>>Hey how’s everybody doin’? So just a quick survey, uh, who here likes hacking? Who thinks hacking’s interesting? Yeah. Few people? Alright. How bout who thinks guns are kinda interesting? H**l yeah. A handful. [cheering] Alright. How about hacking guns? Any uh any interest in that [cheering]? Can I hack some guns. Good. Cause that’s what we’re gonna talk about today. Uh, we’re gonna talk about popping a smart gun. So, we’re going to… what is- what is a smart gun? Um so a smart gun would be a gun that can be fired only by an authorized user. Uh I think that a lot of the um mentality around gun-uh smart guns has been shaped by Hollywood in particular the movie Skyfall. This is a Bond film a couple years ago. Uh in the film Q gives Bond a modified Walther and it’s somehow uh associated with Bond’s grip uh some sort of biometrics and in the movie uh Bond can shoot the weapon but when the assailant gets the weapon and tries to shoot Bond, doesn’t work. And then the assailant gets like killed by a Komodo dragon or something. But uh anyhow uh we’re a little ways away from that for now but we do have several smart gun uh models in development in the- that are biometric based so this would be things like fingerprints or palm prints. We also see ones that use things like magnetic rings and then things like RFID and RFID wristbands. That sort of thing. Um now there’s a lot of controversy around smart guns and this is largely due to a New Jersey law that was passed in the early otts and this law said that after three years - three years after the first smart gun becomes available at retail, only smart guns could be sold in New Jersey and so gun people were a little upset about this thinking that they would no longer be able to buy non smart firearms and as a result they uh started to kind of protest when gun stores dis-discussed even carrying smart guns um up to the point people were getting death threats and that sort of thing. Now I’m-I’m not quite. I’m not really that extreme. I think that if you want a smart gun, you should be able to have a smart gun. Um I like guns. I like shooting guns rifles, pistols, shotguns, I think if you’ve never shot clays with a shotgun you-you should give it a try. It's fun. Um I do think that if you are going to buy a smart gun you should be able to get what you’re paying for. Should be- It should match what’s on the label. And also yeah if-if you should be able to buy a smart gun but not limited to only smart guns. Alright so if you do care to buy a smart gun, the only one you can buy in the states right now is the Armatix iP1 and this is a uh fully uh from the ground up smart gun design it's not like a modification of some other model. And it's made by a German company called Armatix. It's a twenty-two caliber, uh semi automatic, straight blowback action, hammer-hammer fired um, holds ten rounds, um takes two AAA batteries. So you know. Have-have batteries for your gun. Don’t wanna have that run out. [laughter] 
Um it has two components. The pistol and the watch and the way that it authenticates its users to see if they’re authorized is by communicating with the watch. So, give you kind of an idea of how that’s supposed to work. Uh what you would do, the user would put the watch on the wrist and then enter a-a pin on the watch and then select a period of time between about one and eight hours and during that period of time the watch will allow the gun to be fired. And so during that period of time you might draw the weapon and go shoot something and you would squeeze the grip. You’d squeeze the back strap on the pistol. And when that happens the pistol will signal the watch and the watch will check to see if it’s authorized and if it is it will send a token to the pistol. The pistol will say “yep I’m here” and the pistol will uh allow itself to be fired with that-that token from the watch. That only works if it's within about a foot so it needs to be within about twenty-five centimeters or a foot um to work like-like that. So um let’s see how this works. With the uh the caveat that this is not my computer so we’ll see-we’ll see, doo doo doo.
So the first thing. I’m gonna show two videos. The first one is if you don’t have a watch on and oop hold on a second. [clicking] Oop oop Hold on. Hold on. There we go. In case you were unaware they were having AV difficulties in this room all day so um. Alright so here’s what happens if you try to fire the wea-Armatix iP1 without a watch on. Uh, What you’ll see is that when you pull the trigger the hammer will fall and the gun will just go click. Nothing will happen. Alright. So that’s without the watch. Now the normal operation with a watch is you pull the trigger and it goes- [gunfire] it goes bang. Alright. So pretty standard. That’s uh-that’s how it's supposed to work. Hmm hmm hmm.
Alright so last year I spoke at Defcon about side channel attacks on high security in the electronic safe locks and so y’know that happened and it went well and I cracked some safe locks and that was great and so then I was looking for what to do next. And I-I kind of thought back to this thread. This was a thread on a uh a very pro gun forum um about a review of the Armatix rP1 back when it was released around 2015 and the-the people on there were kind of uh- y’know maybe mocking it like one person in particular this guy named Sky Hawk said “yeah could you imagine what the guys at Defcon could do to the uh iP1.” So I thought well uh I’m a guy at Defcon I guess. And so y’know. Le-let’s see what happens here so um I got one and I thought “oh y’know um I wonder how hard it will be to hack it-it’ll be a really good challenge” and then I-I hacked it three ways. So, um we are going to show th-all three of these today. So the three hacks to defeat the proximity restrictions so instead of being within a foot you’re able to uh extend that range significantly. Secondly to be able to prevent the weapon from being fired even when it is otherwise authorized. And third to fire the weapon without authorization. So the first of these, the proximity restriction is uh normally twenty-five centimeters. Uh again about a foot and to understand what this is you have to look at how the weapon, how the pistol communicates with the watch. And it does this on two different bands. One is in the nine hundred megahertz ISM band and then the other is down in the five point three five kilohertz using inductively coupled communications. You have two coils essentially. One is in the pistol and one is in the watch and uh when the pistol wants to signal the watch it will generate a signal, a carrier at five point three five kilohertz. That will be coupled through from it’s coil to the watch’s coil and that looks like this. If you hook up a coil, another coil to an oscilloscope and place it near the pistol while it's attempting to signal the watch, you’ll see something like this. It's a five point three five kilohertz burst for about one and a half milliseconds. Uh carries no information on its own. It's just a pure carrier. And so all this does is signal the watch that it wants to communicate on the higher nine hundred megahertz band. Now critically this is how it knows that it's close to the watch because of physics the coupling only happens within about a foot um it falls off much quicker. Its not-its not a propagating wave or anything. 
So I thought well y’know that sounds like we could just make a classic relay attack. Mmm so I whipped that up um. This is a block diagram of the device I made for that. So to kind of walk you through it. On the one-there are two half parts to this device, or two devices rather. One goes near the pistol and the other goes near the watch. On the pistol side you have a tuned coil, tuned to five point three five kilohertz and the coil there listens for the signal from the pistol. When the pistol has its backstroke squeezed it’ll generate a five point three five kilohertz tone which will be coupled into the coil which will go into a band fast filter or amplifier, go to the micro controller and eventually be make its way into our nRF24 which is a uh a nice little two point four gigahertz transceiver. Really easy to use, cheap, all that. That signal, that trigger is in uh transmitter of a two point four gigahertz backhaul to another two point four gigahertz device another nRF24 which goes to another microcontroller and-and this time goes to a coil driver so essentially it's going to transmit at five point three five kilohertz. Into another tuned coil. Tuned LC circuit. LC tank. And from there. That couples into the coil in the watch. The watch receives that signal. Thinks “hey I’m talking right to the pistol” and generates the token meant for the pistol to authorize it for firing and um that gets transmitted back in the nine hundred megahertz band. Now the nine hundred megahertz band is a true propagating-um has a true propagating wave so it gets uh much further than the five point three five kilohertz would so it can go directly from the watch to the pistol um at least about three meters. So you’ve extended the range from about twenty-five centimeters to about three meters. Alright so, um the hardware itself, pretty simple. It kind of uh s-I built the red boards on there um, whipped them up in an afternoon. Uh not-not too hard. The uh the way I designed it is to have the hardware be reusable for both the pistol side and the watch side and just populate different components to uh to and act of the different functionality. Um those nRF24 little receiver boards. Those are-are great and they’re super cheap. They’re like five bucks a piece off of Amazon. So if you’re looking for something like that th-that’s great. Um here’s a little pic. Sixteen F, Eighteen three twenty-four microcontroller. Y’know. It’s like less than a dollar. Super capable. Love that too. And uh circuit boards also. Man circuit boards are cheap these days. Like you can get those from China for nothing like uh I des-I ripped up the design, some of the Gerber and a week later they’re in my hands and it's super cheap. So twenty bucks for the relay, for the custom hardware and load from firmware for it and all that. 
Alright so, um let’s take a look then at what the relay attack looks like. Doo doo doo. Yeah. Okay so the-a little bit of context here. Um what I’m doing right now is I’m picking up uh the pistol and I don’t have the watch on. You’ll notice the watch is down at the bottom on the table. As you can see-yeah on the table. And uh it's well out of range-normal range. It's about three feet away when I go to shoot it and as a result when I pull the trigger it’s just gonna go click so you’ll see that happen. [click] Alright so just click. Now what I’m doing is I’m taking the one half of the relay the part that goes near the pistol and y’know hold it up to the pistol and you’ll see right next to the watch on the table there already is the other half of the relay and that’s going to communicate that-that trigger signal to the watch then so when we hold it up to the pistol and pull the trigger this time [gunfire] it goes bang. So there we go. Defeated the uh range uh restriction with uh with the relay attack. Classic. 
Um, yeah. So let’s see here. [applause] Thanks. 
Now part of the reason why this works is because it has a-a very lax timing requirements um with the- just this one built it actually tolerates at least six hundred and thirty microseconds of delay and um that’s kind of surprising. And I was expecting a much more- a much tighter uh timing requirement. But like here are the still or uh screenshot. You can see the blue trace which is when the pistol is transmitting its y’know normal five point three five kilohertz tone. And then you have the uh the relay generated tone down below and that is separated by about six hundred and thirty microseconds and it seems to handle that no problem. So one of the things they could do to- to kind of improve on this is really enforce tighter timing requirements um you might not the-the distances involved here like a foot is so short that you’re talking about like sub nanosecond times for the speed of light but you could at least tighten things up for in terms of tolerance um if we -if it-say if it had tolerated uh a microsecond of delay that would have been much harder to-to mount and attack on so uh it would be even better approach would be to not rely on nRF at all if you needed proximity - if you needed defense proximity you might want to use something that has physical contact. It actually ends up being a tricky problem actually applicable to a lot of industries. You’ll find this a lot with cars for example and you’ll see other talks including here at Defcon this year where they talk about relay attack and in other context. So classic relay attacks it's kind of a hard problem to defend against but y’know it still requires that you have access to the watch and that could be kind of tricky and you have to kind of like have contrive scenarios where that would be relevant. But I got to y’know build some hardware and write some firmware so I was like y’know Yeah. Pretty happy about that. 
Um so the next attack is denial of service. So we’ve- this is when you want to fire the gun and you are authorized to fire the gun but you can’t fire the gun uh because of some external influence. So you can kind of imagine a couple different scenarios here where this might happen. Perhaps an adversary wants to prevent you from firing your gun or perhaps there’s somebody who say doesn’t want any guns fired within a-an area. Or perhaps there’s not intentional at all. Maybe it's just somebody’s grandmother blabbing on the cordless phone and nobody knows why she still has a landline but y’know it's there. Or maybe a baby monitor. There’s actually a lot of devices that operate on this nine hundred megahertz ISM band um and tho-a lot of them have uh modulation schemes that will allow, potentially interfere with what the iP1 uses and so to uh-to test against this what they should be doing during development or prior to releasing this product is they should be doing what’s called EMC test. This is electromagnetic compatibility and this tests for two things. Uh especially for part fifteen devices like this. One, you want to make sure that this device doesn’t interfere with another device. And two you want to make sure that other devices don’t interfere with your device to -to the extent possible anyway. And so uh one of the great things about this testing and the FCC certification is that you can go look up all this information online. It's all- it's all public record. And so on all these devices that have uh FCC IDs you can go to the web and enter in that FCC ID and pull up all sorts of useful information about the bands that the devices operate on and things like internal photos sometimes schematics and uh fortunately for this one it was- they had a just a wealth of data in the FCCs certification database. Including, uh, some great photos and from the um the inside the pistol and the watch which is useful because it's otherwise uh podded in epoxy and I would have had to kind of destroy the- the gun to extract it. That showed the transceiver that they use. They use a transceiver from a company called Marada now uh part of our FM. And it's the TR1000 and so this transceiver operates at nine hundred and sixteen point five megahertz. Uh, it's a fully, uh kind of integrated transceiver but um and it-its not too advanced for its on off keying and amplitude modulage and amplitude shift keying. Um, when you want to transmit data you would feed it a-a bit stream. Kind of a base band signal and when you’re trying to have received data from it you receive essentially a-a-a simple bit stream. Um but it isn’t like decoding it down into it like-like the packet layer or anything like that.
So, uh to kind of understand this- what it gives you back on the receiver side which is then to understand why we can attack it. Let’s learn a little bit about why the IP1 encodes data and um this is about- this is Manchester coding. Manchester coding is all about the edges. About the transitions like from low to high. That would be a one. And from high to low would be a zero. Has some great aspects. One is that it is- it has a zero DC value so that simplifies a lot of design. Um, one thing though is that you have to have a good slicer level to decide what is high and what is low and if you have the slicer level set incorrectly you might miss a transition and then you’d lose a bit and then of course your data’s corrupted. So here’s kind of an example of that. In the top we have a slicer level that’s set sufficiently even though our second little rise there is a bit of a runt pulse. It still gets high enough above the slicer level that we can see that edge and decode the bit stream into one zero one one. In contrast on the bottom, the slicer level is too high and we miss that- that transition on that runt pulse. It goes high but not high enough and we-we totally miss that bit. So, we’re not able to decode that bit stream successfully in that case. 
So, with that background in mind here is what a- an actual authentication tooken from the watch to the pistol looks like. Its nineteen bytes long and you can see each of the individual bytes grouped in these little bursts-these little jagged bursts and most of this data is a combination of constant and static data. About half of it is constant. Half of it is dynamic. The dynamic data contains a uh a time dependent token and that will allow the- the weapon to be fired. They have to have synchronized clocks. And also importantly it has a checksum. And-and there’s a checksum not a CRC and it notably is not a error correcting code. All it can do is detect errors it can’t correct them. And if it detects an error it will retry about four hundred milliseconds later. Or rather the pistol doesn’t act the watch, the watch will retry four hundred milliseconds later. Um, but if you have both of those are corrupted you-you’re kind of up a creek.
So, I looked at that for a while and uh- I came up with a- what signal it would be most susceptible to and this is a uh pulse data and it is- this is a view of it on a spectrum analyzer set to a zero hertz span. This is kind of a way to make a spectrum analyzer behave in the time domain instead of how it normally operates which is in the frequency domain. It can be pretty useful and so the uh the-the signal the base pan signal I found to be useful wa-has a thirty-three microsecond period of carrier followed by a three hundred microsecond period of no carrier. And so the full period then would be three hundred and thirty-three microseconds. And if you’re saying “well y’know where did those numbers come from it seems oddly specific.” The answer is the thirty three microseconds is about one bit width in the uh in the-the token being sent from the watch to the pistol and three hundred and thirty three microseconds is a little bit shorter than one byte width. And so- or one byte period. So if you overlay those two you can see that the-they’re-the very steady repeating pattern is the-the test signal and the kinda smaller pattern is the-the token from the watch and if you overlay those you can see that the-the test signal happens to hit at least once in every byte, um, and so that’s important because of the different ways that the test signal can interfere with the signal from the watch. The-the the desire signal. Uh a couple different scenarios. So we have three different scenarios and uh regarding relative signal strengths. So uh first scenario. Interference is much greater than the signal. Much-much uh stronger. What will happen in this case is the TR1000 will set the slicer level to a point six DB down from the peak of a recent signal. It sets it automatically um and one of the things that even the TR1000 data sheet notes is that it will do that incorrectly in the face of pulse interference. So we’re making some pulse interference in setting that slicer level incorrectly. Uh and what will happen then is we have our slicer level way too high and it's well above all of the desired signal and so we totally miss all the transitions and the desired signal so we totally miss all of the bits in that signal and so we don’t get the token.
The second scenario is when the interference is roughly the same as your desired signal. In that case the interference would fill the gaps in the signal because again we have this pulse happening about once per byte and what will happen then is you’re filling in gaps so you are causing again missed transitions. You’re still seeing some of the transitions because the slicer level is set correctly this time but whereas since Manchester encoding relies on those transitions, you’re filling in the gaps, it sees no transitions, and so you lose those bits again. As before you lose even one bit you lose the entire byte. You lose the byte, you lose the packet and the token is no good and the gun does not fire. 
So, third scenario is when the interference is somewhat less than the signal. When one of the strange aspect of the-of the byte stream that you could see in the uh some of the period slides is there were kind of gaps between each of the bytes it's like bursts and it kinda looked uh, oddly separated. And what will happen if this interfering signal is low and happens in between those bytes is you’ll interfere with the synchronization of the bytes and so the TR1000 will be tricked into setting the slicer level a little bit too low and think that the byte is starting and you’ll get this uh corruption again in the bits because your timing and synchronization is off. As before you lose the bits, you lose the bytes and you lose the token. 
So, so I built, had experimented with all of this and with using some-some lab equipment. Using a signal generator and an arbitrary waveform generator to hone in on what was kind of the right waveform. And from that built a test transmitter. It's very simple. I didn’t bother with a circuit board this time. Just built it on some strip board. So what I used here was actually the same module that they use in the pistol and the watch. It’s a Murata TR1000 again and driving that with another PIC16F for the base fan signal so that drives the transmitter and the transmitter drives the antenna and we get a portable little test transmitter to kind of simulate what would happen if you had uh some other adversary or just an unintentional interference again like a baby monitor or a cordless phone potentially. 
So, that works actually really well. Up to at least-up to from at least three meters onto about ten meters. At three meters rock solid. And this is just at uh par fifteen sort of output levels. Its works kind of reliably up til about ten meters. It depends on the relative orientation of the-the watch and the pistol and the transmitter and so forth. But the bottom line at three meters of rock solid um interference. So this is, it's kind of surprising that it worked. Cause it could have caught this sort of thing during, again, y’know EMC testing when they were testing for uh susceptibility to external devices. External fields and so forth. 
So let's look at the denial of service attack. So, okay so what’s gonna happen here. I’m gonna fire it normally. [gunshot] Alright. So the gun fires normally. And now what I'm gonna do is I’m going to go over and take off the transmitter and turn it on. So this is the same transmitter that I was just showing. And I’m gonna try firing it again. [click] [click] [click] and it doesn’t fire. So, yeah [applause].
So, um, so that, y’know that was kind of interesting. Y’know. What could they have done to defend against that? Well one thing would have been to use more transmitter power from the EMC report about the pistol and my own direct measurements found that they were transmitting at about minus twenty BBM which is about in round numbers about twenty BB below the PAR 15 limit. So holding all else equal they could have used a lot more power but they chose not to for some reason. Um, the- an easy software fix. Well maybe not easy, but a possible software fix would be to use error correcting codes. So right now you have a single bit error and you lose the entire token. You lose the-the whole off. So if you had error correcting codes you might be able to tolerate more bit errors and as a result be able to get the token that uh authorizes firing through without uh without failing. Then of course uh using more robust modulation might be another approach. Instead of on-off keying and amplitude modulation maybe consider something like spread spectrum. Something that is inherently more immune to-to uh to interference. Plus a spread spectrum you can use more power than megahert- nine hundred megahertz span. 
Alright So, I so I-I had to thought about the third attack. So this would be how to make the gun fire without authorization. And so I was considering all sort of interesting angles on it and I was thinking like oh how can I decode the tokens from the watch. And how can I maybe like a replay attack or maybe you can just sort of generate my own tokens or maybe there’s some sort of side channel attack. Or something really sexy. I mean I was going for something really technical and sexy and I was really-really gung ho about that and eh making a little bit of progress but not-not as much as I was hoping for. So I took a step back and I pulled up um some patents that our Armatix had filed and it turns out that they had done a pretty good job of explaining how the gun works in their patents. And you know kudos to them for filing a patent that they actually use but um in any case it provided some insight into how the mechanism would be weak and how it could be compromised so I’m just gonna go into how-how the gun works internally to give me an idea of where we were gonna be going with this. 
So internally if you imagine that you’re looking down the slide of the gun. So this is the top part of the gun that slides back and forth. It's the part that has the barrel on it so imagine you’re kind of looking in line with the barrel from behind the hammer. So from the back of the gun. You’re kind of looking longitudinally down that and you’re looking at the firing pin. Now, ordinarily the firing pin is blocked. It has some-you can imagine having some lugs in the side and those not matching up with sort of a-a uh a holes in the s- in the slide. So you might have this mis fashioned uh the lugs to the wards and if you were to strike the firing pin with the hammer it wouldn’t move and the gun wouldn’t fire so that’s kind of what you want ordinarily when you’re not pulling the trigger for example. What happens is when you partially pull the trigger you move that uh mechanism a little bit particularly you rotate the firing pin slightly and those wards or those lugs become closer to lining up with the wards. Closer to uh matching and allowing it to slide but not quite far enough. So you pull the trigger and pull the trigger halfway and you would get a little bit of movement on the- the firing pin but not enough to fully unlock the device. 
And that’s kind of just the-the scenario you have if you’re if you’re not authorized to fire. Like lets say you pull the trigger the full way. Nothing happens because its you have that mismatch. However if you do have - if you are authorized to fire then an electromagnet is turned on by the microcontroller in the pistol and that electromagnet will pull on another piece that’s connected to the firing pin. This is a little bit of a ferrous metal which means it can be attracted by a magnet. And when the electromagnet pulls on that ferrous material it will align the lugs with the wards in the-in the slide and at that point then the firing pin can slide longitudinally so when the hammer strikes the firing pin the firing pin will move, strike the primer in the cartridge and the gun will fire. 
So um this is actually a-a shot of the patent which was great. See patent y’know eighty-nine, sixty-six, eight o three. Good tip if you’re looking for patents that companies have filed. They don’t always file them in a way that there as easily searchable so you what you wanna look for I found is to search in the company name and then pull the patents they have filed in their name and then pull up other patents that are associated with the inventors on those patents and sometimes you can get a much uh greater breadth of information than you otherwise would, even if it doesn’t mention the company by name those are their patents. 
In real life this is what it looks like. This is a view into the gun from the top. This is, imagine you’ve taken the slide off of the pistol and you’re looking from the top down into the gun. So this is uh you have the barrel on the left and you have the hammer on the right and kind of in between them where the arrow is pointing you have this little circle and in that circle there is an electromagnet. It’s the electromagnet from the diagram. Now that lines up with the components in the slide. So this is the slide and you have two views of it here. The profile view and the bottom view. Or-or from the bottom up. You can see there is uh a little piece that the cam would press on when you pull the trigger partway. When you pull that trigger partway it will lift up on a linkage and move that piece of ferrous material down a little bit further into range of the electromagnet. And uh then y’know operate as before. If the electromagnet is on it will be pulled-be pulled further. Unlock the firing pin. And if not it will just uh not fire. So one thing you can see easily on this paired view of the profile view and the bottom view of the slide is where the ferrous material is relative to kind of markings on the side of the slide. You can see it's kind of uh near this detent on the right side. So keep that in mid for a little bit later. Um, y'know I thought I thought gosh an electromagnet I-I could just put a big a** magnet next to it right and like, uh they make those. And y’know pull the same way and so I went on Amazon and I’m like y’know “Big A** Magnet” and its like this huge hockey puck sized nudenium magnet. Uh so I was like y’know y’know overnight that or uh two day it and um I got it and I-I uh I slapped that on the side of the-the gun and it did not work at all. I mean it was dead. That was way too much magnet. Like it was. That was just. [laughter] And I could kind of just imagine kind of a sucking sound. Kind of a [makes sucking sound] of all the components in the- in the pistol being kind of pulled to that side. It was uh, yeah nothing that you couldn’t pull the trigger at all. [laughter] You couldn’t like, it was just like way too much magnet. Um so never thought I’d say that, yeah. Too much magnet. Yeah. Uh so I- I went back to Amazon and found some smaller magnets. These are some again nudenium magnets about an inch and a quarter by about a quarter inch and you need about three of ‘em. They come in four packs but you need about three of them so you need about fifteen dollars worth of magnets. And I got those together and I picked up some- some scrap wood dowel and uh stainless steel screw. Stainless steel so it wouldn’t uh be attracted by the magnet depending on the alloy. And this is the magnet tool. This is the fifteen dollar tool to defeat the fifteen hundred dollar smart gun. Um you can see a piece of wood with a screw in it and some magnets stuck on the end. Uh it's kind of good that I needed exactly three magnets because there’s no way I’m ever getting those apart again. Like they are-they are really stuck together. So the way you use this tool. Pretty simple. You just align the magnet right there. Remember from the earlier slide you have the ferrous material that was aligned basically where that arrow is and so again what you’re doing you’re just pulling from the-the outside standing in for the electromagnet and uh that is most easily done actually at a slight angle. I found that if you-you had kind of uh the magnet just right on the edge it would uh kind of pull too hard but in a little bit of an angle works a lot better. Let’s see, so you slide the magnets up there. Oh one other thing to notice about this. You’ll see this in the video too. There’s a red light kind of near my-my um uh wrist sort of on this picture near the back of the gun. When the gun is authorized for firing it’d be green but in this photo and ththe video that we’re gonna see in a moment it will always be red. It’s always be unauthorized to fire. Not authorized to fire. 
Alright, so let's look at the demo of the magnet attack. Firing without authorization. 
[click] Okay again with a little bit of context. I’m gonna do- pull the trigger a few times to show that the gun won’t fire ordinarily. So right now I don’t have kind of the watch nearby or anything like that. No relay attack. Nothing like that in place and so you’ll know it. If you-It’s kind of hard to see the red light is on on the back indicating it’s not authorized to fire. So pulling the trigger a couple times. [click] [click] Not working. So then we’ll take the magnets. Put them next to the gun on the right spot. [gunfire] And it fires. [applause] 
Thanks. So then y’know a couple other instances of this. I fired it again uh or I clicked it again showing it wouldn’t work [click] put the magnets up and [gunfire] fires again. And you know for- how bout a, how bout a first person view? Alright so we’re gonna go and- and take that and [click] oop nope doesn’t fire. Oh no. Oh no. [click] Actually this time it didn’t work the first time but that’s okay we’ll just put the magnets back on again and oh there we go [gunfire]. No problem. No problem. So you take the magnets off. Put em on. [gunfire] No problem. Pretty easy. I actually showed, uh. [applause] I-I so I showed uh a couple people how to do this and they they caught on pretty fast. Um in fact for the wired video piece the-the videographer I had him I had him shoot it too to show him I wasn’t full of s**t or something so um the, yeah so y’know it. I know what you’re thinking. Y’know. F**king magnets how do they work? Um it's a miracle. It's a miracle, yeah. I-I honestly didn’t know it. I had no idea what anyone was talking about and everyone kept being like “F**king magnets.” And then I’m like “what are you talking about.” I had to Google that one I’m sorry. I’m getting old. Um the magnet defense however. How do you defend against this sort of thing? So basically uh don’t do this. Don’t rely on solenoids. Don’t rely on DC magnetic fields and we see this thing, this sort of problem repeated again and again. Like there was this classic case a couple years ago about Sentry safes. So this particular model of Sentry Fire Safe was susceptible to a magnet attack uh you basically would just put a magnet a magnet up on the- the door and it would move a solenoid inside the safe and the safe would open so, um, pretty pathetic and the-they kind of made the same mistake here and so I would guess they aren’t the last to make that mistake either. But basically don’t use anything that relies on DC magnetic fields. Instead consider something like a motor drive. So in better safe locks like the ones I talked about last year. You’ll find a motor and it’ll move like a bolt on an acting screw for example. And this is much harder to-to in-induce from outside of the safe or outside of the gun or externally anyway. And um that- that sort of uh that’s one approach. Another option would be to design a system that would detect an attack. So that would have some sort of relocker. So like it would say oop there's some sort of external magnetic field so as a result we’re going to activate a secondary lock and there are a variety of clever implementations for this sort of thing but um again the the idea is that any sort of external magnetic field would in-induce some sort of secondary relocking ideally without any sort of electronic interventions so that it would still work with the power off. 
So uh y’know y’know a few- a few thoughts finally um. A-again I’m not against smart guns. I think that if you want a smart gun you should be able to have a smart gun but you should get what’s on the label. You should have one that actually provides meaningful extra security. And I think this fell short. I think the the iP1 um fell short and uh it was kind of a dis-kind of a little bit of a disappointment. I was expecting a greater challenge. Actually when the magnet thing happened I was really hoping for a y’know a Defcon talk. I was like “oh no magnets.” Like that’s not gonna fly. Like that’s too simple. So I’m like “Oh no magnets” but then uh, it turned out to be interesting anyways I thought. Um there was also kind of an ethical dilemma and I went back and forth with the media actually about this because they were worried about teaching kids how to do something dangerous. In this case how to fire maybe their parents gun. And y’know it's always kind of tricky and you- you see this a lot with with hacking and so forth in many contexts. Is it better to kind of sit on the information or is it better to share it with the world. And I took the opinion that yeah, you might be sharing this information, teaching a kid how to fire their parent’s gun but on the other hand you’re telling their parents that this exists. You’re getting the word out that these things exist and that we can fix them and then we can make future products better. Y’know. I-i-it's probably. Y’know I was talking to somebody else about this and he pointed out that it's good that this sort of problem was found now before anybody’s died because of it than in the future when somebody might discover it because of some unfortunate accident with a kid or… So anyhow if you have any questions I’ll be out in the hallway and uh thanks for your attention and have a good evening. [applause]