Security researchers Runa Sandvik and Michael Auger have spent a year hacking a pair of $13,000 TrackingPoint self-aiming rifles.
The married hacker couple have developed a set of techniques that could allow an attacker to compromise the rifle via its Wi-Fi connection and exploit vulnerabilities in its software. Their tricks can change variables in the scope’s calculations that make the rifle inexplicably miss its target, permanently disable the scope’s computer, or even prevent the gun from firing. In a demonstration for WIRED (shown in the video above), the researchers were able to dial in their changes to the scope’s targeting system so precisely that they could cause a bullet to hit a bullseye of the hacker’s choosing rather than the one chosen by the shooter.
“You can make it lie constantly to the user so they’ll always miss their shot,” says Sandvik, a former developer for the anonymity software Tor. Or the attacker can just as easily lock out the user or erase the gun’s entire file system. “If the scope is bricked, you have a six to seven thousand dollar computer you can’t use on top of a rifle that you still have to aim yourself.”
Virginia Commonwealth University in Richmond is the latest university to begin using biometrics. The university is using the technology to scan students at meal time.
On Wednesday, the school announced it had added two iris cameras to the campus dining hall so that students can use their eyes instead of their ID for access.
“Students won’t need their ID to enter the dining center anymore,” Stephen Barr, VCU director of campus services, said in a statement Thursday. “With iris identification, it’s as simple as a camera taking a picture of their eyes and two seconds later they walk through.”
The system is voluntary, for now. Barr said it will be used as an express land and backup option over the weekend for students who lose their IDs.
Students are not happy about change.
VCU students weighing in on the school’s official Facebook page voiced concerns over the iris scanning system, calling it “creep and unnecessary” and likening it to fingerprinting the entire student body.
The increasing use of biometrics has raised privacy concerns among privacy watchdogs and critics, especially when it comes to how the biometric data will be stored and its potential to be hacked or stolen.
“We don’t keep pictures of your iris,” Barr said. “It’s just a number, just like your ID. Your ID has a unique number that ties it to you.”
Except if your ID number is ever stolen or misused, you can cancel it and get a new one.
New Ten Commandments: The Right to Privacy from Alice Nelson on Vimeo.
I was commissioned alongside nine other directors to contribute to a feature length documentary celebrating the 60th anniversary of the Universal Declaration of Human Rights. Produced by Lansdowne Productions and SDI Productions for BBC Scotland and Creative Scotland. The Right to Privacy was the piece I produced based on the story of one man and his relationship with his bike. The other directors on the New Ten Commandments project were Kenny Glenaan, Douglas Gordon, Mark Cousins, Tilda Swinton, Nick Higgins, Irvine Welsh, Sana Bilgrami, Doug Aubrey, David Graham Scott and Anna Jones.