Archive for the 'entertainment' Category

Hacking in Hollywood

Tuesday, September 30th, 2008

I said this before, and I’ll say it again - I can’t stand Hollywood movies about hackers or hacking. I just can’t deal with that shit. The classic Hackers is possibly the single notable exception to this rule. And that’s because this movie is actually a clever satire - it takes the popular culture image of a hacker, and the average Joes concept of what hacking is, turns it up to 11 and then ads a dash or realistic jargon, or real references here and there. It is a ruthless caricature poking fun at the hipster image of a hacker existing in the media and the so called “hacker culture” perpetuated by script kiddies who think they are 1337. I have no clue whether or not this satirical layer was added intentionally, or whether it simply emerged because later Hollywood productions tried to imitate it. In ether case the sheer badness of the film caused an integer overflow and as a result it became good again. And I guess it’s all that matters.

Of course a if you manage miss the joke completely you can still enjoy the movie as a campy, off-beat fun ride. Everyone wins. End result is a cult classic loved by computer professionals and clueless people alike - often for very different reasons. Few others have ever accomplished anything similar. In most cases any attempt to portray “hacking” on the silver screen ends up in a massive load of epic fail. As an example I give you a scene from the movie Swordfish:

Can anyone explain to me what is going on in here? Cause to me it kinda looks like this guy is playing some sort of 3d puzzle game. He is typing on the keyboard like a madman, cursing, jumping around and etc… In the meantime his (obligatory) multiple screen rig is showing some funky animation depicting cubes of shimmering code falling into place, scrolling text and lots of blinking lights. It’s silly!

Most Hollywood movies depict hacking this way. Some sort of abstract, incomprehensible activity that apparently involves a lot of frantic typing without using a space bar. But it doesn’t need to be this way. Here is a hacking scene from the matrix. Watch closely on what shows up on Trinity’s monitor:

Did you catch it? You can clearly see the characteristic output of Nmap (a very popular port scanning tool), and then exploits the very real, but also very old ssh vulnerability to take control of the remote system. This depiction was so realistic, that the British Computer Society felt compelled to release a joint statement at the time, urging movie goers not to attempt to emulate it.

To a lay person both scenes would look equally incomprehensible and cryptic right? In both cases we see characters type stuff on the keyboards, and see some scrolling commands and text output that is really not essential to the story. The Hollywood produces usually assume that since an average person doesn’t know the first thing about hacking they might as well make the activity visually pleasing.

The thing is that people do know how hacking looks like. Anyone who uses their computer for more than browsing Myspace and chatting on AIM knows that what you see in the Swordfish scene (or the scenes from the Hackers movie for that matter) are totally fictitious. Unless you are a lumberjack and live in a log cabin in a middle of a forest with no electricity you probably know a programmer, sysadmin, or an IT guy of some sort. Or at the very least you may know that computer whiz kid from the neighborhood who fixes your laptop whenever you infect it with to much spyware.

There is a certain way computer interfaces look, and there is a certain flow to a typical computer operation. I think that most movie goers these days realize that “hacking” into a computer system involves activities such as running programs, typing in commands, and for example looking stuff up on the internet. Most people realize that this whole “typing really fast, to control some 3d animation on the screen” thing is incredibly silly. In fact I have seen it parodied, joked about and made fun of in mainstream media well outside the usual geek circles.

So why does Hollywood insist on insulting our intelligence this way? Why do they show us shiny animation assuming that we wouldn’t understand what was going on in the first place. Some people will probably argue that showing “real hacking” would be irresponsible. I would naturally laugh, and explain the concept of full disclosure to these people. Think about this logically:

  1. No one says that Hollywood needs to show new, cutting edge zero day vulnerabilities
  2. Besides, a zero day vulnerabilities would be old news long before the official move premiere
  3. Including an old vulnerability in a blockbuster movie would possibly make people nervous and force them to finally patch their systems - so it would be a benefit for everyone
  4. No one says you need to show a step by step tutorial - what Matrix did was perfect - they made up a script with a made up name, and then stated it is exploiting the ssh crc32 vulnerability

Showing just glimpses of real exploits, or inessential bits of code is not irresponsible, or dangerous. It is no more dangerous than showing your average episode of Myth Busters on TV. After all, Myth Busters use real physics and chemistry principles to make things blow up like every week. You know - the stuff you could look up in your high school physics/chemistry book - they use that stuff. How is using basic, common knowledge computer science and computer security principles to do privilege elevation or remote exploits any different?

All I’m asking is this: if your movie revolves around hackers, hacking, security exploits or programming, please, please, please hire a technology consultant and for god’s sake listen to him. Ask him to write down a list of technical jargon terms the characters should know, and pointers on their usage. Have him write sample lines the characters could say while hacking/programming. Have him work with the post-production team to create appropriate visuals. That’s it! One guy, few hours of work. Whatever you will need to pay this dude is probably insignificant to the amount of money you spend for the CGI, pyrotechnics and the stunt work.

Seriously, if you know nothing about computers why do you think you can write and/or direct a good movie about hackers and/or programmers? When you are making a movie about police men, soldiers, firemen, lawyers or salesmen you probably bring in a specialist who explains to you and the actors how the things are done in his profession, makes sure you use an appropriate lingo, and don’t make huge blunders. No one seems to be doing that for computer related stuff though. It seems that it is easier to just make stuff up instead.

Name That Game #1

Friday, September 26th, 2008

New game in the spirit of Name That Movie or TV Show cycle I’ve been doing here. This one is a bit different and possibly more difficult. Or it could be easier. I don’t know.

This version of the game may appeal to slightly different crowd. Instead of identifying movies, I’m asking you to identify video games in the picture below. And instead of random screenshots, I’m actually using the box covers. Naturally since each video game box has the name of the game printed on it, and usually a signature, distinct art I’m adding some Gaussian blur to each of them. I tried to make them fuzzy enough to conceal telltale details (and the title of course) but clear enough to allow you to recognize the box by shape, color and composition.

I tested it on my brother and he immediately identified 5 boxes correctly, 2 incorrectly and had no clue as to the rest. So hopefully this won’t be solved by the first commenter. P

Name That Game #1

Something tells me I’m making it to easy, but we’ll see. Let me know whether you like this new variation on the game. I will probably continue making “Name that Movie” panels in the future, but this could be another fun distraction. )

Live Free or Die Stupid (aka Die Hard 4)

Friday, September 12th, 2008
livfreeordiehard.jpg

I saw Live Free or Die Hard few days ago and I must say that I’m really glad that I did not actually waste money to see this piece of crap on the big screen. My gut instinct is to automatically pass on any movies that feature hackers or cyber-terrorism because Hollywood always gets these things horribly wrong.

Watching the new installment of the Die Hard was a bit like revisiting The Net all over again. The level of technical expertise and realism is about the same in both pictures. In all fairness, The Net is probably a better movie of the two simply because it contains Sandra Bullock in her prime, and does not contain Justin Long (who seriously needs to get punched in the face with a sledge hammer).

This is the plot of the movie: a bunch of evil terrorists (and you know they are totally evil because they all wear black) hack into the United States and shut everything down. You gonna ask me “United States what?” but no, I did not skip a word there. That is precisely the problem with this movie. These dudes hack into everything! They are such 1337 hackers that they can control anything: street lights, gas mains, tv channels, cell phone networks, the stock market, banking, trains, plains, on board avionics in military jets - hell, they can even take over that shitty $10 webcam in your bedroom and spy on your ass.

The movie is full or ridiculous scenes that look like they were inspired by The Net. For example, at one point the bad guy played by Timothy Olyphant (who we probably better know as The Asexual Hitman Man) goes “McClain, I just deleted your bank account and now I’m deleting your 401k - how do you feel about that? Muahahahaha” as he types something on his keyboard. Next thing you know there is an animation of a page with a big 401k heading and a table with some numbers that suddenly start counting down until they all reach $0 while you hear the ka-ching cash register sound effect. Really? I mean, seriously! Come one people!

The scene is silly in itself but it becomes even sillier when you find out what the bad guys are “really after”. You see, according to this film, after 9/11 the government created a secret facility with some totally awesome servers (and you know they are totally awesome because they like have a lot of blinkenlights) where all financial, banking and social security information from the whole country will be backed up in case of a national emergency. The terrorists want to steal that data because once they have it they will be able to (and this is a direct quote):

“Put it on a portable disk, take it anywhere. They will be able to make transfers, and will be untraceable! Or they could delete it all and send us back to the stone age!”

In other words, the terrorists pretty much shut down the country order to perpetrate some petty identity theft. I’m ignoring that stone age bit because it just doesn’t make any sense and I don’t even want to know what they were getting at. Why do they create a media circus instead of doing things quietly is beyond me. What is even funnier, you have to realize that they already took over computer systems of banks, investment firms, the NY stock exchange, social security systems and etc. It seemed like they already had access to all that information that was supposed to be in the super-secret backup facility. After all they were deleting people’s bank accounts and 401k plans and making untraceable transfers throughout the movie. So why did they needed the backups? I mean, it’s not like they could erase them and “send us to stone age” since every single institution they broke into is likely to have localized and/or off-site physical backups. No super-duper national backup plan would ever replace that. It makes no sense.

Live Free or Die Hard uses virtually every single hated computer cliche in the book. Hacking is done by vigorous typing and you can pretty much tell how hard one is hacking by how fast and hard he is punching the keys. No one ever uses a mouse, or the space bar for anything. Tracing the source of a video chat takes the same amount of time as tracing a phone call, and you must stall the person on the other side of the line making small talk. I mean, I’d just take the IP number and look it up in the whois database to get the address of the registrant but apparently it is a much more complex procedure that displays a big red “ROUTER DENIED” warning whenever you fail to trace the source properly.

It takes exactly 4 key strokes to pull up any information. It goes like this: a bad guy says “locate McClains daughter!”. A dude sitting at a computer terminal goes tap, tap, tap, TAP (you know, the last tap must be like emphasized) and goes “She is stuck in an elevator between 4th and 5th floor in the such and such building on the 34th street”. Then of course they pull up the elevator cam feed to look at her with exactly 4 more keyboard strokes. Justin Long on the other hand manages to reprogram his cell phone to use the super secret satellite network in exactly 4 keyboard strokes. It’s amazing really!

If you plan to watch this movie make sure you keep Clarkes’ third law firmly in mind. In Live Free or Die Hard technology is indistinguishable from magic. Hackers are wizards with unlimited power who can do anything the plot is calling for at the moment: reroute the gas mains, shut down the electrical grid, change stock prices, take over your GPS system, hack into your hamster and turn it into a time bomb (ok, I made this last one up) - you name it. They can shut down the country and bring about the end of civilization and the only person who can stop them is a grizzled, cynical cop who doesn’t know much about computers but can kick serious ass.

I find it funny how all the evil hackers are smart, educated, and well dressed. They all use big words, they enunciate and act professional at all times. You know, highly educated and well spoken people are all evil elitist bastards with their science, and their logic and etc. The good hackers on the other hand are lovable geeks - clumsy, oafish and mumbling cryptic stuff to themselves all the time. They might be smart, but the writers take special care to show that they would never survive without the big, bad McClain holding their hand and wiping their noses all the time. Both of these portrayals personally offend me as a programmer and IT professional but hell, what do I know.

I understand that no one in Hollywood hires technology consultants anymore - and if they do, they probably fired them on the first day when they start crossing out all the awesome hacker stuff from the script and replace it with boring stuff. I get it. I am not their target audience and I guess someone with less technical knowledge than me could overlook all the flaws I listed above. But the badness of the movie extends way beyond that. It is simply way over the top. You’d think that the 3 previous die hard movies were over the top but they are nothing compared to this installment.

It seems that there is some sort of pissing contest going on in Hollywood to see who can make a movie with more outrageous stunts. This trend peeked and culminated in the proverbial Nuking of the Fridge in Indiana Jones 4. Die Hard 4 is a clear runner up in the same league though. McClain destroys a helicopter by driving over a fire hydrant, blows up another driving a car up a makeshift ramp into it, outmaneuvers and destroys a Harrier jet while driving a tractor trailer. Of course before he destroys the jet he jumps on top of it, and manages to stand upright on one of the wings while the plane spins out of control. I mean, WTF is this? Jet surfing?

This sort of thing has to stop. The fact that CGI is dirt cheep these days doesn’t mean you have to use so much of it. The fact that you have a big budget does not mean you need to blow it all on explosions, crashes and outrageous stunts. The original Die Hard while still stunt/special effect heavy was much more low key. McClain had to use stealth and cunning to survive and dispatch the bad guys. The proportions between realism and ass-kicking action were maintained at a level where the viewer was kept on edge of his seat most of the time. There was just enough realism to allow the viewer to suspend his disbelief, and just enough of unrealistic stunts to make things exciting. In Live Free or Die Hard reality goes out the window as soon as the hero blows up the n’th helicopter, falls down from a 10 story building, dusts himself off and then tries to surf on top of a military jet plane while the pilot ejects from the cabin. You can’t build tension when your character pulls off crazy reality defying stunts every 5 minutes. You can’t escalate the special effects indefinitely and expect viewers to go ooh and ahh after each explosion. The more stunts you have in your movie, the less impressive they become.

This is exactly what was happening to the James Bond franchise - they kept escalating the special effects, and adding crazier and crazier stunts with each new installment and at some point people just started yawning and leaving theaters in droves. Then Bond was reinvented anew. Instead of having him jumping over a helicopter on a motorcycle they made him do some Parkour. Instead of an elaborate trap involving sharks with lasers attached to their heads, they used a bottomless chair and a piece of rope with a big knot on the end (and holly shit, that torture scene made me cringe). Lo and behold they scored a huge blockbuster success. I thought that Hollywood got the message after that one. But it is clear that they didn’t since we have movies such as Live Free or Die Hard or Indiana Jones and the Kingdom of Crystal Suck still coming out these days.

I can’t really say anything about Bruce Willis’ performance because any respect I might have had for his character was instantly destroyed when he started doing the condescending “I don’t know about computers so why don’t you say that in English you pathetic nerd” routine every time Justin Long said something. Most of the signature Die Hard attitude and bravado was drowned out by the outrageous action sequences, and the pointless and tedious banter with Long.

Long pretty much plays the same annoying character he portrays in the Apple commercials - a smug know it all with some of the least favorable geek stereotypes. For example he delivers a rambling rant about how “the man” is controlling the media, makes inappropriate star wars references or uses nonsensical technobabble around McClain knowing full well he is a computer illiterate idiot.

Bottom line is that the movie is absolutely horrible. It is incoherent, inconsistent, badly written and nukes the fridge on average every 5 minutes. Plot is nonsensical, and the stunts become more and more far fetched up to the point where all suspense is gone and you can’t help but yawn once you get to the part when Willis is running on top of a flying harrier jet mid flight. Avoid at all costs!

Also, I propose a new rule: Hollywood is no longer allowed to make movies that feature hackers, hacking or cyber terrorism. We will all be better off if they stick to old fashioned lo-fi terrorism which most people can understand and comprehend.

Update 09/12/2008 03:28:54 PM

Damn! I thought that I already had a Friday post queued up for this week. I guess I didn’t. Oh well, next week’s post will do. Sorry if this post contains more than the usual amount of typos, or fractured sentences. I was pretty sure I will have ample time to proofread it before it hit the blog next week. P

Name that Movie or TV Show 3

Friday, September 5th, 2008

Welcome to the third installment of the Name that Movie or TV Show game. If you are a regular reader, you probably seen or participated in the the first and the second one. If not, you can go and revisit them now and see how many you can guess without looking at the comments.

If you don’t know how this works here are the rules: the picture below contains numbered frames. Try to guess what movie or TV show was each frame taken. Post your guesses in the comments. And don’t worry, there are no winners in this game - only losers. Oh, wait… Maybe it’s the other way around. Anyways, there will be moist and delicious cake upon completion - that I can promise.

Name that Movie or TV Show 3

Unfortunately these things are getting progressively harder to make. I could try to compensate by watching more movies, but it is so infuriatingly hard to finds ones that do not totally suck. Because of this, there is some overlap between this and the two previous games. But since I used different shots so it still may be challenging to some.

Have at it. )

Run Lola, Run (Lola Rennt)

Friday, August 29th, 2008
Run, Lola Run

How would I describe this movie in one sentence? Let’s see. Maybe “Groundhog Day on Crack”? Hmmm… No that’s not it. In fact it’s not even close. The movie does bring up similar questions about time, chance, cause and effect and one man’s destiny and power to change it with small, seemingly insignificant action so I guess I’m bound to compare the two.

In both movies for example the protagonist loops around in time re-living the same events multiple times, and is allowed to experiment with cause and effect. But instead of a jaded and unpleasant weatherman, the hero of this movie is Lola, an attractive young girl with flaming red hair, and an attitude. Unlike Phil Connors (who found love because of the loop) she seems to loop out of love for her boyfriend. The setup is simple. Manni (Lola’s guy) gets in trouble with the local mafia, and must come up with $100k in less than 20 minutes or he will likely be killed. To save her man, Lola will have to come up with the cash, and quick.

We see Lola run through the city 3 times. Each time her path is almost exactly the same, but small variations inevitably sneak into the picture. On one run she bumps into someone, on the second she passes them by, and on the third they never meet and etc.. These small changes end up being significant because they allow Lola to gain pr lose precious seconds and each successive one can and will influence all the other ones that follow it.

We never find out why exactly is she looping around in time like this. I mean, you can figure out that it’s love and determination that pushes her forward. But we never learn why or how this happened to her and not someone else. Lola herself is largely unaware of this fact. She does not know she is looping back in time, however for some reason she does seem to retain some memory from previous runs. For example during her first loop Manni teaches her how to take the safety off a pistol. On the second run, she takes the safety off herself as if remembering it. This sets up a slightly different tone than the Groundhog Day.

There was a sort of logic to that movie - Bill Murray’s character knew that he is going to loop around each day, and retained all his memories. He could plan ahead, and through observation he could slowly gain a sort of omnipotence and exert more and more control over his fate. Lola doesn’t have that luxury. For her, each run is a first, there is never any guarantee that she will get another chance. Despite that Lola seems wiser, and more apt at exploiting using her environment during each subsequent loop.

Phil Connors broke out of the time look using logic, planning, and powers of observation. He could break down his day, plan his activities, and set everything up for success. Lola only has 20 minutes, and she is in a mad rush each time. Her world is one of raw emotion ruled not by logic but rather than fate, chance and destiny. In a way this story reminded me about this quote from Paulo Coelho’s Alchemist:

When you really want something to happen, the whole universe conspires so that your wish comes true.

Lola’s universe comes alive and indeed conspires to make her succeed. Unlike the cunning weatherman from Groundhog Day, Lola has little control over her situation. There are many variables that she can’t influence, and luck and chance play a big role in each loop. She has no other choice but to trust her luck and like Coelho’s protagonist hope that it will direct her steps toward the goal. When she ignores this magical conspiracy it becomes an obstacle. She trips, she falls, she is late or to early. Only when she starts noticing the events around her, and takes her cues from them she is able to make real progress. Phil Connors had to take his destiny in his own hands, and be the agent of change. Lola on the other hand, must let go and let her heart guide her to succeed. The agent of change is fate, and she is but a pawn with a mission. To succeed she must allow the universe to propel her towards the solution; she must put everything on the line and hope that the wheel of fortune will swing her way. Otherwise she is doomed.

Should you watch this movie? I think you should. I enjoyed it, and I think you will too. It is fun, entertaining a little bit campy and it will definitely keep you at the edge of your seat. Fair warning though - this movie has subtitles. The action takes place in Berlin I believe, and all the actors speak German. This didn’t bother me. In fact, the streets, cars and the architecture looked oddly familiar. I was never in Germany but I lived half of my life in Poland and it seems that the crappy cars, and run down buildings, and shitty supermarkets in both countries are oddly similar. I also remember using those funky phones that take plastic phone cards instead of change. So for me this was not only and entertaining flick but also a trip down the memory lane.

Get it, watch it, let me know what you think. )