The content discusses attacks on shared state in multi-user AR applications, highlighting vulnerabilities and proposing defense strategies. It explores scenarios of remote read and write attacks, evaluating success rates under different conditions.
Augmented Reality (AR) enables shared virtual experiences among users. Current methods to establish a consensus on the "shared state" introduce vulnerabilities to attacks. The author demonstrates novel attacks on multiple AR frameworks with shared states, focusing on three publicly accessible frameworks. These attacks target updating and accessing the shared state across different systems.
Successful manipulations of hologram locations could have serious impacts on both owners and users of the system. The incentives for attackers to manipulate the shared state increase as more users rely on AR applications. The article discusses potential security threats that can exist for AR frameworks involving shared states.
The fundamental issue enabling these attacks is that most keys are accepted as inputs without verification in multi-user AR frameworks. Weaknesses stem from encouraging user participation over security due to the collaborative nature of these applications. The collaborative nature necessitates opening a shared state for read and write access among large groups of users who may not be mutually trusting.
To Another Language
from source content
arxiv.org
Key Insights Distilled From
by Carter Slocu... at arxiv.org 03-12-2024
https://arxiv.org/pdf/2308.09146.pdfDeeper Inquiries