Attacks/Breaches
8/29/2016
01:20 PM
Terry Sweeney
Terry Sweeney
Slideshows
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Hollywood's 7 Dumbest Hacking Depictions

Movies and TV shows too often use hacking as a deus ex machina device to resolve an impossible plot, but real hacking takes time, effort and lots of testing.
Previous
1 of 8
Next

Image Source: Wikimedia Commons

Image Source: Wikimedia Commons

It's not hard to energize the whitehat community – ask about their most ingenious hack or the time they foiled that really insidious attack. But their eyes really light up when asked about the dumbest hacking they've ever seen on television or in a movie.

Their most frequent complaint: Producers treat hacking as a deus ex machina device, using an impossible hack to resolve a plot point or push the story forward. Hence, the heaps of hacker praise for shows that work hard to get it right, like Mr. Robot.

None of the experts we contacted for this slideshow hesitated when asked for an example of a bad hacking depiction, in fact, most cited multiple examples. They were so forthcoming, you might almost conclude there's a lot of hate-watching among infosec professionals – that guilty pleasure derived from viewing supremely bad video and film content.

First, a little pity for Hollywood. Let's acknowledge that showing people typing at a keyboard – or watching code appear on a display -- isn't visually exciting ("We just paid $15 to watch people do stuff we can do at home for free.") We all know coding is painstaking and time-consuming, but that's a reality that producers and directors skip over in favor of a narrative that moves -- mustn't bore the audience!

In cutting those corners, Hollywood gets an awful lot wrong. Rather than pile on here and trash the content producers for the heck of it, we bring you this list of non-credible hacking portrayals to help dispel any remaining illusions among business leaders or consumers that computers can magically resolve problems. Really fast! And it always works the first time!

So unlike real life.

Here's to a clearer view of what hacking can and can't do for business users, and here's to a few laughs, which are always good for morale, productivity and better security.

 

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/3/2016 | 5:02:00 PM
Re: The Net
@Terry: I feel like War Games gets a pass because it almost qualifies as a sort of semi-apocalyptic sci-fi.

But then, I've never actually seen it all the way through.
T Sweeney
50%
50%
T Sweeney,
User Rank: Moderator
9/2/2016 | 7:01:12 PM
Re: The Net
Hi Joe: Yeah, The Net popped up on some the contributions we got. War Games too.

Ahh, the '80s and '90s!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/2/2016 | 2:26:57 PM
The Net
Mid-90s Sandra Bullock vehicle The Net could have easily been on here too.

The funny thing is that, as utterly preposterous as that movie was at the time, today a lot of it is not so far-fetched at all.
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.