TrackingPoint is going to need a patch. You are seeing headlines today about ‘smart rifles’ that can be hacked to switch a target. Known for its smart AR-platform and bolt-action rifles, the company has developed a system that makes long-range shots easier for the shooter.
And this system can now be hacked. What the hacker cannot do is remote fire the weapon. That’s not happening under any circumstance with TrackingPoint systems – either the AR-15 all the way to the .338 TP.
The idea behind TrackingPoint is to make difficult shots easier for the shooter. Yeah, purists just rose up and started screaming. I hear you…
TrackingPoint dubs the rifle a Precision-Guided firearm. It’s not unlike the fire-control capabilities you would find in fighter aircraft in advanced militaries. The company claims to turn an average shooter into better shots than the best shooters ever to live.
Let’s talk about how it works, and then the hack. There’s an important distinction between what the hack does and does not do.
Using a TrackingPoint system, a shooter connects the optic with a guided trigger. The smart optic allows you to tag the target and the impact point you want. All those windage and bullet drop metrics you had to memorize? No longer needed.
Once tagged, the shooter has to squeeze and hold the trigger. The software takes over and does the rest. Note the person with the rifle has to squeeze the trigger no matter what. I’m being redundant, but it’s a giant distinction.
Hacking TrackingPoint Systems
TrackingPoint has long pushed the idea that their system could not be remotely accessed. A Wired report proved that wrong. Researchers Runa Sandvik and Michael Auger devised the exploit over the course of a year working with two .308 rifles from the company.
Here’s what they discovered. Contrary to claims that the ‘smart rifle’ only listens to the holder of the weapon, it is demonstrably false. It is listening for instructions remotely, over a Wi-Fi connection.
Both test rifles had a built-in network password by default. Definitely not a good thing, and it couldn’t be changed. Score another for network security.
The researchers changed one number in the system’s onboard software, causing the shot to miss its intended target by 2.5 feet. It could cause a shooter to hit a separate target entirely.
In addition to the change, the research team discovered a way to change an owner’s PIN, bricking the rifle.
Obviously, the headlines are that the rifles can be hacked to hit something else. In an absolute worst case scenario, maybe. It depends on the shooter not paying attention to what they are doing.
While the vulnerabilities are a ridiculous oversight by TrackingPoint, they are working with the research duo to patch the systems. Customers will receive a USB drive with the patch once complete.
In the end, the rifle is still manual. The optics are manual. It is on the shooter to know where the rifle is pointed, and what the hell they are looking at downrange.
For TrackingPoint, it shows once you start going ‘smart’ you better be doing everything in your power to test for vulnerabilities. It’s not a problem relegated to ‘smart’ rifles. It’s anything with a network connection.