If a hacker attacks your TrackingPoint smart gun over its Wi-Fi connection, you may find the weapon is aiming at a different target than you think.
Sourced through Scoop.it from: www.wired.com
Hacking has a number of different meanings. My involvement with hacking has been around events designed to share open data and allow developers and communities to mix and match data, writing code to help people develop mobile apps of value to communities. In my case, mostly using location based data. For example the winner of the Location Innovation Awards came up with a concept to help students find the right bus, get directions to the bus stop and be shown how much time they had to get there in case they wanted a Coke and a pie on the way, or perhaps a newspaper. The runner up was an agency with a Facebook based carpooling app that much like Uber, but years earlier allowed you to see the location of the car and the car could see where you were waiting to be picked up. It also used Facebook to allow you to get a gauge on how safe you felt hopping into a car with a stranger. Secure information that they agreed to share for the one and only specific purpose of ride-sharing.
Hacking also has a malicious context about accessing data for nefarious or illegal purposes, such as the video doing the rounds on Facebook about scammers who only need to brush up against a woman’s handbag in order to steal her chip credit card details.
Another example I used in a previous blog recently, was where crooks would sniff out the remote access keys of expensive cars by being in the vicinity when the owner remotely unlocked them.
Whilst there are all sorts of security encryption protocols and tools, systems that are designed to communicate will frequently have weaknesses either because of their function (i.e. they need to be able to talk to other systems, such as autonomous cars) or because of inattention to detail in design, (poorly written code) or inattention to detail in passwords ( a study a few years ago of Scada systems, software used to run utility networks like electricity companies, were still set on ‘password’ or ‘admin’ or ‘super’. These are the original passwords that come with the software, just like the security padlock that starts with the number 0000 that you were going to get around to deciding on a code for before your trip.
This brings us into areas that are more scary. In this example a sniper rifle could be remotely controlled to shoot the person next to the target. Imagine if all cars in a grid, of a particular make and model, could have their brakes jammed on, or disabled at the same time.
We are now getting into the Internet of Things and I love the idea that I can turn on my heat pump 5 minutes before I get home, or be able to see the face of an invited guest on my smartphone who got home before I did, and using my smartphone open up the deadlock and invite them to make themselves comfortable until I got there.
I will be able to do that in future. I’m starting with my lights this year. What’s the risk? I would suggest they are proportional to the value of whatever some criminal wants to take. If it’s a Ferrari or I had a valuable work of art in my home, it’s pretty high. Don’t for a minute think criminals are all unsophisticated.
I’m not scaremongering here. I’m suggesting you make sure that you have your basics right and if you are purchasing any device with remote control or remote access that it has guaranteed very high levels of security to prevent someone ruining your day. Like this $15,000 rifle, don’t assume because it costs a lot of money, it is secure. This one probably will be a lot more secure after this story, but that’s just one thing.
The IoT (Internet of Things) is about billions of devices being able to talk to each other, and in many cases autonomously. When it comes to things like weapons and cars, both are devices with computers that can keep you safe or kill you.