MR Security: Learning from IoT's Mistakes
Virtual and augmented reality technologies are becoming mainstream, and their privacy implications are staggering. As a security engineer with the Mixed Reality (MR) team at Mozilla Research, part of my job is to explore what privacy and security will mean in an immersive world. VR and AR create a world that blurs the lines between technology and reality, with all of the security challenges that this entails. Intensely personal traits like a user’s gait and eye-tracking (just two of many examples) can and sometimes must be exposed for immersive experiences to work correctly. VR also introduces questions about personal (virtual) space and location data ownership (can I pop into your kitchen and hang out in AR? or leave some virtual 💩 on your doorstep?). It’s our job as technologists to figure out how to build systems robust against abuse. By looking back to what we got right and what we could have done better the last time we invited new technologies into our homes and lives, as well as discussing the new technological and legal challenges unique to VR, this talk will explore our current opportunities to get VR less wrong than we got IoT.