Sniper rifles equipped with computers, even the most amateur of people can become a Sharpshooter. But if the sniper rifle adds wireless connectivity with computers installed, you may find your own smart sniper rifles suddenly self-conscious, target had a different idea.
During the two-week at the Black Hat hacker Conference, security researcher Michael Auger and Runa Sandvik plans to showcase their results, they spent a year black two TrackingPoint automatic aiming a sniper rifle for $ 13,000. Lei feng's network learned that the hacker couple has developed a technology, allows an attacker to pass through Wi-Fi intrusion of the sniper rifle, and take advantage of the vulnerabilities in their software. By using these techniques, they can change the target variables in the calculation, and sniper rifles for no reason miss the target, you can also close the target computer permanently or did not allow them to open fire. They can also change incoming target system, so that the bullet hit the target they set, rather than the selection of sniper target.
Runa Sandvik is Tor anonymous software developers before, she said: "you can always make a sniper in the dark, they have not in the target. "The attacker can easily kick the user out, or erase a gun on the entire file system. "If the aiming system tiles, above six thousand or seven thousand dollars ' worth of computer waste, at that time still have their own aim. " Michael Kors Galaxy S4 Case
Change target
TrackingPoint, Lei feng's network there have been many reports, it was founded in 2011, has sold more than 1000 is equipped with automatic aiming system, Linux-driven high-end sniper rifles. Targeting system allows users to specify the target, passing wind, Phoenix to variables such as weight, temperature, and ammunition. When the user presses the trigger after smart rifle will choose to fire on its own time, only when absolutely on target when firing. Even people who never played the gun can be shot with this 1.6 km outside the goal.
But Sandvik and Auger found that they can make use of a series of vulnerabilities on the rifle, to control the automatic aiming function. First vulnerability and Wi-Fi, and rifles on the Wi-Fi feature turned off by default, but users can open, to watch shooting video on a laptop or iPad. When Wi-Fi turned on, the password to the default password, can make any person within range of the Wi-Fi connection. From this point of view, hackers can use it as a server, and changes through the API key parameter in the target application.
In the demo video, Auger first unmodified TrackingPoint for shooting, and hit the target when shooting for the first time. After the laptop connected via Wi-Fi sniper rifle, Sandvik quietly changed the bullet weight variable, change the value from 0.4 to 72 pounds. Sandvik says: "you are free to set its value. "
Sandvik and Auger hasn't found that changing this value can lead to any result, they observed, the bullet weight, let the bullet shot to the left of the General Assembly, lower the weight or a negative value will make a bullet shot to the right. Auger for a second shot at Sandvik change bullet weights make bullets 2.5 inch offset to the left, hit a different target.
Snipers can only note change, perhaps aiming crosshair will suddenly jump, but this change and encounter gun like, nearly indistinguishable. Sandvik said: "the snipers to see how good you are, you may find yourself bumped into it. "
Sandvik and Auger control the extent of sniper rifles and over wireless connections more than that. They found that attackers via a wireless connection you can also make yourself a device "root" user, so as to fully control the software above, permanent changes to the target variable, or remove the file system cannot function. If a user sets a password to restrict other users, root attack not only gives complete control of the gun, you can also change the password for gun owners are unable to use. An attacker can even close the firing pin, let the gun cannot be fired.
But they also noted that they could not let the guns automatically firing. Thankfully, only if the user manually pressing the trigger, TrackingPoint will fire.
And there is not much threat?
TrackingPoint founder John McHale said, thanks to Sandvik and Auger's research, and said it would cooperate with them as soon as possible, developing software for gun-invasion of the vulnerability patches. When the patch is ready, it will be in the form of USB flash drive mailed to consumers. John McHale said, software vulnerabilities and security without fundamentally changing TrackingPoint sniper rifle. He said: "the shooter must press the trigger to fire, so he was responsible for security direction of their choice. Even if the gun was invaded, basic aspects of the shooting did not change. "
He also pointed out that the invasion needs within the Wi-Fi coverage, limits the practical application of this instrument. After all, "in the wilderness hunting is unlikely to have a Wi-Fi connection, attackers hidden in the bushes the possibility of invasion is also low."
But Auger and Sandvik is opposed, hackers can permanently alter TrackingPoint sniper rifle parameters, even if there is no Wi-Fi connection can be affected. They also suggested that the hackers may even plant malicious programs, make parameter changes take effect only at a specific time or place. Michael Kors Galaxy S4 Case
In fact, Auger and Sandvik had attempted to contact TrackingPoint to as long as several months, hoping to plug security vulnerabilities in their firearms, but has received no response. TrackingPoint silence may be due to the financial problems of the company, Lei feng's network has reported in the past year, the company laid off most of the staff, the replacement of the CEO, or stop accepting new orders. McHale insisted that the company has not failed, but the "ongoing internal reorganization."
Considering the plight of TrackingPoint, Sandvik and Auger said, does not produce the complete code for the exploit, for fear that the company does not have the manpower to fix software vulnerabilities. Sale of firearms is only more than 1000, limited the scope of the invasion, so it is not as someone may be injured.
But TrackingPoint sniper rifle loopholes heralds, there will be more and more networking, will increasingly hacker attacks, even if it is a deadly weapon is not immune. Sandvik believes that this invasion for TrackingPoint and other companies are warning that when you apply the technology never used before when you face security challenges never encountered before.
via wired
135 votes
PP Gun game gun
From the appearance point of view PP GUN design a strong sense of science fiction, full of Star Wars, arms full of sense, although not realistic-feeling, exterior color scheme using black and white structure, most of the guns being white, others black silhouetted, the combination of black and white color scheme is absolutely great! PP GUD shook hands and weight is also very modest, weight-bearing experience can bring a solid feel and strong, carrying mobile devices such a gun-shaped tour playing FPS shooters a gun-shaped controller, realistic sense of how high it is!
View details of the voting >>