Security News

Mr. Robot Review: eps2.2_init1.asec

Stefanie Smith, 28 July 2016

Avast Senior Malware Analyst, Jaromir Horejsi, explains the tech terms from Mr. Robot's eps2.2_init1.asec

Mr.Robots2e4.jpg

Image via: USA Network @whoismrrobot

Like last week’s episode, this week’s episode of Mr. Robot began with a flashback, providing us with more background on how fsociety was formed. In the flashback scene, Darlene visits Elliot at his apartment on Halloween. She is wearing the fsociety mask, which we learn is from the fictional movie Careful Massacre of the Bourgeoisie. We also see how Elliot first told Darlene about his master plan of hacking and taking down E Corp.

Back to the future, Darlene, like Mr. Robot, tries to convince Elliot to continue to fight for the cause. Dominique has the FBI investigating fsociety’s headquarters, but there is little evidence of fsociety’s presence at the arcade, with the exception of a bullet that was found. Joanna is running out of money and is eager to get Tyrell’s severance package from E Corp, while Angela is trying to negotiate with Mr. Price. Mr. Price is in touch with White Rose from the Dark Army, but it is not entirely clear what they are up to. At the end of the episode, Elliot agrees to help Ray with his “computer problem”.

The first hack mentioned in the episode is Darlene’s Postemate hack to get $10 coupons any time her boyfriend orders anything. The Verge did a nice job explaining the hack. In short, she hacked the Postmate proxy that supports her boyfriends Access Point Name (APN) settings. Whenever her boyfriend orders delivery through the app, he should get, via their affiliate program, a coupon. Darlene has, however, set it up so that her affiliate link is used whenever she makes an order, so that she receives the coupons.

In addition to Darlene’s app hack, there was more tech talk in the episode.

In the flashback, Elliot describes the project he was on. He says he was pentesting, he kept finding holes in the system, and that it was his job to keep hacking until it was hacker proof. 

Stefanie: What is pentesting and what holes did Elliot keep finding?

Jaromir Horejsi, Senior Malware Analyst: Pentesting is short for penetration testing. Elliots job, like he tells Darlene, was to hack until the system was hacker proof. His job was to basically try to hack into a network like a real hacker would. Rather than abusing the vulnerability, or security hole, pentesters report them so that they can get fixed, before outside hackers have the chance to find them.

Just before Elliot describes his plot to take down Evil Corp to Darlene, he contemplates, out loud, whether or not he should take the job at AllSafe. He says “could be a Trojan horse”.

Stefanie: Funny that Elliot describes himself as a Trojan horse! Can you explain, for our readers, what a Trojan horse is?

Jaromir: The term comes from the well-known tale about the Trojan War. According to the tale, the Greeks built a giant wooden horse, hiding armed men inside of it for a sneak attack. They pulled the horse into the city of Troy and presented it as a trophy to the Trojans for winning the war. During the night, the Greeks inside of the horse snuck out and opened the gates for the rest of the Greek army to enter the city and attack the Trojans. The malware, Trojan, is named after the Trojan horse.

A Trojan is a type of malware that pretends to be something useful, helpful, or fun while actually causing harm or stealing data. In this case, Elliot wants to join AllSafe to pretend to help secure E Corp’s network, when in reality he wants to gain access to it to take it down.

Dominique’s colleague questions why fsociety would chose to work from an arcade with their name on the front. Dominique says “they’re hackers, they believe in hiding in plain sight”.

Stefanie: Is this true? Do hackers really like to hide in plain sight?

Jaromir: This is partially true.Some hackers or hacktivists hack web pages and to send a message messages. The message usually explains who they are and why they are hacking. Other hackers may want to stay unnoticed for as long as possible to steal as much information as possible.These hackers may try to remove all logs and traces of their hack, making it difficult to figure out who they are and how they got into the system.

At the very end of the episode Elliot chats with Darlene. She tells him about Romero’s death and about the FBI’s illegal surveillance program, Berenstain. Elliot is back in the hacking game and I cannot wait to see how he plans to hack the FBI!

PS: There are some theories that Elliot may be in prison or institutionalized. I personally think he is in an institution, what do you think?