Attacks/Breaches
7/1/2014
08:45 AM
Marilyn Cohodas
Marilyn Cohodas
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Hacker Movies We Love & Hate

Check out Dark Reading community members' favorite hacker movie hits and misses. Then add your picks in the comments section.
Previous
1 of 11
Next

If you’re into InfoSec today there’s a good chance you were inspired at some point in your formative years by a hacker movie -- good or bad.

Who wouldn’t be captivated by Tron (one of my favorites), where computer hacker Jeff Bridges is abducted into the digital world to defend against an evil bureaucrat stealing computer programs; or motivated to join the forces of good against a sleazy villain like John Travolta’s Gabriel Shear in Swordfish?

The best hacker movies -- like WarGames -- are based on "kernels of truth" that endure even in the constantly changing world of cyber security and technological advancement. "In the 80s, it seemed far-fetched having nuclear weapons controlled by AIs, later hacked by teenagers over phone lines," says Corey Nachreiner, director of security strategy at WatchGuard Technologies. "Yet today, we live in the shadow of malware damaging uranium enrichment facilities and armed drones flying themselves."

But what makes a good hacker movie is a lot more subtle. From the geeky security cinephiles I contacted in my research for this slideshow, I learned that the gotcha is definitely not primarily about a dead-on depiction of technical details (though that helps), gee-whiz 3D CGI technology, or even a highly entertaining and somewhat plausible Hollywood story line.

In fact, the plot doesn’t even have to even be primarily about hacking to get on the list.

"It’s the mindset,” explains Contrast Security CTO Jeff Williams, who counts among his favorites “heist” type movies like the Ocean's series that "don’t treat hacking like magic" but take you "inside the process of experimentation, learning, strategy, and insight required to pull off a great hack."

Hacker movies also appeal to our better angels, bringing back childhood memories and life lessons like the ones that Bugcrowd community manager Marisa Fagan picked up from her father that "nothing is ever truly broken, it was just waiting to find the right workaround."

Another common thread is the journey of discovery where, as AccessData's Lucas Zaichkowsky observes, a "bunch of immature, bright kids [play] elaborate pranks on each other using computers" and later -- in real life -- "end up pursuing a fulfilling career in IT and information security."

Sound familiar?

A quick word about the research methodology, which involved informal email inquiries to a few of our active members and bloggers; these selections are not meant to be the definitive word on hacker movie hits and misses. They are only the first stage of a virtual discussion I hope will continue in the comments.  

And now, as they say in the movies, "Turn off your cellphone and enjoy the show."

 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
7/2/2014 | 11:04:12 AM
Re: Nicely Done!
This slide show makes me want to rent some of these old movies. It's been a long time since I've seen some of them.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/1/2014 | 1:17:46 PM
Re: Nicely Done!
It defnitely does! You Dark Reading folks definitely love your hacker movies (and your jobs!)
jd.sherry
0%
100%
jd.sherry,
User Rank: Author
7/1/2014 | 12:35:27 PM
Nicely Done!
Raises an interesting debate of life imitating art or vice versa?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5312
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the Dialog widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title option.

CVE-2012-6662
Published: 2014-11-24
Cross-site scripting (XSS) vulnerability in the default content option in jquery.ui.tooltip.js in the Tooltip widget in jQuery UI before 1.10.0 allows remote attackers to inject arbitrary web script or HTML via the title attribute, which is not properly handled in the autocomplete combo box demo.

CVE-2014-1424
Published: 2014-11-24
apparmor_parser in the apparmor package before 2.8.95~2430-0ubuntu5.1 in Ubuntu 14.04 allows attackers to bypass AppArmor policies via unspecified vectors, related to a "miscompilation flaw."

CVE-2014-7817
Published: 2014-11-24
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".

CVE-2014-7821
Published: 2014-11-24
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?