Please expand your imagination. Put yourself on a high mountain and watch the beautiful sunset and clouds. Suddenly, you come to a spaceship again, flying at a very fast speed to an unknown planet full of mystery and danger. In the end, you met a girlfriend you haven’t seen for more than a year, and you kissed together. Suddenly, the whole world darkened, and you saw the most terrifying and violent scene in history. Do you want to return to the romantic table? This is only $200.
In the next 10 years, the picture I described above will become possible. Immersive technology will put the user’s virtual characters into the digital environment, thereby taking video games, simulators, learning, and even love experiences to a whole new level. And although we will experience all kinds of gorgeous scenes, for profit reasons, someone may try to ruin it all.
Current technology
Our current technology is mainly the keyboard, mouse, touch screen and other user interface devices and data display methods (such as your monitor) The interaction between. Therefore, a fully immersive experience is impossible, at least not currently. Every day, with the development of new technologies, we are paying attention to the bright future, when users will be able to wear helmets, tactile feedback gloves, and special frame glasses or contact lenses, similar to the way in science fiction and the real world and the digital world. interactive.
Technology similar to Oculus Rift and Sony Project Morpheus is the first step in the development of the entire industry, which has been stagnant for the past 20 years Not move forward. In watching movies, playing games, and meeting with friends and colleagues in the future, these devices can bring a complete, or nearly complete, immersive experience.
In addition to these fully immersive devices that are about to become reality, we now have a series of augmented reality devices, such as Google Glass.
Future threats
As technology develops, eventually some people will find a certain way to use technology to harm others. In this case, when we discuss virtual reality technology, we will find that this has also created an information security crime market, and criminals may profit by modifying reality.
Immersive Threats
First, we will discuss immersive threats, which are the dangers associated with future complete immersive technologies. (For example, it makes you feel like you are in a certain place, but you are not actually there.) I can say with certainty that this type of technology will receive large investments, develop rapidly, and be widely accepted. I say this because most of the development of this technology is done in the name of the game.
In human history, games are an important driving force for technological development. Such technological developments include graphics cards, processors, keyboards and mice And other peripherals. To be sure, after video games, this type of technology can be used for other purposes. However, when this happens, information security criminals will also take advantage of it.
Lock screen
The first threat we face is the lock screen ransomware that many people are already familiar with. Over the past few years, this method has been used for extortion. Normally, this is just some text messages, threatening you to pay. If we view this threat as a threat similar to that found on desktops, what is unique about immersive technology? What if malware can affect the output of immersive devices and only display blackmail information on such devices?
A simple system scan can remove these malicious software. After this, you can return to the ongoing task. In the most serious cases, this approach will only cause problems for users.
Flashing pictures
Now, let’s take a look at the psychological attacks that immersive technology can bring. Picture of people troubled.
During its operation, the ransomware can continuously display a picture on your device, but for flashing pictures, unless the picture has begun to “attack” the user’s eyes, the user will not You may notice the existence of such pictures. These pictures may contain pornographic or violent content.
Such pictures may appear on your device for a few days, then appear more and more frequently, and eventually require you to pay a certain amount The ransom, thus stopping the display of the picture. Such malicious software can also be deleted through system scanning, so that everything returns to normal. However, the psychological damage caused by this method will last longer. Before the malware is deleted, users are not even sure whether what they see is what they want to see, and they are likely to think that they have lost their minds.
Screamer
It is easy to speculate that many users will use immersive visual technology with audio content. In this case, the noise-canceling headphones will emit 3D surround sound. Therefore, past child pranks will become a nightmare for victims of “screamer” malware.
Imagine that you are running an immersive game or watching a movie. You are very focused on the content and engrossed. Suddenly, a terrible sight appeared before your eyes, and a harsh scream invaded your ears. For desktop users, when this scream sounds, users can turn away from the beginning, or leave temporarily. But for users of immersive technology, the situation is completely different.
You can already see that some users use devices like Oculus Rift to play horror games. The purpose of this type of game is to frighten users. The player’s reaction is very intense, they will feel complete fear, unless they take off their helmets or they can’t escape.
After encountering the first wave of attacks by the Screamer software, the user can return to the task that was previously in progress, but a few hours later, the software struck again. The fear and anxiety that this kind of software brings can drive users crazy, such as paying ransoms to blackmailers.
Such software is also easy to delete from the system, but the psychological damage will last a very long time, bringing nightmares and even computer phobia. Information security criminals who use this method may try to blackmail the ransom in advance and warn the user if the ransom has not yet been paid. If there are enough victims, then this warning alone is enough.
The Whisperer
The last threat we want to discuss related to immersive technology is not easy to detect. Such malware will speak quietly to your ears. By speaking to the user, the malware can control the user’s thinking or cause the user to go crazy. Subliminal messages can also achieve the same function, displaying an almost completely transparent message in front of the user. When using the existing technology, such malware is difficult to be effective, but if the user cannot remove his or her eyes, then the situation will be very dangerous.
According to the behavior of information security criminals, they can accept requests from companies with poor reputations to help them promote products, or they can Just whispering makes people crazy. These offenders can then provide users with a way to get rid of whispers, such as selling drugs to users, or some kind of “therapy” that can cure them. After that, they can turn off such whispering software until they wish to scam money again.
Augmented Reality Technology
After we understand the threats related to immersive technology, and what information security criminals can use immersive devices to obtain After power, it can be said that most of these attacks are aimed at psychologically attacking users because they can get 100% of users’ attention.
So, what about augmented reality technology, such as devices like Google Glass? When using this type of device, you will face completely different threats, most of which are similar to those that appear on desktop devices. However, compared to ordinary PCs, attackers can steal, distort, and spy more information.
Steal the moment of privacy and sell it later
The key to augmented reality technology is that it can interact with the real world in a whole new way. This means that in order to provide digital content on a real-world basis, these devices need to use cameras.
The camera connected to the augmented reality device is a very dangerous thing. Think about it, if you want, malware can use a camera to take pictures at many very private moments. These moments are not suitable for disclosure, but through the social network connected to the device, information security criminals can post these photos to the user’s social media according to their wishes. There is no doubt that this situation is most likely to happen when the user refuses to pay the ransom.
Some researchers have used Google Glass to develop such spyware for the purpose of proving concepts. Therefore, this threat is closer to reality than the scenarios listed above.
Record conversations
In addition to taking photos and recording videos, augmented reality devices can also record your voice. The advantage of this technology is to record your thoughts at any time, so that you can interact with the device in a hands-free manner, or record the music you are currently listening to on the radio, and find detailed information about the music. However, the downside of this technique is that spies and identity thieves can use malware to take the opportunity to record all your conversations.
On the other hand, the built-in voice recognition software can be used to identify common product names and topics you mentioned in the conversation To show you targeted ads. If this bothers you, it is not a good thing.
Stealing credit card numbers and passwords
It is clear that malware based on augmented reality devices can pose a serious threat, that is, observing your daily activities The process of stealing your personal information. In this case, all the information security criminals need to do is to wait for you to check your credit card number or enter your password on the ATM. Later, using your personal information, they can copy your credit card and steal a large amount of money from your account.
Alternatively, they can use your credit card information and analyze your signature (recorded when you check the credit card) to imitate your signature handwriting to use your credit card.
Information security criminals can obtain and master all aspects of your life. They can steal your social security number, birthday, address, and family information. Of course, the best way to cope is to turn off these devices when you are engaged in private activities or activities with high security requirements. However, what if such a reality augmentation device is not worn on the face, but implanted in the body?
Distorting reality in a negative way
In the near term, the last type of threat facing augmented reality technology is closely related to the design purpose of such devices , This is “reality augmentation”. The selling point of this type of device is to provide more functions to real life through digital perspective, including GPS navigation, picture and voice recognition, biometric monitoring, and to show users a world different from reality.
Now imagine that malware is running on augmented reality devices and can take advantage of all these features. What will happen if you use augmented reality devices for driving navigation? You may hit the wall. And what if the augmented reality device is used to prompt the user to change lanes while driving and hit another car as a result?
According to the visual range of augmented reality technology, the possibilities are endless: if the device covers the entire visual range of the user, then It may be misleading to users, and devices like Google Glass can attract users’ attention, cause inconvenience to users, and even provide wrong information.
Conclusion
Considering the existence of all these threats, should we abandon the development of immersive technology or augmented reality technology? This is not the case at all. The advantages of this type of technology far outweigh the possible threats. And only when developers fail to complete technical work dutifully in the engineering development process, such threats will appear.
According to past experience, the rapid development of technology usually brings some unfavorable consequences, including information security vulnerabilities and defects, which can be exploited by malicious software. We already know that many people (including me) are very interested in this type of technology, so it is particularly important to take a moment to ensure that this type of technology will not be abused. Compared with not using Facebook because of malicious threats, this type of technology worn on the face is more dangerous. (Translation: 维金)
Immersive Infections
Source: TechCrunch.CN