Security fail with Unity 6 preview - Quest 2 app won't start.
Hi, After upgrading a Meta Quest VR project from Unity 22.3.44f1 to Unity 6 Preview 6000.0.17f1, I get problems from the Meta Quest Dashboard. After uploading to the store it fails in the security test/validation and app cannot be started in the headset. It seems Meta Quest Dashboard considers Unity 6 preview old, unsafe and exposed to DoS attacks. Version 6000 > 2022 so I don’t understand what could be triggering this. I tried several times to switch between 2022.3.44 and Unity 6 preview and the result is always the same. With 2022.3.44 it always passes and app starts normally, with Unity 6 preview, it always fails and the app won’t start. (Though it updates like normal in the headset). So I don’t know for sure this is causing the app not to start in the headset, but the security fail should definitely not be there. Anyone have an idea around this or if a fix is coming?
Dev fraud using meta domain
A false dev group is using facebook to steal local and state data and posing as a real google dev env, is creating phished sites to steal HBC and DWP data within phished domains. Reported on twitter: goooseberrypie Inc using my staff id and distributing in aosp build being illegally installed on community devices by a fake play store and stealing googlepay acts. How do i report this. Help as the group is now attacking friends, and using my bank ac inc hmrc staff ac for money laundering. They have created a gdpr incident which I am going to court but hijacking hmcts domains inc MOJ Twitter ac. Aosp build Superproject. False devs name and forum. Monorail. All to tag staff and cabinet IDs.
Data security when using own software
Dear Meta team, I plan to use the Quest Pro for behavioral science. Obviously when using Meta software (e.g., Horizon Worlds), behavioral data of my participants would be processed on Meta servers, which would be a no-go in my work environment (i.e., ethics committees would not allow such research). Therefore I will build my own PCVR software with Unity with which research will be conducted. Can I be sure that in this situation, no data from my participants will be sent Meta? Or would the Quest Pro nonetheless send some data (e.g., eye-tracking, voice) to Meta Servers without me actively asking for it? The data processing terms (https://developer.oculus.com/licenses/processingterms-1.2/) are not clear to me in this regards. Kind regards, M RuboSecurity Vulnerability: "Unsafe HostnameVerifier Defined" - How to fix?
Hello! In my Unity VR app, I recently got a security vulnerability test failure: "Unsafe HostnameVerifier Defined". In previous security tests, this did not happen and I haven't changed any networking related code, but now I am getting this failure. Nowhere in my C# code is there any mention of HostnameVerifier (I searched the entire solution in Visual Studio) and because it mentions java, I assume this is a java-related issue due to one of the SDKs I'm using, but I am not sure how to track it down and fix it. The two suspect SDKs I'm using are Firebase Unity SDK (for cloud storage) and DeltaDNA (for analytics). But I'm not sure how to fix this. Does anyone know how to solve this issue?
Remote Lock Device
Hi there, I'm not entirely sure that this is where this suggestion should go, but I've learned that there is no way to remote lock my Oculus Quest 2. If there were, it might deter theft of the device or help parents manage their children's usage...remote password change would also help.
Specification and Security re Internet Geography and Infrastructure Tracking
For present and future modifications to Oculus, earlier today my OQ2 may not handle changing locations (tracking) very well (https://www.quora.com/The-Oculus-Quest-tracking-can-be-disrupted-for-being-calibrated-to-the-wrong-power-outlet-frequency-How-does-that-affect-the-Quest-in-the-first-place). The fringes of the environment pixellated into "half static" black and white "tears" or "torn ripples". The location recently had updated Wi-Fi that uses "Plume" pods. Could be something to consider when targeting certain geographical locations. as it could affect Security as well as Health. I don't know if it is a Location, Hardware, or Software issue Notified the game bug occurred in. Has anyone else experienced this?Oculus Quest - Facebook Privacy Settings?
Hey, all. I've been searching around trying to find some details on how the mandatory Facebook integration is actually going to operate. You see, we are an education-focused development team and we know that educators will be dubious about mandatory Facebook integration for the Quest headsets while they use our software. As such, I have several questions I'd like answered: Will we be able to sync multiple headsets to a single account, much like the previous Oculus accounts? Can these accounts be Facebook Business accounts, thus allowing a school, or university to have that be the Facebook account used? Will there be settings either within the Oculus dashboard, or, ideally, within the Oculus mobile app to restrict social media functionality inside the headsets? For example: the ability for educators to disable social media posting, chatting, etc. through password protection before letting a student inside a headset? If the answer to all 3 of these questions is "yes," then our entire team will be able to take a big sigh of relief knowing that our clients will be able to enjoy all of the power of the new Quest without having to worry about students running amok on the synced social media account. Thanks!
Is it necessary to keep my device ID Private?
Hi There. I recently started creating tutorials online and one of the most annoying parts of editing is removing the device ID from the logs. I've been doing it but just found out I missed an area where it's being shown. I'm actually curious if I need to do this and should I take the video down or will it be ok. If I do need to keep it private, why? Many Thanks, Jonathan
Quest Wireless Internet Security - How Safe Am I From Android Malware?
Apologies if this has been discussed before, I did do a keyword search promise. With wired VR headsets the laptop or PC, with installed anti-virus software, acts as filter to any nasties lurking through connecting to a router and the wider internet of opportunist hackers and rogue malware links. However, the Quest in wireless mode connects to a home router / wireless network, directly (only possible protection from network intrusion via mac address filtering); in this way Oculus Quest is potentially as much of a potential security risk as other Internet of Things devices. Propagation of malicious Android code, whether installed accidentally with a side-loaded APK, or clicked web-browsed link is on the rise. This could lead to data theft, remote monopolising resources for cryptocurrency mining, shut-down of servives, or to go full Orwellian, injection of subliminal messaging into a user's video stream - which is why any sensible Android phone user who views the internet has an antivirus App installed. As an Android device I consider Oculus Quest needs similar protection. My question is how? Can proprietory AV software Apps used for phones be used with the Quest? Will it require its own dedicated AV solution and is this in development? Is there a best third party gateway solution (such as Bitedefender Box, where IoT devices connect to the BB rather than the router direct)? Other recommendations? I know with all the VR hype internet security is a bit of a buzzkill topic, but as usual hope those that know more than I will be able to offer some suggestions. Many thanks.
