Smart gun broken by smarter hacker with a magnet
2000 AD comic book fans will recall that Judge Dredd used a gun called the Lawgiver, which would only fire if held by the Judge who owned it. The smart gun has moved out of science fiction, and is now science fact. But just how smart, and how secure, are they?
It’s a little known fact that I actually appeared in the 1995 Judge Dredd movie, the one starring Sylvestor Stallone, as an extra. I didn’t get to meet Sly, but I did get very wet as most of the crowd scenes were filmed under artificial rain over and over again. I didn’t get to handle the Lawgiver props either, but the idea of a smart gun has always appealed.
Obviously it would be better if nobody had guns at all, but in countries such as the US where many householders do own guns for self-protection there’s always the danger that an intruder could use that weapon against the owner during a robbery.
I’m no gun fan, but anything that can help make them safer has to be a good thing. I didn’t use to be a fan of smartwatches either, but have changed my mind recently. So the idea of combining a smartwatch with gun control seems like a win to me.
With advances in technology, smart guns have eventually started to get traction in real life. There are things such as the Identilock biometric trigger guard accessory, which locks the gun down unless the right fingerprint verifies the rightful owner.
Then there is the Armatix IP1, a gun with the identity verification built right in. It works by requiring the owner to wear a smartwatch device while using the pistol. Unless the watch and the pistol are within 12″ of each other, the gun will not fire.
Or at least that’s the theory.
Now, a hacker with the pseudonym of Plore has demonstrated exactly how to bypass this protection. Some of his methods, as explained in a Wired video, are complex and involved six months of research to uncover signal wavelengths and build transmitter relays to extend the range, or a blocking device to prevent it working at all.
However, what really grabbed our attention here at ITST along with most of the security industry that was at the recent Defcon conference in Las Vegas, was how Plore used magnets to pull off the most impressive hack.
Plore discovered that by using a few powerful, yet stupidly cheap at around £5 each, rare earth neodymium magnets he could fire the gun at will. Yep, just by placing the magnet stack on the right part of the gun it would unlock and fire every time.
So, what have we got at the end of all this? A £1,000 ‘smart’ gun that can be fired by someone other than the owner if they know the magnet trick, and that can be jammed by an intruder if they know the transmitter jamming trick.
Probably not a great risk in real world crime scenarios, as an intruder wouldn’t know the householder owned the weapon and wouldn’t be carrying the requisite kit just on the extremely slim off-chance that they did. The gun could, of course, be used if stolen easily enough by someone doing a bit of online research. Which brings us back to the Judge Dredd scenario where he is framed for a murder because his Lawmaker gun was hacked and used by someone else to commit the deed.
But that’s not really the point of such hacking demos, they are to highlight the increasingly insecure thinking behind supposedly innovative technologies. And if such forensic examinations of security claims can motivate the makers of the next generation of smart guns to learn from these mistakes, then that’s got to be a good thing.
As Cesare Garlati, chief security strategist at the prpl Foundation, says: “The fact that the security feature could be so easily manipulated is evidence that security was an afterthought for this device. This latest case is yet another example of how connected devices, praised for convenience and connectivity, lack one key component: security. In order for something so dangerous to go to market, it definitely needs implementation of stronger security controls, otherwise it poses a serious risk to human lives.
“Industry, chip makers, regulators and governments all need to work together to resolve these issues and improve standards, especially with so many vulnerable connected devices, the risks are forever mounting. With the security scares of late involving IoT, the mission at the prpl Foundation is to make all these parties, particularly those putting products to market, work to the mindset that if it’s not secure, it doesn’t work.”