Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacking a 'Smart' Sniper Rifle

Posted by Soulskill on from the how-the-borg-really-started dept.

An anonymous reader writes: It was inevitable: as soon as we heard about computer-aimed rifles, we knew somebody would find a way to compromise their security. At the upcoming Black Hat security conference, researchers Runa Sandvik and Michael Auger will present their techniques for doing just that. "Their tricks can change variables in the scope's calculations that make the rifle inexplicably miss its target, permanently disable the scope's computer, or even prevent the gun from firing." In one demonstration they were able to tweak the rifle's ballistic calculations by making it think a piece of ammunition weighed 72 lbs instead of 0.4 ounces. After changing this value, the gun tried to automatically adjust for the weight, and shot significantly to the left. Fortunately, they couldn't find a way to make the gun fire without physically pulling the trigger.

8 of 73 comments (clear)

  1. Fire without physically pulling the trigger by PPH · · Score: 3, Funny

    Every redneck knows how: Just clean it.

    --
    Have gnu, will travel.
    1. Re:Fire without physically pulling the trigger by swillden · · Score: 2

      Every redneck knows how: Just clean it.

      Only fools try to clean or work on their weapon without unloading it.

      This.

      Further, even after you've unloaded it you should still obey the golden rule of gun safety: never point it at anything you don't want to destroy. If what you're doing requires breaking that rule, first disassemble it so it's no longer a gun. Then, and only then, can you stop worrying about where you're pointing it.

      The reason for this is that most people who hurt themselves or others while cleaning their gun *did* unload it first. Or thought they did.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  2. Re:Not that impresssed by Mirage · · Score: 2

    From TFA: "When the Wi-Fi is on, the gun’s network has a default password that allows anyone within Wi-Fi range to connect to it. From there, a hacker can treat the gun as a server and access APIs to alter key variables in its targeting application. (The hacker pair were only able to find those changeable variables by dissecting one of their two rifles and using an eMMC reader to copy data from the computer’s flash storage with wires they clipped onto its circuit board pins.)"

    So, it's a remote exploit in that you can do it if you're within Wi-Fi range (and the gun has it's Wi-Fi turned on), and they had to do some work to find what settings they could change via the API. Seems like a cromulent hack to me.

  3. Re:Hack it to only shoot kids by Anonymous Coward · · Score: 2, Insightful

    because in Murica we are incapable of having reasonable discussion regarding guns.

    Anyone who ever says "we are incapable of having a reasonable discussion on X" really means "everyone doesn't just accept my opinion on X as gospel, poor me".

  4. Re:Hack it to only shoot kids by swb · · Score: 3, Insightful

    because in Murica we are incapable of having reasonable discussion regarding guns.

    "Reasonable discussion" usually just means "my ideas are reasonable, and yours aren't, and as long as you're disagreeing with my ideas, you're being unreasonable."

  5. Re:WiFi? by tlhIngan · · Score: 3, Informative

    Was kind of thinking the same thing, actually... I'm pretty sure** that no one would be stupid enough to have the thing accessible over wireless, which leaves you the task of actually sneaking up on the damned thing to reprogram it. At that point it becomes a physical access problem.

    ** not perfectly sure mind you, but it counts as a fair no-brainer.

    The WiFi is there primarily for remote viewing capability. As in someone with a tablet (iPad, Android, whatever) can view the video from the rifle as the gunman uses it. They'll get access to the positioning and tilt of the gun on all the axis as well as what target is marked and what it's tracking.

    It's also one of the newfangled "smart" guns in that the user has to wear a special ring in order for it to fire.

    Also, the computer can only inhibit it's firing, it can't fire on its own. It's why once it's tracking a target, it calculates the necessary positioning to get a hit on the target once you squeeze the trigger (and wear the right ring).

    The goal is to turn basically anyone into a marksman.

  6. Relevant GITS by RevWaldo · · Score: 2

    https://youtu.be/p47eWpzzGtY?t...

    .

    --
    Prisencolinensinainciusol. Ol Rait!
  7. Re: WiFi? by dargaud · · Score: 2

    Except if it's the wrong person...

    --
    Non-Linux Penguins ?