Thursday, May 17, 2018

Confessions of a Star Wars Fan

I have a confession to make. I'm not really a fan of science fiction. There are exceptions, of course. Star Wars: A New Hope jumps to the top of my list. I'm a HUGE fan. So are most of my peers in the cyber crime fighting world. Including those who, like me, may not be the biggest sci-fi fans. It occurs to me the exceptions – the sci-fi books and movies I enjoy – often have a hacker theme. Even Star Wars.

What? I hear you ask. Star Wars is a hacker movie?

Yes, yes it is.

Some parts are obvious. Like Princess Leia saying, in reference to the stolen Death Star plans, "I only hope that when the data's analyzed, a weakness can be found." That's classic reverse engineering.

There are other hacker-y scenes, too.

Luke triggering the hologram, for instance. It was meant for Obi Wan's eyes only but Luke accidentally made R2D2 play a snippet. In other words, he inadvertently exploited a vulnerability in the droid.

When Luke and Han pose as storm troopers with Chewbacca in handcuffs to trick their way into the detention area, that's an example of social engineering.

R2D2 plugging into the port to find Leia in the first, place, that's penetration testing. Once R2 has that digital foothold, the droid turns off the trash compactor. This is an example of lateral movement within a now-compromised network.

Obi Wan gets in on the vuln exploitation by finding and shutting down the tractor beam holding the Millennium Falcon. Sure, he does it manually, but, hey, it worked.

And when our heroes get away, Leia says, "They're tracking us." There are several ways that could be cross-referenced to cybersecurity. For years, content providers have used tracking pixels on web pages as a way to combat lookalike phishing pages. Honeypots have been around for ages, too, which are computers or virtual computers intended to be hacked so the good guys could watch and see what the bad guys do. More recently, canary tokens/files have gained popularity, named for "canary in a coal mine." Like honeypots, these are lures to attract miscreants to see who might be stealing data and where the stolen data ends up.

Maybe it's a perspective thing. Or maybe it was intentional on George Lucas' part. Either way, to me, the first Star Wars movie, A New Hope, isn't what I think of as typical science fiction. It's one of my favorite hacker flicks.

May the Force be with you.

No comments:

Post a Comment