• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Few Hacks, But Accurate Hacker Culture in Episodes 7 and 8 of Mr. Robot Rewind

December 6, 2017 By The Editor

Mr. Robot S3 E8
Elliot (Rami Malek) and Mohammed (Abeer Khan) in S3 E8 of Mr. Robot. USA Networks Photo

Mr. Robot slowed down a bit in episodes 7 and 8, focusing less on hacks and more on Fsociety members Trenton and Mobley’s unsuccessful run from the Dark Army and Elliot coming to terms with their (spoiler alert) deaths. But despite the lack of digital hijinks, there was still plenty of background odds and ends of hacker culture and products for WatchGuard CTO, Corey Nachreiner, to analyze for technical accuracy in his weekly Mr. Robot Rewind column on GeekWire.

 For example, in episode 7, Trenton cracks the combination to a four-digit bike lock to free herself and Trenton from a Dark Army hitman. Is this realistic? It would take about eight hours to “brute force” the lock by trying every possible combination, but Trenton escapes in much less time than that. However unlikely this seems; it’s actually plausible. Lock picking and other physical security tampering is often a part of hacker culture and if Trenton knew some of the most common password combinations for a four-digit pin (people are bad at choosing random passwords) or knew a trick to physically trip the locking mechanism, she could escape easily as seen in the show.

 The Dark Army also attempts to frame Mobley and Trenton for the Stage 2 hack by setting up a scenario where it seems like the two of them have been researching a hack that was promised in a faked Fsociety video. The hack would (in theory) interfere with air traffic controls to crash a plane. According to Corey, the setup for this hack is plausible and realistic, but the hack itself is not.

 Based on all that analysis, you can probably tell there is a lot of reality in this scene. The screens on the Dark Army’s staged computers tell the story of real-world hacker reconnaissance techniques. It’s true and verifiable that organizations like the FAA might have documents for public consumption that do hint at the technologies they use (which could help hackers target them). Furthermore, that specific remote WebLogic vulnerability did exist in 2015, and the exploit scripts they use are real too (though I wouldn’t call them malware like Trenton did – that term is typically reserved for the malicious payload, not an exploit script) …However, none of this suggests that this particular hack could take down planes in the real world.

 Thankfully, it’s functionally impossible to crash a plane via hacking in the real world.

 Episode 8 had no hacks at all, instead it focused on Elliot processing the death of his former Fosciety comrades. Despite that, the show accurately shows Elliot’s paranoid wipe down routine when he destroys all evidence of hacking on his computer (along with the hard drive and most of its chips), and includes some nice nods to social engineering hacker tricks and the ProtonMail encrypted email service.

 There’s a good practical security takeaway about deleting your data in this episode. Here’s what Corey has to say about secure deletion.

 However, realize that remnants of data on your storage drive still stick around for a bit if you delete data normally. Before you throw away or sell a computer with a hard drive, be sure to use various utilities (like Shred) to securely wipe all your data for good, so that even forensic data recovery programs can’t salvage it. Otherwise, the next owner might gain access to your files, personal photos and more. If you work for a business, do know there are services for hardware data destruction, which will take your computers and hard drives and wipe them clean, even using physically destructive methods like Elliot’s.

 We’re getting down to the last few episodes of Season 3! Can Elliot find a way to reverse the Stage 2 hack using Romero’s keyloggers? Will he be able to continue fighting in the aftermath of Trenton and Mobley’s deaths? And what is the Dark Army up to now? Be sure to read Corey’s full articles for Episode 7 and Episode 8 over on GeekWire. And learn more about recent brute force attacks here on Secplicity. 

Check back next week for more Mr. Robot Rewind.

Share This:

Related

Filed Under: Editorial Articles

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
  • TikTok is Banned, Kind Of
  • Naming APTs

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • How Not to Update Software
  • Naming APTs
  • TikTok is Banned, Kind Of
  • Scratching the Surface of Rhysida Ransomware
  • An Interview with ChatGPT
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use