Author’s note: I’m keeping spoilers out of this article, but they will surely show up in the comments.
A few weeks ago I started hearing about a new show on the USA network, Mr. Robot. The synopsis for the show was “Mr. Robot is a psychological thriller that follows a young programmer who works as a cyber-security engineer by day and a vigilante hacker by night.” Yeah, that sounds like another Hollywood crapfest. Cue crazy GUIs and virtual reality flybys representing hacking scenes. After watching the pilot though, I realized I couldn’t have been more wrong. I was hooked for the entire 10 week first season.
Let’s start with the hacking, which is the whole reason this article is here on Hackaday. Show creator [Sam Esmail] isn’t a hacker himself, but he is tech savvy enough to see how poorly hacking has been portrayed on TV and in the movies. He knew he could do it better. The solution was good consultants, in the form of [Michael Bazzell] and others. The team helped shape the show into a rather realistic portrayal of hacking techniques. Elliot Alderson (Rami Malek), the main character, is the “vigilante” hacker described in the synopsis. Within the first 10 minutes of the pilot, he is turning a child pornographer in to the police. How does he catch the creeper? Tor exit node exploits, of course.
The onion routing protocol is not as anonymous as you think it is. Whoever’s in control of the exit nodes is also in control of the traffic, which makes me the one in control.
This is an accurate description of some of the exploits which have been demonstrated on the tor network. There aren’t any VR hacking scenes to be found either. In fact, several characters watch and make fun of the “flu shot” scene in Hackers. In this show, the command line isn’t hidden, it’s celebrated. We see every command the characters type, from netstat to CAN bus dumps. In one scene, Elliot even fires up a windows virtual machine so he can run DeepSound on his Kali Linux box.
The hacking isn’t all software either. Everyone’s favorite Linux single board computer is featured prominently in the first season. We can’t knock a show where a character looks at another and says “Ok, we all know what a Raspberry Pi is, what’s your point?”
Social engineering is also a recurring theme. We see everything from the old “dropped USB stick in the parking lot” attack, to a character thoroughly destroying the self confidence of a corporate drone as a method to get to his superiors. (Poor Bill)
Beyond all this, it’s a damn good show. We learn early on that Elliot’s father died of leukemia due to an unchecked chemical leak at E Corp. E Corp is the mega-corporation Elliot’s day job is charged with protecting. Elliot sees E Corp as the ultimate evil. Intensive self-reprogramming allows Elliot to perceive E corp as “Evil Corp” every time it’s brought up – in print ads, in video, even in the dialogue of the other characters. Since we watch the show largely through Elliot’s eyes, we see it too. This leaves you guessing what is real, and what is part of Elliot’s imagination. Elliot is the classic unreliable narrator.
Elliot isn’t the only major character though. Tyrell Wellick (Martin Wallström) is a young ambitious senior VP at Evil Corp who wants power, and is willing to do anything to get it. Angela Moss (Portia Doubleday) is a childhood friend of Elliot whose mother died due to the same chemical leak that killed Elliot’s father. She also has a bone to pick with Evil Corp. Mr. Robot himself (Christian Slater) is a shadowy figure who leads Elliot down the rabbit hole to join F Society, a hacking group which is trying to destroy Evil Corp.
Without giving away too many spoilers, the show likes to mess with your head. If you liked Fight Club, or Donnie Darko, give Mr. Robot a try. The season finale is this Wednesday at 10pm Eastern on the USA network.
Bill ;_;
He has his cats.
Like every good first season series that I like, it will probably get cancelled come end of the year or next…(Almost Human, Firefly, etc.)
It got renewed for season 2 after the pilot.
**Before the pilot.
The pilot was so good it could have been a movie. However, without the short comings of movie length time they have made good use of the time a TV show season provides while pulling off the cliff hanger needs of a TV show episode without missing a beat in any episode. I’ve enjoyed this first season thoroughly. It’s hard to start off that well as it leaves unrealistically high expectations. Unless Sam Esmail had bigger plans and felt this show was going the distance before the pilot I don’t know where the end of this season will leave us going into season 2. I love predicting outcomes and Sam had me second guessing myself a lot so at this point of the series with the season finale tomorrow I honestly have no Idea what’s really in store. This is a must watch TV show. Season 2 will have a tough time filling season 1’s shoes I will say that much..
I think Person of Interest deserves some credit for being pretty accurate over its run too. Although they rarely go into as much detail.
So, thats 2 shows good. I think we need about 10 more to merely balance CSI:Cyber existence though.
I’m sorry but to make up for NCIS it will take more than that:
https://www.youtube.com/watch?v=u8qgehH3kEQ
The whole time I was writing this article, I knew that scene would show up in the comments. :)
One technically accurate film dialogue is actually hackers (if you read the script). It was once the ridiculous 3D graphics for logging into a server or changing directories, that made it so bad. The scriptwriter was good job, but once he handed it over to the next people involved in the film making chain it just went down hill very very fast.
Yeah, same thing happens with firearms in TV/movie scenes. You might have a good script (e.g., Justified) but when the scene plays, you get “Glock cocking” and other stupid firearm tricks that leave people who competently carry, handle, and compete with guns rolling our eyes.
Since I’m also an engineer, I get doubly incensed over TV & movies: stupid hacking scenes AND stupid firearm tricks.
Add to that hilariously bad sword-fighting and anachronistic or plain silly costumes/armor in historical productions and you will realize quickly why I don’t watch many movies/shows any more.
Being a skill-hoarding hobbyist has made watching most movies a lot harder; can’t watch movies with guns, because holy hell trigger discipline and infinite “clips,” can’t watch techy movies because terrible hacking scenes, can’t watch medieval/fantasy because armor that makes no sense and terrible fight scenes…
But the flipside is that it makes movies that really do their homework worth their weight in gold.
Haha, thought so too. Here’s another classic:
https://www.youtube.com/watch?v=hkDD03yeLnU
I have never seen that before but that is so stupid it reminds me of this from the movie Hackers (1995) https://www.youtube.com/watch?v=8wXBe2jTdx4
Person of Interest was very good. It wasn’t completely 100% accurate, it had a sprinkle of hollywood magic ontop of legitimate things. Also, it kept up with current events a bit, after the silk road shutdown they sorta featured it on the show. Excellent stuff.
Cant wait for the new season.
i don’t know, i didn’t get the feeling that they were that accurate, Mr robot on the other hand has a great deal of accuracy and detail, and i even talked to the guys who created kali linux (https://www.offensive-security.com/penetration-testing/hacking-wpa-enterprise-with-kali-linux/) and they confirmed that this show knows his stuff.
Elliot… I am your father hcchh heeww hccch heeew. Some star-wars thrown in as well.
gonna have to check this out
When I turn on closed captioning while watching Mr Robot, that single board computer is always referred to as a Raspberry Pie.
I hope when they served him pie during his trip it said Raspberry Pi
I have not seen them using an ESP8266 module yet :/
That seemed like too many spoilers for a “no spoilers” review :)
It’s safe. I didn’t mention that Bruce Willis was dead through the entire movie, did I? :)
Spoiler: This show has something in common with the old Star Wars.
You can guarantee that the show’s writers will be visiting this site and the comments to harvest material once the see the link activity.
a quarter of a year worth of IDA research in 15 minutes missing? I may watch
Started watching.. This raises discontent with plutocracy.. Why would you make a show to make money that criticizes capitalism and hierarchy? The hacker guy is kind of interesting even though it’s obviously an extrovert acting an introvert..
Sorry poor button layout on mobile site.
Uh, no – I had to stop watching Mr Robot.
For starters: http://qph.is.quoracdn.net/main-qimg-a3226e76535ccf9d11a3d9485e0a04f3
And TV is never going to make up for CSI:Miami – https://www.youtube.com/watch?v=hkDD03yeLnU
Having IP addresses with their individual digits greater than 255 is the equivalent of 555 in phone numbers. Me personally I’ve come to ignore it just like I do 555 phone numbers in films and TV. I’ve see it occur about 20 or 30 times at this stage, and I do not expect not to see it.
I’m expecting to see this for IPv6 numbers when the jump from 32bit to 128bit eventually makes it way onto the screen:
HHHH:IIII:JJJJ:KKKK:LLLL:MMMM:NNNN:OOOO
Exactly this. [Sam Esmail] has mentioned that he fought hard for real IP addresses, but couldn’t get it past the network people, so they had to go the over 255 route.
Do you mean the network network people? Or the network of network network people?
Or they could simply just use one of the private IP ranges like 192.168.0.xxx
Exactly what I was thinking. Why not use private IP ranges? Why not use IPv6 addresses?
The IP is coming from within the building!
but then people would have been on here complaining that they were using all internal IPs.
Please don’t use private adresses… Almost everyone knows those!
Better use 127.54.32.92! Most people here would probably get the joke!
Or just use the documentation ranges from RFC 5737
https://tools.ietf.org/html/rfc5737
They are not as well known as the private ranges, contain valid adresses and someone tryiing to use them can’t do much damage!
I could watch a movie/tv show that used 127.54.32.92, that’d be funny to watch
I would argue against using non-routable addresses. Since they are going for acuracy, this bother would me more than above-255 octets since it’s obvious (to us) that it’s a not reachable. It’s obvious why they are going the route they have, it’s exactly the same problem with phone numbers but potentially worse. After the first time you have to explain to someone why you can’t get to their ftp server across the internet at 192.168.x.x it’s like getting slapped in the face by stupid ever time someone gives you a private IP to connect to. This is somewhat harsh, but I’ll never forget a guy sending me screen shots of his command line to assume me that was the IP I should connect to despite my explanation as to why I needed his router’s ip. But most people are teachable and want to learn. But I digress…
I don’t think it’s a bad thing, really. Everyone with the phone number 8675309 has suffered from hundreds of prank calls asking for ‘Jenny’, so it makes sense not to use addresses that can possibly map to something in the real world.
Then there’s that poor bastard with 0118999881999119725…3!
That was just mean – https://www.youtube.com/watch?v=Rdwm2C_YbYg
LOL – gotta love that show!!
It is really shame, they have not money to buy a fixed IP address for 10USD/month for the next 2 years, and show that address in the film.
With all these non-existant IP address undermines the whole movie on the technical level…
I think they should have went with random numbers in the following ranges. I’d especially pick the last range as most people don’t seam to use it (as much).
127.0.0.0/8
or
10.0.0.0/8
or
192.168.0.0/16
or
172.16.0.0/12
Would have had an associated implication – “whatever this is, it’s location-specific and not routable”. “not a valid number” is probably a better approach, provided that people in the know realize that it’s present exactly and only as a way not to put a real address in. (OTOH, a /better/ option is to get the address… and then /put something there/. Those are amusing, and it’s not terribly expensive.)
That would be a really cool stunt. Use a URL or IP in a show/movie so that after people watch they’ll all go try to “hack” it
Those guys would better choose some IP within the very small North Korea’s 1024 IP range 175.45.176.0/22 :-)
IP addresses that include numbers higher than 255 are Hollywood’s networking version of 555-1212. Saw one of those on last night’s CSI: Cyber. (Don’t they know cyber is sooooo 80’s?)
tyrell ???? Blade runner ????
He’s not an android from what I’ve seen.. Just a discontent introvert hacker using game-theory on global economics..
They DO have the unrealistic hacking though to comply with the plot timing but it’s not as shite as most hacker shows..
It’s not really fair to say that hollywood “gets hacking right” as much as they “get it as close as is reasonable considering it still has to be entertaining TV”.
I’m still upset at the fact that they said GNOME was better than KDE…
https://www.youtube.com/watch?v=FQM5fU7V-MM
If you want a less resource intensive DWM and one more common, Gnome fits the bill. I’ve always liked KDE, but have had problems countless times with it whereas Gnome for the most part would just work, and work well
Well, on any machine I worked with the last 4 years, gnome-shell would occasionally crash, rendering the thing useless.
I don’t know why people always chose between KDE and Gnome.
I run Fluxbox.
90% of my windows are xterms.
If I want to run an application that links to Gnome or KDE libraries I just do that.
I used to run icewm on some machines, xfce on others and gnome shell on others… Now I’m back to compiz fusion thanks to mate.
To be fair that was Tyrell, and we don’t yet know if he is a good hacker or was just saying it to get on his side.
I was just surprised Elliot wasn’t running Openbox, or AwesomeWM, or xmonad. Those would seem to fit the personality portrayed in the character better than, let’s face it, the Linux equivalent of Apple’s Aqua GUI.
Fluxbox4Life
I could only stomach so much of the typical, all corporations are evil and greedy BS before I had to quit watching.
Yup. I’m not going to even bother watching because of that. I was intrigued, nearly enthused, while reading this HaD article until “…father died of leukemia due to an unchecked chemical leak at E Corp. E Corp is the mega-corporation Elliot’s day job is charged with protecting. Elliot sees E Corp as the ultimate evil.”
Sorry. 50K thumbs down to the show for going to *that* dry left-wing plot well.
Most of these types of plots are directly inspired by real life company’s doing dodgy things – pretty much all of Leverage was ripped of the headlines.
Saying that all company’s are evil or led by crocks is bollocks, of course, but to say none are is equally bollocks – and that’s not “left wing” is just a fact. Bad people get to the top some time.
And tv shows, given they want a villain, will only focus on the 1/100 or so “villain” company’s and not the 99/100 ones doing nothing wrong. Its the same when its with individual people.
Unless a show outright says ALL company’s are bad, showing A bad company (or 10) is no different then showing a bad person (or 10).
You are all missing the point. “Since we watch the show largely through Elliot’s eyes, we see it too. This leaves you guessing what is real, and what is part of Elliot’s imagination. Elliot is the classic unreliable narrator.” You are watching a fictional account of a fiction. And we all know an Elliott-type that is excessively anti-corporate and they likely see the world this way.
If corporations dont want to be called evil, they can stop doing evil things, then laughing it off.
Corporations are people too, my friend. (And as such they are open to criticism for their actions)
I think it’s funny how the various episodes have different video file extensions (MOV,MPEG,MKV,MP4,WMV,ASF,FLV,M4V,QT)
Agree! I like how they are all file names including _ instead of spaces. Tho who is using flv anymore? seriously? also where is my ogv?!
I went to google to find where i could watch the show online, and almost missed the hulu link because I thought it was a torrent…
I want ogv too!
It’s coming in season 2 most likely. Not many video containers left either, so we’ll see some recycled.
I liked hackers. I know it is cheesy. However, at that time period without the cheesy graphics 95% of America would’ve had no clue what was going on without constant chatter between characters.
Me too, even with all the bullshit graphics and lame “tech” talk. Its still a classic for me.
Yup. Re-watched it the other day, aside from the tech & fashion that’s changed the hacking techniques are basically the same – replace every occurrence of the word “phone” in the script with the word “wifi” and everything is basically bang up to date.
The graphics didn’t bother me, you’ve gotta think of the non-techy audience trying to imagine WTF is going on “in software” while all this hacking stuff is happening, I thought they visualised it pretty well. Also top marks to the FX crew for rotoscoping it all, the irony of there basically being zero CGI in that film is excellent.
Sadly this show is currently being ruined by idiotic censoring of audio.
You can’t silence (nor bleep, but it’s silencing here) in drama, it’s rude to destroy a serious work that way and it takes you out of the suspense and story.
But to the point: real hacking is what people think “real hacking” is…why ruin it for the rest of the audience? Was War Games anywhere near credible technology for its time?
Was WarGames credible? It inspired me to write a demon dialer using the cassette motor relay on my Color Computer to pulse-dial every phone number on my campus, and list off all the modem numbers it was able to connect to.
However, I was only looking for the unlisted “faculty modem” number which was purportedly much better served than the student modem bank, and much less susceptible to busy signals. I wasn’t trying to connect to the WOPR, or play a nice game of chess.
The most amusing thing about that movie is that in reality if you analyze tic-tac-toe you will find the one making the first move should always win.. which means…
Wrong… If both players make no mistakes, Tic-Tac-Toe can’t be won.
Just to point to a source: http://blog.ostermiller.org/tic-tac-toe-strategy
I use my own analysis rather than some stranger on the internet making claims, at least in this case I do.
Wow, just wow.
http://mathworld.wolfram.com/Tic-Tac-Toe.html
https://en.wikipedia.org/wiki/Tic-tac-toe
Find any source that claims otherwise.
It really is like hacker dexter, I wonder if writers or directors from dexter are on this or if they are using the formula?
I predict they will drag out plot lines by second season and it’ll get boring. The tech stuff is boring sysop BS CS kiddies all knows.. No RCE etc..
Trust me, most sysop wannabes I know know way less than that.
I’d like to add that Silicon Valley is ‘decently accurate’ on tech and tech culture.
Halt and Catch Fire is more a character drama wrapped in nerd nostalgia, but also ‘decently accurate’ if you can get past the bench power supply electrosex scene. Made me throw it out for a few weeks.
I’ve decided not to watch it just in case I wind up enjoying long enough to see the
Network jack it up or cancel it after I’m invested in it. I’m just gonna read
A book instead
The hacking scene where Elliot suspects “he’s too old to use secure passwords” made me feel old and made switch to secure passwords.
You got hacked by a TV show – in a good way. ;)
I watched Sneakers not too long ago. That movie stood the test of time really well I must say. I mean it was done in the time of dialup modems and BBS, before WWW, but the main plot is entirely plausible even today.
Anyone notice that the Evil Corp logo looks a lot like the E from Enron?
Yup! Sam Esmail has said that it isn’t a coincidence.
More like the E in the DELL logo.
Though I have not seen this, I do recommend:
https://www.youtube.com/watch?v=xIs_5nfJKu4&list=PLC2FCB2871C396459
Welcome To The Scene above link…
ALGORITHM: The Hacker Movie below link…
https://www.youtube.com/watch?v=6qpudAhYhpc
My personal recommendation(s)
enjoy
later
Welcome to the scene… wow, there’s a blast from the past! Not so much hacking, but it was interesting how well they could tell a story with little or no audible dialogue.
Astounding to see what youtube servers waste space and time and energy on.
Watched the entire series of The Scene. Gf called it “typing porn.”
Step 1
Download IT sec audit tools, and scan IP space
Step 2
Morons live in fiction, and become deluded asshats who think they’re security researchers…
Note, ignorant people with a camera can’t tell the difference…
Hint: if its been done a plethora of times it is no longer an interesting hack.
https://www.youtube.com/watch?v=tyBUMntP6DI
Step 3
Profit
So fake, real Hackers will use a TV for parts…
;-)
Where is my mind, where is my mind… way out in the water see it swimming
“Algorithm” was nice, except that the lead turns to the dark side in the end indulging in murder, corruption and misuse of public funds. Feels like a NSA recruitment flic after watching it.
Mr. Robot looks like The Matrix meeting occupy Wall street? Maybe Steven Seagal is in it too, jarring about global warming and government conspiracies?
Nice plot however. Will watch it.
i came when they mentioned shellshock
lol this series is considered to be close to reality haha i know you have to put in some hollywood but still too much ^^ no where near reality
I watched the whole series in a red eye session and the first thing that hit me was the command line and other actions being accurate. The second thing that hit me was how much the character was based on Lisbeth Salander from the Steig Larsson novels. Socially inept genius at work.
I never got where the ‘quiet type’ or ‘social inept’ thing comes from with hacking stereotypes.. It’s actually the opposite.. I’ve actually never seen a known hackers who wasn’t in to parties and sports..
How would you meet them? You meet the ones that talk about it and go to parties, I suspect that is the minority but how would one really know.
All hacking activity is accounted for.. The only people anonymous these days are some TOR and botnet based attackers and I’ve seen their personalities. They are mostly marketing types who contract career coders who are ripping and buying exploits to push profit models with botnets and defense data. They are also not mostly Russian like the US keeps telling people..
There are no people moving invisibly on the net. You’d see evidence on malware-honeypots or in the losses themselves.
I AM curious about the China and US stock fluctuations, but I think those are plutocrats encouraging trends..
A friend pointed out to me it may bear relation to the Enron Scandal https://en.wikipedia.org/wiki/Enron_scandal
Sounds like it still runs the typical lefty story lines: evil corporation kills innocent man. How long before the “hero” starts hacking people who emit too much CO2?
I (and many others) suspect the badly botched tech scenarios in tv and movies have become an intentional form of crypto-humor to attract more technical minded viewers. One of my favorite faux-tech scenes is at the beginning of an e[episode where the cute asian cop demonstrates a combination 3D scanner/printer which replicates a random cellphone in about a minute.
oops… Forgot to mention the show was Hawaii Five-O
when did this site become so friggen right wing????
I wondered where all the jack boot crowd went when space.com shut down its “forum”
No, they still do it wrong.. like IP address 47.217.94.363 :(
That’s more or less a hard requirement of the movie/TV industry, similar to the 555 phone number exchange. At some point you have to accept that you’re not seeing 100% reality no matter how close they get sometimes. Fiction is supposed to be an escape; if it were 100% realistic it would be boring.
Frankly I thought Hollywood got “hacking” right with “Sneakers”. Dumpster diving, social engineering, lots of research and a bunch of people who were not physically perfect and beautiful, with annoying personal quirks. Other than their “magic box” device, the whole movie about how they got it, the “navigating by ear” scene, the ever-awesome “secure door hack” and finally the “no matter how clever you are, someone is a bit more clever and probably working for someone who sees you as competition” ending.
If the magic codebreaker box was replaced with a realistic device, the movie would have been as close to perfect for hacking depiction as is possible without breaking laws.
Maybe the little box contained an advanced VBscript engine.
“The onion routing protocol is not as anonymous as you think it is. Whoever’s in control of the exit nodes is also in control of the traffic, which makes me the one in control.”
Not if the site in question is a .onion itself. Exit nodes are for anonymous access to clearnet sites, which the site in question almost certainly wasn’t. Exit nodes aren’t used at all for .onion sites.
That said, overall it’s several orders of magnitude better than typical depictions of hacking.
having been prior military with security classification i know full well what can happen and what does happen behind the scenes.
the act of making the actual hacks published in the show only opens up a can of worms that could blow up in our faces. the wrong people(i.e. ISIS and terrorists) will use these techniques for their own evil ends. it has been the practice of obfuscating that sort of content in other shows to lessen those sorts of problems. i already know your response; it is already all out there for anyone to grab hold of it. true, but by putting it on a tv show just makes it easier access.
better safe than sorry folks
my two cents == my two dollars
i loved that the show was very realistic, using real hacking tools and real code.
it is worth knowing that Offensive Security (the creators of Kali Linux) have online courses and certifications for information security, ethical hacking, and more:
https://www.offensive-security.com/information-security-certifications/osce-offensive-security-certified-expert/
https://www.offensive-security.com/information-security-certifications/oscp-offensive-security-certified-professional/