Summary:
-
Eye Tracking Vulnerability
Researchers have demonstrated a new attack, GAZEploit, that exploits eye-tracking data from Appleโs Vision Pro headset to reveal passwords, PINs, and messages. By analyzing the gaze movements of a virtual avatar, attackers could decode what users typed with high accuracy. -
Attack Mechanism
The attack involves creating a model to detect typing patterns based on eye movements and reconstructing keyboard inputs. The researchers achieved up to 92% accuracy in predicting messages and 77% in passwords within a few guesses. -
Appleโs Response
Apple was notified of the vulnerability in April and issued a patch by the end of July to address the issue. The attack highlights the potential risks of biometric data being used for surveillance and unauthorized access.
Read more at: Wired
!