[TL;DR -- Set in 2034,"In Too Deep" follows Georgia Tech student Anthony Frederickson (who'd really rather you call him 3-d33p) on an ill-fated trip to DefCon42, the world's most (in)famous hacker convention... No spoilers, but a few months before heading out to Las Vegas, Anthony discovers that his nifty new blazer not only changes colors and images in time with music and its environment, but it can also activate an 0day hack, just by being in the room with a camera...]
All three of us worked on "In Too Deep," but -- as with so many of our stories -- this really is Cloudy's baby. And it's a pretty cool idea, right? He comes up with a lot of those, and we do a lot to turn them into stories y'all wanna read... Well, it turns out Cloudy's not just prolific, he's prescient, too! Check out this article about a (now-fixed) flaw in Google Glass. When Tasky saw it, he said, "Wow, dude. You're like the Oracle of Delphi... Except, not sexy." Haters gonna hate.
But, seriously, y'all. Check this out:
Google glass' camera scans all photos it takes for QR codes so that it can make Wi-Fi and Bluetooth connections to a phone for internet access. So...
"Whenever the Glass software detects a QR code, it decodes it to see if it names a Wi-Fi network to connect to. It will do this even if the code does not occupy the whole of the frame - so a hacker could get a Glass owner to hack their own device just by standing near a printout of special QR code.
'We created a QR code that told Glass to connect to a Wi-Fi network of my choosing and started sending data to that,' Marc Rogers, principal security analyst at Lookout, told the Guardian. 'We could become the middleman, and if we needed to strip out the encryption on the connection. Then we could see the pictures or video that it's uploading. We could also direct it to a site on the web which exploits a known vulnerability in Android 4.0.4' - used by Glass - 'which hacked Glass at it browsed the page.'"
Sound familiar? Sound like something a particular Scribe might have come up with? Let's get down to brass tacks:
"Both the vulnerablity, and the way it was delivered, are unique to Glass - a consequence of it being connected," Rogers said. "I don't think anyone's hacked a device with an image before."
At least no one had done it in real life. Just another reason you might wanna keep an eye on us. ESP: Fiction or Premonition?
No comments:
Post a Comment