Software Makes Use Of Google Glass And Video Recording Devices To Steal Passwords (VIDEO)

Google Glass
Google Glass (courtesy Wikimedia Commons.)

A team of cybersecurity experts has recently come out with an unnerving revelation about Google Glass — it can be used to steal your passwords without you even knowing it.

Xinwen Fu, a computer science professor at the University of Massachusetts Lowell, developed a video-recognition program that can map the shadows from fingertips typing on a smartphone or tablet. It then converts the touch points into the actual keys. The software is powerful enough that it can pick up these shadows from up to 10 feet away, even when the screen is unreadable. It maps the image of a smartphone or tablet into a “reference image” of the device, and looks for the up-and-down movements from the shadows of a user’s fingers.

Fu installed his software on Glass and found it can correctly read a four-digit PIN 83 percent of the time, a rate that grows to 100 percent if a Glass wearer records the login process three times. By his reckoning, his software could recognize an eight-character password 78 percent of the time. Fu also tried his software on an iPhone, a Logitech webcam, a Samsung Galaxy Gear smartwatch and a Panasonic HD camcorder. The iPhone, webcam and camcorder all had higher accuracy rates — indeed, the camcorder could be used to steal a password from as far as 150 feet away. The Gear had roughly the same accuracy rate as Glass. However, Fu points out that Glass is better suited than all of the devices for password theft because it’s not as conspicuous, and is thus “perfect for this kind of sneaky attack.”

CNN Money’s Laurie Segall decided to put Fu’s software to the test this past weekend. She set up shop at CNN’s corporate cafeteria in New York City, with one of Fu’s researchers 8.5 feet away from Segall’s iPad. It took Fu’s team less than 10 minutes to correctly identify the pin for Segall’s iPad. Watch their test here.

Google maintains that since Glass lights up whenever someone is using it, it’s a “fairly lousy surveillance device.” However, Fu believes the real issue isn’t Glass, but that higher-quality cameras and wearable tech make it easier than ever to steal passwords. Glass just makes it easier because its eye-level position. He plans to present his research in more detail at the Black Hat USA conference next month in Las Vegas. At the same time, he plans to roll out an Android add-on called Privacy Enhancing Keyboard (PEK), which randomizes the layout of a tablet or phone’s lockscreen keyboard in order to make it harder for a hacker to break in. Fu hopes that such protections will become mainstream.

Let us know what you think at the Liberal America Facebook page.

Darrell Lucus.jpg Darrell Lucus is a radical lefty Jesus-lover who has been blogging for change for a decade. Follow him on Twitter @DarrellLucus or connect iwth him on Facebook.



Edited by D.H.

Darrell is a 30-something graduate of the University of North Carolina who considers himself a journalist of the old school. An attempt to turn him into a member of the religious right in college only succeeded in turning him into the religious right's worst nightmare--a charismatic Christian who is an unapologetic liberal. His desire to stand up for those who have been scared into silence only increased when he survived an abusive three-year marriage. You may know him on Daily Kos as Christian Dem in NC. Follow him on Twitter @DarrellLucus or connect with him on Facebook. Click here to buy Darrell a Mello Yello.