Self-aiming rifles can be hacked into via their Wi-Fi connection

The self-aiming “smart” rifles with Linux software sold by TrackingPoint can be hacked into via their Wi-Fi connection. Security researchers Runa Sandvik and her husband Michael Auger presented their results to the 2015 Black Hat Conference on how they hacked into these self-aiming rifles and caused them to miss their shot, lock out the user or even erase the gun’s entire file system, rendering the $13,000 TP750 rifle, well, nearly useless. Unless you are a world-class marksman.(1)

Last year, the United States Army confirmed that they were testing six of these self-aiming rifles, and perhaps they will now have to re-evaluate in what capacity they will use these weapons now that this hack has been revealed.(2)

The original use of the TrackingPoint rifle was to help wealthy hunters with their aim. TrackingPoint describes that their missions are to help with herd management, predator control, homestead defense and, perhaps, now even homeland defense.(3)

But when one is hunting terrorists rather than deer, precision is key. If the rifle’s chain of vulnerabilities allows outsiders to take control of the self-aiming functions, then how safe can this weapon be in the hands of the military, and of the enemy?

Sandvik and Auger presented how a hacker can stealthily alter the rifle’s ballistic calculations to make the shooter miss their target. In a video, Auger shoots the rifle and hits the bulls-eye on the first try. During his second shot, Sandvik hacks into the rifle’s computer and makes him miss his shot by changing the ammunition’s weight from .4 ounces to 72 pounds. She said, “You can set it to whatever crazy value you want and it will happily accept it.”(1)

Sandvik warns of the vulnerability to hacking of not just the self-aiming rifle, but of all technologies that are now connected to the Internet. She said, “There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns. There’s a message here for TrackingPoint and other companies… when you put technology on items that haven’t had it before, you run into security challenges you haven’t thought about before.”(1)





value="Enter your email address here..." style=" border-radius: 2px; font: 14px/100% Arial, Helvetica, sans-serif; padding: .2em 2em .2em;" onfocus="if(this.value == 'Enter your email address here...') { this.value = ''; }" onblur="if(this.value == '') { this.value = 'Enter your email address here...'; }" />

style="display: inline-block;

outline: none;

cursor: pointer;

text-align: center;

text-decoration: none;

font: 14px/100% Arial, Helvetica, sans-serif;

padding: .2em 1em .3em;

text-shadow: 0 1px 1px rgba(0,0,0,.3);

-webkit-border-radius: .2em;

-moz-border-radius: .2em;

border-radius: .2em;

-webkit-box-shadow: 0 1px 2px rgba(0,0,0,.2);

-moz-box-shadow: 0 1px 2px rgba(0,0,0,.2);

box-shadow: 0 1px 2px rgba(0,0,0,.2);"


comments powered by Disqus