Security Review: Virtual Reality Helmet
As technology advances to the point of interacting with and in some cases replacing our bodies’ biological functions, security on these technologies must also advance to ensure the safety of users. The virtual reality helmet being designed by researchers at York and Warwick Universities (found here and here) aims to bring these capabilities into a helmet unit for recreational and training purposes. It will mimic sight, sound, smell, taste, and touch on the face, as well as temperature and humidity, to create the feeling that one is in a faraway locale. That said, the researchers will obviously need to make sure all of these channels are secure to ensure safety when using the helmet.
Assets/Security Goals:
– Human health. As has been shown before, many people are subject to seizures induced by sensory overload. This provides a very pressing concern for the visual component of the helmet to function properly, and as well on failure to do so in a safe manner. As well, chemical stimulation of the senses of taste and smell introduces two new vectors for an attacker to utilize.
– Human sanity. Access to all five senses to recreate an experience can both be pleasurable and traumatic. An assailant with a particular vendetta, if controlling the helm, could make a person relive a traumatic experience, or possibly something even worse. Though in most cases the helm could be removed to stop the experience, in severe cases this may not prove feasible.
Adversaries/Threats:
– Malicious individuals seeking to harm someone. The data is sent to the helmet wirelessly, so reengineering of the protocol could enable an individual to gain authorization and send a helmet commands when they should not.
– Incompetent operators. Where chemicals are used to simulate taste and smell, a poorly trained or slacking technician/operator could allow dangerous chemicals or dangerous chemical levels to be used, were there no safety limits in place. If this technology were popularized and commercialized for the average user, we would be faced with many, many ‘incompetent operators’.
Weaknesses:
– Wireless data transmission to the helmet. While the data may be encrypted, no encryption scheme is both feasible and provides perfect security, and opening a helmet up to accepting wireless signals provides a wide target for attackers.
– Number of materials required. The sheer variability of smells and tastes and the chemicals required to concoct their simulations means a variety of chemicals must be at hand for any given experience. This provides a security challenge in that a ‘tainted’ reserve may be difficult to detect until it’s far too late.
– Corrupted data. Assuming this technology is advanced to the point where users can download and customize simulations, any weaknesses for downloading regular files apply. Is it from a trusted source, has it been altered in transit, et cetera.
Defenses:
– Wireless encryption provides a modicum of defense against a spoofing attack (assailant pretends to be an authenticated data transmission source). Whitelisting should absolutely be used to determine access, but even this is probably not enough.
– Failsafe mechanisms. For instance, the chemical dispensers are not allowed to deploy anything remotely approaching a harmful dose. This might end up restricting or limiting some ‘experiences,’ but safety is an important concern. Further, the failsafe mechanisms must be secure themselves and not exploitable by an attacker.
– Data authentication. If this technology gets off its feet and becomes commonly available, ensuring that users do not feed invalid data to the machine would be invaluable. A strict system of MACs and secure checksums, as well as a centralized repository and database of ‘known good’ programs/files/simulations would ensure that users had a trusted source to go to and that untrusted data would be immediately discarded.
Risks:
– If any of the weaknesses are exploited, human well-being is at risk. One can imagine a scenario where an attacker compromises the wireless transmission protocol and can stream data to the headset. In extreme cases, already vulnerable people (possibly those with epilepsy or other similar afflictions) could be made to suffer greatly. In addition, the chemicals used to simulate taste and smell could be used to overload human senses in ways we’re currently unaware of.
– These risks are magnified if the technology grows to consumer adoption, as a large number of untrained users adds a large number of targets for possible attackers. Placing security in a number of users’ hands who may or may not understand the risks associated.
– While unlike other reviews, sensitive personal data isn’t at risk, the direct impact this might have on a human life could be greater.
The promise of virtual reality has been in humanity’s vision of the future for a long, long time, and this technology is very likely to be realized. Whether it reaches a stage of wide adoption is more a function of cost and availability, however given the popularity of video games that too is likely.
Conclusions:
While this advancement shows great promise for (arguably) cheap vacations, lavish videoconferencing, and the realm of virtual gaming, safety and security must be kept in mind when dealing with direct input to people’s senses. Arguably those who are most vulnerable will not be inclined to use this technology, but it must be considered nonetheless. Epileptics are clearly at risk, but it’s not unfeasible that the capacity to overload multiple senses at once will affect more than just epileptics. However great the benefits in training, therapy, and recreation, they will only be recognized and widely adopted with the proper security in place.