I built a facial recognition PoC on consumer AR glasses. The friction protecting our privacy is gone.
artificial
I built a facial recognition PoC on consumer AR glasses. The friction protecting our privacy is gone.
Ok, so this has been rattling around my head for weeks, and I finally just built the thing to see if I was being paranoid. Turns out, nope. I do security for a living, and I kept hearing the same comfortable line: So I tested it the way you tes...
artificial

I built a facial recognition PoC on consumer AR glasses. The friction protecting our privacy is gone.

I built a facial recognition PoC on consumer AR glasses. The friction protecting our privacy is gone.

Ok, so this has been rattling around my head for weeks, and I finally just built the thing to see if I was being paranoid. Turns out, nope.

I do security for a living, and I kept hearing the same comfortable line:

So I tested it the way you test any control by trying to break it.

The Build

I took a pair of normal-looking consumer AR glasses and wired them up so that:

  • The Trigger: Pinch my fingers
  • The Capture: Glasses grab a photo
  • The Processing: Backend runs a reverse-image face lookup
  • The Output: A name pops up on the little display in my vision

A couple of days. A few hundred lines of code. A backend that costs less than my coffee habit.

There was no exploit. Nothing clever. I didn't discover anything new. And that's the part that actually got me; there was no genius hack here. It’s just LEGO pieces that were all sitting on the shelf waiting for somebody to click them together.

The Real Threat: Three Shifts

Here's the thing I think people are sleeping on. Facial recognition is old news, reverse image search is old news; none of that is the story. The story is three things going quiet at the exact same time:

  • The Gesture (No Tell): Someone pointing a phone at your face is obvious; you get a second to react. Glasses just look like glasses. There is no tell.
  • The Database (Commoditized): Building the database used to be the hard part. Now it's a paid API. Somebody already did the scraping for you.
  • The Wait (Real-Time): You used to snap a pic and look it up later. Now the answer is on your lens mid-conversation, hands-free.

Any one of these on its own is whatever. Stack them, and you've basically deleted all the friction at once.

The Death of Friction

And friction was the whole game. The thing protecting regular people was never really the law; it was that ID'ing a stranger was annoying and obvious enough that nobody bothered. That's gone now. For most of us, your face already ties back to your name, your job, your city, in like two clicks.

⚠️ Context & Threat Model

A couple of things I want to be real clear on, because I'm not trying to be the guy who builds the dystopia and just shrugs:

  • This is a closed proof of concept.
  • I did not release the code.
  • I did not build any database.
  • I am not naming the glasses or the lookup service.
  • I only ever tested it on myself and a couple of friends who consented.

The point is the threat model, not a how-to.

The Question for Defenders

What actually bugs me as a defender is that almost every control we lean on assumes you can SEE the camera. Recording lights, "no photography" signs, venue rules; all of it falls apart the second the capture is silent. The genie is kinda out of the bottle on that one.

So, genuine question for the folks here who do this stuff: When capture is invisible by design, which controls actually hold up?

Is it technical? Is it legal (going after the database side, Clearview-style)? Or are we just... cooked? Because every safeguard I can think of assumed you'd notice, and that assumption doesn't really hold anymore.

Would honestly love for someone to tell me I'm wrong about this.

submitted by /u/Alienfader
[link] [comments]