How Two Hackers Took Control of a TrackingPoint Rifle Through Wi-Fi
OutdoorHub Reporters 07.31.15
TrackingPoint’s much lauded “smart scope” technology allows even an inexperienced shooter to hit targets a mile away, but is it vulnerable to hacking?
Hacking is not generally a concern for the vast majority of firearms. After all, most firearms don’t mount fancy electronic devices. Yet TrackingPoint firearms, with their state-of-the-art technology, may be “taken over” by a hacker working remotely.
Wired reported earlier this week that at least two hackers, husband-and-wife security researchers Michael Auger and Runa Sandvik, have successfully “taken control” of a $13,000 TrackingPoint rifle.
“You can make it lie constantly to the user so they’ll always miss their shot,” Sandvik told Wired. “If the scope is bricked, you have a six to seven thousand dollar computer you can’t use on top of a rifle that you still have to aim yourself.”
The researchers were able to compromise the gun’s software through one of the rifle’s features: a Wi-Fi connection that allowed shooters to see and record shots on another device. Sandvik and Auger quickly identified vulnerabilities in the software and were able to manipulate the scope into doing a variety of different things, such as showing false wind direction, temperatures, or even forcing the firearm to lock on to another target entirely.
“Unless you’re really familiar with the rifle and know what you’re doing, you probably won’t notice those variables are changing,” Sandvik told CNNMoney. “You’ll be too focused lining up your shot.”
You can watch a demonstration below:
TrackingPoint’s unique “Precision Guided Firearms” work by first “tagging” a target. The scope then adjusts the digital image presented to the shooter to indicate how they must physically adjust in order to hit their tagged target. To fire, the shooter holds down the trigger until the crosshairs cover the tagged target, at which point the firearm discharges.
This technology won over many firearm enthusiasts and even garnered interest from the US Army, but caused some debate among hunters who viewed the devices as unfair. Others, like TrackingPoint founder John McHale, argued that more accurate shots made for more ethical hunts.
Now the company has an additional concern, as all it takes is a Wi-Fi connection and a computer or smart phone to “hack” into one of these rifles. There is one thing, however, that the hackers are still unable to do. The firearms that Sandvick and Auger tested, two rifles chambered in .308, require someone to pull the trigger manually before it will fire. That means that as hard as the hackers try, the rifle will still not shoot on its own.
“The fundamentals of shooting don’t change even if the gun is hacked,” McHale said.
The TrackingPoint founder was notified of the security breach by Sandvik and Auger themselves. He noted that the likelihood of one of the rifles being hacked maliciously was very low, and there seems to be little motivation for a hacker to do so. According to some estimates, there are only about a thousand TrackingPoint rifles in the hands of consumers, and some do not have Wi-Fi. The feature can also be turned off. Sandvik and Auger said they are willing to help the company patch up any vulnerabilities in its software and prevent future problems as well, but the firm has not responded. This may be due to the company’s financial difficulties, as TrackingPoint announced in May that it will not be taking any more orders for their rifles.
In the end, the researchers say this proved to be a valuable lesson for innovators and they should always be aware of possible security issues.
