Thor, Thumb Drives, and Terrible Tech: Blackhat 2015 | Chaos Lever

[00:00:00.14]
Chris: Why are you being mean to the child, Ned?

[00:00:02.24]
Ned: Ah, you see, every time we go away for any extended period of time, by which I mean overnight, she has a sad, and so the following night, she has to be near us.

[00:00:18.17]
Chris: Right, I get.

[00:00:22.03]
Ned: It involves her sleeping next to me and kicking me for at least a couple hours before I usher her into her bed.

[00:00:30.17]
Chris: Well, I mean, you are a big turd, so I get it.

[00:00:34.22]
Ned: Yeah, big poopy pants. That's. You know, we've moved past that kind of language, but smelly turd, better. Hello, legend human, and welcome to the Chaos Lover podcast. My name is Ned, and I'm definitely not a robot. I'm a real human person with feelings, dreams, thoughts of sleep, bleeding thoughts of sleep, and slightly bruised shins. With me is Chris, who is also slightly bruised, only spiritually, metaphorically speaking. I mean, some actual bruises. I. I feel like we could do something about that. Have. I have a bag of oranges is all I'm saying.

[00:01:33.18]
Chris: You know, I'll put it on the list of maybe.

[00:01:38.09]
Ned: I. I mean, it wasn't a hard pass, and that's about as good as I can expect today.

[00:01:44.07]
Chris: What's important is you don't know where I live.

[00:01:48.10]
Ned: I'm almost certain that is not true. Ever since I put the tracker on your car and cat.

[00:01:57.23]
Chris: The car, I believe. The cat you would never get away with.

[00:02:02.12]
Ned: No, you're right. Jonesy would claw my eyes out in a heartbeat. What if I wrapped it in something like. Like a nice chunk of tuna or something?

[00:02:11.22]
Chris: No, he's aware of that.

[00:02:13.25]
Ned: Yeah, I could see that. A skeptical cat.

[00:02:16.28]
Chris: Too aware.

[00:02:19.18]
Ned: Cats are very credulous that way, aren't they?

[00:02:22.24]
Chris: He's judging me off camera, staring, taking notes.

[00:02:27.25]
Ned: Are you still talking about the cat, or are we talking about me again?

[00:02:32.05]
Chris: Are you a cat?

[00:02:34.05]
Ned: I could be slightly off camera and judging you, if that's what you mean.

[00:02:39.11]
Chris: I don't like the way this intro is going.

[00:02:42.15]
Ned: I love it. I'm having a great time. I hope everybody else is, too. Well, you're about to talk about a movie that I've never seen for the next however many hours, so get in my licks while I can.

[00:02:54.29]
Chris: That's fair. And I'm going to be honest, most people apparently have never heard of this, and I am very surprised because I remember when this came out.

[00:03:07.03]
Ned: The movie is in the movie we're talking about.

[00:03:10.14]
Chris: The movie is called Black Hat, and it definitely exists, and there are computer things in it, sort of.

[00:03:20.29]
Ned: Okay, so when I saw the title, I assumed this was A Black Hat documentary. Because if I was going to create a documentary about the Black Hat Conference, that's what I would call it. This is not that, however.

[00:03:34.19]
Chris: No, no, you would be wrong. Although the confusion is warranted because the Black Hat Conference did exist at the time. Okay, so. And it wasn't like cross promotion or anything either.

[00:03:48.19]
Ned: Okay, I know we're going to get into this, but on a level of accuracy where, say, Sneakers is like the pinnacle and the Net starring Sandra Bullock is like the nadir. Where would you plot this?

[00:04:04.28]
Chris: I would put this about as accurate as in Jurassic park when the girl says, this is unix. I know this.

[00:04:13.06]
Ned: I know this. I can fly through the file system. Okay, all right, so that's the level of accuracy we're dealing with. All right. I am very curious to see how that all comes together.

[00:04:24.01]
Chris: Okay, so I'll give you the 90 second version, because clearly you have no idea what I'm talking about. None of a Black Hat hacker who is in jail for a crime he a thousand percent committed, but somehow he's still the good guy. He gets taken out of jail because they need. They being the FBI, needs his help because he's the only person on earth that can fix it.

[00:04:47.21]
Ned: Of course.

[00:04:48.08]
Chris: Hijinks ensue. Okay, that's the movie.

[00:04:52.24]
Ned: Didn't I see this movie? I thought it was called Swordfish.

[00:04:56.28]
Chris: I wouldn't do that to this. To this listenership. I might do that to you, but I wouldn't do that to the listeners.

[00:05:05.08]
Ned: I'll never forget that he's got, like, 18 screens and one keyboard.

[00:05:13.15]
Chris: At least it's not the opposite.

[00:05:16.23]
Ned: 18 keyboards. That would be strange.

[00:05:20.04]
Chris: Anyway, in terms of the quality of this movie, I'm not going to go too far into it. Obviously, spoilers abound, so you have been warned. But I just want to quote from Vice's review of this movie to give you a real sense of where we're at. Quote. If you were expecting Black Hat to be a slick digital whodunit carried by riveting hacking scenes, you're gonna be disappointed. Instead, you get Chris Hemsworth as Nick Hathaway, a convicted hacker who is roughly as strong and bulletproof as Thor smashing tables on people's heads. That's a thing that happens. There are also several tense helicopter fights, gunfights, and a poorly written love story.

[00:06:08.01]
Ned: My favorite.

[00:06:10.23]
Chris: Wow. I agree with all of that. Except for the part where they say that the helicopter fights are tense. They didn't even get that right. This is not. This is not a good movie.

[00:06:23.08]
Ned: There's like tension built into helicopters, the spinning blades, like the constant threat of death.

[00:06:29.22]
Chris: What about a guy talking about his relationship over the. The intercom in the helicopter? Does that get your blood boiling?

[00:06:38.16]
Ned: Not really. Less interested.

[00:06:40.04]
Chris: Now, did you know that there is such a thing as an intercom in a helicopter?

[00:06:45.24]
Ned: That I. I mean, I knew that they had to wear the headsets with the mics because it's so loud otherwise.

[00:06:51.26]
Chris: Yeah. And then there's, like, six channels you can be on. So you push a button above you, and you point to the person that you're talking to and say, you know, if you flash four fingers, that means that you and I will Talk on Channel 4.

[00:07:03.03]
Ned: Oh, that makes so much sense.

[00:07:04.25]
Chris: That's a technical detail they got right. And that's all the time we have today.

[00:07:11.22]
Ned: Fair enough.

[00:07:13.10]
Chris: All right. Okay, so let's do this. Similar to how we went through Sneakers, it's going to basically be a going along with the movie and criticizing it as we go. And I am going to try only to talk about the computer stuff because there's a ton of other stuff in here that drove me insane. The original of this that I wrote while watching the movie was over 5,000 words long.

[00:07:37.26]
Ned: Oh, that's like my first draft of Sneakers. And that was a good word.

[00:07:43.23]
Chris: Sad.

[00:07:46.11]
Ned: I mean, that's valid point.

[00:07:47.27]
Chris: The normal amount of sad, but other than that.

[00:07:50.09]
Ned: Right, right.

[00:07:51.15]
Chris: Anyway, so. Oh, yeah, last thing, I watched the director's cut because apparently the theatrical cut is ten times worse. Okay, okay, so director's cut, black hat, dramatic music. Reopen on an abandoned stock market floor, which we later learn is the Chicago Mercantile Exchange. Totally thought it was the New York Stock Exchange at first. They did not show a sign. They showed a lot of digital displays clicking along abandoned papers. You know, that type of thing. They're floating along the floor dramatically, even though the room is empty. At this point, I was like, oh, this is going to be a problem. The camera lases in on a display that says soy futures. So already, you know, we're in for a wild ride. Now, we cut to a data center, and you see a thumb drive get plugged into a computer, and then you see a CGI makeup animation thingamajig of data flowing through what is supposed to be computer components. Every single word I just used was in air quotes because everything in the graphic is absurd. Johnny Mnemonic was closer to reality. I'll skip most of it because it's a visual joke, but the graphic ends with a tiny little light turning on inside of the computer.

[00:09:14.23]
Chris: On the CPU. You know how CPUs have lights on them?

[00:09:19.01]
Ned: Um, no.

[00:09:22.20]
Chris: We're five minutes in and I'm deeply concerned.

[00:09:26.23]
Ned: Okay.

[00:09:28.05]
Chris: Now, the CPU light thing happens several times, and it annoys me every single time. And I know it's a. It's a thing that they did to show the hack worked, but it's a nonsense thing and I hate it.

[00:09:40.22]
Ned: Mm.

[00:09:41.18]
Chris: Anyway, so the light turns on and we drum back out, and all of a sudden we see the price of soy futures changing dramatically and quickly. And of course, chaos ensues. Okay, this is obviously the plot, right? Wait for it.

[00:10:01.08]
Ned: Okay.

[00:10:02.12]
Chris: Teams in both the United States and China noticed the change in soy futures. Sorry, I. I'm gonna have to say it all dramatic and like, it's the rules. They established that it's important, so I have to respect the. Not the. The universe that we're living in.

[00:10:18.01]
Ned: I can only assume they showed it in all caps.

[00:10:22.22]
Chris: Oh, God, I wish I had the. I wish I had the subtitles on. I bet it was.

[00:10:27.00]
Ned: I bet it was.

[00:10:28.20]
Chris: Anyway, teams in the US and China both noticed this basically immediately. And they also noticed that these changes are obviously some kind of manipulation because nothing should be changing soy futures pricing this dramatically, especially over the weekend, which, I mean, obviously, that's common knowledge. All of us who are deep into the humdrum world of soy futures anyway.

[00:10:56.01]
Ned: Yeah.

[00:10:56.13]
Chris: So on the US Side, they start asking instructions. It's an FBI thing, like, almost immediately. I will remind you, it's the weekend and they're asking stuff that sounds techie, like. Any luck on the ids? Semi. Valid question.

[00:11:12.26]
Ned: It's a real thing.

[00:11:14.05]
Chris: IDS Intrusion detection system used in a forensic manner. Yeah, but this is like a basic question. Nobody needs to ask this question at this point because we have the answer. The answer is clearly no. The determination is made that the market was hacked by, quote, an individual black hat hacker, unquote. They know this because. Because.

[00:11:42.16]
Ned: Oh, okay.

[00:11:44.06]
Chris: You don't need any more information than that. Right.

[00:11:46.15]
Ned: Real, real deep investigation. Really, really cracking the code, if you will.

[00:11:52.18]
Chris: So this team from China calls the United States, calls the FBI, and says the US should share whatever they got, including the source code for this hack, the software that was used in the hack so that China can help.

[00:12:05.13]
Ned: Why would they have the source code?

[00:12:07.08]
Chris: Wonderful question. Next question is China is suffering from the food price change, you know, because of soy futures, which is 1000% bullshit. Because the hack happened yesterday, remember? Weekend last night.

[00:12:25.02]
Ned: Yep.

[00:12:25.18]
Chris: I don't think the market is going to react that fast.

[00:12:30.03]
Ned: Seems Unlikely.

[00:12:31.09]
Chris: But both teams agree that everything is going to get worse on Monday. So better for us all to share the code and kind of team up on this problem. Now, like you said, where did they get that code? Considering nobody has identified how the hack happened yet? Unclear.

[00:12:51.26]
Ned: Okay.

[00:12:54.05]
Chris: The question gets asked at FBI headquarters, are there any drawbacks to sharing the code with China? And after some back and forth, the answer is effectively none. This code is going to surface anyway. Now this I think is true. First of all, all this code does eventually get shared, whether we like it or not, whether the government would have wanted to keep it secret or not. But the other thing is, in the real world, even competitors in security, enterprise security, all share malicious code in their threat detection feeds. Cisco, Microsoft, CrowdStrike, Sentinel 1, you name the company, if they come up with something novel, if they find it, they publish it and share it immediately.

[00:13:33.07]
Ned: Right.

[00:13:34.08]
Chris: I can only assume this also happens on a nation state level, what probably with some like emoji middle fingers in the comments.

[00:13:40.29]
Ned: But other than that, I would imagine if they think they have the only copy of that code and it's something that could actually be used as an attack vector against China in some way, they would be less liable to share it.

[00:13:58.22]
Chris: But then we get back to the first point, which is it's going to surface anyway, right?

[00:14:03.20]
Ned: Okay, yeah.

[00:14:05.09]
Chris: So I mean, fine. Now at this point there's a lot of conversation, especially on the Chinese military side, about the frenemy situation that exists between the United States and China. We cooperate here, we're at each other's throats there in the quote of the movie, it's a balance. Now that would have been a tense, interesting movie about international relationships and how to manage through a very stressful situation while still maintaining sovereignty and your respect as a country, etc. Etc. Unfortunately, that's not the movie we're watching.

[00:14:42.24]
Ned: Ah.

[00:14:44.00]
Chris: Anyway, the United States gives the code to China and our first male lead on the China side, who has not been named yet, looks at it. And what he looks at flits by on the screen super fast. But I helpfully gave Ned a screenshot so he can take a look at it. Now remember, they just got this code. What you're looking at is something equivocal to real code. It looks like some kind of a source file, not an executable, mind you, like a header file. And it's being read clearly in something like vi. You're literally seeing the code itself. This is not reverse engineered, this is not machine edited. This is not something pulled out of A memory dump. What the hell? Now, this is what I was saying before. They just wanted to show something that looked like a computer and move away from it as fast as humanly possible. In their credit, it is green text on a black screen. So I guess that's close enough.

[00:15:50.03]
Ned: Close enough indeed.

[00:15:52.03]
Chris: Now we know.

[00:15:52.22]
Ned: It's commented.

[00:15:53.20]
Chris: What's that?

[00:15:54.09]
Ned: So it's commented, which I will say, you know, I bet most hacker code is not well commented. So, you know, good on the hacker for adding some comments for hackers that come later.

[00:16:06.08]
Chris: True. Now, what we see is a classic scene of somebody looking at a laptop and then closing the screen dramatically because he's had a thought. And this is our lead from the Chinese side. And we learn his name is Chen De Wai. He insists on going to America to help with the investigation because, remember, time is of the essence. Why not spend 11 hours on an airplane?

[00:16:30.23]
Ned: Like we have the Internet or something.

[00:16:32.19]
Chris: No, that's crazy. And, you know, you remember that part where we had to get to the bottom of this by Monday? Screenwriters didn't either. That shit never happens again.

[00:16:43.11]
Ned: Okay?

[00:16:44.17]
Chris: In fact, time becomes something that is flexible from here on out.

[00:16:53.18]
Ned: Okay?

[00:16:54.10]
Chris: At the very end of the movie, there's a part where they say, and it's clearly like 10 in the morning, meet me at the place in 45 minutes. And then it's completely black outside. Love it. Love it.

[00:17:07.04]
Ned: Awesome.

[00:17:08.26]
Chris: Anyway, so Chen Duai. Now, not only is he going to the US he drags along his sister Chen Lian because he needs, quote, a network engineer that he can trust. And I'm going to ask you right now, having not seen this and knowing nothing but what I've told you so far, how much network engineering do you think she's going to do?

[00:17:31.10]
Ned: 10%.

[00:17:32.19]
Chris: What do you think she's here for?

[00:17:35.29]
Ned: She's the love interest, isn't she?

[00:17:37.22]
Chris: You would be right, sir. You would be right.

[00:17:40.18]
Ned: God forbid.

[00:17:41.13]
Chris: I, too, am very sad.

[00:17:43.08]
Ned: Lead female character who's supposed to be highly technical, then do absolutely nothing technical.

[00:17:50.04]
Chris: She does look around alarmed a lot. And there is a part where she's real sad. But we'll get to it.

[00:17:57.05]
Ned: Chris Hemsworth could do all of that while she does the actual technical work, because that would be more believable. He's a bewildered kind of guy.

[00:18:06.12]
Chris: It's true. I think his best role was in that Ghostbusters movie that everybody hates, where he's an adorable idiot. That feels like the part where he was acting the least. And I like Chris Hemsworth, but come on. Anyway, Fair point. So this Chinese duo goes to America apparently in like 12 minutes, because I get, you know, China right next to America, and they talk about what was going on in detail. Comes out that somehow a RAT or a remote access tool was put onto the system, which masqueraded as a software update, which then downloaded the real payload, which is what executed against the system in the data center that we saw and ran up the price on soy futures. Okay, now that part from a high level discussion. Sure. That's how a lot of this stuff works. The smaller the executable that you can get in the front door, the better because it'll execute super fast. A lot of times they're built to run exclusively in memory, so a system scan won't even see it. And then pull down the download into some type of safe space that has been marked off as clean. Sure.

[00:19:18.20]
Chris: Trojan horse type software has been around forever.

[00:19:23.09]
Ned: Sure.

[00:19:24.04]
Chris: And that's part of the problem. But I'll get to that in a second. Turns out that our buddy Chen Duai is the one who wrote the RAT when he was a student at MIT as a gag. Now, this part also doesn't seem super unreasonable. Plenty of software gets written out of curiosity just to see what kind of abuse that people can do to students. I mean, to students. That's what teachers do. Plenty of software has been written to see what abuse they can do to systems. Hence the original definition of hacker. It wasn't to break stuff, to steal, or to for personal gain. It was just to see what we could make it do. So again, fine. But here's the thing. There's no way that code would still work today. Antivirus systems, anti malware systems, even the basics, even the free stuff would have a signature for this code, and it would absolutely recognize it and not let it run. And if the code was changed to such fashion that it could run, then our buddy Chen Dehuai wouldn't recognize it as his own code.

[00:20:40.26]
Ned: Yeah. Grr, grr.

[00:20:46.19]
Chris: Also, I will note that the movie constantly calls Chen Duhuai Chen, which in American terms I believe is his last name, but calls his sister Chen Lian Leanne, which in American terms is her first name. I don't know what that's about, but.

[00:21:04.11]
Ned: I noticed does seem odd.

[00:21:07.17]
Chris: Yeah, I meant to ask somebody about it, but I didn't hashtag cool story, bro. Let's move on. It turns out that Chen wrote this RAT with his MIT roommate who clearly needs to help in the investigation. And thus we get to the black hat of the movie's title. His name is Nick Hathaway, and he's played by Thor. I mean, Chris Hemsworth. And first of all, he is trying, I think, to do it. American accent. And I just. I just need him to stop.

[00:21:43.28]
Ned: Yeah. Not good.

[00:21:45.18]
Chris: Do you remember when Keanu Reeves tried to do a British accent in Dracula?

[00:21:52.05]
Ned: Yes.

[00:21:53.01]
Chris: That's the level of ick we're talking about here.

[00:21:56.01]
Ned: Okay?

[00:21:57.09]
Chris: And it's on and off throughout the entire movie. And the movie's 2 hours and 20 minutes long. Just. Just write it.

[00:22:05.22]
Ned: So he has an accent. It's not that hard.

[00:22:07.17]
Chris: So he doesn't talk.

[00:22:10.13]
Ned: Or that.

[00:22:13.16]
Chris: So anyway, they have to get him to help. And he's the one that's in jail. So he negotiates with the government. There's a lot of scenes about him screaming about, you know, get me out of this hellhole, I'm not going back. Blah, blah, blah, blah, blah. Obviously, he gets out of jail, but there are conditions. He has to have an FBI helper reminder with him at all times. And he gets an ankle bracelet so that they can track his movement. So now the team is all together, and they go talk to Jeff. Jeff's in charge of shit at the Mercantile.

[00:22:46.23]
Ned: Who? Okay.

[00:22:49.19]
Chris: Jeff has to run the backup every morning at the Mercantile. And to do that, he needs to use a thumb drive that has a biometric on it. It reads his thumbprint.

[00:23:02.23]
Ned: Huh.

[00:23:04.13]
Chris: I'll let you explain all that to the audience because I don't know what the fuck's happening.

[00:23:10.07]
Ned: He manually runs a backup.

[00:23:12.17]
Chris: First problem.

[00:23:14.16]
Ned: And to run this backup, he has to insert a thumb drive. Second problem. Biometric sensor on it.

[00:23:21.17]
Chris: Something super weird.

[00:23:24.04]
Ned: And everybody's just okay with this?

[00:23:29.01]
Chris: And we're only running backups once a day. What happens if Jeff has the sniffles? This is the stupidest idea I've ever seen in my life.

[00:23:38.26]
Ned: Oh, my God. I'm gonna have an aneurysm. Move on.

[00:23:44.11]
Chris: So Jeff gets real, real upset about it. Don't worry about the thumb drive. He scans it routinely. It's dead clean. Hathaway, of course, immediately plugs in the thumb drive, opens up another screen, types in some commands, and guess what. The stick is tainted.

[00:24:01.15]
Ned: Ah, of course.

[00:24:03.00]
Chris: Do you know how he can tell that the stick is tainted?

[00:24:06.11]
Ned: Because it moves forward the plot.

[00:24:09.13]
Chris: That's why the stick is tainted. That's not how he knows the stick is tainted. He knows the stick is tainted because he reads a file on it called autorun.inf.

[00:24:25.05]
Ned: The aneurysm's coming back, Chris.

[00:24:29.29]
Chris: It's like flames, flames on my face. This is another one of those screens that goes by super duper fast. So it took me a few tries to get the screenshot. The second command that they run to make this graphic happen is just xx and he hits enter. XX is not a command. That's not a thing.

[00:24:54.02]
Ned: Not for you.

[00:24:55.03]
Chris: That's clearly a script that they wrote so that a whole bunch of computer nonsense that looks like a memory dump comes up on the screen. And everything in the memory dump is also nonsensical. That's absolutely not a binary. That is just a text file filled with random letters smashed on the keyboard. Like a cat jumped on it and decided to do poetry. You don't need a super hack, a super massive hacker genius to do this. One, two. No computer that's in this situation would even allow a USB stick to be plugged in, let alone an executable. Yeah, and my favorite, my favorite part is Thor turns around to Jeff and says to him, it's super slick. It's really small. You never would have noticed it.

[00:25:48.12]
Ned: He never would have noticed the file that you can clearly see.

[00:25:53.06]
Chris: Like I said, man, super hacker.

[00:25:56.19]
Ned: Totally. What about the biometric thing?

[00:26:00.10]
Chris: What is this thumb drive for? Not explaining.

[00:26:02.26]
Ned: What is this for?

[00:26:04.02]
Chris: Why is it part of the backups? Absolutely unclear. If they're going to do biometrics for Jeff's login to his desktop, why isn't it built into the computer itself? No idea. I could go on and like I said, 5,000 words.

[00:26:19.28]
Ned: Yes.

[00:26:22.22]
Chris: So long story short, I know, too late. It turns out that there was somebody that worked at the mercantile for like five weeks and has quit like two weeks ago. So obviously that guy messed with Jeff's thumb drive. They just sort of figured all this out in the span of about 90 seconds. And once again, this is about the only part where I think it's legitimate. The idea that this system would even run an executable. Absurd. The idea that a USB stick would be necessary for anything we've talked about. Ridiculous. The idea that Jeff would wander around aimlessly and just leave that shit on his desk. Yeah, I could see that happening.

[00:27:06.29]
Ned: It is Jeff.

[00:27:08.07]
Chris: Yeah, come on. Yeah, come on. So this is like 40 minutes into the movie. I spent a lot of time on everything that just happened because this is the majority of the computering. A lot of what happens in the movie that drives me insane is repetitions of the same kind of stupidity. But I am going to start skipping stuff at this point because this is a long ass movie.

[00:27:36.27]
Ned: Okay.

[00:27:38.20]
Chris: One thing we do know is that somebody made some very specific purchases and has about $75 million in earnings because of the crazy changes in pricing on soy futures. I can't keep doing it. It's starting to hurt my voice.

[00:27:52.15]
Ned: That's fair. I get it.

[00:27:55.14]
Chris: So the money's just sitting there. Nobody has pulled it out of the bank yet. And they don't know who owns it because banks don't know these things. Anyway, they tracked down Jeff's evil co worker, and they caught him on surveillance footage at work in the bathroom taking off his shirt. And they saw his tattoos.

[00:28:24.01]
Ned: Okay, so, I mean, we all take our shirts off in the bathroom all the time.

[00:28:28.13]
Chris: Obviously.

[00:28:29.22]
Ned: Normal behavior. I mean, I'm not even wearing a shirt now, and I'm nowhere near a bathroom.

[00:28:36.24]
Chris: It's true.

[00:28:37.18]
Ned: Like, there is an expectation that the cameras in the bathroom are not there.

[00:28:46.08]
Chris: Yeah, the cameras aren't in the bathroom.

[00:28:50.08]
Ned: Yeah.

[00:28:50.24]
Chris: Anyway, ridiculousness ensues. They find the guy's address. They find the. They get into the house. He's, of course, dead. Somebody gave him a hot shot. And Hathaway and Lien both start looking at the guy's computers. He's got multiple computers. None of them have a password on them. So they just start typing.

[00:29:10.13]
Ned: Sure.

[00:29:11.16]
Chris: And he, quote, has WRT hardware and an onion router. He can route anywhere and stay anonymous with no IP address, which, again, that's.

[00:29:23.05]
Ned: Not how any of this works.

[00:29:24.11]
Chris: These are all words.

[00:29:27.11]
Ned: They're all in isolation. A WRT router. Okay, sure. You got an old D link router, and you loaded some open source open WRT on it. Sure. That is the thing. An onion router. I think what you're talking about is the Tor protocol.

[00:29:44.05]
Chris: Right.

[00:29:45.06]
Ned: And the ability to obscure your IP address by jumping through multiple points, which is also a thing that can happen, but you still have to have an IP address. That's kind of a requirement.

[00:29:59.14]
Chris: And remember, this is Lian. She's here because she's a network expert.

[00:30:06.00]
Ned: Okay.

[00:30:06.17]
Chris: I told you the script was not kind to her.

[00:30:10.09]
Ned: Oh, all right. Anyway.

[00:30:12.26]
Chris: All right, there's also a part here where Hathaway's FBI minder doesn't have a signal on his cell phone. So Hathaway just goes, let me see your phone. And the FBI guy's just like, here you go. Sure, no problem. Hathaway performs the miraculous hacking technique of enabling roaming service on a cell phone.

[00:30:34.05]
Ned: Whoa.

[00:30:34.21]
Chris: Which even in 2016, I don't think was a thing you had to do.

[00:30:38.19]
Ned: Definitely not.

[00:30:40.03]
Chris: But he also quickly goes into the phone to the tracking software for the ankle bracelet and changes the check in time from one minute to one day. So now if he runs away for 23 hours and 59 minutes, nobody's gonna know that he moved. The idea that this kind of software is that stupid and easy to manipulate without like sending an alert, I'm actually sort of okay with because this software is notoriously terrible. But if you're the FBI guy, you're gonna be checking in on that thing all the time. Right.

[00:31:14.28]
Ned: Also, you wouldn't just hand your phone over to the crazy black hat hacker.

[00:31:20.02]
Chris: Oh, right, yeah, that part too.

[00:31:22.09]
Ned: Yeah.

[00:31:23.05]
Chris: They clearly from one of the first episodes in the first season of Mr. Robot, and this is going to blow your mind. But Mr. Robot did it better.

[00:31:33.18]
Ned: This is my shocked face. Very, very surprised. How dare you, sir.

[00:31:38.02]
Chris: So, all right, I'm like five hours into this two hour movie. Let's pick up the pace even, even more.

[00:31:42.22]
Ned: Okay.

[00:31:43.21]
Chris: Now this becomes a globe hopping operation. And the first stop is in Hong Kong.

[00:31:50.14]
Ned: Wow, Hong Kong.

[00:31:51.16]
Chris: Those are words. Yes, Hong Hong Kong. Which is a place. We skipped the sexy time part between Hathaway and Lian because as you guessed, that's the real reason she's here. Sigh. Oh, at one point, they used an app on a cell phone to find the bad guys were using a small personal Bluetooth transmitter to do sort of a digital dead drop. People would walk by, connect to the transmitter, would automatically either upload or download a file, then they would walk past. Nobody ever actually had to talk to each other. That's kind of clever. Yeah, but again, you don't need Hathaway the super hacker to figure that out. And also, it's not like those things have an unlimited amount of battery. And also, why was the person that Hathaway took the phone from randomly has an app installed that can do the scans for Bluetooth like that. Your regular phone can't do that.

[00:32:47.26]
Ned: Do.

[00:32:48.26]
Chris: And also, I think the app that they picked is used for WI Fi, not Bluetooth. But now I'm seriously just nitpicking.

[00:32:53.25]
Ned: Okay, okay. Yeah.

[00:32:56.01]
Chris: So the hacker. The bad guy hacker, not Hathaway, the unknown bad guy, he strikes again. This time he causes a plc. That's the programmable logic controller, I'll have you know.

[00:33:07.01]
Ned: Indeed.

[00:33:08.01]
Chris: On a water fan to blow up in a nuclear reactor in China, which within 12 seconds causes the plant to overheat and causes a big explosion. I am not exaggerating. Dude pushes a button, the fan stops, the water starts to boil, the plant explodes.

[00:33:24.14]
Ned: Okay.

[00:33:25.10]
Chris: You ever had a pool.

[00:33:28.26]
Ned: I've been in a pool.

[00:33:30.07]
Chris: Remember how long it takes for the water to warm up?

[00:33:34.04]
Ned: It is a significant amount of time.

[00:33:36.05]
Chris: Is it 12 seconds?

[00:33:39.25]
Ned: Hopefully not, because then I'm just gonna move on.

[00:33:42.29]
Chris: Okay, now the part about the PLC hacking. People might think that this is impossible, and I was gonna make fun of it, and the way that it happens in the movie is impossible, but attacking stuff that's offline ot technology like that, this happens far more than we would like to admit. And as a matter of fact, this whole movie was inspired by an event like this. Using the worm that was created by the US And Israeli governments to target nuclear program machinery in Iran. It was called stuxnet. Now, the details of stuxnet are actually pretty interesting, but I'm going to have to leave that for a follow up episode for Ned to do.

[00:34:26.07]
Ned: Yay. I have work.

[00:34:29.22]
Chris: Anyway, once again, the good guys pull a partial memory dump, which is. They love the memory dumps.

[00:34:37.19]
Ned: So many dumps.

[00:34:38.13]
Chris: All this stuff just. It dumps memory, just like the scriptwriter onto the page.

[00:34:46.28]
Ned: There it is. Okay, we got there.

[00:34:49.05]
Chris: But they only got a partial memory dump, of course. And the NSA has a program that can reconstruct a broken file, which is not a thing that can happen.

[00:35:01.23]
Ned: Not. Not really.

[00:35:04.27]
Chris: But this program, which is called Black Widow, you can just go ahead and log into it on the Internet because, you know, the NSA public faces all.

[00:35:16.13]
Ned: Of their secret tools naturally, like you do.

[00:35:20.17]
Chris: I mean, they did, they did have, like, stringent password requirements, I'll give them. But one thing that did happen was the FBI called the nsa, asked them to use Black Widow. The NSA said no. And then Hathaway created an email to Spearfish, the guy in charge of Black Widow, to get him to change his password. Then they would pull the password, and then Hathaway could log in. Once again, they're greatly simplifying this process. This is plausible because people are dumb.

[00:35:56.26]
Ned: True.

[00:35:57.18]
Chris: Once again, I have a question. I have to question whether or not the tools in place would even allow that email to go through in the first place. And the answer is an authoritative no.

[00:36:06.29]
Ned: Yeah, definitely not.

[00:36:08.15]
Chris: But for companies that are not the nsa, this happens constantly, unfortunately. So I'll give that one half of a poop instead of a full poop.

[00:36:19.20]
Ned: Okay, a half dump.

[00:36:23.08]
Chris: So from here on, the movie devolves completely from cybercrime thriller into Thor kills everyone. And I am not exaggerating. At one point, Hathaway and Lian are having an emotional conversation. Argument, a converse argument, an argusation. An argusation in the street, on the sidewalk, while Chen sits and waits in the car and literally looks at them out the window and waves. And at this point, I'm just going to quote my 5,000 word document. Exactly. Okay, Quote.

[00:37:02.27]
Ned: Okay, I'm ready.

[00:37:04.12]
Chris: Moi. More girl. Boy fighting. She wants to help. He doesn't want to involve her. Too risky having this conversation on the side of a highway and not in the car. That car is going to blow up, isn't it? That car blew up. Holy shit. I am a genius. Unquote.

[00:37:24.22]
Ned: Oh, that was still part of the quote.

[00:37:26.05]
Chris: That's telegraphed. Plot twists, emotional, like, manipulation that I have seen since, like, Days of Our Lives. It was ridiculous. And at this point, it was. Wasn't just me. The cat left the room disgusted.

[00:37:43.07]
Ned: He didn't like the movie either.

[00:37:44.21]
Chris: He was not a fan. His. He was like 15,000 words. You kidding me? He used words like obsequious.

[00:37:53.23]
Ned: Putting on airs, Mr.

[00:37:55.06]
Chris: I think that is a word. Now, there's still half the movie to go, and I'm just. I just can't. I just can't.

[00:38:03.29]
Ned: Okay?

[00:38:04.08]
Chris: I'm not going to talk about the part where Hathaway uses a bunch of newspapers and duct tape and makes that into a bulletproof vest or how starting a gunfight in the middle of a crowd of like 5,000 people doesn't start a riot. We're not going to talk about any of that. The one thing I will talk about is the one time they let Leanne have some agency. Okay, so now towards the end of the movie, Hathaway and Leanne are on the run from everybody. From the good guys and from the bad guys. They need to get information out of this bank, and they use the same trick that the bad guy hacker used. She walks into the front desk, pretends that she ruined a presentation, has, like, messed up paperwork, and could the front desk guy please just take this USB stick and print me another copy? And of course he does. Because of course he does.

[00:38:54.07]
Ned: Of course he does.

[00:38:56.10]
Chris: The USB stick had a rad on it. Hathaway's allowed then integrates into the bank systems from the back end and they get the information they need. Once again, we hit on something with all the movies we've talked about. And that is the main problem with security is human error, whether that person is overwhelmed by too many things happening. Like in sneakers with the balloons and the cake, which is the same thing they do in Ocean's Eleven or in this case, where it's a really pretty lady in a really nice dress doing a Real pretty smile.

[00:39:28.28]
Ned: Like in the Matrix. Right back to Keanu Reeves did it.

[00:39:34.19]
Chris: I will just say, in this case, it is deeply unlikely that the front desk guy's computer even has access to a printer, let alone that computer having access to the corporate or server networks. So congratulations, you broke into a kiosk. But then again, then again, I have seen a non zero number of completely flat networks in my time. Maybe I shouldn't give this one that much criticism.

[00:40:04.19]
Ned: Typically not at a bank.

[00:40:06.13]
Chris: Though a slash 8 network should be good enough for everyone.

[00:40:09.18]
Ned: Hmm. Well, I'm sure Lian would agree. Hey, thanks for listening or something. I guess you found it worthwhile enough if you made it all the way to the end. So congratulations to you, friend. You accomplished something today. Now you can go sit on the couch, do a partial memory dump, and then clean up after yourself, you filthy animal. You can find more about the show by visiting our LinkedIn page. Just search Chaos Lever or go to our website, chaoslever.com where you'll find show notes, blog posts in general. Tom Folry. We'll be back next week to see see what fresh hell is upon us. Ata for now.

[00:40:59.28]
Chris: Okay, so when one of the second to last scenes, the bad guy. Bad guy attacks Hathaway and stabs him in the neck with a knife. And Hathaway survives because he was wearing a scarf.