After a year of research, a pair of security researchers have figured out how to hack a $13,000 smart rifle. By exploiting security weaknesses in a computer-powered sniper rifle, Runa Sandvik and Michael Auger devised a method that can not only prevent a gun from firing or hitting a target, but can throw the user’s aim off enough to hit an entirely different bullseye.
“You can make it lie constantly to the user so they’ll always miss their shot,” Sandvik tells Andy Greenberg for Wired.
The pair spent a year dissecting and examining a “self-aiming” rifle made by TrackingPoint, a company specializing in computer-assisted guns. The rifle itself is fairly traditional, but the scope sitting atop it is actually a small Wi-Fi enabled computer that can make an amateur marksman hit a bullseye every time. The technology in the rifle allows the shooter to automatically account for wind, temperature and the bullet’s weight. It will even delay firing after the trigger is pulled until the barrel is lined up for a perfect shot, Greenberg writes.
By hacking into the gun’s computer through the Wi-Fi, Sandvik and Auger can remotely alter all of these variables without the user’s knowledge, change the gun’s actual target, or delete the onboard files and render the aiming system useless. It could even be possible to infect the smart rifle with malware to alter the gun’s aiming mechanism long after the hacker has gone.
Smart guns and rifles have been a controversial topic in recent years for gun owners and safety advocates alike. Back in 2013, California both approved the sale of the first smart gun in the U.S. and passed a law requiring all new or imported guns be smart guns. New Jersey passed a law in 2002 that declared within 30 months of the first “personalized” handgun sold in the state, all guns sold must be smart guns – which has effectively kept them off the shelves. Meanwhile, the Defense Advanced Research Projects Agency (DARPA) is continuing to develop self-steering bullets for the U.S. military.
TrackingPoint founder John McHale says that the company will work with Sandvik and Auger to develop a patch for the rifle’s software, Greenberg writes. But while he’s appreciative of their research, he says the ultimate responsibility for a gun’s safety comes down to the shooter, not the software.