Reason No. 2: Glass OS can be hacked, just like every other system
In Google's ideal world, all developers will only create and distribute legitimate applications, and all users will run legal, fully patched versions of Glass OS (which is based on Android) on their nonjailbroken Glass. This leads to the second reason Google's can't honestly assure Congress that Glass could never be used to violate someone's privacy: Glass OS is demonstrably hackable.
Since Google first started selling early models of Glass to developers (for $1,500 a pop), several techies have come forth to proclaim successful hacks of the device:
- Android developer Jay Freeman, also known by the handle Saurik, in April revealed that he managed to jailbreak the device, allowing it to be loaded with unauthorized software.
- Startup Lambda Labs announced it's built a facial-recognition API for Google Glass.
- Researchers at security company Lookout reportedly discovered a vulnerability that allows attackers to hijack a pair of Google Glasses using specially designed QR codes. (Google reports the bug has been fixed.)
- Members of the hacking community have uncovered potentially abusable features within the Google Glass OS, such as the ability to put the device in constant listening mode and to snap a photo with the wink of an eye.
- Employees at Google have demonstrated that it's possible to install Ubuntu on a rooted Google Glass.
Every hack, app, and vulnerability on this list -- and there are almost certainly others that aren't -- could theoretically be used to violate a third party's privacy. In some cases, it wouldn't be Google's fault so much as the user's fault that his Glass became a zombie live-streaming video cam because a user clicked a dangerous link or installed an app from an unknown source. But in other cases, it would be because a malware author found a way to hack Glass OS, plain and simple.
Glass OS is hackable -- but so is every OS. It's just that hackers focus their efforts on the most-used platform. That's why Windows has traditionally been the most-hacked desktop OS, Java is more exploited than .Net, and Android is the top-targeted mobile OS in the world today.
Yes, I am saying that iOS would become the most-hacked mobile platform if it surpassed Android's global adoption. But the same would go for Windows Phone, BlackBerry BBX OS, Firefox OS, and others. More users mean more potential victims for cyber thieves, which means higher demand for malware to snag said victims. The more malware that comes, the more likely a malicious agent slips through the cracks.
Here's the point: The fact that Google Glass OS is susceptible to hacking is largely irrelevant until the platform gains widespread adoption. For now, it's tough to predict whether that's going to happen. Sure, maybe it will be the next big thing, OEMs will pile on to create their own versions of the eyewear, and malware-infested G00gl3 Gla$ knockoffs hit the black market, turning millions of users into unwitting spy cameras for Big Brother or Mr. Big or the in-laws or whomever wants to monitor your every move.
There are more important security and privacy-related concerns we need to address than whether or not Google Glass will single-handedly lead us toward an Orwellian dystopia. For example, each of us could reassess our priorities as to what level of privacy we're already willing to surrender in exchange for at-times meager (or false) rewards. Is it worthwhile to text your contact number and a metadata-loaded digital photo into the ether for a negligible chance to win a prize? Is handing a helping of your Facebook data to an unknown developer worth playing with a fart-sound emulator?
As a nation, we could focus our concerns on the potential threats on protecting our data and our privacy from the varied threats we know are out there today. Globally, we could urge our influential politicians, business leaders, and technology authorities to channel their efforts toward making the Internet more secure as a whole, for everyone.
This article, "Yes, Google Glass is hackable, but that's the least of our privacy worries," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.