This is where we identified a significant security problem. While it’s useful to configure your Glass QR code and easily connect to wireless networks, it’s not so great when other people can use those same QR codes to tell your Glass to connect to their WiFi Networks or their Bluetooth devices. Unfortunately, this is exactly what we found. We analyzed how to make QR codes based on configuration instructions and produced our own “malicious” QR codes. When photographed by an unsuspecting Glass user, the code forced Glass to connect silently to a “hostile” WiFi access point that we controlled. That access point in turn allowed us to spy on the connections Glass made, from web requests to images uploaded to the Cloud. Finally, it also allowed us to divert Glass to a page on the access point containing a known Android 4.0.4 web vulnerability that hacked Glass as it browsed the page.
Glass was hacked by the image of a malicious QR code. Both the vulnerability and its method of delivery are unique to Glass as a consequence of it becoming a connected thing.
Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.
Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7pm ET! To join, head over to YouTube and check out the show’s live chat – we’ll post the link there.
Join us every Wednesday night at 8pm ET for Ask an Engineer!
Maker Business — To make it through a tough business cycle, layoffs should be a last resort
Wearables — Don’t miss the forest for the trees
Electronics — Oscilloscope Jumble
Python for Microcontrollers — Python on Microcontrollers Newsletter: 300 CircuitPython Libraries, Python Turns 30! #Python #Adafruit #CircuitPython @micropython @ThePSF
Adafruit IoT Monthly — Upcycling Smartphones, AI Freezer, and more!
Microsoft MakeCode — Play MakeCode Arcade games on Raspberry Pi!
EYE on NPI — Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey
New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 2/17/2021 Feat. Adafruit 1.54″ Tri-Color eInk / ePaper 200×200 Display!
No comments yet.
Sorry, the comment form is closed at this time.