The problem with making every device in our lives smart and Web-connected is that it inevitably gives hackers the opportunity to try their luck at controlling them. Only last week Fiat Chrysler was forced to recall 1.4 million of its vehicles over fears that they could be controlled by programmers with laptops from the other side of the world.
Now US-manufactured TrackingPoint Precision Guided Firearms are having the same problem. They run on Android and include Wi-Fi support, which means remote hackers can disable the rifles or even change their target. As Andy Greenberg reports at Wired, husband and wife hacking team Runa Sandvik and Michael Auger have spent a year figuring out how to exploit these vulnerabilities, and they're planning to present their work at a hacking conference next month.
To be clear, the hack can't make the gun turn on its shooter, or start firing without a manual trigger press - the on-board computer only controls the targeting system, and is designed to help less able marksmen and markswomen find their target every time no matter what the conditions. The hacker also needs to be in range of a gun with Wi-Fi enabled, so they have to get pretty close.
However, if someone is able to get into the TrackingPoint Firearm system, they could ensure that the gun always misses its mark, or disable the firing capabilities completely and shut the gun down. That's not exactly something you want to have to deal with when you're sneaking up on an enemy compound in the dead of night.
Sandvik and Auger are going to help TrackingPoint fix the vulnerability rather than running amok with the thousand or so guns that are affected. TrackingPoint itself is in financial difficulties and isn't currently selling guns while it looks to restructure the business, so it probably could have done without this latest security scare.
TrackingPoint founder John McHale told Wired that a patch would be mailed out on USB sticks for anyone with an affected rifle, and encouraged shooters not to panic - disabling Wi-Fi on the gun is an easy fix for now if you want to make sure your firearm isn't going to suddenly have a mind of its own. Nevertheless, it's another reminder that anything connected to the Web is automatically at risk.
"There are so many things with the Internet attached to them: cars, fridges, coffee machines, and now guns," Runa Sandvik told Wired. "There's a message here for TrackingPoint and other companies… when you put technology on items that haven't had it before, you run into security challenges you haven't thought about before."