[caption id="attachment_14308" align="aligncenter" width="500"] Image credit: SlashGeek.net[/caption]
Isolate the node and dump them on the other side of the router! Zoom in on that blob! ENHANCE!! Type at lightning speed, and for God's sake, man, don't ask a real-life techie whether any of this approaches reality WHATSOEVER!!
The scene: Naval Criminal Investigative Service (NCIS) room fully of blinky computer-like things.
NCIS Forensic Specialist ABIGAIL "ABBY" SCIUTO: "No way. NO WAY."
[Cue frenzied keyboard tapping, Clickety clickety clickety!!]
ABBY: "I'm getting HACKED!!"
And just how can you tell you're getting hacked, Abby?
Oh, I see. Because there are windows opening and closing on your monitor really really fast!
Abby then does what all law enforcement cyber-forensics professionals would do if they were fictional characters: She asks her boss, McGee, to do something, and that's why he joins her at finger-bleeding-fast clickety-clickety-clicking.
On the same keyboard.
It's like a piano duet! It's chopsticks! You play bass, McGee, and I'll take the clickety melody!
We're talking, of course, of The Boneyard episode. It's a classic of completely, ludicrously unrealistic Hollywood portrayals of law enforcement's use of computers. The YouTube clip is titled "NCIS 2 IDIOTS 1 KEYBOARD". At nine years strong and infinity miles dopey, it's been garnering hilarious, scathing contempt since the TV episode aired in 2004.
Let's look at other examples of such pearls of wisdom, formed when a technical-sounding word gets stuck in Hollywood's maw and is then coated in many, many layers of dumb, to form an iridescent, lucid moment of, oh, blah blah blah, words words words, tech tech tech. There. That's me, writing like a Hollywood scriptwriter.
Did I make it sound coherent?
Who cares? Hollywood doesn't! Let's go!
1. NCIS: The Boneyard
Where to start? Let's take the line, "I've never seen code like this!"
XlordLightningX makes a cogent point in the YouTube comments: What type of hacker, exactly, would show his (or her, Abby asks, in politically-correct gender fashion, in spite of being in the midst of frantic keyboard banging) code to a hacking target? Or would make it stream across a screen, for that matter? Would randomly open and close windows?
The truly marvelous boner, though, of course, is the act of synchronized keyboard typing. As commenter Vizzerdrix42 pointed out, with that kind of logic, the hacker probably outdid NCIS by sheer fingerpower. He (or she!) "probably had three people on their keyboard, that's how they were so fast!"
But the best comments on this episode are rendered in like fashion to the duet typing.
To wit, as moniker127 commented recently:
"I will now attempt to hack this webpage.
"dqwiowehuio[ufowe[o[uwiowyueoyuwefefewfwefwefwewefwefwefweksksixiwi wiwusu wuuiqw iuw iwudbn wqiudwq iduqwh diwuqhd wqiuhd iuwqhdeywgbd wtvwqhjg vsjahbdj khsabdiwqiuwqiuiudwiuqiu iwuqdiu wqduiwq iudwqiu wdiuwhd iuwqhdiwu hiwquh diuwqh diywqydwbd iuwqbdiqwybdiwuqb wdqiybw idyubiwquydbi wqiyuqwhb idybwq iydb wqiud bwqidb wqbdiwyqg diyuwqbn diywuqb diouwhq biudbwq dowqiyudbwq ouydbwq dwqoydbwqo iwqwiqwqpdywqywqpdyw WHY ISNT THIS WORKING I'M HACKING SO HARD!!"
Duh statement: In real life, hacking doesn't blink on your screen like a video game. Hackers don't show you their code. And get your fingers off my keyboard before I stab you.
2. Jurassic Park: Kid knows UNIX, saves everybody from toothy demise.
The velociraptors are coming. The kids are in the control room. Girl kid sits down at a computer.
"It's a UNIX system. I know this," she whispers.
Thank goodness, little girl, because that means the system has all the files of the whole park of bitey death, and beyond that, it Tells You Everything. All you have to do is find the right file, which you do in precisely 59 seconds.
[ Screaming ] - [ Grunts ] [ Creaking ] - [ Screams ] - [ Screams ] - Aaah! - [ Screaming ] [ Purring, Growling ] [ Purring, Growling ] [ Screaming ] [ Roaring ] [ Roaring ] [ Roaring ] [ Hissing ][ Roaring ] [ Purring ] [ Growling ] [ Growling Continues ] [ Growling ]
After which everybody's in the helicopter. Bantering ensues.
Wow, that was close, wasn't it? It sure was a good thing that kid knew UNIX.
OK, so Jurassic Park is not law enforcement, per se, but with such skill, that kid is destined to grow up to be an NCIS Forensic Specialist.
A techie friend who in real life actually does know UNIX ("I know this," he whispered to me on the phone. I hung up, thinking he was a perv) delicately describes this movie portrayal as a "disconnected expectation" that someone would know how to jump into UNIX and do anything—anything at all—without knowing the vagaries of a given location.
"There's similarities hopping from one system from another," he told me. "But being able to save the day? and the plot? and the budget for the movie? Pretty ludicrous."
But UNIX is just so all-powerful and magic, and very, very easy for a nerd to execute.
Duh factor: It's not. It's just not.
3. Sandra Bullock in The Net
"We all live in the age of information," the narrator says, through what sounds like gritted teeth on the trailer for The Net. "Every trace of our existence is computerized. Everything about us is included, somewhere, on a complex net of information."
OK, that sounds about right. Hello, NSA!
"Computer analyst Angela Bennett was just doing her job, when she stumbled onto to something... she never… should… have seen. Something... that reaches farther than she could ever imagine. Now........ they're manipulating her world."
Manipulating her world? Oh, no! How did they do that? Gosh, I guess "They" erased her identity. Changed her name. Put out an outstanding warrant for her arrest. Fudged somebody's medical records to give him a history of diabetes (OW! Young man, I've had just about enough with the needless and potentially fatal insulin injections!)
So here's the thing. I called up Nick Selby. He was a police officer, has a background in cyber incident response, and is co-founder and CEO of StreetCred Software. The company develops real, actual, not-ridiculous technology for real, live, breathing law enforcement types to catch fugitives, using big-data techniques on public records, criminal justice data, and open-source information. The technology crunches that data to predictively assign officers to fugitives who should be fairly easy to catch. For more serious crimes, it builds link analysis, finding fugitives' relatives or other people in their communities so as to zero-in on the fugitives themselves.
"OK, Nick," I said, "Let's compare that slickly manipulated world of Angela Bennett to the lives of human-being-type law enforcement."
Erase Angela Bennett’s identity? Cops can run somebody’s license plate or driver's license, but only under magically strict conditions—like, blue moon, stand on one leg, recite limericks. Maybe that's hyperbole, but Fourth Amendment issues guide their actions. Except in investigations, most cops aren’t even allowed to even look at Lexis Nexis, Selby says, without good reason, because those searches cost money.
And all those disparate information sources being tweaked in The Net?
Real life: Selby watched a college-educated woman type from a computer on her left side into a computer on her right side. That's her full-time job. She works in a fugitive unit in West Texas.
In real life, fugitive hunters seeking violent felons have to pay a college-educated woman to retype things already in the database. Why? Because of licensing agreements.
Whoever "They" are that mucked up Sandra Bullock's movie life must have been doing some seriously dedicated ignoring of licensing terms. I mean serious. Don't you go and tell Microsoft, now! "They" would have to do something super bad, like destroy Microsoft's biography and studio photo!
Which brings me to another thing worth mentioning about The Net: Angela Bennett runs a whois query and gets someone's entire biography and studio photo.
Really? Geez. I ran a whois on my own site and only got this:
- Domain Name: LISAVAAS.COM
- Registrar URL: http://www.godaddy.com
- Registrant Name: Lisa Vaas
- Registrant Organization:
- Name Server: NS3157.HOSTGATOR.COM
- Name Server: NS3158.HOSTGATOR.COM
Clearly, I'm doing it wrong.
Or maybe "They" deleted my studio photo and biography!
Curse you, They!
4. I'll create a GUI interface using Visual Basic, see if I can track an IP address.
Now just look at what you've done, CSI programmer lady. You've made YouTube commenter GGEzRa hurt. His brain is bleeding.
CSI programmer lady, GUI stands for graphical user interface, so you just said you'd go create a graphical user interface interface. But beyond your repetitive redundancy of repeating things, you might have well have said you'd build a TV to see where the killer lives.
"Child's play!" Nolonar said in the YouTube comments.
"I'll go masturbate in the corner, see if I can track an IP address," HerrKnitler offered.
Duh statement: You do not need to create a tool from scratch to search for an IP address. Try WikiHow, one of many, many online resources that can walk you through tracing an IP address via pinging a site, checking an e-mail header, or using whois or IP-Lookup.
After that, did you actually want to find somebody? Do you then want to arrest them? You might need to cobble together a pair of shoes to leave the building, and then you should probably ask around for iron deposits you can mine to make a gun.
It's like making a GUI interface, but with a bullet-producing gun bullet maker.
Piece of cake.
For geolocation of the perp—yes, you can use that in a script, but make sure to send me 25 cents every time a character says it—try a tool called IP Location.
Which brings us into the broader topic of TV cop shows with fancy computers in their cars: Nick Selby says that the average incumbency of technology for law enforcement (and we are obviously talking local police, not anything of the NSA's XKeyscore ilk)—as in, the monitors you see in police cars, for example—is 18 years old.
Only when the pain of data conversion is overcome by the pain of not having access to data does an upgrade happen, Selby says. "When you look at a police car, what you will see, no kidding, is Clinton-era front ends. We're looking at green screen, text only. This is kind of why I giggle a little when people talk of police surveillance level [outside of at the national level]."
The back ends are from the Reagan era.
5. Blade Runner “enhance scene” as the epitome of the countless "Enhance!" moments in just about every cop movie and show
Blade Runner Rick Deckard is on the case. He's seeking AWOL replicants. His job: to sprawl in a comfy chair, drink, and mainline a highly pure version of Photoshop that apparently allows users to bend around corners in what anyone of our own primitive time might think are 2D images.
It's the future, but it's grungy here on-world, so we have sounds like camera shutters clicking throughout the scene:
DECKARD: Enhance 224 to 176. Enhance, stop. Move in, stop. Pull out, track right, stop. Center in, pull back. Stop. Track 45 right. Stop. Center and stop. Enhance 34 to 36. Pan right and pull back. Stop. Enhance 34 to 46. Pull back. Wait a minute, go right, stop. Enhance 57 to 19. Track 45 left. Stop. Enhance 15 to 23. Give me a hard copy right there.
Deckard, that android is easy to find. Here's how: It's just a step to the left pixel, and then a jump to the right! You put your hands on your hips, and bring your knees in tight!
In the real world, Tim Dees is a retired police officer and criminal justice college professor who now writes about technology as it's used in law enforcement and corrections.
Tim, tell us, do police really have an "enhancer" for unblurring blurry photos, or is that just a fantasy?
"There are some enhancing techniques that can be used to clear up a photo or video," he says, "but they're mostly adaptations of techniques available within Photoshop and similar software packages. The stuff you see on TV, where the detective says, 'Enhance that for me' and the detail of the license plate or the suspect's face emerges in crystal clarity from what had previously been a blob—that's TV stuff only."
As YouTube commenter Cooper Carr said, this is what we have to look forward to in Photoshop CS 73. Only 67 more updates to go!
6. Skyfall: the entire movie
The epic bloodfest of technology butchering, Skyfall, circa 2012, received beaucoup anti-accolades for depictions of hacking that the filmmakers could have actually gotten right without making any plot changes.
Nick Selby tells me that he and a bunch of his tech buddies were howling in the theater, and after I found this excellent analysis of the film by Annalee Newitz, I can see why.
Newitz talked to Adam O'Donnell, the chief architect at security tech company Sourcefire, who pointed out this highlight, among many:
Silva, the only evil cyberhacking Bond villain ever, manages to break into an insecure laptop or router to take over M's monitor. OK, that's cool. Plausible. Then the nastygram-sending villain does it again. And again. No cybersecurity expert takes the non-secure system offline.
"Who the hell allows a chief of station to use a compromised laptop?" O'Donnell said.
Wouldn't Q have just, like, taken the laptop offline and cleaned it up?
He must have wandered off the movie set and gotten run over by the food truck.
That's so sad.
Then there's the bit about Silva telling Bond that he took control of the computer-controlled gas mains inside MI6 and set off the explosion in M's office.
That's actually not completely stupid. Here's what O'Donnell told Newitz about it:
"Yes, things were dressed up for film, but there were some kernels of truth. Software can destroy machinery and cause an explosion, but there are so many conditions attached that it is pretty impractical. If there was gas lines on that floor and if there was a control system attached and if that control system was attached to the internet and if there were no physical safeties and if there was an ignition source then it would be theoretically possible to blow up the floor using a software attack."
Stuxnet is an example of real-world hardware hacking. The virus was created by the USA to mess with centrifuges at an Iranian nuclear facility, and it did just that. The implanted computer worm's orders to slow down and speed up the centrifuge's delicate parts damaged them, and at one point, debris from a damaged centrifuge was reportedly laid across the conference table at the White House's Situation Room to demonstrate the malware's potential power.
Stuxnet managed to temporarily disable 1,000 centrifuges that the Iranians were using to enrich uranium.
But then it accidentally escaped into the wider world.
7. There is no 7, because 'They' isolated its node and dumped it outside the firewall.
But wait, before you go, go watch communitychannel's summary of everything wrong with hackers in movies.
Although They tried to isolate it and dump it outside the firewall, communitychannel must have used the polymorphic engine (the one that Skyfall writers cooked up for it) to wrap its lace doily tentacles around the nodes and hang on.
And you do know that scriptwriters have a competition going, to see who can write the stupidest technology scenes, right?
At least that's what somebody suggested in YouTube comments.
Every time a technical minded person winces at the movies or in front of a TV, a puppy dies, and a Hollywood screenwriter smiles.
Got any other embarrassingly inaccurate Hollywood portrayals of law enforcement that we didn't cover? Feel free to contribute your own favourite scenes to laugh at in our comments.