Attacks/Breaches
7/1/2014
08:45 AM
Marilyn Cohodas
Marilyn Cohodas
Slideshows
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
100%
0%

Hacker Movies We Love & Hate

Check out Dark Reading community members' favorite hacker movie hits and misses. Then add your picks in the comments section.
Previous
1 of 11
Next

If you’re into InfoSec today there’s a good chance you were inspired at some point in your formative years by a hacker movie -- good or bad.

Who wouldn’t be captivated by Tron (one of my favorites), where computer hacker Jeff Bridges is abducted into the digital world to defend against an evil bureaucrat stealing computer programs; or motivated to join the forces of good against a sleazy villain like John Travolta’s Gabriel Shear in Swordfish?

The best hacker movies -- like WarGames -- are based on "kernels of truth" that endure even in the constantly changing world of cyber security and technological advancement. "In the 80s, it seemed far-fetched having nuclear weapons controlled by AIs, later hacked by teenagers over phone lines," says Corey Nachreiner, director of security strategy at WatchGuard Technologies. "Yet today, we live in the shadow of malware damaging uranium enrichment facilities and armed drones flying themselves."

But what makes a good hacker movie is a lot more subtle. From the geeky security cinephiles I contacted in my research for this slideshow, I learned that the gotcha is definitely not primarily about a dead-on depiction of technical details (though that helps), gee-whiz 3D CGI technology, or even a highly entertaining and somewhat plausible Hollywood story line.

In fact, the plot doesn’t even have to even be primarily about hacking to get on the list.

"It’s the mindset,” explains Contrast Security CTO Jeff Williams, who counts among his favorites “heist” type movies like the Ocean's series that "don’t treat hacking like magic" but take you "inside the process of experimentation, learning, strategy, and insight required to pull off a great hack."

Hacker movies also appeal to our better angels, bringing back childhood memories and life lessons like the ones that Bugcrowd community manager Marisa Fagan picked up from her father that "nothing is ever truly broken, it was just waiting to find the right workaround."

Another common thread is the journey of discovery where, as AccessData's Lucas Zaichkowsky observes, a "bunch of immature, bright kids [play] elaborate pranks on each other using computers" and later -- in real life -- "end up pursuing a fulfilling career in IT and information security."

Sound familiar?

A quick word about the research methodology, which involved informal email inquiries to a few of our active members and bloggers; these selections are not meant to be the definitive word on hacker movie hits and misses. They are only the first stage of a virtual discussion I hope will continue in the comments.  

And now, as they say in the movies, "Turn off your cellphone and enjoy the show."

 

Marilyn has been covering technology for business, government, and consumer audiences for over 20 years. Prior to joining UBM, Marilyn worked for nine years as editorial director at TechTarget Inc., where she launched six Websites for IT managers and administrators supporting ... View Full Bio

Previous
1 of 11
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
7/2/2014 | 11:04:12 AM
Re: Nicely Done!
This slide show makes me want to rent some of these old movies. It's been a long time since I've seen some of them.
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
7/1/2014 | 1:17:46 PM
Re: Nicely Done!
It defnitely does! You Dark Reading folks definitely love your hacker movies (and your jobs!)
jd.sherry
0%
100%
jd.sherry,
User Rank: Author
7/1/2014 | 12:35:27 PM
Nicely Done!
Raises an interesting debate of life imitating art or vice versa?
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-8142
Published: 2014-12-20
Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP before 5.4.36, 5.5.x before 5.5.20, and 5.6.x before 5.6.4 allows remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys w...

CVE-2013-4440
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 generates weak non-tty passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.

CVE-2013-4442
Published: 2014-12-19
Password Generator (aka Pwgen) before 2.07 uses weak pseudo generated numbers when /dev/urandom is unavailable, which makes it easier for context-dependent attackers to guess the numbers.

CVE-2013-7401
Published: 2014-12-19
The parse_request function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service (crash) via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method.

CVE-2014-2026
Published: 2014-12-19
Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.