In the most recent episode of Decrypted, the podcast covered a Sillicon Valley company called Meta that uses an augmented reality headset in place of a monitor, keyboard, and mouse.
The company is planning to make desktops obsolete (well, vastly different) thanks to AR.
Pictured: Meta's headset
Meta's Background
Meta was founded in 2012, the same year that its headset prototype was made. They've received millions in funding from companies such as Lenovo and Tencent.
Current headset: just under USD $1000.00.
Tinfoil Hat
At face value, their product looks pretty neat! No longer will you need to splurge on multi-monitor setups; you could just throw all of your information around your AR headset and take a step back to look at all the windows.
Heck, you could probably have a whole command station of monitors at your fingertips. Every program could have its own monitor. Wouldn't that be nifty? Social media on the first 5 or 6 screens, actual work on the 7th.
In Brief: AR vs VR
Augmented Reality generates an image over what can be seen by the user (think Microsoft's Hololens)
Virtual Reality generates a virtual image that blocks out all other things seen by the user (think Oculus)
And now you know the difference.
Once you dig a bit deeper though, although the technology is still alluring, the amount of new attack vectors and their applications is scary.
We already know that VR systems like the Oculus have the potential to track your eyes. Perhaps AR sets will do. Perhaps this will be the norm, to ensure that the system is as responsive as possible (blink to click).
That's pretty neat for program interaction, but what if your attackers were able to record this data? Advertisers would surely like to get their hands on something that could yield sneaky marketing practices to make you buy that new pair of socks. So what if they get that information from a team that's deploying AR malware to snoop on your viewing habits?
You don't really mind telling the world where you look when you're watching your fancy headset porn, do you?
The application of compromised screen viewing software could be even more hazardous to your privacy. Everything you see an interact with could be reported back to your employers (if your office requires use of the equipment), or a third party that has a vested interest in knowing how much time you've spent interacting with certain programs or applications. If Meta or other AR/VR companies literally record a portion of your face during use, you could wind up finding yourself on the internet in an O-Face compilation video one day, without even realizing that you've been compromised. On your laptop your camera can be covered up with a sticker and still work. With AR/VR glasses, any kind of recording software would be needed for feedback as well.
With headsets becoming wireless, attackers might not even need to compromise the system itself, they might be able to find bluetooth or wireless vulnerabilities to take advantage of (intercept and decrypt).
That being said, the prospect of having an AR workspace is still alluring. Employees would need a smaller amount of tech (at least in terms of space) to accomplish a larger amount of efficient work. It's an employers dream, if executed properly, isn't it?