Today in scary exploits: TrackingPoint sniper rifles – which run Linux and Android and have WiFi connections – can be remotely hacked. Who could have predicted that?*
Hackers can then either disable the rifle or choose a new target. The only response to that news is: o_0
At the forthcoming Black Hat hacking conference, Runa Sandvik and her husband Michael Auger plan to present the results of a year’s work on exploiting two of the $13,000 self-aiming rifles.
The pair have discovered how to brick the rifle, making its computer-targeting unusable, as well as getting root access to the targeting system to make permanent changes to the firearm.
There are two slight upsides: a networked attack on the rifle can’t make it fire – that’s controlled by a mechanical system that requires an actual finger on the trigger – and there are only around 1,000 weapons in customers’ hands.
Wired reports that the security researchers were able to demonstrate their exploit, causing bullets to miss the shooter’s intended target and hit an entirely different one.
Sandvik and Auger say they have repeatedly reported the vulnerabilities to TrackingPoint, but the troubled firm’s management has not responded.
The company is currently going through “restructuring”, has laid off most of its staff and is no longer shipping rifles.
That’s the good news. The bad news is that this company will not be the last to put computerised weapons in the hands of the public, while also failing to adequately secure them. A ‘normal’ weapon is unpredictable enough, a hackable one is downright terrifying.
Now imagine what could happen if we ended up with autonomous weapons on the market.
No comments:
Post a Comment