- cross-posted to:
- pulse_of_truth@infosec.pub
- cross-posted to:
- pulse_of_truth@infosec.pub
cross-posted from: https://lemmy.zip/post/22604748
The Vision Pro uses 3D avatars on calls and for streaming. These researchers used eye tracking to work out the passwords and PINs people typed with their avatars.
Archived version: https://web.archive.org/web/20240912100207/https://www.wired.com/story/apple-vision-pro-persona-eye-tracking-spy-typing/
just don’t input passwords while on call/streaming? anyway, looks like it’s easy to fix, just disable avatar eye movement mapping when inputing a password, also I doubt if it’s real vector of attack, more of a proof of concept maybe?