Symantec: Google Glass still vulnerable to Wi-Fi attack

Just a week after Google patched a QR-code vulnerability, it turns out that Google Glass is still vulnerable to attacks. Symantec threat researcher Candid Wueest noted that a hacker could impersonate a known Wi-Fi network with just $100 worth of hardware to potentially hijack Google Glass's network traffic.

Using the Wi-Fi Pineapple, a portable hot-spot tool used by penetration testers and other security professionals, hackers could exploit the behavior of wireless devices which constantly probe their surroundings for a known Wi-Fi access point for Internet connectivity. By masquerading as the wireless network being sought after, the Wi-Fi Pineapple can position itself into a classic man-in-the-middle attack to do session hijacking or sniffing.

The fundamental problem of Wi-Fi devices looking for known networks isn't an easy one to solve, Wueest wrote. Devices could check a hardware identifier, called the MAC (Media Access Control) address, of a Wi-Fi router and match it with the SSID. But MAC addresses are easily faked, he wrote.

"The more practicable solution is to treat every network as hostile and ensure that all the applications use encrypted communications like SSL [Secure Sockets Layers] or tunnel through a VPN," Wueest wrote.

Read more -here-

• Google, Meta, Apple receive FCC approval to tap into airwaves for VR and AR
• State-sponsored hackers are leveraging WinRAR bug
• Amazon launches drug delivery by drone
• Unpatched Zero-Day being exploited in the wild, Cisco warns
• Apple plans to update iPhones in-store without opening the boxes
• Microsoft just bought Activision Blizzard for $69 billion