Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

8/29/2016
01:20 PM
Terry Sweeney
Terry Sweeney
Slideshows
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Hollywood's 7 Dumbest Hacking Depictions

Movies and TV shows too often use hacking as a deus ex machina device to resolve an impossible plot, but real hacking takes time, effort and lots of testing.
Previous
1 of 8
Next

Image Source: Wikimedia Commons

Image Source: Wikimedia Commons

It's not hard to energize the whitehat community – ask about their most ingenious hack or the time they foiled that really insidious attack. But their eyes really light up when asked about the dumbest hacking they've ever seen on television or in a movie.

Their most frequent complaint: Producers treat hacking as a deus ex machina device, using an impossible hack to resolve a plot point or push the story forward. Hence, the heaps of hacker praise for shows that work hard to get it right, like Mr. Robot.

None of the experts we contacted for this slideshow hesitated when asked for an example of a bad hacking depiction, in fact, most cited multiple examples. They were so forthcoming, you might almost conclude there's a lot of hate-watching among infosec professionals – that guilty pleasure derived from viewing supremely bad video and film content.

First, a little pity for Hollywood. Let's acknowledge that showing people typing at a keyboard – or watching code appear on a display -- isn't visually exciting ("We just paid $15 to watch people do stuff we can do at home for free.") We all know coding is painstaking and time-consuming, but that's a reality that producers and directors skip over in favor of a narrative that moves -- mustn't bore the audience!

In cutting those corners, Hollywood gets an awful lot wrong. Rather than pile on here and trash the content producers for the heck of it, we bring you this list of non-credible hacking portrayals to help dispel any remaining illusions among business leaders or consumers that computers can magically resolve problems. Really fast! And it always works the first time!

So unlike real life.

Here's to a clearer view of what hacking can and can't do for business users, and here's to a few laughs, which are always good for morale, productivity and better security.

 

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/3/2016 | 5:02:00 PM
Re: The Net
@Terry: I feel like War Games gets a pass because it almost qualifies as a sort of semi-apocalyptic sci-fi.

But then, I've never actually seen it all the way through.
T Sweeney
50%
50%
T Sweeney,
User Rank: Moderator
9/2/2016 | 7:01:12 PM
Re: The Net
Hi Joe: Yeah, The Net popped up on some the contributions we got. War Games too.

Ahh, the '80s and '90s!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/2/2016 | 2:26:57 PM
The Net
Mid-90s Sandra Bullock vehicle The Net could have easily been on here too.

The funny thing is that, as utterly preposterous as that movie was at the time, today a lot of it is not so far-fetched at all.
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark Reading,  8/13/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15237
PUBLISHED: 2019-08-20
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.
CVE-2019-15228
PUBLISHED: 2019-08-20
FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors.
CVE-2019-15229
PUBLISHED: 2019-08-20
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15231
PUBLISHED: 2019-08-20
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This is different from CVE-2019-15107. NOTE: as of 2019-08-19, the vendor reports that "at some point" malicious code was inserted into their build infrastruct...
CVE-2019-15232
PUBLISHED: 2019-08-20
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.