{"id":26557,"date":"2020-08-23T13:51:46","date_gmt":"2020-08-23T08:21:46","guid":{"rendered":"https:\/\/www.technologyforyou.org\/?p=26557"},"modified":"2020-08-23T13:53:20","modified_gmt":"2020-08-23T08:23:20","slug":"hacker-movies-that-hackers-love","status":"publish","type":"post","link":"https:\/\/www.technologyforyou.org\/hacker-movies-that-hackers-love\/","title":{"rendered":"Hacker movies that hackers love"},"content":{"rendered":"

Source: by Jason Sattler<\/a> | F Secure<\/span><\/p>\n

One reason there aren\u2019t many great movies about hacking is that there just aren\u2019t that many movies about hackers.\u00a0Tomi Tuominen<\/a>, Global Technical Director for F-Secure Consulting, has a theory why the art of breaking into computers rarely makes it to the big screen.<\/span><\/p>\n

\u201cHonestly, there are no movies that feature hacking properly, mostly because hacking rarely is something that you could visualize easily,\u201d he said. \u00a0<\/span><\/p>\n

Watching hacking is generally like watching paint dry for months, he says. \u00a0It\u2019s not exactly a satisfying cinematic moment to watch an evil villain finally brought to justice by clicking on a link in an email.<\/span><\/p>\n

For a quick thought experiment about why it\u2019s so hard to put hacking on film, think about the big hack that Tomi his colleague Timo Hirvonen\u00a0revealed in 2018<\/a>. They came up with a key that could open hotel locks around the world. Neat, right?<\/span><\/p>\n

The story begins with a somewhat exciting scene at\u00a0a hacker conference in Berlin<\/a>\u00a0where the pair\u2019s friend\u2019s laptop is stolen from a hotel room without a trace. Pretty good scene. Cut to more than a decade of Tomi and Timo spending their spare time figuring out every possible way that keycards cannot be hacked, until finally they figure out the one hack that works. And what do they do with this information that they spent large chunks of their lives uncovering? They go to the manufacturer so the vulnerability can be fixed.<\/span><\/p>\n

Inspiring? Yes. But it\u2019s not exactly\u00a0Casablanca<\/i>\u00a0or\u00a0Scarface<\/i>.<\/span><\/p>\n

Yet there are a few movies \u2014 and one TV show \u2014 that F-Secure\u2019s cybersecurity experts feel capture the spirit, if not always the exact technical drudgery, of hacking.<\/span><\/p>\n

Sneakers<\/em><\/span><\/strong><\/span><\/p>\n

Principal Security Consultant\u00a0Tom Van de Wiele<\/a>\u00a0feels 1992\u2019s\u00a0Sneakers<\/i>\u00a0illustrates a number of key concepts about hacking and penetration testing \u2014 as long as you take it with a grain of salt.<\/span><\/p>\n

\u201cIt shows that the success of a compromise or hack is not the result of a single tool, method or person like in most other hacker movies, but rather the result of a collective or based on the work of individuals that came before you,\u201d he said. \u201cIn addition, I think it does a good job of demonstrating the dangers of governments having access to secret backdoors or master keys, and what the risks are of having a master key to something. Especially when the master keys falls into the wrong hands.<\/span><\/p>\n

The film provides a Hollywood-ized depiction of social engineering, targeted surveillance, open-source information gathering, physical intrusion of buildings, intrusion detection evasion, computer hacking over the phone lines, \u201cphreaking\u201d AKA telephone hacking, access control \u201chacking\u201d and reverse engineering.<\/span><\/p>\n

While some of the film\u2019s tactics are realistic, Tom noted that he and his fellow red teamers at F-Secure never feel the need to invade the personal space of businesses they test, the way the hackers in Sneakers do.<\/span><\/p>\n

\u201cHistory has shown us that targeting employees at a company in and around their personal living space happens and is performed by foreign spies, but it is unnecessary, excessive and usually even illegal in the corporate world. Whatever the risk is of abuse or misuse caused by an employee or through their privileges can be simulated in ways that does not endanger anyone\u2019s personal lives in any way.\u201d<\/span><\/p>\n

And Tom also praised the film\u2019s \u201cEaster eggs,\u201d hidden notes in that nod to cyber security sources for some of the film\u2019s plot.<\/span><\/p>\n

War Games<\/em><\/span><\/strong><\/span><\/p>\n

Mikko Hypponen<\/a>\u00a0\u2014 F-Secure\u2019s Chief Research Officer \u2014 shares Tom\u2019s appreciation for the winks in Sneakers. He also enjoyed the only other film from the brains behind the Sneakers \u2014 1983\u2019s\u00a0War Games<\/i>.<\/span><\/p>\n

\u201cThey both center on hacking, and they were written by the same writers: Walter Parkes and Lawrence Lasker,\u201d he said. \u201cIn War Games, the main character was inspired by a real-world hacker David Scott Lewis. Also, there\u2019s a math scene in Sneakers which had math calculations created for it specifically by Len Adleman. Mr. Adleman is better known as the \u2018A\u2019 from the abbreviation \u2018RSA.\u2019\u201d<\/span><\/p>\n

Mikko also gives an honorable mention for the realistic hacking in a movie not necessarily known for realism.<\/span><\/p>\n

The Matrix<\/em><\/span><\/strong><\/span><\/p>\n

\u201cMy favorite hacking scene is from The Matrix series, specifically when Trinity uses Nmap version 2.54BETA25 to find a vulnerable SSH server, and then proceeds to exploit it using the SSH1 CRC32 vulnerability. This was all very real and doable,\u201d he said. \u201cMatrix was probably the first mainstream movie to get a hacking scene so right.\u201d<\/span><\/p>\n