- Boys’ sleepovers vs. girls’ sleepovers meme takes stereotypes to absurd heights Tuesday 7:30 PM
- Petition wants Keanu Reeves to be named ‘Time Person of the Year’ Tuesday 6:33 PM
- 8 women accuse Max Landis of sexual, emotional abuse Tuesday 5:37 PM
- Taylor Swift accused of copying Beyoncé—again Tuesday 5:00 PM
- Everything you need to know about Libra, Facebook’s new cryptocurrency Tuesday 4:45 PM
- Netflix just renewed ‘Queer Eye’ for 2 more seasons Tuesday 4:32 PM
- YouTube’s queen of failed robots just unveiled a one-of-a-kind Tesla truck Tuesday 3:58 PM
- AOC infuriates conservatives with ‘concentration camps’ remark Tuesday 3:33 PM
- TikTok users explore identity with Lin Manuel Miranda-inspired meme Tuesday 3:24 PM
- TikTok apology video inspires new duet meme Tuesday 2:51 PM
- Man sues brewery after identifying as female to get beer discount Tuesday 2:31 PM
- Here’s what’s coming and going on Hulu in July 2019 Tuesday 2:22 PM
- This biotech company’s logo is almost straight out of Resident Evil Tuesday 1:26 PM
- Trump says mass deportations to start next week Tuesday 12:28 PM
- GOP pollster bothered by broken elevator in Austria blames socialism Tuesday 10:50 AM
Hackers can force a high-tech sniper rifle to shoot the wrong target
So, this is disturbing.
A new hardware hack could alter the intended path of a high-power rifle’s bullet.
Runa Sandvik and Michael Auger, a married pair of computer security experts, have successfully used their skills to access and fundamentally alter how one type of Wi-Fi-enabled hunting rifle operates. In the hack, Sandvik and Auger demonstrate how it is possible to tinker with a rifle’s ammunition weight data in order to shoot something other than the intended target. For this to happen, the gun must within range (pun intended?) of a Wi-Fi network.
A demonstration of this hack at a West Virginia firing range saw Sandvik and Auger fire the demo gun normally once before changing its ammo weight variable to (a preposterous) 72 pounds in order to hit a bullseye 2.5 feet away from the bullet’s original mark.
This vulnerability enables other destructive scenarios too: malicious actors might gain root access control of the weapon, where they could make permanent changes to a Linux-powered device’s targeting variables. They could also delete essential files, rendering the gun’s electronics completely unusable, or even lock out the rightful owner from using the weapon by creating a new PIN code.
Importantly, the couple’s hack does not enable them to remotely fire the gun. To do so is still only possible with the manual press of a finger on the trigger. It’s this simple fact that has TrackingPoint CEO John McHale ultimately unworried about the vulnerability his product—Sandvik and Auger conducted their experiments by buying two of his company’s TP750 models.
Sandvik and Auger tried repeatedly to contact the company with news of their discoveries, but it wasn’t until they told Wired their story that the company responded. “The shooter’s got to pull the rifle’s trigger, and the shooter is responsible for making sure it’s pointed in a safe direction,” said McHale. “It’s my responsibility to make sure my scope is pointed where my gun is pointing. The fundamentals of shooting don’t change even if the gun is hacked.”
TrackingPoint is collaborating with Sandvik and Auger on a patch to repair these vulnerabilities. All TrackingPoint customers using susceptible hardware will be able to update their gun with free software to be mailed to them on USB thumbdrives.
Dylan Love is an editorial consultant and journalist whose reporting interests include emergent technology, digital media, and Russian language and culture. He is a former staff writer for the Daily Dot, and his work has been published by Business Insider, International Business Times, Men's Journal, and the Next Web.