(CBS SF) — Wearable tech products like Google Glass advertise revolutionary new ways to move through the world and seamlessly engage with everyday activities. For some that might include tracking their jog, navigating Highway 1 or recording an engagement — but for others, it’s an opportunity for crime.
Researchers at University of Massachusetts Lowell recently discovered a way would-be hackers could use video from wearable tech products like Google Glass and the Samsung smartwatch to detect passwords typed onto a tablet from 10 feet away or more.
With a home-brewed software that uses a custom-coded video recognition algorithm, researchers were able to track the shadows from finger taps on an iPad from a distance, even if the screen on the device was titled upward with no image in sight.
This finding alerted Xinwen Fu, a computer science professor at UMass Lowell, who told Wired, “If someone can take a video of you typing on the screen, you lose everything.”
His students tested out other kinds of video-enabled devices, like the iPhone 5 camera and Logitech webcam, to spot a four-digit PIN. The webcam video got the code right 92 percent of the time, while the iPhone worked nearly every time.
“Unfortunately, stealing passwords by watching people as they type them…is nothing new,” a Google spokesman wrote in a statement to Wired. “We designed Glass with privacy in mind. The fact that Glass is worn above the eyes and the screen lights up whenever it’s activated clearly signals it’s in use and makes it a fairly lousy surveillance device.”
Fu didn’t test long passwords but estimates that Glass could identify an eight-character password on a QWERTY keyboard about 78 percent of time. Although Glass’s inconspicuous ability to record at eye-level potentially makes it easier to steal passwords, Fu said the real problem lies in passcodes. His researchers were able to capture a PIN typed on a glare-obscured screen from nearly 150 feet away with an optical zoom on a consumer camcorder.