Leaking data from enterprise networks using a compromised smartwatch device

“…Although it can be argued that the results obtained are limited to this specific model until confirmed for other models as well, we expect other glasses to expose similar security threats. Just like history has demonstrated for smartwatches [81,93,94] and fitness trackers [6,15,20,30], we suspect that many camera glasses currently available on the market do not have hardware and software architectures suited to prevent security attacks, most likely due to manufacturers being more interested in utility rather than the security of their products at this stage of mass consumer penetration of such devices. Some of our attacks, such as detecting devices in the Wi-Fi spectrum, are general to apply to all Wi-Fi connected glasses models.…”

“…As wearable devices, such as the glasses from Andrew's story, become more complex and diverse due to industry manufacturers striving to deliver more features and functionality to users at lower costs, it is unsuspecting and uninformed users of such devices, as well as bystanders, that become exposed to a wider range of potential security and privacy attacks from malicious parties [30,66,93]. But glasses are not the only wearables that can become targets of such attacks: smartwatches, fitness trackers, and armbands have been repeatedly exposed in the scientific literature as being unsecure [6,15,20,30,81,94,94]. However, unlike smartwatches and fitness trackers, for which a large body of literature has uncovered many security threats and proposed defense mechanisms, similar systematic investigations for glasses are lacking.…”

“…The advent of wearables that publicly advertise their presence in the radio spectrum, share the data they collect with connected devices or with services from the cloud, and register to unsecured local networks, demands dedicated attention to the privacy and security threats to which they expose their users. Some of those security threats have been recently uncovered for smartwatches [81,93,94], fitness trackers [6,15,20,30], and smart armbands [103], but considerably less attention has been devoted to examine the security of video streaming camera glasses. Regarding the latter, the main focus of research has been the privacy of bystanders and their reactions to wearers of such devices [23,25,43,[48][49][50].…”

“…For example, Wang et al [94] showed that a smartwatch worn while typing on a laptop keyboard can leak a substantial amount of information about the words being typed; Wang et al [93] demonstrated how motion-sensing devices worn on the wrist could be exploited to capture hand movement trajectories with enough precision to infer PIN sequences entered on ATM keypads; and Maiti et al [57] presented similar attacks for inferring the combinations of mechanical locks. Yet another type of attack targeting smartwatches was described by Siboni et al [81] in the context of organization security: an outsider could exploit the smartwatch of an innocent employee to intercept print jobs and, thus, get access to sensitive data. Fitness trackers, although less complex than smartwatches, also collect, store, and share personal data about their owners.…”

Uncovering Practical Security and Privacy Threats for Connected Glasses with Embedded Video Cameras

“…Although it can be argued that the results obtained are limited to this specific model until confirmed for other models as well, we expect other glasses to expose similar security threats. Just like history has demonstrated for smartwatches [81,93,94] and fitness trackers [6,15,20,30], we suspect that many camera glasses currently available on the market do not have hardware and software architectures suited to prevent security attacks, most likely due to manufacturers being more interested in utility rather than the security of their products at this stage of mass consumer penetration of such devices. Some of our attacks, such as detecting devices in the Wi-Fi spectrum, are general to apply to all Wi-Fi connected glasses models.…”

“…As wearable devices, such as the glasses from Andrew's story, become more complex and diverse due to industry manufacturers striving to deliver more features and functionality to users at lower costs, it is unsuspecting and uninformed users of such devices, as well as bystanders, that become exposed to a wider range of potential security and privacy attacks from malicious parties [30,66,93]. But glasses are not the only wearables that can become targets of such attacks: smartwatches, fitness trackers, and armbands have been repeatedly exposed in the scientific literature as being unsecure [6,15,20,30,81,94,94]. However, unlike smartwatches and fitness trackers, for which a large body of literature has uncovered many security threats and proposed defense mechanisms, similar systematic investigations for glasses are lacking.…”

“…The advent of wearables that publicly advertise their presence in the radio spectrum, share the data they collect with connected devices or with services from the cloud, and register to unsecured local networks, demands dedicated attention to the privacy and security threats to which they expose their users. Some of those security threats have been recently uncovered for smartwatches [81,93,94], fitness trackers [6,15,20,30], and smart armbands [103], but considerably less attention has been devoted to examine the security of video streaming camera glasses. Regarding the latter, the main focus of research has been the privacy of bystanders and their reactions to wearers of such devices [23,25,43,[48][49][50].…”

“…For example, Wang et al [94] showed that a smartwatch worn while typing on a laptop keyboard can leak a substantial amount of information about the words being typed; Wang et al [93] demonstrated how motion-sensing devices worn on the wrist could be exploited to capture hand movement trajectories with enough precision to infer PIN sequences entered on ATM keypads; and Maiti et al [57] presented similar attacks for inferring the combinations of mechanical locks. Yet another type of attack targeting smartwatches was described by Siboni et al [81] in the context of organization security: an outsider could exploit the smartwatch of an innocent employee to intercept print jobs and, thus, get access to sensitive data. Fitness trackers, although less complex than smartwatches, also collect, store, and share personal data about their owners.…”

Uncovering Practical Security and Privacy Threats for Connected Glasses with Embedded Video Cameras

“…The major challenges to test IoT devices are their fea tures and limitations [22]. A comprehensive IoT security test bed was developed [23]. Se curity weakness of IoT devices was evaluated by launching attacks [14,24,25].…”

A Hadoop Based Framework Integrating Machine Learning Classifiers for Anomaly Detection in the Internet of Things

An MQTT-SN-Based QoS Dynamic Adaptation Method for Wireless Sensor Networks