The fourth episode of Mr. Robot’s final season left a lot to be desired, but still gave us a little bit to talk about. We discussed [SPOILERS, obvs] social engineering, audio surveillance, signal jamming, operational security, encrypted chat rooms, and more. (The chat transcript has been edited for brevity, clarity, and chronology.) This week’s team of experts includes:
- Emma Best: a former hacker and current journalist and transparency advocate with a specialty in counterintelligence and national security.
- Jason Hernandez: Solutions Architect for Bishop Fox, an offensive security firm. He also does research into surveillance technology and has presented work on aerial surveillance.
- Harlo Holmes: Director of Digital Security at Freedom of the Press Foundation.
- Trammell Hudson: a security researcher who likes to take things apart.
- Micah Lee: a technologist with a focus on operational security, source protection, privacy and cryptography, as well as Director of Information Security at The Intercept.
Dark Army Surveillance
Yael: So, uh, how obvious is that white van?
Harlo: I'd just like to say, really appreciate that Audacity hasn't changed in over a decade. Van guy definitely had it open.
Yael: So the best way to get audio surveillance is to put a bug in the actual room and then sit in a white van outside the building?
Jason: Yeah, seems like the kind of wireless microphone setup you can buy at a spy shop.
Harlo: We're seeing some terminal stuff for rtl_tcp, which is SDR (software defined radio) software. So yeah, it's a bug.
Yael: I guess one would think that if you were going to do this, you'd be discreet, so maybe it’d be less obvious breaking and entering and hanging out in a blue van or a green van or something. Something other than a white or black van. But maybe the point was for him to know he was being listened to?
Jason: I once had a chat with a DEA agent about surveillance and he said he preferred minivans—"nobody pays attention to minivans."
Emma: If you wanted to be discreet, you wouldn't even break and enter. You don't need to plant bugs inside buildings anymore.
Yael: How would you bug them?
Emma: For Elliot's situation, the window is a perfect vector. It's glass, I'm sure. Dark Army has access to the kinds of lasers and sensors needed to bug the room from that alone.
Yael: It sounded like when the "mic went out" they just had the bug too close to the speaker, but it's really hard to find bugs.
Micah: I think maybe while Elliot was talking, he was starting to jam signals at the same time to cause the Dark Army guy to get out of the van and investigate.
Yael: How do you do that?
Micah: Well, he'd have to know what frequency to jam, which you're right, isn't easy. But he could use an SDR radio himself to do the actual jamming.
Trammell: Maybe he was messing with the antenna. I think he had pulled the bug out from somewhere. It was sitting on the table with the note "they're listening. " So when Darlene came into the room, she saw the note and the bug.
Yael: I thought if he pulled the bug and brought it closer to the recording device, it could make that noise, but not if he left the bug there. And also I don’t know if that's true; I just know it happens sometimes with mics too close to recorders.
Harlo: I want to look at the man pages for that program, because if I recall correctly, the only options supplied were an IP address and a port for listening.
Cyprus Bank Op
Yael: So Darlene said Olivia was not authorized to transfer anything— “all their authentication goes through a proxy and everything else in their domain is read-only.” So they need to break into Virtual Realty. But I didn’t quite get what Virtual Realty was.
Emma: They didn’t say what Virtual Realty is yet. That was dangerously brief surveillance—only one day. Darlene only saw one shift of security officers; you can't generalize schedules off of that. And no prediction for Xmas, really. It's blind faith. Not that they have a choice.
Trammell: What was going on with Darlene’s OpSec? I realize she was venting and planned to erase the voicemail, but screaming the entire plan to the world while standing on the street was a serious WTF.
Harlo: VOICEMAIL. That's our lil OpSec fail. Maybe she’s on coke? Thus the rant? Then she realizes what she said was really really mean...
Trammell: V O I C E M A I L? Even in 2015, that's such a faux pas.
Harlo: LET'S TALK ABOUT OUR CRIMES ON AT&T'S VOICEMAIL PROGRAM. Like, I have never even left carrier metadata between me and my best friends. Because that's why Signal exists.
Emma: The whole thing was very poorly done on Darlene’s part, but realistically so, given the circumstances. They're all cracking, and they're not playing a long game anymore. They know they aren't getting away clean.
Yael: Yeah, I kind of feel like they're careless because they have nothing left to lose.
Emma: Nothing to lose and they HAVE to proceed, it's now or never.
Encrypted Chat
Yael: Do we, uh, want to talk about Dom’s Adium chat room?
Micah: Dom was using Adium as an IRC [Internet Relay Chat] client, but it also used to be a popular Jabber client for Mac that people would use for OTR-encrypted chats. But she was talking to the person on IRC, which doesn't have built-in encryption, and there was no sign of her using OTR in her private messages
Jason: Yeah, I think she connected to Freenode, which has publicly available/searchable chat logs.
Harlo: The screen shows a little lock icon.
Lost in the Woods
Micah: This was very much a 404 File Not Found themed episode. Mr. Robot had this monologue: “Seems like we're always thinking of ourselves when looking for something that's lost. But we never think much about the lost. Whatever, whoever is unable to be found. Whether it’s a set of keys left somewhere and forgotten, a couple guys wandering aimlessly in the woods, or someone who's disappeared inside himself. What if that's what they wanted all along? Not to be found?”
Emma: Can we talk about the attempted social engineering at the gas station and the three different tactics they each used? Desperate and reserved, straightforward and insistent, and finally just snapping and losing his patience.
Yael: I feel like they COULD'VE used some social engineering. She totally would've given them a ride.
Trammell: There was an interesting minor point about what happens in a cashless society when the internet goes down. Always online systems fail in very brittle ways.
Harlo: I kind of like the idea of overusing the term “social engineering.” Like, where does one draw the line between social engineering, and saying-whatever-because-I-just-want-you-to-shut-up?
Yael: WHAT IS THE GODDAMN SHORTCUT?
Trammell: The shortcut was a bit tropy...
Yael: I just have to say that Tyrell telling Elliot he “didn't care” because he was wearing the standard hacker uniform (black hoodie) instead of an overpriced suit really pissed me off. As if everybody in expensive work clothes gives a shit.
Emma: I got the sentiment. I just think it was expressed poorly. To me it was Tyrell talking about how he thought he and Elliot/Mr. Robot were a team. But Elliot was never of that mindset and would never see Tyrell as his equal—which I felt was the other betrayal. Tyrell has always presented himself as someone with technical chops. In his first appearance, there's the bit about him still using Linux and surprising Elliot. But while he's far from incompetent, he's not on Elliot's level. And that realization hurt, along with learning that he didn't get the E-Corp position on his own. It was because of Elliot.
Yael: Oh, did he figure that out?
Emma: I thought he did from the discussion with Elliot, that it's Whiterose’s maneuvering, not him being recognized as valuable. And at this point he knows he's going to die. He's lost everything. His wife is dead, his son is gone...
Yael: I don’t even know what to say about this scene. Even before he got shot. Like... learn some survival skills? You're probably not going to die because it's cold out and you're walking for an hour? Also one of the things they teach in survival schools is "what's going to kill you first." You make decisions based on what will kill you first—so like, yes you might drink possibly contaminated water if the alternative is dying of dehydration. So, like, you don't bleed to death because you're worried about Dark Army at the hospital and how they'd kill you. Also, you're telling me there's no first aid supplies in that van? Like what the fuck.
Emma: The metrics of success are different here than in the usual survival situations. In the survival situations that those schools cover, your ONLY goal is to survive and help your cohorts survive. The remnants of FSociety see it as a struggle to save the world. Survival becomes secondary to success.
Yael: I think it was just badly written for Tyrell to go from "you don't care!" to, like, not caring.
Emma: Definitely a rushed final arc for Tyrell that could’ve been handled and explored better.
from VICE https://ift.tt/2WuHVND
via cheap web hosting
No comments:
Post a Comment