[00:00:00.320] This episode of Chaos Lever is brought to you by IntegraONE [00:00:03.145] and their ONE CON conference, coming this October to Bethlehem PA. [00:00:06.805] More on that later, right? [00:00:08.385] Listen, I saw this documentary called Back to the Future, [00:00:11.005] which had a lot of interesting ideas. [00:00:14.400] I'm not writing off any possibilities is all I'm saying. [00:00:19.505] Okay, so back to the future, too. [00:00:23.885] A lot of inventions, a lot of interesting ideas on what the future would look like. [00:00:28.125] A lot of ties, way too Too many ties. [00:00:31.005] I mean, we could say that about now. [00:00:33.605] Still too many ties. [00:00:35.520] If there's one major innovation that you could have from that movie, [00:00:42.605] what would that innovation be? [00:00:45.520] Well, when I was of a certain age, it was 100% the hoverboards. [00:00:50.840] Yeah, I mean, of course. That was it. [00:00:53.565] Now that I'm older, wiser, more careful, more circumspect, [00:00:59.125] it's still fucking hoverboards. [00:01:07.800] Hello, alleged human, and welcome to the Chaos Lever podcast. [00:01:11.065] My name is Ned, and I'm definitely not a robot because I can spell strawberry [00:01:17.485] with three R's. [00:01:19.365] Imagine that. [00:01:22.285] If that doesn't make any sense, it's because you didn't listen to [00:01:25.400] our tech news of the week. [00:01:26.425] Go back and do that first and then listen to this one [00:01:29.265] because that's what's important. [00:01:30.960] With me is Chris, who is also here. [00:01:35.045] Hi, Chris. [00:01:37.360] What's a strawberry? [00:01:39.720] It doesn't matter, but I know it has three R's. [00:01:42.920] Well, that's really all we need to know. [00:01:45.285] Is there any point to the rest of the show? [00:01:47.285] Not that I can... [00:01:48.945] Well, we might want to dig into how many R's a rasberry has, because [00:01:52.425] that's a totally separate question. [00:01:54.400] There's none. It's spelled B-R-R-R. [00:01:55.520] I see what you did there. Oh, you're funny. [00:02:01.320] You're a funny guy. [00:02:03.205] You see what happens when we record and it's not 6:00 in the morning? [00:02:06.520] You have all the humor and I am barely clinging on. [00:02:11.480] Which is the way it should be. [00:02:16.040] You know, the fact that you're stomping on my fingers as I hang on to the cliff. [00:02:22.000] I want you to know that I appreciate you and everything that you do. [00:02:26.200] I love it when you lie to me. [00:02:30.040] It's another day ending in Y. [00:02:32.760] Really, that is the bedrock of our entire relationship is just bald- The calendar? [00:02:37.805] Oh, well, that too. [00:02:40.525] Gregorian, naturally, because I don't go in for that Sumerian stuff. [00:02:46.200] I'm going French Revolution. [00:02:48.205] The metric day? I love it. [00:02:51.245] It was crazy enough to work, unlike Napoleon. [00:02:58.760] Wow, sick 200-year-old burn. Well done. [00:03:02.685] Got them. [00:03:04.520] Eventually. [00:03:08.360] Oh, should we talk about some actual tech garbage? [00:03:11.445] Yeah, and this is going to be actual tech garbage. [00:03:15.640] No, it's not. Lies and slander. [00:03:17.705] Lies and slander. I said Slies and lander. [00:03:19.845] I like that better. [00:03:21.525] Which could be a great indie pop band. [00:03:24.725] Probably already is. [00:03:25.925] Yeah. [00:03:27.085] No, what we would like to talk about today is the movie Hackers, which I [00:03:31.065] watched, so you don't have to. But you should. [00:03:34.485] But yeah, TLDR, you totally should. [00:03:39.480] Should it hold up? No. [00:03:41.565] Does it hold up? [00:03:43.760] Mostly. [00:03:44.885] Mostly. [00:03:46.840] But anyway, to barely tie this to reality in some meaningful fashion, [00:03:51.885] Wednesday of this week, the 18th, was National Civic Hacking Day. [00:03:56.845] So close enough. [00:04:00.640] I mean, those poor Honda civics, they never knew it hit them. [00:04:05.600] Out. [00:04:07.880] You wanted to record later in the day, this is what you get. [00:04:13.320] Anyway, since it was National Civic Hacking Day and I didn't [00:04:16.225] feel like doing any actual work, I watched the movie Hackers instead. [00:04:21.000] Well done. [00:04:21.725] And yeah, like we said at the top there, I'm not going to be too hard on it. [00:04:26.565] Really, it's not that bad of a movie. [00:04:30.285] Hackers, released in 1995 and starring, let's face it, [00:04:34.145] Angelina Jolie and some other people. Hey. [00:04:38.205] Deal with it. Johnny Lee Walker, right? [00:04:40.165] That's his name? I think I'm close. [00:04:42.885] Johnny Lee Miller. [00:04:44.525] I was close. Just proved my point. [00:04:46.845] Damn it. [00:04:48.920] Anyway, the movie is about a group of high school-aged hackers who get themselves [00:04:53.825] into and out of all kinds of trouble, shenanigans, there's some Tomfoolery, [00:04:59.600] all while listening to, frankly, a killer soundtrack. [00:05:03.840] Yeah. [00:05:04.725] And just rocking all over New York City, totally unencumbered by people or police [00:05:10.485] on Rollerblades, which believe me, now and then is not something you can do. [00:05:17.800] True, but it's more likely than actually having a car chase through New York City, [00:05:22.185] which seems to happen on a regular basis if you believe action movies. [00:05:26.680] True, but this show is not about live free and die So stick to roller blades. [00:05:34.000] Okay. [00:05:34.465] By that, I mean, I'm sure you wear 12 sets of pads and still fall down. [00:05:38.520] Constantly. [00:05:40.960] I see a twig ahead of me and I'm like, I'm going down, people. [00:05:45.720] Now, this is actually pretty funny because I did see this movie when it came out, [00:05:51.165] and I probably have not seen it [00:05:54.520] since then, or close to then. [00:06:00.000] I rewatched it two nights ago or last night. [00:06:02.705] I can't remember now. It's all a blur. [00:06:06.125] Here's a fun fact. [00:06:07.885] As you said, the lead actor in the movie is, in fact, Johnny Lee Miller. [00:06:12.605] In my memory, it was Matthew Lillard. [00:06:15.645] Wow. [00:06:16.725] Now, Matthew Lillard is very much in the movie, but he is not the lead. [00:06:23.680] So shame on me, I guess. [00:06:28.920] I guess. Had Scream come out yet at that point? [00:06:31.645] Because I feel like that's what really cemented him. [00:06:34.365] I think this was before Scream. [00:06:35.845] 1996 was Scream. [00:06:37.385] So this was right before his big break. [00:06:39.520] Right. [00:06:40.525] But anyway, there's other people in the movie, too. [00:06:42.825] It's not really important. This isn't a movie podcast. [00:06:45.645] Yet. [00:06:46.705] Since it is a technology podcast, I thought I would go through [00:06:51.345] my thoughts upon rewatching it. [00:06:54.005] Now, I did not actually write these while the movie was going on. [00:06:58.005] It was maybe 30 to 45 minutes after. [00:07:00.685] I needed a sandwich. [00:07:02.685] I needed to contemplate. [00:07:04.125] You know how it is. [00:07:06.365] I do. [00:07:08.480] I will say, at least they didn't say the net or anything stupid like that. [00:07:16.520] But let's just say there are some problems with this movie from a technical [00:07:19.825] perspective in terms of what could really happen and how would it really happen [00:07:24.040] and how does it actually relate to the real world, which is the one that [00:07:27.145] we live in that doesn't have hoverboards. [00:07:28.505] Thank you for reminding me earlier. [00:07:32.205] I want to point out that also released in 1995 was The Net, [00:07:37.725] starring Sandra Bullock. [00:07:40.160] And out of the two movies, this one is slightly more accurate. [00:07:47.760] I accept that as fact, and I don't think we ever need to [00:07:50.785] speak about The Net ever again. [00:07:54.320] Okay, well, that's what we're watching for movie night [00:07:56.585] in the week, so my apologies now. [00:07:59.925] Heaven help me. [00:08:01.045] I'm bringing Rice Krispy treats. [00:08:03.800] They better be chocolate frosted. [00:08:05.665] Is there any other kind? [00:08:08.245] Moving on. Anyway. [00:08:10.760] So, yeah, that's what we're going to do. [00:08:12.145] And I should not have to say this, considering, as we said, [00:08:15.365] Hackers came out in 1995. [00:08:18.565] Spoilers ahead. [00:08:21.120] It's been 30 years, people. We're close enough. [00:08:24.800] Don't remind me. I'm still upset about the calendar. [00:08:28.000] Yes. [00:08:28.785] So without further Before we get to the real deal, here are some fun facts and [00:08:32.665] some real-life breakdowns of the hacking and/or hacking world, environment, [00:08:39.405] what have you, milieu that sets the stage and takes place in this movie. [00:08:46.840] Now, I have seven. [00:08:48.365] You might have more. [00:08:49.725] If there's time to listen to them, they're probably not as important as mine. [00:08:53.280] Almost definitely. [00:08:54.285] So number one is one that I absolutely did not know, and I was shocked to find out. [00:08:59.525] Emmanuel Michael Goldstein, of 2600 magazine Fame, was [00:09:03.465] a technical consultant on this movie. [00:09:06.845] Who what? [00:09:08.600] 2600 is a magazine and a website that existed back then [00:09:13.545] and is still around today. [00:09:15.925] And is basically the go-to reading material for the electronically [00:09:20.665] inclined breaker and enterer. [00:09:24.240] The hacking underground, as it were, has a zine, and it's called 2600. [00:09:29.045] I see. Okay. [00:09:30.645] And it's awesome. [00:09:34.040] I recommend you read it. [00:09:35.605] You're not going to get on another list. [00:09:39.360] I'm on enough already. It doesn't matter. [00:09:41.685] Funnily enough, Emmanuel Goldstein is not his real name. [00:09:44.805] It's an interesting nom de plume to sound like a real name. [00:09:50.000] The name, I think, came from 1984. [00:09:51.505] I forget now. [00:09:53.920] But anyway, as is tradition with people of that expertise in their craft and skills [00:09:59.985] in their area that go into helping a movie become right, quote, unquote. [00:10:05.565] He went in with the best of intentions, and most of what he tried to contribute [00:10:10.425] was immediately thrown out in the name of '90s movie making. [00:10:14.920] Still, there are little touches that show his influence. [00:10:19.405] The biggest one is that Matthew Lillard's character [00:10:21.865] is in fact named Emmanuel Goldstein. [00:10:25.200] It's only mentioned once. [00:10:26.545] It goes by real fast, but that's his real name in the movie. [00:10:30.080] Also, you'll see the magazine, 2600, all over the place. [00:10:35.005] The fun and cool kids are reading it. [00:10:37.205] They reference stuff and language that comes out of it, et cetera. [00:10:41.525] And sadly, when it comes to the technical accuracy, that's about as far as we go. [00:10:49.880] When this movie came out, hackers were not pleased with it [00:10:55.805] because of the movie's inaccuracies. [00:10:58.025] And hilarious, the movie was released, and part of its marketing [00:11:02.485] was a website, which was actually a new thing at the time. [00:11:06.645] Yeah, really. I don't think people remember 1995. [00:11:11.440] Not fondly. [00:11:14.280] But anyway, They created a website, and actual hackers, the ones that know how to [00:11:19.505] do things, broke into said website over and over and over again and defaced it [00:11:25.325] so many times that the studio eventually just took it offline. [00:11:30.680] Awesome. No notes. [00:11:32.405] Well done. [00:11:33.565] I found that very, very funny. [00:11:37.680] I actually tried to look up what that might have looked like, [00:11:41.485] but unfortunately, the Internet Archive did not exist at the time. [00:11:45.400] That is the same. I will remind everyone, 1995. [00:11:53.600] Number two, reverse hacking a computer is an absolute absurdity. [00:12:00.280] Now, I'm not going to highlight every single technical thing that goes [00:12:03.425] wrong with this movie, and I'm also not going to go by scene by scene. [00:12:07.040] But I think this one sets the stage for what we can expect in [00:12:09.425] terms of technical acumen. [00:12:12.280] Sure. [00:12:12.705] There is a scene, I want to say 15, 20 minutes into the movie, Johnny Lee Miller [00:12:17.545] is hacking a TV station because he wants to watch The Outer Limits. [00:12:21.800] Can't argue with that. [00:12:23.485] It's before the era of Netflix or even DVDs, really. [00:12:27.680] He somehow gets into a hacker war with Angelina Jolie's character [00:12:32.600] because she's there for some reason. [00:12:35.520] Just hanging out. [00:12:36.125] Not actually doing anything, but she's just there like you do. [00:12:41.680] Anyway, what happens then is a bunch of graphical messages thrown up on [00:12:45.625] each other's respective screens that they're typing on, implying that there's [00:12:49.465] some type of direct communication from Jolie's computer to Miller's computer. [00:12:54.640] Remember, they're connected to a third-party network. [00:12:57.005] This is absolutely not how it works. [00:13:00.280] A connection into a system like that using a modem directly [00:13:04.840] connects from one computer to another. [00:13:06.325] And that's as far as it goes, and that's the direction [00:13:08.625] that the traffic passes through. [00:13:12.200] You cannot just climb back up the pipe. [00:13:14.565] You just can't. [00:13:17.885] The protocols simply don't allow it. [00:13:20.360] I don't have a more technical breakdown as to why. [00:13:22.425] It's just you just can't. [00:13:25.680] Just like the same reason you can't have cupcakes before bed, you just can't. [00:13:30.145] Actually, that might not have been the best metaphor. [00:13:35.445] I know this one in particular was done for [00:13:40.325] narrative purposes, but everything about [00:13:42.585] the scene from a technical perspective is completely wrong. [00:13:46.560] In the real world, when you do a login like this, first [00:13:48.905] of all, there's no graphics. [00:13:51.285] No. It is a command line access only. [00:13:54.285] You don't fly around, and this goes for the rest of the movie, you just don't [00:13:58.465] fly around visual mockups of what the computer system looks like. [00:14:02.525] You can't even do that now. [00:14:03.885] You don't need a headset. [00:14:05.485] None of this, everything about this is dumb. [00:14:08.800] This is almost as dumb as it was in Jurassic Park. [00:14:12.245] If you remember that scene where Lex was navigating around the park [00:14:16.765] after she famously said, This is Unix. I know this. [00:14:23.480] It's wild that a nine-year-old would know Unix because where the fuck would [00:14:28.445] she encounter Unix as a nine-year-old? [00:14:34.480] Unix School? [00:14:38.320] Pretty sure that's the thing. [00:14:40.045] No, in Jurassic Park, what Lex was actually doing was navigating [00:14:44.905] the file system using a piece of software that came as a demo on an SGI system [00:14:51.725] that showed off the system's graphical capabilities at the time. [00:14:56.200] It wasn't even supposed to be a real utility. [00:15:00.200] It was just, look at fancy things flying around. [00:15:04.120] Which I like. I like seeing fancy things. [00:15:06.885] I mean, the only reason I even bring this up is to shorthand all of the other, [00:15:11.600] quote, unquote, hacks that are seen on screen in the movie [00:15:13.985] Hackers, or basically any other movie that features technology, [00:15:19.685] whenever someone's typing furiously on a screen and you're wondering [00:15:23.025] to yourself, how does whatever it is that they're doing actually work? [00:15:28.365] In 99. [00:15:29.505] 9% of including this one, that's not how it works. [00:15:34.320] No. [00:15:35.445] Hitting the enter key to start a program is almost never what you actually do. [00:15:41.040] Surely you're not forgetting about hitting F5 over and over and over again [00:15:44.145] to increase the intensity of the hack. [00:15:48.640] God, I love it. That's a bonus one. [00:15:50.025] I forgot to include that. [00:15:51.645] Yeah. [00:15:52.765] So moving on, though, because I don't want to just slam this thing [00:15:56.245] all the time because as fun as that is, it's not as fun. [00:16:00.285] I do want to take a moment to highlight what is actually possible, because some [00:16:05.145] of the stuff in this movie is, was, and will continue to be completely possible. [00:16:12.440] Now, in the scene that I just mentioned, before the little hacker fight happened, [00:16:17.285] Johnny Lee Miller's character had to get access to the TV station via a modem. [00:16:22.565] Remember 1995? [00:16:25.000] Yeah. [00:16:25.685] He got the number for the modem that he called into by calling the front desk [00:16:32.245] and razzle dazzling the front desk security guy with Technobabble. [00:16:37.800] Now, this is called social engineering, and it is by far the most successful [00:16:42.985] hacking that exists on the Earth. [00:16:46.080] Again, then, now, and in the future. [00:16:51.040] Actually, the movie has a ton of this. [00:16:54.205] There are a lot of examples of them doing what would be called social engineering. [00:16:58.965] Some other examples include what is called shoulder surfing, where you flat out just [00:17:02.965] watch somebody enter a password or a pin. [00:17:06.205] This one is unfortunately common around ATMs, so watch yourself. [00:17:10.165] But also, pretending to be employees or contractors and just flat out [00:17:15.360] walking into a restricted building or an area of a building. [00:17:20.520] Wear some overalls and pretend like you're supposed to be there. [00:17:23.120] If you have a ladder or a checklist, you can walk straight into [00:17:28.985] Fort Knox, I swear to God. Clipboards, man. [00:17:32.280] It's the golden ticket. [00:17:34.525] And now for a brief message from our sponsor, Integro1. [00:17:37.560] Our technology landscape is constantly evolving, and it's getting difficult [00:17:42.345] to separate the hype from the reality. [00:17:44.405] Is AI really the next big thing? [00:17:46.885] Will WebAs anomaly change application deployments forever? [00:17:50.080] Is the era of public cloud over? [00:17:52.485] Or is it just getting started? [00:17:53.965] I find the best way to discover the truth is by talking to other practitioners and [00:17:59.105] hearing from folks who have their finger on the pulse of enterprise IT. [00:18:02.645] That is exactly what you'll find if you'll be able to connect with like-minded [00:18:07.225] professionals, get one-on-one demos from technology experts, [00:18:11.245] and attend over 60 interactive sessions. [00:18:14.205] You might even get a keynote from me, Ned Belivance, on the Reality of AI in 2024. [00:18:19.800] It's two days of learning, connecting, and growing with fellow IT professionals. [00:18:24.560] If that sounds good to you, join me at the Wind Creek Casino on October first [00:18:28.705] and second for one DICON 2024. Now back to the show. [00:18:33.120] Kevin Mitnik, probably the only hacker anyone outside of IT has ever heard of, [00:18:38.165] famously talked about how most of his success came more from [00:18:41.945] social engineering than anything else. [00:18:44.600] Sure. [00:18:45.165] I am not saying that to disparage his technical acumen at all. [00:18:49.600] He did have the technical chops. [00:18:51.560] He did. [00:18:52.960] But if you look up the way that he talks about it, or if you read his, [00:18:57.840] it could have used an editor book. True. [00:19:02.840] Everything he does centers around and is essential to it is social engineering. [00:19:09.525] There's one quote that's worth sharing in full, because I think it [00:19:14.120] makes the point better than I could. [00:19:15.485] Now, this was after his whole thing had been over. [00:19:18.345] He was out of jail. He was now becoming a security apostle [00:19:24.320] in the wilderness, as it were. [00:19:27.005] He said, A company can spend hundreds of thousands of dollars on firewalls, [00:19:33.525] intrusion detection systems, encryption, and other security technologies. [00:19:38.320] But if an attacker can call one trusted person within that company [00:19:43.405] and that person complies and the attacker gets in, then all of the money spent [00:19:49.545] on that technology is essentially wasted. [00:19:54.160] Again, that was true then, that is true now. [00:19:59.000] It's funny because this actually reminds me of an XKCD comic where these bad guys [00:20:05.065] have a guy tied to a chair, and they say they're going to use a multimillion [00:20:08.960] dollar computer to crack his password. [00:20:10.485] The other guy says, What if I just hit him on the knee with this hammer? [00:20:16.280] Seems effective. [00:20:18.400] A little more brutal social engineering, but I think you get the idea. [00:20:23.320] Indeed. [00:20:25.280] Number four, and this is going to be a bummer for a lot of people [00:20:27.545] who think this idea is fun, the idea of skimming money off of every transaction [00:20:32.965] and stealing it for yourself is dumb. [00:20:36.960] It's dumb here when the bad guys are doing it. [00:20:40.600] It's dumb in office space where the good guys, Is it? [00:20:47.200] Morally ambiguous. [00:20:48.720] There we go. [00:20:49.685] Tldr, it's dumb every time people talk about it. [00:20:53.920] Even in Superman 3. Yeah. [00:20:56.080] Now, it does, in its defense, have a cool name. [00:20:59.600] It's It's referred to as salami slicing. [00:21:03.480] It is. You can look it up. [00:21:05.405] You actually can look it up. [00:21:06.920] I believe you. In fact, there's a link in the show notes. [00:21:08.745] It talks all about it. [00:21:11.240] In any event, in case people aren't familiar, the idea is transactions [00:21:17.345] on this scale, they don't divide evenly. [00:21:19.560] You end up with fractions of a cent. [00:21:22.400] You round them down in your favor, leaves you with a teeny tiny bit, and [00:21:27.225] you put that money in a separate account. [00:21:29.600] Then And that just becomes your money, apparently. [00:21:33.725] Apparently. [00:21:35.080] Now, the myth of doing this in business actually goes back way further [00:21:39.425] than I thought, at least as far as 1978, [00:21:44.745] which is wild if you think about it. [00:21:47.080] Yeah. [00:21:48.245] I didn't know we had math in 1978. [00:21:52.880] Now, the idea in practice is even older than that. [00:21:57.485] In the old, old, old, old days, when we used actual gold and silver coins, people [00:22:04.385] would what's called clip the coins. [00:22:07.725] What you would do is you get a coin in a transaction and you get a real sharp [00:22:11.925] knife or some way to slice it, and you take off the tiniest possible amount [00:22:16.445] of that coin, like 0. [00:22:18.585] 5 %, just tiniest little nibble. [00:22:23.005] Small enough that whoever you give that coin to next doesn't [00:22:26.105] notice that there's a piece missing. [00:22:29.120] You do that enough times, now you have a pile of gold that you [00:22:33.345] can get processed at the gold store? [00:22:38.360] I don't know. Smith? [00:22:39.885] Yeah. [00:22:42.080] Is that why coins are milled around the edge so you can see [00:22:47.865] if someone has cut it. [00:22:49.285] That is exactly why coins are milled. [00:22:53.200] Back in the day, in the 1700s, that was not a thing that was possible. [00:22:57.725] Therefore, always flat edges. [00:23:02.280] Now, fast forward to now with our digital currency, and this is even less feasible. [00:23:08.840] There are in accounting, frankly speaking, too many checks and balances. [00:23:14.485] And eventually, and probably extremely soonely, someone in accounting [00:23:19.965] will notice that things don't add up. [00:23:22.360] And I don't know how many accountants you know, but they get real upset [00:23:25.645] if things don't add up. [00:23:27.205] Oh, yes. [00:23:30.000] That's actually one of the things in office space [00:23:32.145] I think that is super realistic. [00:23:33.245] If you remember, they do the scam, and it is the next day [00:23:37.765] that accounting knows that there's, quote, a lot of money missing. [00:23:42.320] Here's the thing. [00:23:43.805] If there were 12 cents missing, the same shit would have happened. [00:23:50.160] True. Yeah. [00:23:51.645] That is what accounting is there for. [00:23:53.840] Exactly. [00:23:54.925] To account for things. [00:23:56.245] And also, remember that other part where the money had to go [00:24:00.145] into some other account? [00:24:03.205] Well, believe you me, the banks know where those accounts are and who opened them. [00:24:10.840] They're required to. [00:24:12.485] Yeah. [00:24:14.200] They take that stuff real serious. [00:24:16.805] Financial fraud, bad. [00:24:20.680] Unless you do it at a significant enough scale. [00:24:24.205] True. [00:24:25.720] Then you might be okay. [00:24:28.965] Next up. [00:24:30.165] One of the claims in the movie that annoyed me and surprised me [00:24:34.360] all at the same time. [00:24:36.245] The movie claims that the most commonly used passwords [00:24:39.625] were love, secret, sex, and God. [00:24:45.360] Even in 1995, this list was absurd, although not as absurd [00:24:51.080] as I would have thought. [00:24:52.025] And this little tidbit right here, several hours of research [00:24:56.045] because I have to remind you, 1995. [00:25:00.285] Yeah. [00:25:02.640] Now, as we all know, the modern list of popular embarrassing passwords [00:25:07.545] that people still use for some God forsaken reason include such gems [00:25:11.385] as password and 1, 2, 3, 4, 5, six. [00:25:16.520] Ostensibly because it's one more than 1, 2, 3, 4, 5. [00:25:19.925] It's when we bumped up the character minimum to six. [00:25:24.480] But according to an article published in Business Week back in 1997, [00:25:28.545] the most commonly used passwords were, and these are not in any particular order, [00:25:35.000] the user's first name, last name, or child's name, the word secret, [00:25:40.405] so they got one, stress-related words such as deadline or [00:25:43.985] work, sports teams or sports terms, [00:25:51.760] the word payday, the word bonkers. [00:25:56.600] That's random. [00:25:58.565] I meant to look into that, and I decided to move along. [00:26:02.685] Then we rounded out the list with the current season, the user's ethnic [00:26:06.725] group, just flat out repeated characters like a capital A 10 times, [00:26:12.080] or obsinities and sexual terms. [00:26:15.645] Being that this was business week, they did not go into detail. [00:26:20.225] However, I think it was worse than just the word sex. [00:26:23.525] When I was working as a desktop admin and help desk, there was a gentleman, [00:26:31.005] whose name I won't repeat, but he was universally [00:26:33.665] known as an office creep by the ladies and just generally despised by everyone. [00:26:40.485] And I had to set up a new laptop for him. [00:26:43.525] And so I asked him what his current password was. [00:26:46.560] And it was superior. [00:26:50.005] And I remember that to this day because I was like, of course it fucking is. [00:26:54.120] What a douchebag you truly are. [00:26:58.080] That's magical. [00:27:00.005] It's nit, though. [00:27:01.960] You're welcome. [00:27:03.245] Now, even in 1997, Business Week knew that this shit was a bad idea. [00:27:08.885] And I quote, The main point to be made here is that users should [00:27:13.545] avoid to use these types of passwords. [00:27:17.640] True then? [00:27:18.885] True now? Now. [00:27:20.640] Now, these days, we did get away from relying exclusively on passwords, [00:27:25.840] or at least have made passwords better. [00:27:28.725] Think password managers, think MFA, think passwordless, et cetera, et cetera. [00:27:35.800] But seriously, even back then, there was such a thing [00:27:39.985] as password complexity requirements. [00:27:42.880] The idea that something like the Gibson, A, would be externally facing, [00:27:48.645] and B, would allow itself to have an administrator with [00:27:51.865] the password that is three letters long called God defies belief. [00:27:57.880] Bearing in mind that Penn and Teller were elite hackers in the movie, and [00:28:04.120] you would think that elite hackers would know not to set a three-letter password. [00:28:09.280] Precisely this. [00:28:12.000] I guess I could put in 5A the fact that they were accessing the Gibson [00:28:16.385] on the open network is absurd. [00:28:19.640] But real computers like that are a lot more like Mission Impossible. [00:28:24.285] That first movie, the only one that's good. [00:28:29.000] Shots fired. I'm fighting words. [00:28:31.160] I've been triggered. [00:28:34.880] Okay, let's get back to a couple of things that the hackery people [00:28:38.705] do in this movie that are correct. [00:28:41.485] Okay. [00:28:43.040] There's a scene where the hackers sit in their somehow impossibly clean and [00:28:47.545] smoke-free club with no adults anywhere. [00:28:51.040] They're supposed to be in high school, right? [00:28:52.465] Yeah. [00:28:53.725] And what they do is talk about computer books and just plop them on the table. [00:28:59.965] And every single one is a real book that anyone in computer science [00:29:05.625] at the time would recognize. [00:29:08.680] If you work, even you didn't have to be a hacker [00:29:11.445] to have the Unix Bible, for example. [00:29:13.305] You just needed that shit to work. [00:29:18.240] But again, it was cool that they just threw those nods in to say, [00:29:22.585] Hey, yeah, we did pay attention. We know what books are. [00:29:28.120] They're not all that interesting, though. [00:29:29.525] Nobody he's going to go, when you drop the devil book on your table. [00:29:35.045] That part was a little excessive. [00:29:37.080] But anyway, it was a fun nod to the real world. [00:29:40.565] Something else, though. [00:29:42.885] A lot of the phone stuff that is done as little throwaway gags and also to show [00:29:48.360] the character called Freaks Bonafides. [00:29:51.965] Completely accurate to the time and would work. [00:29:56.600] They didn't even suss it up in a way to disguise it. [00:30:01.360] That shit would have worked just on the jump. [00:30:04.840] Stuff like recording the sound of a coin falling into the canister [00:30:09.045] and playing it into the mouthpiece of a phone for certain pay phones, [00:30:14.805] you would now have a free phone call. [00:30:17.960] It's wild. [00:30:19.920] Also, at the time, we had a combination of push-button dialing [00:30:24.840] and pulse-tone dialing, which is what a rotary phone does. [00:30:29.680] So what you could do is take the phone off the hook, hit the little hanging-up-y [00:30:33.865] thing at the right rate, at the right pace, and it would simulate a pulse dial. [00:30:38.840] And again, on the right pay phone, you would be able [00:30:41.905] to call out any number you want. [00:30:44.405] Wow. [00:30:45.760] Now, there's more to it than this. [00:30:47.045] There's a lot of things you can read old stories of people who, [00:30:50.205] with perfect pitch, could whistle into the phone and simulate [00:30:53.425] the sounds of control characters. [00:30:57.320] Apparently, the whistle that came with box of Captain Crunch made the exact correct [00:31:02.925] pitch that you could get the system to acknowledge and you could make [00:31:08.925] long distance phone calls for free. Yeah. [00:31:12.480] Now, they throw a lot of other language, and they talk about things [00:31:15.025] like red boxes and whatnot. [00:31:16.145] They don't delve into it deeply, but in terms of technology, it's some of [00:31:20.265] the most accurate stuff that they've got, which I thought was interesting. [00:31:23.725] Yeah. [00:31:25.400] Why did this work? [00:31:27.840] This worked because the phone system was created in the analog world, [00:31:32.360] and it was just not secure because the thinking went, who would [00:31:37.785] be dishonest with the phone company? [00:31:40.320] Yeah. [00:31:41.120] In some cases, there was no good workaround. [00:31:46.480] So even if the phone company was aware of what people were doing, [00:31:51.285] they couldn't just change the signal tone for the control line. [00:31:54.920] That was not a thing they could do. [00:31:56.225] So it was like, I guess we just deal with it. [00:31:58.040] Right. [00:31:58.885] Well, one of the things they tried do is they put out a new line of pay phones [00:32:02.185] where the mouthpiece was not activated until the coin physically [00:32:05.625] fell into the device. [00:32:08.165] This, of course, caused the devices to be more expensive. [00:32:13.080] Problematic. [00:32:14.600] Indeed. [00:32:15.445] Doing these kinds of phone manipulations was called freaking. [00:32:20.920] Unfortunately, it's gone more or less the way of pay phones, just [00:32:25.625] to say it's not really a thing anymore. [00:32:29.445] Right. One throwaway line when the characters [00:32:36.585] were all talking about [00:32:37.725] Angelina Jolie's character's laptop, that was funny to me, particularly [00:32:43.185] considering the movie came out in 1995. [00:32:46.165] And I quote, Risk is going to change everything, immediately [00:32:51.025] followed by, Risk is good. [00:32:56.360] I love this. [00:32:57.805] And that's it. [00:32:58.985] They're done talking processors. [00:33:01.320] But in 1995, Intel absolutely ruled the world of computing. [00:33:06.600] X86-based CPUs were literally the non-Apple consumer's only option. [00:33:11.965] If you remember Power PCs from 1995, I'm sorry. [00:33:17.925] I had one. [00:33:21.640] When they said that Risc was going to change everything, I was like, [00:33:25.625] I have a Risc processor in my desktop. [00:33:29.920] It was awful because it was OS9. [00:33:32.880] Right. [00:33:33.885] Yeah. [00:33:34.205] There was a fall before the rise, as it were. [00:33:38.240] Indeed. [00:33:39.045] But anyway, 1995. This was the Pentium Pro days. [00:33:43.440] Cpus running at a blazing 200 megahertz. [00:33:47.120] Count them, sir. [00:33:50.040] Now, other things that were funny, AMD did exist. [00:33:55.240] Amd released what they called the K5 at the time, and it was their very first [00:33:59.805] competing against Intel using AMD designs and fabrication. [00:34:06.400] It didn't go great. [00:34:08.680] It didn't go bad. [00:34:10.520] It didn't bankrupt the company. [00:34:11.545] Obviously, they stuck around. [00:34:13.525] Amd is basically the bee's knees these days. [00:34:16.765] Say that four times fast. [00:34:19.080] No, thank you. [00:34:19.805] Not five. You'll get a headache. [00:34:22.560] But yeah, in 1995, Intel was top of the heap and everybody knew it. [00:34:27.800] But something else, this was not in the movie, but this was in 1995, [00:34:32.240] the Cyrix processor. [00:34:35.040] Who remembers this besides me? [00:34:38.565] I do, and I don't know why. [00:34:42.640] Cyrix was a company that spun off of Texas Instruments, who you might have heard [00:34:47.960] of because if you're a person of a certain age, they definitely [00:34:50.625] made your calculator in high school. [00:34:52.805] They started their company's life making math coprocessors, [00:34:59.325] which was a thing at at the time. [00:35:01.840] And Cyrix had a lot of success with this, and they decided to take [00:35:05.945] a shot at Intel as well. [00:35:07.720] At first, they actually were doing okay. [00:35:11.240] They released a 486 chip that was not as fast as its Intel counterpart, [00:35:16.405] but it was significantly cheaper, like two-thirds less expensive. [00:35:22.680] Wow. [00:35:23.065] And for one shining moment, we all thought that Cyrix was going [00:35:27.625] to happen, even more than AMD. [00:35:30.185] If if I'm remembering correctly, which I'm probably not. [00:35:33.885] Now, considering that you've definitely never heard of Cyrix, if you're not [00:35:38.185] me or Ned, you probably already know that Cyrix didn't, in fact, happen. [00:35:44.765] It was a brief moment. [00:35:47.400] Pentium came out, or Pentium Pro came out, I should say, [00:35:49.665] and that was the end of that. [00:35:51.325] Intel took over for a solid 12 to 15 years. [00:35:56.400] But link in the show notes if you want to check out [00:35:59.225] some amazing computer ads from the 1990s. [00:36:03.320] I don't know about the computers, but they definitely don't [00:36:05.265] make the ads like they used to. [00:36:09.160] But anyway, fast forward to now, and risk chips are absolutely everywhere, [00:36:14.805] including, once again, in Macs. [00:36:17.925] Except they're good now. [00:36:19.925] Yeah, much better. [00:36:22.285] Risk chips are used to drive your phone. [00:36:25.445] And as we recently discussed, even Windows laptops are starting to ship with them. [00:36:30.845] And apparently, they do good. [00:36:33.405] They do. [00:36:34.565] Still very happy. [00:36:35.765] This is very funny to me that Risc is going to change everything [00:36:39.845] with something that the movie was completely right about. [00:36:43.605] Just, you know. [00:36:46.360] They're off by 30 odd years. [00:36:50.080] Indeed. [00:36:52.080] That might be the least fun fact of all. [00:36:57.200] That 1995 was like- You don't need I keep mentioning it. [00:37:00.345] 30 years ago. [00:37:02.605] Why? [00:37:05.280] Why do you hate me so? [00:37:06.805] I really don't. [00:37:08.285] I just, to quote the kids these days, I just can't. [00:37:12.885] I just can't with this. [00:37:16.680] I think that I need to go have a lie down and pretend that Jurassic Park [00:37:21.965] is up for Oscars this year. [00:37:26.920] Hey, thanks for listening or something. [00:37:28.405] I guess you found it worthwhile enough if made it all the way to the end. [00:37:31.305] So congratulations to you, friend. You accomplished something today. [00:37:33.885] Now you can go sit on the couch, watch Johnny Lee Miller in Train Spotting. [00:37:37.840] He's excellent. [00:37:39.600] Don't inject any heroin into your body. [00:37:42.405] And enjoy it. Choose life. [00:37:44.160] Choose life. Choose life. [00:37:45.485] You can find more about the show by visiting our LinkedIn page. [00:37:48.345] Just search Chaos Lever or go to our website, chaoslever. [00:37:51.465] Com, where you'll find show notes, blog posts, and general Tom Foulery. [00:37:55.005] We'll be back next week to see what fresh hell is upon us. [00:37:58.145] Ta-ta for now. [00:38:05.880] Now I'm creating a new shared universe where Train Spotting [00:38:09.625] is the sequel to Hackers.