Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday December 09 2016, @03:02AM   Printer-friendly
from the but-can-he-trace-a-connection-with-a-VB-GUI? dept.

Cory Doctorow has written an article on how the USA Network's show "Mr. Robot" breaks typical Hollywood stereotypes on hackers and their culture.

For decades Hollywood has treated computers as magic boxes from which endless plot points could be conjured, in denial of all common sense. TV and movies depicted data centers accessible only through undersea intake valves, cryptography that can be cracked through a universal key, and e-mails whose text arrives one letter at a time, all in caps. "Hollywood hacker bullshit," as a character named Romero says in an early episode of Mr. Robot, now in its second season on the USA Network. "I've been in this game 27 years. Not once have I come across an animated singing virus."

[...] Following a time line of events from about a year before the air date of each episode, Mr. Robot references real-world hacks, leaks, and information security disasters of recent history. When hackers hack in Mr. Robot, they talk about it in ways that actual hackers talk about hacking. This kind of dialogue should never have been hard to produce: hacker presentations from Black Hat and Def Con are a click away on YouTube. But Mr. Robot marks the first time a major media company has bothered to make verisimilitude in hacker-speak a priority.

Related Articles:
Exploring the Hacker Tools of Mr. Robot
6 Ways Mr. Robot Is Putting Linux in the Public Eye


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Friday December 09 2016, @04:48AM

    by Anonymous Coward on Friday December 09 2016, @04:48AM (#439021)

    In the first scene of the first episode he's apparently hacking an implied TOR setup by sniffing a local network.

    Yeah... why didn't anybody think of that...

    For those not in the know all he would see in that case would be an encrypted connection between a computer on that network and a TOR entry node, which reveals absolutely nothing and also has no value.

  • (Score: 1, Interesting) by Anonymous Coward on Friday December 09 2016, @06:56AM

    by Anonymous Coward on Friday December 09 2016, @06:56AM (#439050)

    Why don't you watch that scene again, because you obviously didn't understand it.

    I know you run a website called Plato's Boys.
    You're using Tor networking to keep the servers anonymous.
    You made it really hard for anyone to see it.
    But I saw it.
    The onion routing protocol, it's not as anonymous as you think it is.
    Whoever's in control of the exit nodes is also in control of the traffic, which makes me the one in control.

    • (Score: 1, Interesting) by Anonymous Coward on Friday December 09 2016, @06:17PM

      by Anonymous Coward on Friday December 09 2016, @06:17PM (#439285)

      Again, that is completely nonsensical.

      The exit node in Tor is nothing unique. It can observe traffic and manipulate it, but it has no idea where it's coming from. In Tor each node, whether a regular relay node or the exit node knows only the previous node and the next node. Again, all you would see sniffing the traffic is an encrypted connection to an entry node. Even controlling that entry node would not provide much since it doesn't have access to the payload - it simply slices a layer off the 'onion' and passes it along.

      Fundamentally, closer to the original user = far from information about payload.
      Close to payload = far from information about user.

      And all these nodes are randomly chosen by the user. The way the FBI 'hacked' TOR was almost certainly simply hosting illicit sites and then hosting malware on the sites that, through browser exploits, sent identifiying information in the payload. They're not actually hacking TOR but hosting malware that could just as well run exploit users on the regular internet.

      • (Score: 0) by Anonymous Coward on Saturday December 10 2016, @03:39AM

        by Anonymous Coward on Saturday December 10 2016, @03:39AM (#439553)

        No, you're still not getting it. Elliot compromised the local network at Ron's Coffee, then set up his own honeypot exit node, then waited for Ron's Coffee to use Elliot's exit node. Since he was watching both ends, Elliot could correlate traffic between the two nodes, then he could determine Ron was running the Plato's Boys site. Onion routing in the middle doesn't hide anything from someone who can control both entry node and exit node. Google tor correlation attack.

        • (Score: 0) by Anonymous Coward on Saturday December 10 2016, @01:59PM

          by Anonymous Coward on Saturday December 10 2016, @01:59PM (#439681)

          Compromising a local network has nothing to do with taking over an entry node. The encryption between the entry node and the client is handled not by the network, but by the client. You'd see nothing but an encrypted packet whose size would not even cleanly correlate against the packet size from the exit node! And exit nodes are not chosen based on geographic locationing or anything of the like (and even if they were it would be relative to the final relay, not the original sender!). There are also some safe guards to ensure against dubious exit nodes since they can do things like send back fake traffic or manipulate what's being sent. So magically setting up a exit node that he somehow chooses is just ridiculously unlikely. And correlation attacks are subject to false positives. Also the final connection to the site would also likely be encrypted meaning even if you have control of the exit node you're unaware of what's being sent and so identifying him as anything so specific as the owner, even if we ignore all the other absurdities, ain't happening.

          • (Score: 0) by Anonymous Coward on Sunday December 11 2016, @02:52AM

            by Anonymous Coward on Sunday December 11 2016, @02:52AM (#439867)

            Don't think you understand how correlation works. It's mostly time correlation. And it is *extremely* reliable if you can *control* the network; statistical proof only requires more data, if that's not the case.

            > magically setting up a exit node that he somehow chooses is just ridiculously unlikel

            If you control the network, you can kill tor-net links that don't go to your evil exit nodes, until one does.

            This shit isn't complex.

            You're a TLA troll trying to spread misinformation? Or a mansplainer?