Smart glasses have become a serious security threat in sensitive environments. In this Bastille webinar, host Justin Fry, Dr. Brett Walkenhorst (CTO, Bastille), and Scott Stabb (former CTO, Northrop Grumman; CTO, DEFCON AI) explain why.
With over seven million units sold last year, smart glasses are now common, and far harder to catch than smartphones. While past cases of classified data theft via smartphone were typically caught because someone was physically observed, smart glasses leave no such tell: capture can be as subtle as a tap on the frame, and data can transmit to the cloud with nothing stored on the device itself. Their native wireless interfaces also enable network penetration and data exfiltration, not just audio/video surveillance.
The fix is wireless visibility. Bastille deploys software-defined radio sensors that continuously scan Wi-Fi, Bluetooth, ZigBee, and cellular, detecting and locating devices within one to three meters in real time, offering continuous monitoring rather than periodic sweeps. The threat spans government facilities, AI data centers, healthcare (HIPAA), and universities, anywhere sensitive information needs protection.
Talking Points
Evolution of Smart Glasses
What were once considered clunky, expensive, and faulty, smart glasses are now sleek, commonplace (7+ million sold in 2025), and impossible to detect on traditional security cameras. The market is flooding with these devices from both big names (Ray Ban and Oakley) and small ones. Security policies need to respond.
Why Smart Glasses Are a Unique Threat to Security
The only indication these glasses are recording is a small LED light, which can be removed or covered. Recordings can be initiated by a discrete touch or by voice. Meta even recently announced partial facial recognition support on its glasses, which could put your team at risk in sensitive areas.
How Wireless Devices Create Privacy Concerns and Unseen Risk
The US Air Force banned smart glasses in January for uniformed personnel no microphones, cameras, or AI, because these are covert surveillance devices fully capable of espionage, PII leakage, and breaking corporate policies, NDAs, privacy laws, two-party consent, and one-party consent.
Practical Methods for Detecting and Managing RF Threats
With appropriate compliance policies and continuous RF spectrum monitoring (detect, locate, and alert on Bluetooth devices), security teams can rest assured that their sensitive data is protected.
How Smart Glasses Can Work
We’ll go over industrial and enterprise versions of these that remove the camera and microphone, providing only a heads-up display or allowing connection to a local AI instead of the cloud.
Speakers
Brett Walkenhorst
Dr. Walkenhorst is the CTO of Bastille with over 20 years of experience in RF systems and signal processing, previously leading R&D at Lucent Bell Labs, GTRI, NSI-MI Technologies, Silvus Technologies, and Raytheon. He has authored over 70 publications, is a senior member of IEEE, and has served as Chair of the Atlanta Chapter of the IEEE Communications Society.
Scott Stapp
Brigadier General (Retired) Scott Stapp is CTO and Chief Revenue Officer at DEFCON AI. A 30-year Air Force veteran, he previously served as Corporate VP and CTO at Northrop Grumman and as Director of Special Programs within the Office of the Secretary of Defense, overseeing DoD Special Access Programs. See full bio
Transcript Highlights
Smart glasses have moved from science fiction to a widely adopted consumer device, with over seven million units sold across the ecosystem last year. Equipped with audio and video capture and wireless interfaces (Bluetooth, Wi-Fi, sometimes cellular), they represent a growing and largely invisible attack surface, one that traditional physical security measures like cameras cannot detect.
Why Smart Glasses Are a Distinct Threat
They look like ordinary glasses. Manufacturers now integrate smart capabilities into devices indistinguishable from prescription eyewear, making physical detection extremely difficult. With roughly 2.5 million people holding security clearances, even a 0.1% bad-actor rate represents over 2,000 people to account for.
They are more covert than smartphones. Known data-exfiltration incidents involving smartphones were typically caught only because someone was physically observed, often on a security camera, pulling out a phone to photograph a screen or document. Smart glasses eliminate that tell: capturing an image may require nothing more than a tap on the frame, which no camera will flag.
They leave no evidence behind. Because a phone stores what it captures, investigators can seize it as proof. Smart glasses can transmit captured data to the cloud, potentially to an encrypted, inaccessible site, leaving no trace on the device itself. Even if confiscated, they may yield nothing usable.
They lower the barrier to malicious behavior. Like AI tools that make cheating easier for students who wouldn’t otherwise cheat, smart glasses can enable otherwise-honest people to act badly simply because the capability is accessible and undetectable.
Threat Scenarios
Beyond simple photo capture, the native wireless interfaces of smart glasses can be appropriated for more sophisticated attacks:
Network penetration and data exfiltration. The presenters described a real data-center scenario where a hotspot entered a data hall, connected via Wi-Fi to a client in a rack, and used cellular connectivity to exfiltrate server data to the cloud. Smart glasses, given their native capabilities, can be repurposed to do the same, penetrate networks and move data to unprotected destinations.
Audio and video surveillance. The classic use case: covertly recording whiteboards, documents, screens, or conversations.
Broader privacy risks. Stabb emphasized this extends well beyond classified government settings, universities (test/SAT integrity), healthcare (HIPAA-protected information), and private industry (IP) all face similar exposure. In the AI era, the most valuable information is increasingly digital rather than locked in hardware, making it far easier to intrude on and extract.
Apply Zero Trust to wireless
The cybersecurity Zero Trust paradigm should extend to the wireless domain. The key insight is hopeful, not bleak: wireless emissions can be detected. The same physics that lets signals penetrate walls (giving attackers an advantage) also lets defenders observe those signals in real time.
Continuous monitoring, not periodic sweeps
Periodic TSCM (Technical Surveillance Countermeasures) sweeps provide value but only confirm an environment is clean during the sweep itself, leaving it blind the rest of the time. Given the ubiquity of wireless devices, continuous visibility is now necessary. The presenters likened this to EDR in cybersecurity: just as you wouldn’t inspect one packet in a billion, you need comprehensive, ongoing monitoring of the wireless environment.
How the Bastille Solution Works
Bastille deploys arrays of software-defined radio sensors throughout a facility. These sensors:
- Continuously scan frequencies across Wi-Fi, Bluetooth, ZigBee, and cellular protocols
- Detect packets, then demodulate and decode the header to extract metadata fields
- Work together to localize every emitting device to within one to three meters, plotted on a floor plan
- Detect a newly introduced pair of smart glasses within seconds and run the metadata through detectors trained via Bastille research to identify the device type
An accompanying analytics tool lets security teams set policy-based alerts (e.g., “smart glasses not allowed here”), investigate the metadata, and adjudicate incidents, tracking where a device has been and where it is now.
Bastille recently announced a partnership with Oracle, which is rolling out continuous wireless monitoring across its global footprint of AI data centers, a signal of rising industry priority. Similar rollouts are occurring across the federal government to protect classified facilities and data.
Key Takeaways
- See the attack surface. Wireless signals aren’t bounded by physical walls; threats can’t be defended against if they can’t be seen.
- Make monitoring continuous. Visibility must be ongoing, not periodic, and paired with continuous metadata analysis to identify bad behavior and policy violations.
- Move from reactive to proactive. Security-conscious organizations are increasingly treating continuous wireless monitoring as a default, the question is when to prioritize it, not whether.
Q&A Highlights
Can smart-glasses location data be sold as ad-tech data? Likely yes, there’s no clear reason cloud owners couldn’t monetize that data, which may be the default behavior.
Has facial recognition gone mainstream on smart glasses? Not yet, but Meta and others appear to be developing it, and hobbyists have already built homebrew facial-recognition software. Both presenters declined to predict timing but called widespread adoption inevitable.
Do smart glasses violate one-party consent laws? Neither presenter is a lawyer, but both expect real conflicts with privacy laws and social norms. Stabb foresees a future where people refuse to talk to anyone wearing glasses they can’t verify.
How do you detect glasses in recording/capture mode? You can always detect that a device is transmitting and localize it. Metadata analysis can often identify the device as smart glasses and, for Bluetooth and Wi-Fi, give insight into whether audio/video data is being sent, though no method is foolproof.
Are there consumer devices to detect this? No. Detection requires a Bastille system or something similar monitoring the RF spectrum; visually detecting smart glasses on someone standing in front of you is nearly impossible.
Once a threat is detected, what are the options? Integrations can automate some responses (e.g., throttling network access for a misbehaving Wi-Fi device), but the most robust action is physical interdiction, which is why precise localization matters. In national-security settings, interdiction is straightforward (the device is confiscated, sometimes permanently); in the private sector, response depends on established policy.
Healthcare applications? HIPAA-protected information faces risks analogous to classified data. Hospitals already restrict phones in certain areas and are expected to adopt similar RF-detection approaches over time.
Is there an open “Flipper Zerolike” smart-glasses platform? No fully open platform exists, though many low-cost variants (often from China, with uncertain data destinations) are available, and capable developers could modify existing devices to alter their behavior.
Where does this go in a couple of years? Smart glasses aren’t going away. The open question is whether sufficient policy and technology safeguards emerge to mitigate the risks. Stabb predicts wearables (rings, necklaces, glasses, phones) will increasingly operate as an integrated “system of systems” per individual, powerful for legitimate uses, but expanding what bad actors can do.