I recently watched a video on Wired about a person who found multiple ways to exploit a ‘smart gun’. You can watch that video here.
TL;DR the gun is accompanied by a watch that, when it is close enough to the gun, allows it to shoot. The hacker is able to not only make the gun fire without having the watch nearby, but is also able to jam the signals between the watch and gun and prevent it from firing. The hacker was also able to extend the distance the watch has to be for the gun to fire with the use of a transmitter and repeater. Granted, the hacker investigated the specific frequencies that the gun and watch used to authenticate and communicate, but the firing without the watch was done simply using magnets that exploited the mechanical aspects of the security system.
Now there are a few things I want to touch on here and hopefully I will be able to frame it within the context of arming the henchmen of my evil corporation. After all, that is the theme of this blog.
Firstly, despite its security flaws, I would arm my henchmen with smart guns. They are already more secure than the regular guns we have today. What the smart guns do is raise the bar for the gun to be operated.
‘… firing without the watch was done … using magnets that exploited the mechanical aspects of the security system.’
A common thing we see nowadays is what I like to call the ‘henchmen ammo supply chain’ where the hero works their way through a villains compound by systematically neutralising every minion in their way and taking their weapons as they go along. Effectively, the hero is given a steady stream of usable weaponry to help them along. Using smart guns, the hero will be unable to use the dropped guns, only their ammo. Even then, if the hero isn’t using the exact same model and calibre gun themselves, they will probably not even be able to use the ammo.
This is a good way to break the hero’s momentum through your evil lair by ensuring that they run out of resources fairly quickly and are unable to resupply.
Perhaps instead of using a smart watch, I would invest in biometric security for my smart guns such as a fingerprint sensor (which has been developed). Given the form factors we can achieve with our fingerprint sensors on our phones, this seems like a pretty good idea to do. To push this idea even further, what if the gun was not only linked to the user’s fingerprint, but also tapped into their entire system measuring heart rate, brain activity, and so on. That way we could use this information to not only authenticate, but also possibly map their intent and use that to decide whether or not the gun will fire.
‘What the smart guns do is raise the bar for the gun to be operated.’
With that said, this was an interesting case of a simple workaround to some seemingly complex security. If your system has a simplistic mechanical bypass how secure is it really? In the case of smart guns, I would argue they are still safer than normal, unsecured guns. This comes with the caveat that the ‘smart’ part involves authentication only and not actual fire control. Giving anyone a way to fire guns remotely/smartly is just a really, really bad idea.
To bring it back to a real world context, guns are weapons. Like a club or mace, a gun is not dangerous by itself, but when it is wielded it is capapble of taking a life. By using smart technology to restrict the operation of a gun even further, I think we can make guns much safer than they currently are and also hinder the trade of guns since the authentication is something that will have to be transferred from seller to buyer. Even though exploits exist, I would argue that currently, it is much easier for someone to aquire a ‘dumb’ gun and use that than go through the trouble of trying to hack a smart gun. Inevitably we humans are lazy and will choose the easiest path.
What I’m trying to say is: while the media hype may make it seem like smart guns with vulnerabilities should not be used, it is in fact the opposite because they are already safer than normal guns despite their exploits.
P.S. Let us agree to never ever connect guns to the internet. Ever.