

Google Glass Pwned By Lowly QR Code - gvb
http://securitywatch.pcmag.com/security/313767-don-t-look-now-google-glass-pwned-by-lowly-qr-code

======
akama
The most surprising thing about this article is that Google did not see this
coming. This attack vector is a very basic one considering the device, and QR
codes have had security problems before. On the other hand the product is
still in testing to catch issues just like this. We can hope that the final
product is much more secure.

------
mbesto
Is it just me or is the concept of QR codes fundamentally flawed and ripe for
abuse? Basically any QR code that exists can be overwritten by a simple
sticker of another QR code. How do you prevent this?

~~~
wmeredith
The honor system, mostly. The same could be said for price tags, bar codes,
license plates, etc...

~~~
mbesto
But those all have specific use cases. QR codes on the other hand are meant to
be universal. Imagine the QR codes in a museum all replaced with links to porn
sites (two different uses - one is for information and another is for
advertising).

------
marshc1
Very much 'Snow Crash'.

~~~
peejaybee
Very David Langford.

------
wmeredith
"Because of Glass's limited user interface, Google set up the device's camera
to automatically process any QR code in a photograph."

...set up the device's [$foo] to automatically process any [$bar] code...

What could go wrong?

------
laserDinosaur
Pwned? Really?

~~~
lotsofcows
It's a corruption of "owned" and refers to a hack that gives the hacker total
control of the target device. HTH!

~~~
weego
The corruption originated in gaming, specifically Warcraft modding I believe.
Regardless of how it originated or is used it's still rather trashy in a
headline.

~~~
loopdoend
There's no way to say that pwned originated in gaming. It may have been
popularized by gaming, but hackers have been describing things as owned and
for a long time. The "typo" is regarded as leetspeak and isn't really trashy
because it's more descriptive than owned itself.

------
lnanek2
I've gotten normal usage of Glass-cast, as they call it, to work only 1 times
in 10 anyway, heh. The feature is a distaster. You take a picture of the
barcode over and over and have no feedback whatsoever what the problem is
behind it not working.

~~~
ben1040
Are you trying the screencast with a device that's already been BT paired &
connected to your Glass?

I never see the barcode option, it just connects straight to my device
immediately. I think you only end up with the barcode if you're not connected
or having connectivity issues.

Google posted an update yesterday to the MyGlass app that supposedly improves
connectivity, so maybe that might solve the trouble you'd been having.

------
JonSkeptic
>Thankfully, Google has already patched the issue.

It sounds like they are on top of it.

~~~
andrewcooke
remind me again why you have skeptic in your name?

