Spyware app can secretly take photos from Google Glass without user’s knowledge

“Critics of Google Glass usually remark on how the device allows its owner to take photos and videos of other people without their knowledge or consent, which has contributed to some backlash, including bans on Glass in some establishments and an alleged assault on a Glass user,” John Zorabedian reports for Naked Security. “But a spyware app developed by two researchers has shown that Google Glass can be used to secretly take photos of whatever a Glass wearer is looking at without their knowledge – making the Glass user the one whose privacy and security is potentially compromised.”

“The lens display usually lights up whenever Glass is in use, which is the only way to tell when Glass is on – other than witnessing voice and gesture commands used by the wearer such as ‘Okay Glass, take a photo,'” Zorabedian reports. “However, according to media reports, the app takes a photo every 10 seconds when the display is off, meaning the wearer (or anyone in view of the camera) is unaware that it’s recording. The app can also access the internet from the user’s Glass connection to upload the images to a server.”

a prototypical glasshole
A prototypical Glasshole
“If a Glass user were to unknowingly install the app, which the researchers disguised as an app for note-taking called Malnotes, the app’s makers could potentially spy on the user’s activity, their location, who they are with, or even see their passwords as they’re typed,” Zorabedian reports. “The proof-of-concept attack shows one potential way for crooks and spies to exploit Glass for nefarious purposes. It also reveals the potential for similar Glass apps to take photos or videos without the Glass display being lit… the security researchers said that – despite Google’s developer policies against apps that take photos with the display off – there’s nothing in Glass’s software that prevents it from happening.”

Read more in the full article here.

MacDailyNews Take: Two-way Spywear.

Related articles:
Google Glass-wearing woman claims attack at San Francisco bar – February 26, 2014
Scoble: Google Glass is doomed – January 2, 2014
One year wearing Google Glass: ‘Look at that asshole’ – December 31, 2013
Why an Apple iWatch has better chances than Google Glass – November 6, 2013
Apple’s Siri lambastes Google Glass – August 26, 2013
Google Glass ban list grows; top 10 places banning Google Glass – August 7, 2013


  1. I constantly hear the Google fanboys on podcasts saying how it is ‘the Future’, yet even they seldom wear them, think they look like dorks, complain about watching more than a few seconds of video and how the battery lasts only about three hours.

    Why does Google get a ‘free ride’ with obviously bad technology?

  2. They use an open, unprotected OS, from a company who has stated that if you get infected it’s the users fault for not being ‘careful’ – they deserve all they get.

    1. The question is, “Do we deserve to endure the results of their choices?” Out pictures are being taken without anyone being aware except the recipient of the images. We don’t know who they are or what their objectives are. That Glasshole whose boyfriend started the bar fight is just the beginning. “I feel threatened by the presence of the Glasshole and I think I’ll stand my ground.”

  3. I’ve read that Glass is running on Android and wasn’t it Page or Brin who said that Android is not meant to be secure? How can this really be the basis for anyone going forward? It is truly amazing that even the US gov’t is considering deploying Android devices.

  4. MORE fun with Google insecurity!

    Apps with millions of Google Play downloads covertly mine crypto currency

    Researchers said they have uncovered two apps that were downloaded from the official Google Play market more than one million times that use Android devices to mine the Litecoin and Dogecoin crypto currencies without explicitly informing end users.
    . . .
    The strain can be especially onerous on smartphones, because they’re equipped with hardware that’s much less powerful than that found in traditional computers. The apps discovered by Trend Micro were programmed to mine coins only when devices were recharging. That setting would help prevent batteries from draining quickly, but it would do nothing to prevent devices from overheating or consuming large amounts of bandwidth.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.