A device that constantly monitors its surroundings is clearly a security hazard.
But now, researchers at UMass have proved that Google Glass poses a real danger to your personal security.
Specifically, UMass researchers studied how easy it was for Google Glass users to spy on another user as that individual entered a PIN into a smartphone or tablet.
Let’s say you were sitting at Starbucks messing around on your iPad. You see someone with Google Glass briefly glance over at you from the till. You might not think twice about it, but that person may have just stolen your PIN.
Here’s how the study at University of Massachusetts Lowell worked:
-Researchers used “wearables” like Google Glass and a Samsung smart watch to secretly monitor PIN code entries from 10 feet to 150 feet away
-The researchers used a “custom-coded video recognition algorithm” that tracked the shadows of finger movements and taps on the screen. This program let researchers monitor data entry even when it wasn’t explicitly recorded on the device.
-A few different pieces of tech were used in the study, including a $72 Logitech webcam, Google Glass, and an iPhone 5 camera
-Google Glass was able to crack a 4-digit PIN from three meters away with 83% accuracy (that accuracy rate improved to 90% by manually correcting obvious errors)
-The Logitech webcam cracked the code 92% of the time, while the iPhone 5 – which had the highest resolution of the bunch – cracked it 100% of the time
-Researchers also tested a Samsung smart watch (likely the Galaxy Gear) and found that it worked as accurately as Google Glass
-Check out the picturebelow, which shows that the algorithm can successfully read an iPad screen even when the screen isn’t explicitly visible
-To do this, the algorithm analyzes the reference angle of the iPad and compares it with its known knowledge of iPad keyboards and layouts
The study concluded by saying the problem is much older and wider than just Google Glass. In fact, Glass is a bad surveillance device because the screen lights up whenever the camera is activated. Researchers found that the best surveillance device was a $700 Panasonic camcorder which could use optical zoom to accurately capture PINs from 44 meters away.
Of course, you probably don’t need a high-tech algorithm to spy on PIN entries with Google Glass. Instead, you could just record someone entering a PIN and then play that video back in slow motion to determine approximately where each finger was pressing. With a few guesses, you’ll have that person’s PIN in no time.
How can you avoid password theft through video surveillance?
The researchers didn’t perform a study to prove that spying is possible and dangerous.
Instead, they performed the study to educate people on the dangers of today’s modern password entry system.
Instead of entering a specific set of numbers into the same keyboard every time, researchers recommended using a randomized keyboard called the Privacy Enhancing Keyboard – currently in development at UMass Lowell.
This would randomize placement of the keys and prevent people from learning your password simply by watching your finger placement.
Other recommended methods of defeating surveillance include:
-Wearing “a large hood” over your head and laptop
-Using a hand to block your other hand while it enters the PIN
-Looking around for anybody recording you when you’re messing around on your handset
In a world where we’re constantly recorded with security cameras, does Google Glass spying technology really matter? Maybe not. But take a look around the next time you enter your PIN in public.