Meaningful Hardware Privacy for a Smart and Augmented Future

Note: Presentation times are in Pacific Standard Time (PST).

Thursday, January 26, 2023 - 10:30 am11:00 am

Marcus Hodges, Meta

Abstract: 

Smart home devices are becoming increasingly popular in our living spaces. Wearable devices that let you capture photos and videos in the moment, without taking out your phone, are designed to take with you everywhere you go. In the future, augmented reality (AR) glasses will feature a wide variety of cameras and sensors for capturing and understanding your surroundings. Because these devices transcend the keyboard, many of them feature sensors that are always-on, such as the wake word engines of smart voice assistants. Yet, despite thier many benefits, these emerging computing platforms also present new classes of security and privacy challenges to users and bystanders alike.

As these devices are gaining adoption, there are two evolving hardware privacy features that promise awareness and user control over sensor privacy - the Recording Indicator LED light and the Privacy “Mute” Switch. However, very little has been published on their design and security. How do these features work? Are they trustworthy? What does the LED actually mean?

This talk will describe these hardware privacy mechanisms and explain in detail their design, purpose, and security properties. We'll explore the constraints and trade-offs that influence their function and discuss the importance of hardware security assurance. I’ll clarify what privacy LED indicators mean, don't mean, and why augmented reality poses new challenges to their semantics.

These privacy features are deceptively simple and evolving. To preserve their meaning and potential for trustworthy privacy protection, we need to come together as an industry and align on new security and privacy standards.

Marcus Hodges, Meta

Marcus Hodges is a Security Partner at Meta where he supports Reality Labs and leads product security and architecture for Meta’s augmented reality (AR) glasses - silicon to cloud. Marcus is an accomplished security professional with over 15 years of experience building and breaking systems at every layer of the stack. He recently served on the Board of Directors of the ioXt Alliance where he established and chaired the IoT Privacy working group. Formerly, as the Director of Research and a Principal Security Engineer at Security Innovation, he designed and managed the development of a custom secure Linux distribution for the federal U.S. Judiciary. He has been an avid CTF player, hosted DEFCONs OpenCTF competition, and spoken at security conferences on topics including binary exploitation and the development of custom Linux rootkits. He has a comprehensive B.S. in mathematics from the University of Washington.
BibTeX
@conference {285639,
author = {Marcus Hodges},
title = {Meaningful Hardware Privacy for a Smart and Augmented Future},
year = {2023},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = jan
}

Presentation Video