CertiK Engineer Recognized for Identifying Vulnerability in Apple Vision Pro’s Eye-Tracking Technology | Be Korea-savvy

CertiK Engineer Recognized for Identifying Vulnerability in Apple Vision Pro’s Eye-Tracking Technology


CertiK is a pioneer in blockchain security, combining expert manual review with best-in-class AI technology to protect and monitor blockchain protocols and smart contracts. (Image from Certik YouTube Channel)

CertiK is a pioneer in blockchain security, combining expert manual review with best-in-class AI technology to protect and monitor blockchain protocols and smart contracts. (Image from Certik YouTube Channel)

press-release-notification

NEW YORK, Sept. 20, 2024 (Korea Bizwire) – CertiK, the industry-leading Web3 security firm, is proud to announce that Haoqi Shan, a distinguished member of CertiK’s engineering team, has been recognized for his critical role in identifying a vulnerability in Apple’s Vision Pro mixed reality headset. The findings, conducted in collaboration with five other computer scientists, revealed how exposed eye-tracking data from Apple’s Vision Pro could be exploited to decipher sensitive information, such as passwords, PINs, and messages.

In the study, shared exclusively with Wired, the attack — coined “GAZEploit” — allowed the researchers to reconstruct what people typed on the Vision Pro’s virtual keyboard by analyzing their eye movements. By observing these patterns, the team could accurately determine what individuals typed, achieving 92% accuracy in reconstructing messages and 77% accuracy in passwords.

The vulnerability was originally reported to Apple in April 2024, and the company issued a software update to address the issue in July 2024. This research demonstrates the increasing privacy risks associated with emerging biometric technologies and the need for robust security measures to protect companies and their users.

September 17 marks the sixth time Apple has publicly acknowledged CertiK for assisting the company in discovering and fixing vulnerabilities; CertiK therefore remains the Web3 security agency most publicly thanked by Apple.

As a trusted authority in the cybersecurity space, CertiK continues to lead the way in protecting critical technologies and sensitive data. By cultivating a culture of trust and innovation, CertiK aims to set new cybersecurity benchmarks and exceed expectations by customers who rely on its products for safety and security.


Contact

Elisa Yiting Xu
yiting@certik.com

Source: CertiK via GLOBE NEWSWIRE 

press release curation and disclaimer notice

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>