For gun control advocates, a “smart” gun that only its owner can fire has promised an elusive ideal: If your phone or PC can remain locked until you prove your identity, why not your lethal weapon? Now, for the first time, a skilled hacker has taken a deep look into the security mechanisms of one leading example of those authenticated firearms. He’s found that if smart guns are going to become a reality, they’ll need to be smarter than this one.
At the Defcon hacker conference later this week, a hacker who goes by the pseudonym Plore plans to show off a series of critical vulnerabilities he found in the Armatix IP1, a smart gun whose German manufacturer Armatix has claimed its electronic security measures will “usher in a new era of gun safety.” Plore discovered, and demonstrated to WIRED at a remote Colorado firing range, that he could hack the gun with a disturbing variety of techniques, all captured in the video above.
The IP1 purports to limit who can fire it by requiring that the shooter wear a special Armatix watch. If the gun and the watch can’t connect via a short-range radio signal that extends just a few inches, the gun won’t fire. That’s the idea, anyway. But Plore showed that he can extend the range of the watch’s radio signal, allowing anyone to fire the gun when it’s more than ten feet away. He can jam the gun’s radio signals to prevent its owner from firing it—even when the watch is inches away and connected. And most disturbingly, he can mechanically disable the gun’s locking mechanism by placing some cheap magnets alongside its barrel, firing the gun at will even when the watch is completely absent.
Plore notes that unlike many gun owners, he’s not opposed to the principle of a gun with added layers of electronic authentication. But he says the politicized debate over smart guns hasn’t examined the far more basic question of whether they actually provide the security they promise. “If you buy one of these weapons thinking it’ll be safer, it should be,” Plore says. “In this case, it was so easily defeated, in so many ways, that it really failed to live up to its side of that bargain…Misplaced trust is worse than no trust at all.”
Gun rights advocates have long opposed smart guns, seeing them as a Trojan Horse to regulate traditional firearms. And Plore says his interest in smart-gun hacking originated with reading a vehemently anti-smart-gun thread on the gun forum Calguns.net in 2015. “Could you imagine what the guys at Defcon could do with this [piece of shit]?” one poster wrote wrote in response to a negative NRA review of the Armatix IP1.
Plore, who had just a few months earlier spoken at the Defcon conference about cracking electronic safes, decided to find out. Over the next six months he developed a series of three attacks on the IP1’s security mechanisms, each one more serious and low-skilled than the one before. “I was confident I’d be able to break it,” says Plore, who has a day job as a hardware-focused engineer and security consultant. “I didn’t think it would be so easy.”
In fact, before he found his dead-simple magnet hack, Plore tried a far more technical approach known as a “relay” attack. That involved building two small radio gadgets, each no larger than a pack of cards and costing about $20 in hardware.
The relay attack takes advantage of the gun’s radio-based safety mechanism. When the shooter squeezes the gun’s handle, it sends out an RFID signal to check if the watch is present. But Plore showed he could place one of his radio devices near the watch to intercept the signal, and relay it to another gadget as far as 12 feet away. That means the gun doesn’t need to be next to the shooter’s wrist, as intended, but can instead be held by someone else, breaking its tight identity restrictions.
Plore also developed a technique that doesn’t defeat the gun’s authentication, but instead hijacks those security mechanisms to render the weapon altogether useless. He built a $20 transmitter device that simply emits radio waves at roughly the same 900 megahertz frequency as the gun and watch, overwhelming their communications. From as far as 10 to 15 feet away, the handheld transmitter can reliably jam the gun no matter how close it is to the owner’s watch. (Plore himself prefers to call the technique “electromagnetic compatibility testing” rather than “jamming,” since the latter may be illegal under certain Federal Communication Commission regulations.)
An assailant who knew his intended victim carried an Armatix handgun could, then, simply use the transmitter to disarm him or her. But Plore warns that even a nearby cordless phone could trigger the interference. “Imagine your gun won’t fire because somebody’s grandmother is blabbing on a cordless phone,” Plore says.
After developing those two more technical radio attacks, Plore dug into Armatix’s patent diagrams. There, he found that when the watch’s radio signal authorizes the gun to fire, an electromagnet moves a small metal plug to unlock its firing pin. So Plore ordered a $15 stack of magnets from Amazon. He found that by placing them next to the gun’s body at a certain angle, he could immediately fire at will, with no watch in sight.
When the gun first fired without authentication, “I almost didn’t believe it had actually worked. I had to fire it again,” Plore remembers. “And that’s how I found out for $15 of materials you can defeat the security of this $1,500 smart gun.”
Sights on Security
Plore first contacted Armatix about his findings in April, but the company didn’t respond to his findings other than to acknowledge they’d received them. In response to questions from WIRED, Armatix spokesperson Georg Jahnen noted in an email that while all of the attacks were possible, they might not be easy or practical in certain conditions. He argued that the jamming attack actually demonstrates the gun’s safety measures, since it at least failed in a safe way, rather than firing without receiving a signal from the watch.
As for the magnet attack, Jahnen argued that someone who wanted to exploit the vulnerability without preparation might not have the necessary magnets ready to use. “I do not think that you have appropriate magnets with you when you act in the heat of the moment,” he noted. (That claim ignores the fact that the magnets are easily bought, and someone could of course steal the gun and obtain the magnets later to defeat the IP1’s security system.)
But Jahnen also conceded that Plore’s revelation of the IP1’s flaws will make smart guns safer in the future. “Our experiences with the strengths and weaknesses of the iP1 system will flow into the next generation of smart gun system,” he writes.
‘I didn’t think it would be so easy.’ – Smart-Gun Hacker ‘Plore’
Plore admits that the notion of showing anyone how to easily fire a weapon that’s meant to be locked represents a potentially dangerous ethical dilemma. But he argues that Armatix has only sold a small number of IP1s. Armatix hasn’t released sales numbers, and declined to answer WIRED’s questions about total sales. But gun rights advocates have lobbied against the weapon so strongly that Armatix has had difficulty finding US stores to carry them, and multiple stores that considered selling the weapon have nixed their plans under pressure. Plore says even for his tests, he had to ask three Colorado stores before one was willing to order a single IP1 on his behalf. Armatix itself filed for bankruptcy in 2015. (That might also explaining why it was so unresponsive to Plore’s warnings about the IP1’s flaws.)
All of which suggests that Armatix’s IP1 is already a lost cause for gun-safety advocates. But Plore reasons that perhaps demonstrating its flaws can show future smart gun manufacturers how not to design safety measures. There’s no software patch that can fix the IP1. But future models of the gun, and those from other manufacturers, could integrate components with tighter radio timing restrictions to defeat Plore’s relay attack. They could use error correction and higher-powered radio signals to prevent jamming attacks. And to defeat his magnet attack, they could build their firing pin locking mechanism with non-ferrous materials, or use a motor that applies a rotary force to lock the gun that can’t be easily spoofed with a simple one-direction magnet outside its body.
That means there’s still hope for smart guns, Plore says. “There are some people who think you shouldn’t be able to have a smart gun. I’m not one of them,” he says. “If people want to buy smart guns, they should be able to. And if they do, they should get what’s on the label.”