If cloud security is an issue to be reckoned with today, the problem will only worsen as more and more data is saved and backed up to the cloud, say experts.
Indeed, a new consumer product being developed by such players as Google, Microsoft, Apple, and others will likely generate more dataperhaps by an order of magnitudethan today's smartphones and media tablets combined.
Augmented-reality (AR) glasses, also known as "wearable computers," are designed to display information hands-free in smartphone-like format and to interact with the Internet via natural language voice commands.
According to Matthew Green, assistant research professor at the Johns Hopkins Information Security Institute, AR glasses "will be collecting everything you see, everything you sayand potentially not just backing up all that information but sending it in real time for services like Google to process and to respond with relevant information. This is a big leap in data collection."
Of course everything depends on how popular the devices become, but Google's versionbranded as Google Glassalready has been dubbed by Time magazine one of the best inventions of 2012, even though it is not expected to be available to the public until 2014. Meanwhile, last July, Apple applied for a patent for its own version of AR glasses that the press is calling "iGlasses," and, four months later, Microsoft did the same.
All three prospective competitors were contacted to comment on their projects and their business models; all three declined to be interviewed.
Microsoft's device, of which there is no public prototype, seems to be a bit less ambitious than Google Glass, according to a recent TechCrunch article. Rather than being intended for all-day use, the Microsoft glasses are designed for use in a stationary position, such as at a baseball game, where the glasses might display scores, pitch speeds, and other information overlaid on the wearer's view.
AR glasses "will be collecting everything you see, everything you say."
By all indications the Microsoft glasses are not yet in production, but there is speculation that should they come to market, they might also plug into existing Microsoft hardware, perhaps to produce combined gaming experiences with Xbox and Kinect.
Similarly, Apple's device is also under wraps. Its patent indicates it is designed to incorporate a head-up display (HUD) in front of both eyesnot just one, like Google Glassand to connect to an external device with a 16:9 aspect ratio, possibly an iPhone or TV.
Johns Hopkins' Green believes the main reason the competition to develop an AR glasses technology has become so hot and heavy is the same reason other mobile technologieslike smartphones and media tabletshave become so profitable.
"The commercial value of the glasses is to enable these companies to sell more services and products to consumers," he says. "The glasses will collect data about where you are and what you're seeing, then filter that through search engines like Google or Bing, and ultimately respond with useful informationalong with targeted advertising. For a company like Google, for example, which is one of the world's largest advertising companies, it sure makes a lot of sense for them to be in that space."
Green, a computer security expert, is mainly concerned that the companies will use a portion of the data these products capture in whatever way is useful to them today, but also that they will retain that data for analysis later on, for use in ways that perhaps they have not thought of yet.
"That introduces another risk," Green says, "which is that all your data is sitting on servers waiting for somebody to steal it. After all, the cloud is just a lot of computers in data centers and, while they may use best-of-breed technology, any computer security expert will tell you that, unfortunately, nothing is completely secure."
At BT, chief security technology officer Bruce Schneier believes the risks of cloud storagea topic he frequently blogs aboutare already considerable, and the popularity of AR glasses will increase those risks only slightly. To Schneier, AR glasses are no different from any other product or application that stores data in the cloud.
"Almost everybody has all their e-mail going through the cloud. Many people store their files in the cloud. Your address book is there, your calendar is there, all your socialization like Facebook is there, as is your location and your phone information," he says. "The real worries are not about any one thing, but about the totality of everything."
As a security expert, Schneier admits it is impossible to know the extent to which the data in the cloud may be at risk, because the security issues are social, not technological, having to do more with laws and social norms.
"Facebook has your data because you gave it to them," he says, "and the law says they can do whatever they want with it. So, it doesn't matter what your technology is or what you use to stop misuse of that data. The answer is not to give them the data in the first place."
Yet AR glasses are likely to be the "next big thing" and have the makings of becoming a $240-billion-plus industry, according to Steve Mann, a professor at the University of Toronto's Department of Electrical and Computer Engineering and the general chair (and a keynote speaker) at this month's IEEE 2013 International Symposium on Technology and Society. The conference's theme is "the social implications of wearable computing and augmented reality in everyday life."
No one is likely more familiar with the technology than Mann, having invented AR glasseswhich he calls his EyeTap Digital Eye Glassback in 1978 to assist the visually impaired, and then attached a set to his head permanently, which he has worn ever since.
In the 1980s, Mann came up with what he called "life-glogging," capturing and streaming his life 24/7 to the Internet by bringing his own infrastructures with him wherever he went. When he traveled to different countries, Mann updated his radio license to operate in that location and put his servers on the rooftops of tall buildings to permit wireless connectivity. He migrated the project to the World Wide Web in the early 1990s, and started a community of life-gloggers that has grown to more than 200,000 users.
"It's become a very interesting research project that's generated a lot of interesting conversation," he observes.
Meanwhile, subsequent technological advances may mimic the public's fondness for replacing their intrusive and unfashionable glasses with contact lenses. Indeed, computer researchers at Ghent University in Belgium have built an LCD screen into a contact lens using conductive polymers and molding them into a very thin, spherically curved substrate with active layers.
At the moment, all the lens does is flash a dollar sign, but Ghent Ph.D. student Jelle De Smet and his team foresee the lens could function as an HUD that could superimpose an image onto the user's normal view. This kind of screen-on-the-eye technology could displace smartphones as the dominant way people access the Internet and connect to each other.
De Smet describes the lenses as providing information in ways similar to how Google Glass operates, but without having to wear glasses, which some people do not like to do.
"The functionality we foresee could comprise reading email and text messages, turn-by-turn directions, information about your surroundings, or a work situation where your hands need to be freed up, such as patient information for surgeons or a diagram for astronauts doing repairs on a satellite," De Smet says.
He anticipates it will take another 10 years before there will be a prototype with an acceptable number of pixels.
Regarding cloud security, De Smet says, "Each wireless technology is potentially prone to security issues," he says. "It just depends on how well your encryption techniques work."
Johns Hopkins security expert Matthew Green sees two potential problems ahead. The first is that, even with the best technology, computer scientists have been unable to stop hackers from periodically stealing data. The more relevant issue, he says, is that the companies selling the glasses are specifically designing them to provide themselves with full access to all data.
"In other words, there's no way to hide the data because these companies are the ones that are processing it," he explains, "and they are doing it for free in exchange for getting your information. As long as you allow their systems to have access to it, there is no computer science answer to that problem."
"Each wireless technology is essentially prone to security issues. It just depends on how well your encryption techniques work."
Steve Mann calls that a valid concern for consumers, who ought to be worried about the integrity of their own data.
According to Wikipedia, Mann last year "teamed up with the IEEE and the ACLU" to generate support for a Mann-Wassel Law that would be presented to the New York State Legislature. However, that proposal, which focuses on security and privacy issues surrounding individuals' use of recording technologies (including AR glasses) for "sousveillance" (the recording of an activity by a participant in the activity) has not made any progress.
"We certainly have opinions about how companies ought to treat their customers' data and their privacy," says Jay Stanley, a senior policy analyst at the ACLU, "and we might be willing to support legislation as time goes on as situations warrant it. But we don't agree the legislation is ready to be proposed. There are some very complicated issues here, and we need to do more thinking on them before we would be in a position to propose legislation."
An IEEE spokesperson says the professional association "will not comment at this time" and that "IEEE has not taken an official position on this pending legislation."
In the meantime, Mann suggests making the security issues known to consumers, who can then choose to purchase from the company that makes strong security a selling feature.
"Let the market determine which brand is most successful, perhaps by being the product that is most secure," he says.
He has this recommendation for entrepreneurial computer scientists: begin thinking about secure servers and services that can be offered if AR glasses become popular.
"It might be necessary to have a secure program running on the glasses that encrypts the data before uploading it to the cloud," he suggests. "So you either have to buy glasses that do thatand I'm sure some manufacturers will take that more seriously than othersor there could be third-party providers that might offer services associated with the glasses. Eventually astute customers may seek out and choose an operating system, like Unix, and an encryption protocol that is secure."
"Cloud Computing," a blog by Bruce Schneier, published June 4, 2009 at http://www.schneier.com/blog/archives/2009/06/cloud_computing.html
"Feudal Security," a blog by Bruce Schneier, published December 3, 2012 at http://www.schneier.com/blog/archives/2012/12/feudal_sec.html
"Design and Wrinkling Behavior of a Contact Lens With an Integrated Liquid Crystal Light Modulator," a paper by J. De Smet, A. Avci, Roel Beernaert, Dieter Cuypers, and Herbert De Smet, published in May, 2012 in the Journal of Display Technology at http://126.96.36.199/jdt/abstract.cfm?uri=jdt-8-5-299 (abstract)
"A liquid crystal-based contact lens display," a video posted Oct. 31, 2012 by the Centre for Microsystems Technology, Ghent University, Belgium at https://www.youtube.com/watch?v=-btRUzoKYEA
"Through The Glass, Light," an article by Steve Mann, published Fall 2012 in IEEE Technology and Society at http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6313625
"Steve Mann: AR eyeglass and wearable computing," a video posted December, 2012 by Steve Mann at http://vimeo.com/56092841
"Wearable Computing: A First Step Toward Personal Imaging," an article by Steve Mann, published in Computer, Vol. 30, No. 2, February 1997 at http://eyetap.org/wearcomp/ieeecomputer/r2025.htm
©2013 ACM 0001-0782/13/06
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and full citation on the first page. Copyright for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or fee. Request permission to publish from firstname.lastname@example.org or fax (212) 869-0481.
The Digital Library is published by the Association for Computing Machinery. Copyright © 2013 ACM, Inc.
No entries found