Naked Security Naked Security

Mr. Robot eps3.4_runtime-err0r.r00 – the security review

Here's our dissection of the computer security stuff in the half-way episode of Mr. Robot 3...

This week’s episode marks the half-way point for season 3 of Mr. Robot.

After last week’s episode I thought this week we’d have very little computer security intrigue to talk about, but even with enough plot twists to make my head spin, the show writers have given us some interesting concepts to discuss.

So indeed, first-scene-elevator-guy, aller Anfang ist schwer — every beginning is difficult— let’s take a look at what this week has for us to learn about.

WARNING:SPOILERS AHEAD – SCROLL DOWN TO READ ON

Deus ex HSM

Security is notorious for its love of TLAs (three letter acronyms — sorry), and this episode featured one a few times: HSM, short for hardware security module.

HSMs are special-purpose, dedicated cryptographic computers that are supposed to be tamper-proof, or at least very strongly tamper-resistant.

You store your encryption keys and your digital signing certificates in an HSM and if anyone tries to steal them or misuse them, even if they have physical access to the device…

…poof! The HSM automatically wipes its data and goes into digital meltdown.

Anyway, a big part of the episode tonight revolved around Angela needing access to E-Corp’s HSM.

Piecing bits of the plot together with Elliot’s dialog, the reason appears to be so Angela can help launch Dark Army’s “stage 2” attack, via a hack that weaponizes a whole lot of UPSes (uninterruptible power supplies – computer-controlled backup batteries that are supposed to take over if mains power goes down).

Elliot thought he had successfully thwarted a UPS attack with a patch, so the HSM comes in to play here in Dark Army’s counterattack to Elliot’s patch.

Because the attackers can no longer exploit vulnerabilities in the UPS, they’ll weaponize the UPSes by updating them with a harmful firmware update.

In order for this firmware update to be accepted as legitimate, however, it presumably needs to be digitally signed or certified.

It’s E-Corp’s HSM that plays a key role in that certification, which is why Angela needs access to it.

A tricky target

Tamper-resistance makes HSMs a tricky target – if something goes wrong during the attack and the HSM presses its self-destruct button, you’re rumbled.

So I did find it curious that we saw Angela messing around with E-Corp’s HSM, especially since we’ve been led to believe that she’s not quite on Darlene or Elliot’s level when it comes to hacking or technology.

In her phone call with Irving, she says she followed the instructions left for Elliot, but it was hard to see what was going on — she was plugging in some ethernet cables and USB cords, launching some kind of terminal, plugging in peripherals.

Was this all plug-and-play enough that she could manage it without much training? (If not, those notes must have been very detailed!)

Does Angela know a lot more about hacking than she’s previously let on?

If Angela made any kind of mistake here, the HSM’s tamper detection could have tripped and the machine could very well have bricked itself, and if that happens, Dark Army’s stage 2 attack via firmware will not work.

I guess we’ll find out next week how successful she was.

Other notes

  • After nearly three seasons of successful social engineering almost every episode, we finally saw an amusing example of when things don’t work. Elliot picked someone he presumed would be an easy target — Edie in the corner, sniffing white-out at her desk — but he could not have been more wrong. She doesn’t fall for his social engineering at all (and kudos to her for hardening her home instance more than the recommendations!) and instead directs Elliot to a more amenable target. Wasn’t that nice of Edie? Perhaps a bit too nice.
  • There were two big infosec name-drops in this episode. First, Elliot’s alias in the conference room: Dave Kennedy, aka @hackingdave, the founder of DerbyCon and TrustedSec. Second, the Angela/Irving passphrase in the elevator: Moxie Marlinspike, a security researcher who focuses on the security of communications and at one time was head of security at Twitter.
  • Elliot’s dialog about how programs are meant to run without interruption was also a nice nod to this episode’s cinematic gimmick of appearing to be shot in one continuous take (it wasn’t — but it was very cleverly edited to appear that way).

Everyone’s guessing until next week’s episode — Angela, what’s in the bag?