Special Report – Hacking in the MR World

Posted by

Earlier this year, I attended a VR/AR/MR conference in London, UK.  While sitting in a session with a group of experts in the space, I raised my hand and asked a simple question, “What is being done to deal with hacking Mixed Reality.”  Each expert (three on the panel) had no real answer.  

None of them even had thought about it, until my question.  One said there was no plan at this present time, another concurred that it would create problems because of how MR will play out (more on that in a second) and the third, noted it was a good question and repeated a similar response with the other expert.

I’m not concerned about hacking with Virtual Reality, nor with Augmented Reality.  One places you in a virtual world and while hacking will come into existence, and the same with Augmented Reality, but the big elephant in the room that no one seems to notice is Mixed Reality.

Mixed Reality is the future in the immersive experience world.  Talk to any expert and they will concur. 

Right now, you need HoloLens but down the road two years from now, a headset while cool isn’t something you are going to be wearing around the store or down the street.  The technology in terms of the experience and view will change and with that, the hacking will create a scenario that can create a far worse experience than today, and that is saying something.

Here’s A Real World Scenario

Mixed Reality combines the virtual world with the physical world.   Think about that for a second.   You are walking down the street and whether it is a headset on your head/i.e. over you face, or some type of glasses or iOT product with MR functionality,  you look around and see all the marvels before you.

Initially and actually long term you are going to see ads, lots of them.  MR is a marketer’s dream come true.   And for those of us in the early days of the net, remember those overbearing banner ads, that eventually flashed and became annoying?  Yep, that type of trash will fill you day as you walk about.  Regardless if it is down your street, favorite park, supermarket, big box retailer, amusement park, college, anywhere.

“Buy This”, “Special deal just for you,” “Save $50 off the ZYS Textbook,” and “Buy one, get one free KFQ BBQ Chicken dinner.”   Your town may ban or limit the number of billboards but with MR how are they going to stop the mass amounts of advertising?  Walk everywhere and find them?   I note this, because the first hack scenario is about to roll in.

With the growth of virtual wallets, including Apple Pay, Android Pay, Visa and MasterCard the ability to pay immediately with a touch ID or facial recognition saves folks a lot of time.  Add your credit card, PayPal account and/or similar and payment flows to whatever you want to buy.

Visiting a brick and mortar store

To entice you into Big Box electronics store, they offer you a deal for $299 for a 4K TV.  Best of all, while you are viewing it in a MR environment, you can buy right there on the spot.  No need to hit the virtual line.   Sounds simple.

What if though the deal wasn’t really from the electronics store?  What if it mimicked what you would see with a 4K TV with a virtual experience within the store itself, but it was created by someone else, who may not even be in the store?  You would have no idea.

You pay your $299 with your virtual wallet, but what you do not get is your real TV,  what you do get is two fold. 

a.  Your virtual wallet information in the hands of a hacker (black hat)

b.   Money going into there account, wherever that might be

Once you find out that you are not getting your actual television, you, as anyone who expect, complain.  The store would likely put on the headset or other type of MR device to look for that false ad.  But now, it is gone.  Time sensitive you see.    What does the store do?  What do you do?

Let’s Switch to another Scenario

If you have ever used MR with holograms, it first off is very cool, secondly though it is whacked – positively speaking.  You could be in a room in Tokyo speaking, and over in New York, hundreds of people could “see you” – you are not seen as some robotic looking thing or Max Headroom (80’s reference), but as yourself, with your mannerisms, speech patterns, etc.

Switch that approach to walking anywhere on the street, the park, amusement park, sporting event, and so on.

You see others, who are not really there.  Interacting with them in the physical world.  Social communication, sharing video, personal information to boot.   And on the flip side, they see you.  They are there, but not there.  You are somewhere.

It is natural to strike up a discussion.  Natural to walk around with your new “friends”, chatting, exploring, and experiencing this whole new immersive world.

And it is natural as noted above to feel so relaxed you share personal data and details.

The “friends” though are actually hackers and the information you are sharing, will go to nefarious purposes.   They are holograms you see.

Dating MR

It is inevitable.  It will happen with this new terrain, pushing the MR environment to a level never seen before.  In dating it is very common to share personal information.  Heck, maybe you are at a restaurant.  The person opposite you isn’t actually physically there.  They are elsewhere.

It’s online dating with a MR twist.   As you learn more, you gain more – info.   But your date isn’t in it for the date, they are in it to acquire your data.  Pay with a virtual credit card, the hacker, will thank you for it.   

Give out your home address or even worse, walk back to your apartment, house, condo with your “virtual date”, and now they have they have that information too.  Or go one further step,  they “see” your entire home.  Check for security, catch a few items of interest.  Maybe you have bills on your table with your account numbers.  Maybe you have valuable art work.

And maybe, just maybe your date is more interested in your stuff then you.   Robbery takes on a whole new level. 

What can be done

There is that elephant again.

And the answer is not so simple.   But here are a few ideas

  • Create safeguards built into any marketing item/ad that will appear, regardless of location.   This would fall onto the retailers, the various marketers, and anyone else who is selling, enticing or trying to get folks to buy, even explore their products. 

It would be ideal if those in that space would take it upon themselves, but let’s be real here.  Ideally the government would need to step in, and at least for the time being, with regulations being removed, at least here in the U.S., that isn’t going to happen. 

Thus, here in the U.S., it will have to be at a state level.  Overseas, the EU could require each advertiser to place in safeguards.   Other countries, again, the governments have to take the lead.  

Facial recognition IMO can accelerate various types of hacking in MR.  I say this, because of holograms.  Replication is a side effect for someone who wants to become you.   And for some, they will. 

Thus, for tech companies implementing facial recognition, processes will need to be developed to offset the potential for replication.

  • Businesses, companies, financial institutions will need to be strengthen their security, beyond what they have now.  And they should start right now, developing a strategy.  Not, in two years. 
  • Manufacturers of MR headsets, devices, etc.  need to do the same.   Heck, I’d even include any social platform including, and especially Facebook.

Bottom Line

This is a big wake up call.

Facebook are you listening?  Apple? Amazon?  Google? Microsoft?  And all the other players out there?

Big box retailers, malls trying to bring folks back in, marketers are you paying attention?

MR is here.  It’s real power is yet to come.

It’s going to rock. It’s going to roll.

So, everyone read up. 

Start thinking now of security measures including safeguards.

Not next year.

Because

Without a game plan

The hackers will take it all.

Your identity.  Your data and

Your money.

E-Learning 24/7