LINUX SECURITY --- June 12, 2001 Published by ITworld.com -- changing the way you view IT http://www.itworld.com/newsletters __________________________________________________________________________ ______ HIGHLIGHTS * "Swordfish" is just another in a long line of films glorifying hacking and lacking technical credibility. __________________________________________________________________________ ____ Hollywood Strikes Again with "Swordfish" By Rick Johnson I know what you are thinking, "This is a security column, what does the latest blockbuster film have to do with security?" Well, this particular film is filled with hacker, security, worm, and firewall references. And in typical Hollywood fashion, check reality at the door. Hollywood has never been too grounded in reality when portraying hacking in the movies. Throw in a conversation about breaking through a 128-or 512-bit encrypted firewall and it almost sounds impressive, but then you realize the technical consultant must have the security background of your average Windows user. "Swordfish" starts by referencing a Finnish master hacker whose last name is Torvalds. Coincidence or the beginning of a 100% buzzword compliant movie? Hugh Jackman is believable as a hacker, though. To illustrate his qualifications, they detail how he infected the FBI's Carnivore with a virus two years ago as a form of heroic vigilantism. Warner Bros. Even tried to show some of hacking's consequences, as Jackman just finished serving 18-months in prison for his crime, although it almost sounds noble. Our hero is charged with building the ultimate worm to steal a large sum of money, all done in the name of saving his daughter. They sit him in front of a super computer with almost a dozen monitors and an unrecognizable OS that actually looks just like the humorous "Movie OS" of User Friendly comic strip fame (http://ars.userfriendly.org/cartoons/?id=20010111). To handle this programming feat, Jackman uses 3D objects for programming, which looks like assembling an onscreen Rubik's cube, to complete the master of all hacking software. Hollywood has never been able to responsibly demonstrate any aspect of computing. From the 3D worlds of "Hackers" and "Johnny Mnemonic" to the bad technical consulting on "The Net", very little realism ever makes the cut. It's as if the reality of our profession is not interesting enough. The only films with some grasp of reality (although not much) were the earlier hacker films, "War Games" and "Sneakers". Believe it or not, I own all the above movies and more. If it even closely resembles something with technology, I own it. Of course, I'll buy this one when it hits DVD. Regardless of the realism, they are still fun to watch. These films' downside is their glorification of hacking. Those young and old can be drawn to the illusion of this exciting lifestyle because they blindly believe what is on the screen. These almost seem like recruiting films for script kiddies. Maybe someday, the screenwriters will listen to some of our war stories and realize that the truth is more entertaining that fiction. About the author(s) ------------------- Rick Johnson is currently involved in a number of projects, none of which he can discuss at this time. Aren't non-disclosure agreements wonderful? When not involved with those, he heads the development team for PMFirewall, an Ipchains Firewall and Masquerading Configuration Utility for Linux. Rick can be contacted via email at rick@pointman.org or on the web at http://www.pointman.org. __________________________________________________________________________ ______ ADDITIONAL RESOURCES Operation Swordfish http://www.itworld.com/jump/linsec_nl/operationswordfish.warnerbros.com/ This Swordfish Is Half-Baked http://www.itworld.com/jump/linsec_nl/www.wired.com/news/digiwood/0,1412,4 4373,00.html RSA Security Lends Authenticity to 'SwordFish' Company consults with Warner Bros. on encryption and authentication technologies http://www.itworld.com/jump/linsec_nl/host.individualinvestor.com/individu alinvestor/comtex_business_news.html?Button=Get+Story&headline=100875279&n ocache=52918 __________________________________________________________________________ ______
<<attachment: winmail.dat>>