Two Mr. Robot episodes and two of the largest InfoSec and hacking conferences have come and gone in the past two weeks; it’s been a busy time in hacker land.
One of the benefits of co-organizing DEF CON is that I get to influence which talks are accepted, and this year we had a panel with Kor Adana, the technical writer for Mr. Robot, and three of the show’s five advisors sharing insights on what goes into creating the series and how they maximize its authenticity.
One insight confirmed speculation from my last column: that Mr. Robot time is lagging behind IRL time. By episode five, only about five weeks have passed since the 5/9 E Corp hack. “Big deal!” you say. I say it’s a nightmare for the tech team. Every screenshot, exploit and technology must be period-correct. Keeping old copies of tools, operating systems, technology and even running scripts must be like operating the History of Computing Museum for hackers. The epic femtocell FBI hack that is underway takes advantage of an Android vulnerability, Shellshock, that has been patched by now—but not back then.
At DEF CON there were also femtocells and IMSI-catchers attacking the mobile networks, something we take for granted now. One friend on Verizon was attacked, and he could see cell tower signal strength jump from around -80db to -40db! Somehow, the tower just got close to him on the eighth floor of the hotel but was gone again on the tenth. People who had cryptophones were detecting about 17 different suspicious cell sites, most of them mobile. The Mr. Robot attack: totally possible.
One Easter egg gave me extra pleasure (aside from Angela’s dog being named QWERTY, which is pretty cool): Just before the hotel shootout, it is revealed that Santiago, Agent DiPierro’s boss, is on a rampage because “Ada” called and revealed that the there are no usable fingerprints on the RasberryPi from the Steel Mountain hack. “Ada” as in Ada Lovelace, creator of the first computer algorithm designed to run on Charles Babbage’s mechanical computer.
Field Agent Dominique “Dom” DiPierro is a badass. Her gumshoe detective work revealed the Fun Society arcade; when the Steel Mountain guys asked her opinion of the company rebranding to Iron Valley, she gave her honest opinion (“Honestly, it’s pretty terrible”); and she kept her cool during the shootout in Beijing. Having lost four friends there, she is now personally invested in this investigation. Minister Zhang, aka transgender hacker kingpin Whiterose, must know the FBI knows she doesn’t have a sister, yet she uses that excuse to explain away her dress collection. She also must have given orders for Dom to not be injured during that attack on the hotel, saving her life. Dom is going to be trouble, and Minister Zhang/Whiterose has something in store for her.
Then there’s Elliott, whose “do good” personality finally blows up in his face after looking at the evil dark market he was helping get back online. He can’t ignore that, so now he’s beat down and tangled up in a second criminal organization. I can’t put my finger on it, but I suspect that the FBI will be busting that organization after some clever hacking by Elliott. At least the relationship with his father is improving.
Finally, a personal note. I loved the use of lighting to show the total focus of Elliott at work; when someone intrudes, it’s as if all the lights turn on and his elusive goal disappears. His talk of the rush when he hacks a library at age 11 resonates with me. When I was 13, I couldn’t vote or drive a car, but online I was talking with people all over the world. No one knew my age or gender, and I was judged only on how I presented myself and my arguments online. That was such a powerful experience—ideas over identity—that I still try and live by it.
Jeff Moss is the founder and creator of the Black Hat Briefings and DEF CON, two of the most influential information security conferences in the world. Find more of his commentary on Mr. Robot here.