For years, Marc Rogers worked as a lone hacker, writing software exploits capable of breaking into vulnerable systems. Decades later, Mr. Rogers is doing the same thing, only this time it’s for Hollywood.
To ensure that TV versions of hackers are more accurate reflections of the shadowy world he once occupied, Rogers serves as principal hacking consultant on the hit USA Network show “Mr. Robot,” which debuts its second season Wednesday night.
“When I would see people portraying things that I have done and known intimately, I would cringe,” says Rogers, who agreed to work on the show (he was only briefly involved with season one) after years of frustration watching fake hacks on TV.
The problem is that spending hours in front of computers trying to root out vulnerabilities in software can be, well, “really boring,” he readily admits.
“Some of the greatest hacks I have ever pulled off involved multiple days of sitting in front of a screen often with no sleep, quite often living off old, cold pizza and tapping away at the keyboard, until I found what I was looking for,” says Rogers, who went by the nickname “Cjunky” during his hacker days. “This would takes days of hunting for weaknesses, days of turning those weaknesses into potential weapons and then the culmination would often be just a few seconds.”
Despite all the tediousness of the computer work, which is central to the “Mr. Robot” storyline, the first season was a hit with hackers of all stripes. Last season, the show followed a group of anarchist hackers known as “fsociety,” who were trying to cancel all the world’s debt by taking down a large corporation called E Corp.
Not only did last season borrow from real world computer breaches and cyberattacks, many well-known hackers and security researchers praised actor Rami Malek, who plays the show’s main character Elliot Alderson, for his realistic portrayal of a community that’s often misunderstood and mischaracterized on television and film.
When it comes to crafting the more technical aspects of the film, however, “Mr. Robot” creator Sam Esmail intentionally avoids dwelling on those details when writing the scripts, Rogers said, and instead leaves it to technical advisors to make sure each hack on the show is actually plausible.
And that means actually testing the hack themselves. The process involves searching for exploits, writing code, building the hack, and testing it on a vulnerable system. It might take up to 60 hours to write a single attack, just like in real life. Rogers and the other consultants operate with their own simple mantra: Come up with the most realistic scenario.
“A real hack is often a week’s worth of work looking for vulnerabilities in something and then coding it, and then exploiting it, the same goes for the hacks we do on the show. They are the real thing,” Rogers says.
Rogers declined to share details about his time as an independent hacker. However, that stint didn’t seem to last long. He quickly moved on to work as a so-called “white hat” – or ethical – hacker to protect corporate security. He now works as a security researcher for the cybersecurity firm CloudFlare, and is head of security at DEF CON, which organizes one of the world’s largest annual hacker conventions in Las Vegas.
Rogers’ notoriety in the security research community has led to other gigs advising TV shows such as the award-winning BBC series “The Real Hustle” and, in recent years, he was a member of the team that successfully demonstrated security vulnerabilities in a Tesla Model S and Google Glass.
While Rogers refused to delve into any second season plot details, initial reviews indicate the show will address the fallout from the events at the end of season one. Mr. Esmail previously said the plot will address the debate between many in Washington and Silicon Valley over the increasing use of encryption on consumer devices.
“I think it’s a really important issue that we’re going to really get into in the next 10 years, and it’s not something that I think people really understand the nuances of,” Esmail said during a panel discussion at South by Southwest, the annual tech conference in Austin. “It really brings up that idea of the rights to privacy, and do we have that or do we not?”
The fact that “Mr. Robot” is trying to ensure technical accuracy and hit many of the hot button issues within the information security community sets it apart from hacker dramas that have come before it.
From the 1992 film “Sneakers,” starring Robert Redford and Sydney Poitier, to 1995’s widely derided “Hackers,” many of Hollywood’s previous attempts to portray this community were widely mocked by experts and film critics alike for their goofy portrayals of hackers.
On TV, it’s even worse, Rogers said, pointing to “CSI:Cyber” as a prime example. “Whenever they broach the concept of hacking, it is always awful.”
But as audiences are becoming more tech savvy, they will expect more authenticity and realism from the shows they watch, he says. “People are very critical of what they seen on TV, so if they are armed with knowledge and can criticize it, they will.”
via Hacker News http://ift.tt/29yZ4vi