Please Don’t Hack Your Ray-Ban Smart Glasses to Buy Things for You
There are a lot of possibilities with smart glasses that have not been fully explored yet, and quite a few have to do with their use of computer vision. Smart glasses like the Ray-Ban Meta AI glasses, for example, can use their onboard cameras to digest your surroundings, opening up computing possibilities, like the ability to translate stuff in your environment—a food menu in a different language, perhaps—or tell you what brand of shoes someone is wearing.
Clearly, some of us are getting impatient with pushing those capabilities further, though, which has resulted in… letting your smart glasses buy stuff for you. In this demonstration, developer Xiaoan (Sean) Liu, uses a combination of Gemini Live and the open-source AI agent OpenClaw to tap into the cameras of the Ray-Ban Meta AI glasses. With those tools—enabled through a recently expanded developer API for Meta’s smart glasses—Liu’s hack can use computer vision to identify a Monster Energy drink and automatically add it to an Amazon shopping cart. To be honest, it’s pretty impressive. I don’t think anyone will be doing all of their shopping this way, but it could be convenient if you’re wearing your glasses and need to buy something on the fly. Unnecessary, but convenient! Liu outlined the process on GitHub, meaning you could theoretically set this up for yourself, but before you do that, I am going to heavily recommend that you do not do that. As cool as this capability is, there are still lots of problems with the idea of giving the keys to your whole life to an AI agent, especially one that’s not exactly coded to be airtight security-wise. If you want a more technical breakdown of why tools like OpenClaw (formerly Clawdbot) are a massive privacy risk, you can read this Medium post from author Vishal Rajput, but the crux of it is that you should not trust OpenClaw with access to some of your most sensitive personal data. As Rajput notes, one security firm, Palo Alto Networks, went as far as to say that OpenClaw constitutes a “lethal trifecta” of security risks.
Not only does OpenClaw gain access to hyper-sensitive data like root files in your device, passwords, browser history, and cookies, as well as “all files and folders on your system,” but the agent also retains a memory of all the data it sees and can theoretically send that data anywhere. That’s not even counting the fact that OpenClaw could be compromised to deploy malicious code on any device it’s given access to.
Should I go on? I mean, I’m no security researcher, but that sounds pretty bad to me. In other words, if you’re playing around with OpenClaw, you should definitely be okay with taking a massive risk in terms of personal data. Whether that’s worth it just to buy an energy drink with your smart glasses is your call, but I’m leaning on the side of “no thanks.” If nothing else, Liu’s demonstration is an interesting example of what AI-powered smart glasses could do for us if they’re built to be safe and given the proper treatment security-wise. Additionally, this demo stirs up a lot of questions about AI agents. Sure, they’re clearly useful when they work right, but how much of our lives are we willing to concede to a tool that feels like it was invented just yesterday? If I had to guess, there’s a reason why other AI agents haven’t quite asked for permission to every door in our digital lives just yet. Is that day coming? Maybe.
If this Ray-Ban hack is any indication, the more cavalier among us are already willing to give it a go.
