7x9000

Let's give them one last hurrah.

  • She/Her

“In your darkest hour, in the blackest night... think of me... and I will be with you. Always. For where else could I go? Who else could I love but you?”


Once, there was a link here. Now it is a memory. A memory of laughter and hope. A memory of good times. A memory that shall not be forgotten.

Stand tall, my friends. For our journeys shall never end.


If you still want to find me:
https://linktr.ee/7x9000


([ IMPORTANT ])
You do NOT have permission to
use any of my stuff. I am the sole
owner of Zorotek and related
things.



cathoderaydude
@cathoderaydude

A take that I've always had is that the reason hacking in movies always looks absurd is because the reality of hacking is turbo boring.

You spend hours to months staring at total gibberish; most of the time you are not having great revelations, you are not pointing out the blonde and the brunette and the redhead, you do not see through the code, you are looking for a button you can press that happens to inadvertently probe an IO address at which you have something you control due to an oversight somewhere, and you're literally just doing things randomly and hoping that something does what you want. At least, that's what every single blog post or article or TED talk that I've ever seen talking about how an exploit was discovered reads. Maybe you have a specific avenue in mind, maybe you're using more advanced tools than just blind prodding, but nobody can visualize the entirety of a hardware or software system at once, so you're always going to have some amount of uncertainty about what exactly it is you're trying to accomplish.

This doesn't make good on screen drama, but the trouble is, frequently the outcomes of fictional hacking are also boring. Writing the quick start series, seeing things like Phoenix Hyperspace, I find myself thinking about all the terrifying things that computers can do without your even noticing.

Yes, it's very punchy to imagine your bank account suddenly depleting itself, or your identity being rewritten in every government database, shit like that, but of course it's absurd, nobody has that capability and if anybody did it would literally trigger wars, historically significant events, things that would go down in the history books. Nobody is hacking bank accounts, I don't think that's ever even been done. It doesn't even make sense, because once your subterfuge is discovered it's all just going to get reverted anyway because all the banks are in cahoots with one another as well as every law enforcement agency in the world, so once they undo what you did, they will find you and put you through a meat grinder. This is often expressed in posts about theoretical security vulnerabilities; "nobody has broken TLS, and if they do, they are not going to use it against you, because they suddenly have much bigger fish to fry."

But I did learn that there was a moment in time when Xmir had a bug where it would not stop listening to your keystrokes when you switched to a VTY. So you could be looking at a terminal, typing away, and everything you're typing is being fed into your IRC client. This sort of shenanigan is closer to the reality of actual targeted hacks, and in many ways far more unsettling. And there are so many ways to do this on the PC - compromising the Intel ME or the SMM is a horrifying idea because it is so hard to discover. We've all become used to the idea of a root kit, a kind of malware that scares us because it fucks with the computers ability to inspect itself. But you don't need to do that if you can get code into the parts of the computer that are already uninspectable, of which there are now many.

Actual hacking, state level shit, is more Evil Maid slipping your laptop's hard drive out in your hotel room than it is Kevin Mitnick whistling into a payphone. And the outcomes are also potentially way subtler than anything you'd ever see in a movie, but I wonder what that would look like - a hacker movie written by actual hackers, who understand the very real and not cartoonish reality of how your computer can betray you, sometimes even without deliberate malice being involved.


garudina
@garudina

ironically one of the most believable hacks I can think of in modern cinema is that scene in the matrix sequels (forget which one) where they need to get into the magic building with the special door and so they need to cut the power. iirc Trinity is using, like, identifiable professional hacking tools to attack the power station

most big breaches boil down to "you're exposing a port to the internet that is answered by software with a bug, and I know the bug, so I can use the bug to give myself access to things". a lot of times it's just a matter of getting a command line! then you kinda have to choose your own adventure from there, i.e. "other ports I can see from here that have known bugs" or "other software with bugs I can access on this machine to give myself more things"


cathoderaydude
@cathoderaydude

Steve Jackson's Hacker is my favorite board game. The core loop is:

  • begin with a dial-in number and set of credentials, leaked or bought from an insider, for a computer system with low security and low value, but with a mildly privileged relationship to another system

  • using that privileged access, find other machines that it can see. access them using more security exploits, more purchased credentials, or information left laying around on the machine you're already in. this all becomes easier if you can elevate to root.

  • repeat until you're inside the NSA

it's from 1992 and extremely fun


StrawberryDaquiri
@StrawberryDaquiri
This page's posts are visible only to users who are logged in.

You must log in to comment.

in reply to @cathoderaydude's post:

I remember some phone (back when smartphones were new and had physical keyboards) had a bug where everything typed was also being fed into a command line. This was discovered when someone rebooted the phone, went to send a message, typed "reboot\n", and the phone rebooted.

I know this is technically not cinema, but if you haven't, I implore that you give Mr. Robot a chance! It's so fucking great and I love it so much! Iirc they had a cyber security consultant.

in reply to @cathoderaydude's post:

This is why I enjoy the visuals in Hackers, and don't get why people give it shit
Because it's purely for the viewer

There's a scene where Dade is telling Joey where to find the file they need in the Gibson, and he verbally says the file path for it

So to me that shows what they're doing is more realistic, but we as the viewer see something more interesting instead

In early 1990, SJG was developing a game called GURPS Cyberpunk. On March 1 of that year, the company was raided by the United States Secret Service as part of a nationwide investigation of data piracy.[1] The agents took computers, printers, hard drives, at least one pocket calculator, over 300 floppy disks, and an entire BBS server.[1] In the court case that followed, the Secret Services justified their actions by calling GURPS Cyberpunk "a handbook for computer crime".[1]

In 1992, SJG made a card game called Hacker based on the Secret Service's beliefs.

I was actually going to suggest Uplink, too. There are elements of the game that aren't super obvious at first... there's a lot of depth there, but you can hit walls where you aren't expecting to, too.

There have been substantial mods which uproot the game and make a lot of the grindfest go smoothly through UI and even realism improvements iirc

the game is shared-source (there was a tier you could buy into to have a copy of the source code, probably still is), modular with tons of hooks and API affordances, and with a license that permits the reuse and modification of uplink code in registered copies

I recommend UplinkOS, it's a new executable that runs the same assets, and it has tons of quality of life improvements. But the original is still charming to me for sure, though it is certainly tedious