Skip to content
Naked Security Naked Security

TV’s newest hacker drama “Mr. Robot” is technically sound, morally ambiguous

"Mr. Robot," USA Network's new hacker drama series, is good entertainment. But is it also a good depiction of hackers, hacking and infosec?

Mr. Robot's Elliot

– The hacker Elliot from USA’s “Mr. Robot.” Image courtesy of NBCUniversal/USA Network –

“Mr. Robot,” USA Network’s new series about a cybersecurity engineer at the center of a plot by a group of hackers to take down an evil corporation, is good entertainment.

But is it also a good depiction of hackers, hacking and infosec?

Before I watched the show’s pilot episode, I had seen some trailers and read a few reviews – since debuting at the Tribeca Film Festival in April, the glut of online marketing for “Mr. Robot” has been hard to avoid.

I was intrigued, but skeptical.

After all, Hollywood has tried many times to produce a convincing hacker drama with various degrees of success, and the show “CSI: Cyber” that began airing this March on CBS has been panned by TV critics and security experts alike.

Sophos expert Chester Wisniewski told me he thought “CSI: Cyber” was “technically implausible and frankly ridiculous,” with goofy stereotypes and solved-by-the-end-of-the-episode crime drama plot techniques.

I’ll give you Chet’s take on “Mr. Robot” in a minute, but first, a bit more about the show’s plot (warning – some spoilers ahead).

We’re introduced to the young hacker Elliot (Remi Malek) in a cafe, where he nonchalantly tells the owner, Ron, that he hacked the cafe’s Wi-Fi and discovered Ron’s stash of child pornography.

Before the police arrive, Elliot explains that just because Bob was using Tor doesn’t mean his traffic was private (“whoever controls the exit nodes controls the traffic,” Elliot says, our first indication that the show has a good grasp of technical details).

Elliot – who narrates the story by speaking to “someone who doesn’t exist” – reveals that he has severe social anxiety, was raised by an abusive mother, and has a case of paranoid schizophrenia that causes him to think he’s being followed by men in black suits.

He’s also hacked into his therapist’s Facebook and email accounts (she used her birthdate and favorite artist as her password) and found out that she’s depressed after a divorce and dating a guy who turns out to be a married creep (Elliot hacks him too, with some clever social engineering tricks).

Elliot does have a day job, however – he’s a cybersecurity engineer at a firm called Allsafe, whose biggest client is the mega-conglomerate E Corp (Elliot refers to it as “Evil Corp”).

Elliot was brought into the job by his childhood friend Angela (Portia Doubleday) whose lack of technical knowledge partly makes her a stand-in for non-technical viewers, but also becomes a key plot point by the end of the first episode.

When Evil Corp’s network is hit by a major DDoS attack (“is this a RUDY attack? Awesome,” Elliot says), Elliot is called into the office late at night by Angela and realizes that hackers have broken into the network and planted a self-replicating rootkit on Evil Corp’s servers.

In a tense scene that features some realistic-looking coding, Elliot stops the attack and saves Evil Corp’s servers, but discovers an easter egg left by the attacker that leads him to Mr. Robot (played by a disheveled-looking Christian Slater).

Mr. Robot and his crew of hackers work together “IRL” in an abandoned arcade – he explains to Elliot that they never communicate online because that’s how they would get caught (he describes a scenario of a hacker crew called “The Omegs” who were ratted out to the FBI by their leader – which sounds a lot like the real-life events leading to the arrest of the members of LulzSec).

Mr. Robot is plotting to take down Evil Corp’s databases that will wipe out everyone’s debts – mortgages, student loans – in the “the single biggest incident of wealth redistribution in history,” Mr. Robot says.

But first, Mr. Robot wants to take out one of Evil Corp’s top executives, the greedy and arrogant CTO, by framing him for the attack on Evil Corp.

To do that, Elliot needs to turn over to the FBI the DAT file containing all the data from the attack on Evil Corp, but altered to show the attack coming from the Evil Corp CTO’s IP address.

With its crusading, Robin Hood-esque hackers, the show’s theme is very similar to the anti-corporate, libertarian and slightly paranoid vision of America that has a big following in our popular culture.

In this respect, “Mr. Robot” isn’t breaking any new ground, and these tropes could become tiresome if the show’s creator, Sam Esmail, isn’t careful.

For me, the character of Elliot is what makes the show interesting and worth watching – he has a complex back story, his motives are murky, and his actions are fraught with moral confusion.

Chet, our expert, took a similar view, describing the show as “very entertaining” with “believable technical elements.”

“Mr. Robot,” like any series portraying cybercrime and “hacking,” is an interpretation of real life rather than a reflection, Chet told me, and although the show might not always be faithful to the facts, that only helps increase its appeal to more viewers without talking down to them.

Chet also said:

Without being a guide to online crime it combined skillful acting, a real plot and believable technical elements. I look forward to seeing if the writers can sustain a likable, intriguing drama based upon computer security that doesn't venture off into the ridiculous.

I’m planning to tune in again to see if “Mr. Robot” can stay on that narrow path of technically believable and just plain entertaining.

15 Comments

“[The] show’s theme is very similar to the anti-corporate, libertarian and slightly paranoid vision of America that has a big following in our popular culture.”

Libertarian?!

After Silicon Valley, Mr. Robot comes close to depicting computer stuff as it really is. It’s not going to get everything right. After all, it’s a TV show and not your college professor.

I’m just glad they don’t do “corneal imaging” or “magnification times 100”.

The only part about the show that bugged me was the conversation when one of the executives said “So I see you’re running Gnome…” The dialog just felt out of place and it sounded like it was only there to impress people with awareness of Linux distributions. Other than that, the show seemed to maintain a grasp of reality pretty well: VPNs insecure, Tor exits able to be sniffed, etc.

I like this show a lot. But idk about technically sound. They used technical lines in the correct context generally. The gnome and KDE thing was ridiculous. If anything KDE is way more fluffy of a user experience than gnome, but they literally just bantered more or less about design aesthetics. It would have made a little more sense if they would have talked about their distributions not their interfaces. Also I was thrown when they put that evil corporations logo on a bunch of iPhones and iPads. They also came really close to and maybe used, i can’t remember, the iOS interface or really really close to it. I understand that they think apple is evil etc, but that company isn’t apple and i assume its going to be an integral part of the show so lets make them their own tech. It looks really fake and really lazy.

I think the point of the banter about KDE and gnome was more about personal preferences rather than about any particular nuances between their distros.
With regards to the Evil Corp on apple products, I don’t think it’s lazy either. The show is supposed to come as close to real life as possible, although it is still a dramatization. I don’t expect to see any unexplained new technology (Christopher Nolan-style) as plot drivers that do not exist.

I think that conversation was carefully crafted to look a little awkward, but was really meant to be a foreshadowing. Starts off with an “exec” trying to impress a techie with what he knows (I’ve had this happen to me) then leaves you thinking the exec might really know what he’s talking about. [SPOILER ALERT] Second episode makes it pretty clear that the “exec” will likely be a central character.

The bit that got me was when they had to explain what a rootkit was to somebody who worked in security. I know they had to cover it for people in the audience who didn’t know, but it could have been handled so much better than that LOL

Except that she’s an AE not a security person. If you spent a minute in security consulting you would know most of the account execs no very little about real security and only the buzzwords and triggers they need to know to pull in whatever tech team they need, network, data, grc, etc.

The funniest part was in the command line – that command had an extra space in it and would have wreaked havoc on the /root folder.

rm -rf /root /mrrobot.dat

or something like that. the extra space is catastrophic

A very interesting show, technically sound, but a couple of things that bother me (perhaps I’m just naïve). I don’t know any security company that has their own private charter plane, nor can I believe that any company would have 80% revenue from any single client.
Also I am slightly concerned that it may misrepresent security engineers as all socially challenged, drug abusing anti-1%.

I thought this show was good on the technical (well at least 1000% better than anything else I’ve seen), but the anarcho-leftist philosophy is tiresome, kinda annoying, and could be an eventual turn-off. I hope the plot pushes back on that a bit; like how “Continuum” had the push back… and forth.

So the guy’s a network admin. And leaving aside all the technical stuff, there is nothing a person can do once their bank account numbers are stolen? In a week? Like freezing the money, calling the bank, etc, etc. ?
What the fwck…

Relatively technically sound compared to other shows… but the non-technical part – someone with social anxiety pulling off social engineering hacks – is not believable (at least not yet). Eliot has apparently done social hacks in the past, which is why he thinks it’s the best way into steel mountain, but when we actually see him try, he barely gets by. He can’t improvise in daily life, but can manage when things go south inside steel mountain? It doesn’t make sense. Either there’s a Tyler Durden in the mix, or the writers are just hoping we don’t notice the discrepancy.

He had started to kick the morphine when he was in steel mountain, so I think the drug suppresses the more socially adept personality. He refers to times when things got crazy and “we” had an answer, but “being numb is easier”. This must be why he takes morphine, but also suboxone – to keep just enough of the other personality around. Unlike Fight Club’s Sebastian being unaware of Tyler, Eliot is at least somewhat aware of his alter ego, he just hasn’t realized that Mr. Robot is a manifestation of it.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?