Attacks/Breaches

8/29/2016
01:20 PM
Terry Sweeney
Terry Sweeney
Slideshows
Connect Directly
Facebook
Twitter
RSS
E-Mail
50%
50%

Hollywood's 7 Dumbest Hacking Depictions

Movies and TV shows too often use hacking as a deus ex machina device to resolve an impossible plot, but real hacking takes time, effort and lots of testing.
Previous
1 of 8
Next

Image Source: Wikimedia Commons

Image Source: Wikimedia Commons

It's not hard to energize the whitehat community – ask about their most ingenious hack or the time they foiled that really insidious attack. But their eyes really light up when asked about the dumbest hacking they've ever seen on television or in a movie.

Their most frequent complaint: Producers treat hacking as a deus ex machina device, using an impossible hack to resolve a plot point or push the story forward. Hence, the heaps of hacker praise for shows that work hard to get it right, like Mr. Robot.

None of the experts we contacted for this slideshow hesitated when asked for an example of a bad hacking depiction, in fact, most cited multiple examples. They were so forthcoming, you might almost conclude there's a lot of hate-watching among infosec professionals – that guilty pleasure derived from viewing supremely bad video and film content.

First, a little pity for Hollywood. Let's acknowledge that showing people typing at a keyboard – or watching code appear on a display -- isn't visually exciting ("We just paid $15 to watch people do stuff we can do at home for free.") We all know coding is painstaking and time-consuming, but that's a reality that producers and directors skip over in favor of a narrative that moves -- mustn't bore the audience!

In cutting those corners, Hollywood gets an awful lot wrong. Rather than pile on here and trash the content producers for the heck of it, we bring you this list of non-credible hacking portrayals to help dispel any remaining illusions among business leaders or consumers that computers can magically resolve problems. Really fast! And it always works the first time!

So unlike real life.

Here's to a clearer view of what hacking can and can't do for business users, and here's to a few laughs, which are always good for morale, productivity and better security.

 

Terry Sweeney is a Los Angeles-based writer and editor who has covered technology, networking, and security for more than 20 years. He was part of the team that started Dark Reading and has been a contributor to The Washington Post, Crain's New York Business, Red Herring, ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/3/2016 | 5:02:00 PM
Re: The Net
@Terry: I feel like War Games gets a pass because it almost qualifies as a sort of semi-apocalyptic sci-fi.

But then, I've never actually seen it all the way through.
T Sweeney
50%
50%
T Sweeney,
User Rank: Moderator
9/2/2016 | 7:01:12 PM
Re: The Net
Hi Joe: Yeah, The Net popped up on some the contributions we got. War Games too.

Ahh, the '80s and '90s!
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
9/2/2016 | 2:26:57 PM
The Net
Mid-90s Sandra Bullock vehicle The Net could have easily been on here too.

The funny thing is that, as utterly preposterous as that movie was at the time, today a lot of it is not so far-fetched at all.
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Data Privacy Careers Are Helping to Close the IT Gender Gap
Dana Simberkoff, Chief Compliance and Risk Management Officer, AvePoint, Inc,  8/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-15601
PUBLISHED: 2018-08-21
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
CVE-2018-15603
PUBLISHED: 2018-08-21
An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen.
CVE-2018-15598
PUBLISHED: 2018-08-21
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable.
CVE-2018-15599
PUBLISHED: 2018-08-21
The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.
CVE-2018-0501
PUBLISHED: 2018-08-21
The mirror:// method implementation in Advanced Package Tool (APT) 1.6.x before 1.6.4 and 1.7.x before 1.7.0~alpha3 mishandles gpg signature verification for the InRelease file of a fallback mirror, aka mirrorfail.