TrackingPoint’s much lauded “smart scope” technology allows even an inexperienced shooter to hit targets a mile away, but is it vulnerable to hacking?

Hacking is not generally a concern for the vast majority of firearms. After all, most firearms don’t mount fancy electronic devices. Yet TrackingPoint firearms, with their state-of-the-art technology, may be “taken over” by a hacker working remotely.

Wired reported earlier this week that at least two hackers, husband-and-wife security researchers Michael Auger and Runa Sandvik, have successfully “taken control” of a $13,000 TrackingPoint rifle.

“You can make it lie constantly to the user so they’ll always miss their shot,” Sandvik told Wired. “If the scope is bricked, you have a six to seven thousand dollar computer you can’t use on top of a rifle that you still have to aim yourself.”

The researchers were able to compromise the gun’s software through one of the rifle’s features: a Wi-Fi connection that allowed shooters to see and record shots on another device. Sandvik and Auger quickly identified vulnerabilities in the software and were able to manipulate the scope into doing a variety of different things, such as showing false wind direction, temperatures, or even forcing the firearm to lock on to another target entirely.

“Unless you’re really familiar with the rifle and know what you’re doing, you probably won’t notice those variables are changing,” Sandvik told CNNMoney. “You’ll be too focused lining up your shot.”

You can watch a demonstration below:

TrackingPoint’s unique “Precision Guided Firearms” work by first “tagging” a target. The scope then adjusts the digital image presented to the shooter to indicate how they must physically adjust in order to hit their tagged target. To fire, the shooter holds down the trigger until the crosshairs cover the tagged target, at which point the firearm discharges.

This technology won over many firearm enthusiasts and even garnered interest from the US Army, but caused some debate among hunters who viewed the devices as unfair. Others, like TrackingPoint founder John McHale, argued that more accurate shots made for more ethical hunts.

Now the company has an additional concern, as all it takes is a Wi-Fi connection and a computer or smart phone to “hack” into one of these rifles. There is one thing, however, that the hackers are still unable to do. The firearms that Sandvick and Auger tested, two rifles chambered in .308, require someone to pull the trigger manually before it will fire. That means that as hard as the hackers try, the rifle will still not shoot on its own.

“The fundamentals of shooting don’t change even if the gun is hacked,” McHale said.

The TrackingPoint founder was notified of the security breach by Sandvik and Auger themselves. He noted that the likelihood of one of the rifles being hacked maliciously was very low, and there seems to be little motivation for a hacker to do so. According to some estimates, there are only about a thousand TrackingPoint rifles in the hands of consumers, and some do not have Wi-Fi. The feature can also be turned off. Sandvik and Auger said they are willing to help the company patch up any vulnerabilities in its software and prevent future problems as well, but the firm has not responded. This may be due to the company’s financial difficulties, as TrackingPoint announced in May that it will not be taking any more orders for their rifles.

In the end, the researchers say this proved to be a valuable lesson for innovators and they should always be aware of possible security issues.

Image screenshot of video by WIRED on YouTube

What's Your Reaction?

Like
Like Love Haha Wow Sad Angry

4 thoughts on “How Two Hackers Took Control of a TrackingPoint Rifle Through Wi-Fi

  1. Let me get thís straight…the manufacturer thinks, in a country fills evil animal activists, that the odds of his system being hacked are low?

    Sorry, I see an opportunity for some nuts to make the thing miss every time, some guy figuring out there’s a problem but continuing to hunt using good old Kentucky wind age, and even more animals injured instead of killed as a result.

    My worry about all these smart guns is that somebody like a government — either ours or another — can just hack and leave you with seven pounds of metal you can swing at someone. In essence taking the bayonet back into heavy use.

    You’d have to be nuts to think any of these are good.

    1. What they aren’t telling you..
      Not turning wifi on to begin with until you are back home solves the issue totally…
      The wifi has to be manually turned on and off after you power on the scope.
      You can see in the scope view how many devices are connected.

      The scopes wifi ONLY HAS A RANGE OF 30 FEET!!!!

      Someone has to literally get within 30 feet of you and hope you won’t notice another device connect in the scope view to even be in range to try to hack this scope.
      They will need THE SCOPES SERIAL NUMBER to get the default password to access the wifi.
      The wifi is not needed during use.
      The only reason wifi is used, is to stream the scopes view to ipad/iPhone so someone else can see what you see via scope view app.
      When you get home, you connect via wifi to dl the video and pix for later viewing.

      If someone gets within 30 feet of you and hacks the scope just to mess up your group size…
      Everything in your wallet and identity are already gone.
      Those have actual value vs. screwing with a man’s (that likely has more than one gun with him) thousands of dollar scope.

      Plus it took the team a year to hack the settings app that connects via wifi.
      That’s pretty good software for a company that’s been under for a while now.
      Basically, if Tracking Point was still running, a software update would fix the problem.
      They still couldn’t change the settings to affect the shot in advanced movers mode or mildot mode.
      They were able to “hack” (change the settings) on one of the three modes.

      Call me crazy… But in real life, I don’t run across many people hunting in the woods or at the range within 30 feet of me, with a lap top out looking for devices and correctly guess the SN so they can digtally spin a turret on my scope.

      Notice the part about if you are not familiar with the scope, you might not notice part..
      If you paid for one of these scopes, you are very familiar with it..

      This is just more media poo poo for the nerve of offering this scope to the public in my opinion.

      the hack could also be used to to add more ammo choices, supressors, even lengthen the target range to match the laser rangefinder..

  2. @Tom well the main problem for trackingpoint isn’t the hackability of their rifles its that they are broke and only about 1K were ever made besides I held one of these things at a gunshow weighs a freakin ton so aside from costing $13,000 dollars it weighs too much to pack over long distances and is physically vulnerable in rain,fog,snow,and extreme temperatures both low.or High.honestly nobody would ever take one hunting its a flashy toy for people with more money than brains to show off at the local gunclub.All things considered seeing as police and military snipers still have to learn to use a real scope and tracking point hasn’t announced a military contract for building the first terminators(sorry just couldn’t resist) the fact it is hackable is just unfortunate

Leave a Reply

Your email address will not be published. Required fields are marked *