Hackers can crack the self-aiming rifle to change its target

30 Jul 2015 | Author: | No comments yet »

Hackers Can Break Into the Self-Aiming Rifle to Change Its Target.

The Black Hat hacker conference is just two weeks away and for a while, we’re going to be hearing a lot about how hackers can get into this and that thing, which we previously assumed was “secure.” Last week, for example, Wired had a piece about how cybersecurity experts Charlie Miller and Chris Valasek used a cellphone network to take over the controls of a Jeep being driven by Wired editor Andy Greenberg.Sniper rifles have gotten pretty fancy these days, but it’s those high-end gadgets that help expertly guide shots that could also be their biggest weakness.Nearly everything is getting a high-tech makeover these days in the name of making objects more convenient in the connected world, but with added computerization comes the risk of hacking.TrackingPoint’s computer-augmented rifle sights, better referred to as the ShotView targeting system, have set off a wave of tilt and debate since they 1st debuted in 2014.

While hi-tech weapons will no doubt allow us to fight and defend ourselves better, it opens up a door to a myriad of other problems that our ancestors with spears, rocks, and bows & arrows did not have to deal with – being hacked, which is what has happened recently with TargetPoint’s self-targeting sniper rifles. This week, Greenberg has another piece for us, this one about how security researchers Runa Sandvik and Michael Auger hacked into a pair of $13,000 TrackingPoint self-aiming rifles via its Wi-Fi connection.

But add a wireless connection to that computer-aided weapon, and you may find that your smart gun suddenly seems to have a mind of its own—and a very different idea of the target. However, two security researchers found that the $13,000 rifle can be compromised, allowing a hacker to recalibrate the scope’s calculation so the shots land away from the intended target.

According to a report from Wired, the married hackers have developed a way to break into the rifle via a WLAN connection and take command through a series of package exploits. this enables them close to complete control over the aiming and firing functions. In short, they were able to make the rifle miss its target, disable the scope’s computer, prevent the gun from firing and even change the target system in a way that caused the shooter to hit a different target. “It’s highly unlikely when a hunter is on a ranch in Texas, or on the plains of the Serengeti in Africa, that there’s a Wi-Fi Internet connection,” McHale said. “The probability of someone hiding nearby in the bush in Tanzania are very low.” That’s not the point, though, of course. The first of these has to do with the Wi-Fi, which is off by default, but can be enabled so you can do things like stream a video of your shot to a laptop or iPad.

If the scope is bricked, you have a six to seven thousand dollar computer you can’t use on top of a rifle that you still have to aim yourself.” In fact the hack can even disable the firing pin of the gun which is a computer controlled solenoid, something that most gun owners usually don’t have to worry about. The point is that lots of Internet capability is being added to all kinds of technology and gadgets — from guns to cars — without anyone thinking about the security from the bottom up. Last we heard, however, the corporate was addressing financial troubles and wasn’t taking orders for brand new weapons thus this won’t be an excessive amount of of a problem.

However if there is one thing we can be thankful for is that the hack can’t make the gun fire by itself, since this will actually require the user to pull the trigger. In the video, you can see the two dial in changes to the scope’s targeting system that sends a bullet straight to their own bullseye instead of the original target. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.) Sandvik and Auger found that through the Wi-Fi connection, an attacker could also add themselves as a “root” user on the device, taking full control of its software, making permanent changes to its targeting variables, or deleting files to render the scope inoperable.

If a user has set a PIN to limit other users’ access to the gun, that root attack can nonetheless gain full access and lock out the gun’s owner with a new PIN. Greg Kahn for WIRED Since TrackingPoint launched in 2011, the company has sold more than a thousand of its high-end, Linux-power rifles with a self-aiming system. TrackingPoint Founder John McHale told Wired the company would be developing and issuing a software update as soon as possible in light of Sandvik and Auger’s exploit.

Then, after the trigger is pulled, the computerized rifle itself chooses the exact moment to fire, activating its firing pin only when its barrel is perfectly oriented to hit the target. Earlier this year though, Ars Technica pointed out that the company appeared to be experiencing financial trouble. “Due to financial difficulty TrackingPoint will no longer be accepting orders,” a message on the company’s home page in May read, according to Ars Technica. So on Auger’s next shot, Sandvik’s change of that single number in the rifle’s software made the bullet fly 2.5-feet to the left, bullseyeing an entirely different target. But that change in view is almost indistinguishable from jostling the rifle. “Depending on how good a shooter you are, you might chalk that up to ‘I bumped it,’” says Sandvik. It’s my responsibility to make sure my scope is pointed where my gun is pointing,” McHale says. “The fundamentals of shooting don’t change even if the gun is hacked.” Runa Sandvik fires a round from a Tracking Point TP750 rifle at a target 50 yards away as husband and fellow security researcher Michael Auger uses a laptop to hack into the rifle’s Wi-Fi, changing the angle of its shot.

It’s even possible (although likely difficult), they suggest, to implant the gun with malware that would only take effect at a certain time or location based on querying a user’s connected phone. In fact, Auger and Sandvik have been attempting to contact TrackingPoint to help the company patch its rifles’ security flaws for months, emailing the company without response. The company’s silence until WIRED’s inquiry may be due to its financial problems: Over the last year, TrackingPoint has laid off the majority of its staff, switched CEOs and even ceased to take new orders for rifles. And with only a thousand vulnerable rifles in consumers’ hands and the hack’s limited range, it may be unlikely that anyone will actually be victimized by the attack. But the rifles’ flaws signal a future where objects of all kinds are increasingly connected to the Internet and are vulnerable to hackers—including lethal weapons. “There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns,” says Sandvik. “There’s a message here for TrackingPoint and other companies…when you put technology on items that haven’t had it before, you run into security challenges you haven’t thought about before.”

Here you can write a commentary on the recording "Hackers can crack the self-aiming rifle to change its target".

* Required fields
Our partners
Follow us
Contact us
Our contacts


ICQ: 423360519

About this site