Apple Fixes Vision Pro Security Flaw That Could Expose What You Typed

[MacRumors]

As reported by WIRED today, a group of six computer scientists this year discovered a security vulnerability with the Apple Vision Pro that allowed them to reconstruct what people were typing, including passwords, PINs, and messages.

When a Vision Pro user was using a virtual Persona avatar, such as during a FaceTime call, the researchers were able to analyze the Persona's eye movement or "gaze" to determine what the user was typing on the headset's virtual keyboard. The researchers created a website with technical details about the so-called "GAZEploit" vulnerability.

In short, the researchers said that a person's gaze typically fixates on a key they are likely to press next, and this can reveal some common patterns. As a result, the researchers said they were able to identify the correct letters people typed in messages 92% of the time within five guesses, and 77% of the time for passwords.

The researchers disclosed the vulnerability to Apple in April, according to the report, and the company addressed the issue in visionOS 1.3 in July. The update suspends Personas when the Vision Pro's virtual keyboard is active.

Apple added the following entry to its visionOS 1.3 security notes on September 5:

Presence

Available for: Apple Vision Pro

Impact: Inputs to the virtual keyboard may be inferred from Persona

Description: The issue was addressed by suspending Persona when the virtual keyboard is active.

CVE-2024-40865: Hanqiu Wang of University of Florida, Zihao Zhan of Texas Tech University, Haoqi Shan of Certik, Siqi Dai of University of Florida, Max Panoff of University of Florida, and Shuo Wang of University of Florida

The proof-of-concept attack was not exploited in the wild, according to the report. Nonetheless, Vision Pro users should immediately update the headset to visionOS 1.3 or later to ensure they are protected, now that the findings have been shared publicly.

Article Link: Apple Fixes Vision Pro Security Flaw That Could Expose What You Typed

 

[glsillygili]

Absolute nothingburger of a vulnerability.

 

[sw1tcher]

When a Vision Pro user was using a virtual Persona avatar, such as during a FaceTime call, the researchers were able to analyze the Persona's eye movement or "gaze" to determine what the user was typing on the headset's virtual keyboard.

Bet they can't analyze my eye movement and figure out what I'm typing

 

[Carrotstick]

That’s a why it’s good avoid 1st gen products, let others fix the issues

 

[Blackstick]

If baddies could get my password by watching the utterly low resolution of my eyeballs darting around in a Persona, more power to 'em.

By the way, $1900 used. So worth it.

 

[Cheesehead Dave]

Now I'm curious if someone could watch a Vision Pro user's fingers "typing" on the virtual keyboard and figure out what keys they're pressing?

 

[GMShadow]

Now I'm curious if someone could watch a Vision Pro user's fingers "typing" on the virtual keyboard and figure out what keys they're pressing?

Possibly but would be a bit harder, especially depending on typing style.

 

[russell_314]

Absolute nothingburger of an vulnerability.

Exactly this. This means they’re already in your house so you have bigger problems.

 

[coffeemilktea]

The researchers created a website with technical details about the so-called "GAZEploit" vulnerability.

The proof-of-concept attack was not exploited in the wild, according to the report.

If being able to watch people's eyeballs in order to figure out their passwords were really a "vulnerability," everyone would need to watch out for people trying to soulfully gaze into their eyes as they type on physical keyboards. 👀

 

[4k78]

Typing on a virtual keyboard seems so ridiculous.

 

[sw1tcher]

Exactly this. This means they’re already in your house so you have bigger problems.

You do know that some people are using their Vision Pro outside of their home, right? And as more people buy the Vision Pro over time, you'll see more people using them away from home.

https://twitter.com/x/status/1753839916948009316

 

[justperry]

So, five passwords were lost.🤔

 

[tmaxxtigger]

Thats why one should use a password manager!

 

[now i see it]

And so it begins

 

[hovscorpion12]

Glad it got patched. However, it's another reason why the general public will stay far away from the Vision Pro.

Or its gate-keeped to private locations only. Stays at home or at the office 100% of the time. No more hand gestures on the MBTA going to Chicago.

 

[Dawn of Individual Merit]

> The proof-of-concept attack was not exploited in the wild, according to the report

Obviously.
There's only like, 17 people worldwide who're still using their AVP.

 

[GrayFlannel]

Exactly this. This means they’re already in your house so you have bigger problems.

You do know that some people are using their Vision Pro outside of their home, right? And as more people buy the Vision Pro over time, you'll see more people using them away from home.

https://twitter.com/x/status/1753839916948009316

View attachment 2416578 View attachment 2416579

The way I understand the vulnerability, it doesn’t matter where you wear it. The attacker remotely captures and analyzes the virtual avatar video (shared through video calls, online meeting apps, live streaming platforms, or potentially malicious websites) and reconstructs the typed keys. It’s not a nothing burger.

 

[sdf]

I'm surprised eye display is that accurate. Easily fixed by disabling eye movement when in a secure field, but it looks like they're disabling the persona entirely? Interesting.

 

[TechnoMonk]

So, five passwords were lost.🤔

Five passwords were
12345
56789
98756
Password123
Password.

 

[centauratlas]

Thats why one should use a password manager!

The thing is that I suspect they were capturing the password to unlock your Vision Pro which could be the same as your iPhone/Mac etc which then unlocks everything. Or even the password for the password manager.

 

[centauratlas]

The way I understand the vulnerability, it doesn’t matter where you wear it. The attacker remotely captures and analyzes the virtual avatar video (shared through video calls, online meeting apps, live streaming platforms, or potentially malicious websites) and reconstructs the typed keys. It’s not a nothing burger.

Yes, that was my understanding also. And if you use the same for your iPhone and AVP, or if they capture you unlocking your Apple ID etc, it can become a bigger deal.

 

[BigBlur]

Exactly this. This means they’re already in your house so you have bigger problems.

This vulnerability is referring to your Persona...not EyeSight. Your persona is what shows in FaceTime calls and other things remotely. EyeSight is what shows on the front of the headset and doesn't apply here.

 

[zach-coleman]

This seems like an inelegant solution to this problem. Surely they could just slightly randomize where your eyes are looking when the keyboard is open, vs completely cutting the “video” feed? It’s a 3D model that’s puppeteered by you moving your face/eyes/mouth… it doesn’t have to precisely match reality.

 

[Razorpit]

So how does someone know someone is typing in a password and not telling someone to p'off in an instant messaging platform? You would never be able to tell the difference with my passwords. 😉

 

[Tagbert]

This seems like an inelegant solution to this problem. Surely they could just slightly randomize where your eyes are looking when the keyboard is open, vs completely cutting the “video” feed? It’s a 3D model that’s puppeteered by you moving your face/eyes/mouth… it doesn’t have to precisely match reality.

This might be a quick fix with a more sophisticated solution later.