{"id":223,"date":"2008-03-16T23:59:11","date_gmt":"2008-03-17T07:59:11","guid":{"rendered":"http:\/\/cubist.cs.washington.edu\/Security\/2008\/03\/16\/security-review-smart-guns\/"},"modified":"2008-03-16T23:59:11","modified_gmt":"2008-03-17T07:59:11","slug":"security-review-smart-guns","status":"publish","type":"post","link":"https:\/\/secblog.cs.washington.edu\/Security\/2008\/03\/16\/security-review-smart-guns\/","title":{"rendered":"Security Review: &#8220;Smart Guns&#8221;"},"content":{"rendered":"<h2>Overview<\/h2>\n<p>This is a security review of &#8220;Smart Guns,&#8221; a general class of locking\/use prevention mechanisms for firearms that rely on biometrics or other authentication indicators (such as &#8220;smart&#8221; chips embedded in the gun and in rings or other tokens worn by the intended user) to identify a person who is authorized to use the firearm, while preventing unauthorized persons from discharging the weapon. The Wikipedia <a href=\"http:\/\/en.wikipedia.org\/wiki\/Smart_Gun\">article<\/a> has some further broad overview information regarding the subject.<\/p>\n<h2><!--more-->Assets<\/h2>\n<ul>\n<li>Accessibility. Ideally, one security goal is for the firearm to be capable of being used in short order by the authorized user.<\/li>\n<li>Personal safety. The other security goal is that an unauthorized individual should not be able to use the gun to injure or kill the owner or any other person.<\/li>\n<\/ul>\n<h2>Adversaries<\/h2>\n<ul>\n<li>The most obvious potential adversary is a criminal intent on using someone else&#8217;s gun to do harm; e.g., a criminal struggling with a police officer or a burglar breaking into someone&#8217;s house.<\/li>\n<li>Another &#8220;adversary&#8221; could be the small children of the owner of such a firearm; if a child somehow gains access to the firearm, the locking mechanism should be capable of preventing them from discharging the weapon and possibly killing or injuring themselves or others.<\/li>\n<\/ul>\n<h2>Possible Weaknesses<\/h2>\n<ul>\n<li>If the locking system requires a battery to operate, one major problem that could compromise one of the security assets is a dead battery. If the battery is dead and the gun cannot be unlocked, it is useless to its owner, whether that be a police officer in the line of duty, or a civilian trying to defend himself from an attacker.<\/li>\n<li>If the system relies on biometrics to identify the owner (such as grip style, pulse, or other such indicators), a stressful situation (such as a shootout) might substantially change those indicators in the user, resulting in the owner being unable to use the firearm.<\/li>\n<li>Further, if the owner of a firearm is killed or injured in a gunfight, a partner, family member, or other ally will be unable to use their weapon against the attackers.<\/li>\n<\/ul>\n<h2>Possible Defenses<\/h2>\n<ul>\n<li>To guard against the &#8220;dead battery&#8221; problem, one option is to design the lock so that the default (unpowered)\u00a0 state is unlocked. This prevents the accessibility of the firearm from being compromised, but it also poses a major problem itself: when the battery dies, it is no longer protected against unauthorized use, and it might be possible for an adversary to damage or disable the battery, thus unlocking the firearm. A better solution might be to devise a system that does not require internal power, although this poses a significant technological challenge.<\/li>\n<li>Situations where an ally might need to use another&#8217;s gun to continue a fight arise more often in law enforcement; agencies might be able to employ a system where all officers could be issued tokens (e.g., rings) that would grant access to use all of the department&#8217;s issued firearms.<\/li>\n<\/ul>\n<h2>Risks<\/h2>\n<p>As with anything involving firearms, the risks are quite substantial:<\/p>\n<ul>\n<li>If the battery dies or another circumstance renders the gun unusable, the consequences could be quite dire, depending on the situation: if the user is practicing at the range, the result would be an annoying delay while the battery was replaced; if, on the other hand, the user is attempting to defend his or her life against an attacker, the result could easily be serious injury or death.<\/li>\n<li>On the other side of the issue, if an unauthorized user gains access to a firearm that is not protected (e.g., the firearm was unprotected, or the battery has died and the mechanism defaults to unlocked), they could use it to kill or seriously injure the intended user or others, or in the case of a small child, themselves.<\/li>\n<\/ul>\n<h2>Conclusions<\/h2>\n<p>While &#8220;Smart Gun&#8221; technology proposes to address a good security goal (namely, preventing a bad guy from turning someone&#8217;s gun against them), reliability is a major issue. In most of the eventualities when such a locking system becomes important, absolute reliability and speed of access are also critically important for the user. For this reason, many people do not consider the technology to be worthwhile at the present time. Ultimately, a better solution for most people is to employ other methods of keeping the firearm out of undesirable hands in the first place, rather than trying to defend against an adversary who already has physical access.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview This is a security review of &#8220;Smart Guns,&#8221; a general class of locking\/use prevention mechanisms for firearms that rely on biometrics or other authentication indicators (such as &#8220;smart&#8221; chips embedded in the gun and in rings or other tokens &hellip; <a href=\"https:\/\/secblog.cs.washington.edu\/Security\/2008\/03\/16\/security-review-smart-guns\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":15,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,13,8,5],"tags":[],"class_list":["post-223","post","type-post","status-publish","format-standard","hentry","category-availability","category-physicalsecurity","category-policy","category-security-reviews"],"_links":{"self":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/223","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/users\/15"}],"replies":[{"embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/comments?post=223"}],"version-history":[{"count":0,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/posts\/223\/revisions"}],"wp:attachment":[{"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/media?parent=223"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/categories?post=223"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/secblog.cs.washington.edu\/Security\/wp-json\/wp\/v2\/tags?post=223"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}