lowest number of security issues.
Hopefully they will improve Google Glass in order to make it a safe device to keep our private data. It would be a shame to face security problems too, along with the privacy buzz it generated.
Below you can watch a short video that present how the vulnerability worked.