Ingress Egress: The emerging threats posed by augmented reality gaming. presented at BSidesLasVegas 2016

by Andrew Brandt,

Summary : Augmented reality gaming's first breakout hit has millions of players, and a "game board" that spans the globe, so why are so many fans of Ingress, published by Google spinoff Niantic Labs, unhappy? In brief, it comes down to an exploitable game infrastructure, an active community of people designing and building tools to exploit that infrastructure, and a massive player base that doesn't realize how vulnerable they are. This session will reveal weaknesses in the game's communication infrastructure that have enabled people to build tools and services specifically for the purposes of harassment, cheating, and to track the movements and locations of players. We'll also tear apart a commercially-available game bot and reveal how the bot exploits vulnerabilities in the app to permit bot users to engage in antisocial behavior and destroy the cohesion of a three-year-old player community that spans the globe.