Just what we needed: a connected sniper rifle that's also hackable

Metaratings
29 Jul 2015
00:00
Article

When we talk about the Internet of Things, we think of TVs, watches, cars and smart meters. We don’t usually think of sniper rifles.

But connected sniper rifles already exist. A company called TrackingPoint has been selling them since 2011. The rifles (which run on Linux) come with a “self-aiming” system – essentially a smart scope that takes wind, temperature, and ammo weight into account. Select the target, enter the variables, pull the trigger and the rifle’s computer waits for just the right time to fire.

It also comes with a Wi-Fi connection, ostensibly so you can do things like stream video from the scope to a laptop. And at next month’s Black Hat hacker conference, reports Wired, two security researchers will demonstrate vulnerabilities in the rifle’s software that could allow someone to take control of it.

Put simply, someone could hack your sniper rifle.

Researchers Runa Sandvik and Michael Auger demonstrated to Wired that they could “use a chain of vulnerabilities in the rifle’s software” to take control of the self-aiming functions:

The first of these has to do with the Wi-Fi, which is off by default, but can be enabled so you can do things like stream a video of your shot to a laptop or iPad. When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.)“There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns,” says Sandvik. “There’s a message here for TrackingPoint and other companies…when you put technology on items that haven’t had it before, you run into security challenges you haven’t thought about before.”

The good news: one thing a hacker can’t do is make the rifle fire by remote. Someone still has to manually pull the trigger for the rifle to fire.

Which is why TrackingPoint founder John McHale told Wired that the flaws don’t compromise the gun’s safety. He added that the hack would be limited by Wi-Fi’s short range. However, Auger and Sandvik argue that wouldn’t prevent hackers from altering the rifle’s functions before it was taken into the field.

In any case, McHale said the company will patch the software and get it to customers as soon as possible.

Sandvik does say that the risk from this specific hack is fairly small, but that the more important point is that manufacturers need to better understand the security implications of sticking an internet connection in something:

The first of these has to do with the Wi-Fi, which is off by default, but can be enabled so you can do things like stream a video of your shot to a laptop or iPad. When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.)“There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns,” says Sandvik. “There’s a message here for TrackingPoint and other companies…when you put technology on items that haven’t had it before, you run into security challenges you haven’t thought about before.”

BONUS TRACK: By the way, at the same Black Hat Conference, another pair of hackers will demonstrate how to remotely hack a connected car and kill the engine or the brakes while you'te driving it. What fun!

Related content

Tags:
Comments
No Comments Yet! Be the first to share what you think!