The Apple Vision Pro launched with a first-of-its-kind security flaw straight out of science fiction

4comments
We may earn a commission if you make a purchase from the links on this page.
Close-up of an eye using Apple Vision Pro
This year Apple tried its hand at the XR (Extended Reality) industry. And though the price of its headset has drawn lots of ridicule, the Apple Vision Pro has also accomplished a multitude of firsts for the industry. Apparently one of these was a new kind of security exploit never seen before in any device.

The exploit apparently made it possible to figure out what a person was typing by, and this is pretty cool, tracking their eye movements. Yep, the same principle Apple’s headset uses to let you browse its visionOS could be turned against you with alarming accuracy.

iPhone 16 Pro Max: $1,200 off with a new line

$0
$1199
$1199 off (100%)
Go Pro Max without breaking the bank this year! The iPhone 16 Pro Max is currently available at Verizon for $1,200 off with a new line activation on the Unlimited Ultimate plan.
Buy at Verizon

Get the iPhone 16 Pro for $999.99 off

$0
$999
$999 off (100%)
The latest AI-enhanced iPhone 16 Pro is available for purchase at Verizon. If you set up a new line on select Unlimited plans, you can get the phone for $999.99 off.
Buy at Verizon

Get the iPhone 16 for $0.00/mo. at Verizon

$0
$829 99
$830 off (100%)
Get the iPhone 16 to experience Apple Intelligence and save $830 with a new line activation. The promo is available at Verizon and requires you to set up a line on the Unlimited Ultimate. Unlimited Welcome, or Unlimited Plus plans.
Buy at Verizon

According to the researchers who alerted Apple to this exploit, they were able to correctly guess a password within the first five tries 77 percent of the time. For text messages this number rose to 92 percent. This is the first time information has been able to be extracted from a user’s “gaze data”.

Video Thumbnail
I am 77 percent certain his password is password. | Video credit — Apple

The exploit didn’t require the researchers to hack into the Vision Pro either. Those personas that Vision Pro users can use to portray themselves online? They were the culprit. Apparently just by analyzing the eye movements on the personas it was possible to decipher what the user was typing.

Fortunately, the researchers claim this vulnerability wasn’t detected and exploited before they alerted Apple back in April. The company patched out the flaw in visionOS 1.3 near the end of July. I have no clue why Apple took that long, especially since the “fix” just disables the personas when a user is typing, but at least it’s patched now.

This exploit immediately reminded me of science fiction media where we see ridiculous concepts like enhancing an awfully blurry image or lip-reading from five miles away. Only this time it was actually real, perhaps a testament to the Vision Pro’s stellar eye tracking.

The Vision Pro is one of the best AR headsets currently available today but news like this reminds us that, when designing something novel, expect novel problems as well.
Google News Follow
Follow us on Google News
COMMENTS (4)

Recommended Stories

FCC OKs Cingular\'s purchase of AT&T Wireless