Google Glass Has Already Been Hacked By Jailbreakers

10 years, 11 months ago - April 29, 2013
googleGoogleGlasstechnology
Google Glass Has Already Been Hacked By Jailbreake
With a name like Glass, it was just asking to be cracked.

Just days after its release to developers, Google’s Glass headset has already been hacked to give users full control of its Android operating system, according to Jay Freeman, a well-known Android and iOS developer who tested a known exploit for Android on Glass yesterday and announced his success on Twitter Friday afternoon. The “root” or “jailbreak” technique Freeman found would potentially remove any restrictions Google might place on Glass, though it’s not yet clear exactly what those restrictions might be in consumer versions of the device.

Freeman, who goes by the hacker handle “Saurik” and created the widely-used app store for jailbroken iOS devices known as Cydia, told me in a phone interview that he discovered yesterday that Glass runs Android 4.0.4, and immediately began testing previously-known exploits that worked on that version of Google’s mobile operating system. Within hours, he found that he could use an exploit released by a hacker who goes by the  name  B1nary last year to gain full control of Glass’s operating system.

“It took me two hours while I was having dinner with friends at the time,” Freeman wrote to me. “The implementation from B1nary is for normal Android tablets and phones, I learned how it worked and then did the same thing on Glass…which was quite simple.”

Freeman, who obtained his Glass unit through a program for developers, says he’s not exactly sure yet what gaining root access to Glass might make possible. (He says he hasn’t been able to use his much due to his own eyeglasses prescription, which has made focusing on the device’s display painful for more than a few minutes at a time.) But he speculates that jailbreaking Glass could make it possible to store data locally on the device or on Bluetooth-linked phone, rather than upload it automatically to Google’s servers, a measure that some privacy-conscious users may appreciate.

Another possible function of rooting Glass (my speculation, not Freeman’s) could be to cut off Google’s ability to remotely “brick” the device, permanently disabling it if the user violates Google’s terms of use, a trick that recently came to light when one Glass owner tried to sell his early test unit on eBay despite Google’s warning not to.

Freeman says he was able to hack Glass using the device’s debug mode and a flaw in its backup function that tricks the device into thinking it’s running as an emulation on a developer’s machine. As he described it to me:

You take a backup from the device, modify the backup, and then restore the modified backup to the device. While the backup is restoring, you make a change to the data being restored that redirects the data being restored to overwrite a critical configuration file. This makes the device think that it is not running on real hardware: you make it think it is instead running on the emulator used by Android developers to test their software on desktop/laptop computers. As the emulator is designed for developers, it has full control and gives you “root”.

Freeman isn’t the only hacker tinkering with Glass. Another developer named Liam McLoughlin had already achieved root access to Glass the day before, according to the blog 9to5Google. Update: Freeman clarifies below that

It’s not yet clear whether the exploits Freeman and McLoughlin used will work on consumer versions of Glass rather than developer versions. Freeman says that he spoke with a Google employee who was surprised that Freeman’s device had debug mode enabled, and commented that he thought it had been taken out of the latest version.

Unlike Apple, however, Google has long taken a friendly approach to those who hack its mobile devices, even allowing users and OEMs to root its devices with sanctioned methods. I’ve reached out to Google for comment on whether and how it will respond to developers hacking its new headset ahead of Glass’s 2014 release, and I’ll update this post if I learn more.

This much is clear: If Google does intend to keep a tight lock on Glass, it’s already a step behind the hackers who want to unlock it.

Google staffer Tim Bray has responded to the jailbreak on Twitter and doesn’t seem very concerned. “Yes, Glass is hackable,” he writes. “Duh.”

 

Text by Forbes

We also recommend

Google removes ‘view image’ button from search results to make pics harder to steal

Google removes ‘view image’ button from search results to make pics harder to steal

Google is making a change to image search today that sounds small but will have a big impact: it’s removing the “view image” button that appeared when you clicked on a picture, which allowed you to open the image alone.

6 years, 1 month ago

Google launches its AI-powered jobs search engine

Google launches its AI-powered jobs search engine

Looking for a new job is getting easier. Google today launched a new jobs search feature right on its search result pages that lets you search for jobs across virtually all of the major online job boards like LinkedIn, Monster, WayUp, DirectEmployers, CareerBuilder and Facebook and others. Google will also include job listings its finds on a company’s homepage.

6 years, 10 months ago

Google calls out fact-check articles in its News section

Google calls out fact-check articles in its News section

A new Fact Check tag takes its place amid stories on Google News along with earlier tags such as Opinion, In-Depth and Highly Cited.

7 years, 6 months ago

A 'Made by Google' pop-up store is coming to New York

A 'Made by Google' pop-up store is coming to New York

With a slew of new hardware, Google is finally aiming for scale. The new Pixel phones, the smart Home speaker -- these aren't Nexus-level side projects.

7 years, 6 months ago

Google celebrates 18th birthday, as it has done on this date for 11 years

Google celebrates 18th birthday, as it has done on this date for 11 years

7 years, 6 months ago

Google Launches New My Activity Site, Reaffirms Google Knows Basically Everything About You

Google Launches New My Activity Site, Reaffirms Google Knows Basically Everything About You

Google knows a lot about you - particular about the "you" on the internet. A new tool launched today called My Activity lets you get some insight on just what that information is - in a readable sense - by showing you your various web, Google product (including Android and Android apps), and search activities in a rather pretty card timeline. The site works on both desktop and mobile.

7 years, 9 months ago

Tags Cloud
2010accidentsadvertisingAfrAsiaafricaagalegaagroAir Franceair mauritiusAirlinesairportairway coffeeAlvaro SobrinhoamazonAmeenah Gurib-FakimAMLandroidApollo Bramwellappleappointmentsappsarrestasiaauditaudit reportaustraliaaviationawardsBABagatelleBAIBangladeshbankbanksbarclaysbeachbeachesBeau Bassin-Rose HillbetamaxBOIboko haramBollywoodBOMbombingbpmlBPOBramer BankbrazilbrexitbudgetBusinessCanadacanecareercareer tipscasinoCCIDCCMCEBcementChagosCHCchinaCIELcigarettesconferenceConfinementCongoconstructioncontestCoronaviruscorruptionCourtCourtscouvre-feuCOVID-19CPBCPEcreativitycrisiscruise shipsCSOCT PowerCultureCurepipecustomerscustomsCWAcyclonedamDawood RawatDBMdeficitdenguedevelopmentdoctorsDomaine les PaillesDPPdrug traffickingdrugsDTAADuty FreeearthquakeebolaecoécoleseconomyEducationEgyptelectionselectoral reformelectricityEmiratesEmtelenergyENLentrepreneurshipEUEuropeeventsexamexamsexpoexportfacebookfairfarmersfeeFIFA World CupfinancefinancesFirefishfishingFlacqFlic-en-FlacFloodsfoodFootballforecastforeign workersFrancefraudfruitsFSCfuelfunnyGAARgamblinggamesgasgazaGermanygooglegovernmentGRAgreengreen energyhackershajjhawkershealthhealthcareHeritage Cityhistoryholidayshorse racingHospitalhotelhotel businesshotelshow toHRHRDCHSBCHSCIBLICACICTICTAID cardillegal fishingIMFimportindiaIndian OceanIndonesiainflationinfrastructureinnovationsinsuranceinternetInterviewinterview tipsinvestmentinvestmentsiosiPadiphoneiraniraqIRSISISisraelITItalyjapanJin FeijobjobsjournalismKenyaKPMGlandlawlawslayoffsleadershipLepeploanslocal governmentLockdownlotteryLRTLufthansaMadagascarmalaysiamalaysia airlinesmanagementmanagement tipsmanufacturingmarketmarketingmarketsMauBankMauritiansmauritiusMBCMCBMCCImeccaMedical CouncilmedicamentsmedicineMedPointmeetingMEFMESMetro ExpressMEXAMicrosoftMIDMIEmigrationminimum salaryminimum wageMITDmlMMMmoneymoney launderingmotivationmoviesMozambiqueMPAMPCMPCBMRAMSCMSMMTMTCMTPAMusicMV BenitaNandanee SoornackNarendra ModinatureNavin RamgoolamNavind KistnahNCBnceNDUnetworkingNew Mauritius HotelsNHDCNigeriaNobel Prizenorth koreaNTCNWCCofficialsoffshoreoilOlympic GamesOmnicaneorangeOUMPakistanpalestineparliamentPaul BérengerPhilippinesPhoenix Beveragespicture of the daypiracyplagePMPMOpmsdPNQpolicepoliticsportPort LouisPort-LouispostPravind JugnauthPRBpricepricesproblemprostitutionprotestspsacPSCpsychologyPTRpublic servicequatre-bornesrainsRakesh Gooljauryratingsreal estatereformsrepo rateRESrestaurantsresultresultsReunionriceroadsRoches-Noires caseRodriguesRogersRose-HillRoshi BhadainRussiaSAJsalariessalarysalessamsungsaudi arabiasbmSCscamscandalscholarshipscholarshipsSchoolschoolssciencesecuritySeychellessharksshootingshoppingshopping mallSICsicomsingaporeSITskillssmart citysmartphonesSMeSMEDASobrinho casesocial mediasocial networks & messengerssolar energysouthsouth africasouth koreasportSportsstartupsstatisticsstatsSTCstrategystreet vendorsstrikestudysuccesssugarSun Tan caseSunkai casesyriaTAtabletsTanzaniataxtax heaventaxesteaTECtechnologytelecomterrorismtextilethailandthefttime managementtipstourismtradingtrainingstransporttrendstunaTurfTurkeyTVtyphoonukukraineunemploymentunionsuniversityuomUSUTMvacanciesVacoas Popular Multipurpose Cooperative SocietyVacoas-Phoenixvarma casevegetablesVideo of the DayvisaVishnu LutchmeenaraidooWaterWaterparkWeatherWhitedot Casewi-fiWMAWorld BankXavier-Luc DuvalYEPzimbabwe