Skip to content
Naked Security Naked Security

Mr. Robot season 3 finale: shutdown -r

This season's final instalment of the Mr. Robot security review.

Time travel has been a major theme throughout the entire series. In this season’s finale, it finally happens. Sort of…

WARNING: SPOILERS AHEAD – SCROLL DOWN TO READ ON

 

Previous episodes weren’t too subtle that things were heading this way:  Elliot was going to undo the Five/Nine hack, thanks to Trenton’s email cluing him in two episodes ago. The tools Elliot needed to decrypt the encrypted ECorp data (and undo the hack) were with him all along – aww.

Mr. Robot said he’d embedded the seed data and the algorithm needed to regenerate the Ecorp data encryption key in a childhood photograph he’d burned onto a CD. (Of course, that photograph was of Elliot and his dad in “Back to the Future” costumes, in case the whole going-back-in-time theme wasn’t obvious enough yet.)

This is a callback to a bit of a parlor trick we’ve seen used a number of times throughout the show. Hiding data within an image, video, or audio is called steganography – that’s Greek for “hidden writing”, a technique that goes back well before computers ever existed – and it’s a well-known practice in hacker circles.

There are many ways of concealing information within a file, for example by overwriting the least significant bits of each pixel in an image with data you want to hide.

Digital cameras and image scanners usually generate more bits of color data than the precision of their sensors – the bottom bits of each pixel are often little more than irrelevant noise, anyway, so the photographs hiding the key information to undo the Five/Nine hack would look just like normal photographs.

The trick of steganography is hiding such valuable information in plain sight, and figuring out whether otherwise-irrelevant image data is genuine noise or hidden content is an interesting puzzle – just the sort of puzzle that hackers love.

Once Elliot was able to recover the encryption key, we got a split-second view of him firing off an email to E-Corp with the key. It’s blink-and-you’ll-miss it, but he sent the email from yet another Protonmail account: falkensmaze AT protonmail DOT ch.

Falken’s Maze, you might recall, is from the 1980s movie War Games, the film that introduced the slogan “the only winning move is not to play”. By “undoing” the Five/Nine hack, perhaps Elliot is trying to make the winning move here?

Notes on the season finale

  • If you go to Elliot’s Dropbox link to the Tarball, not surprisingly it does give you a file to download. The text in the file sends you to a place in DRC, the Democratic Republic of the Congo. Hold onto your tinfoil hat, because there are some doozies of theories out there as to why Whiterose and the Dark Army are so interested in the DRC. One is that the country is well positioned for prolific and cheap hydroelectric generation, which could be of particular interest to organizations mining cryptocurrency on a massive scale. (I wonder if we’ll see ecoin = $18,000 next season?)
  • My favorite cameo in the finale was from an operating system – apparently, Leon uses Slackware, the oldest Linux distro that’s still actively maintained today. The first release of Slackware was in July 1993 (and, yes, it still has a text-mode-only installer).
  • And finally, the title of the finale wasn’t a bunch of words followed by a file extension, it’s simply a command: shutdown -r is used to reboot a Unix/Linux computer. Again, that whole time-travel-starting-over thing, looking right at us.

So that’s it for season 3.

Season 4 was just confirmed this week, so when it airs this time next year, I’ll be back at it with these security reviews – as confused by the plot as ever, but determined to figure it all out nonetheless.

What next?

To hold you over until season 4 starts, we’ll be taking some security-centric looks at other movies and TV shws of TV so keep an eye out for those and let us know if there are other series you’d like us to cast a critical and/or pedantic eye over.


4 Comments

About why the DRC is important to WhiteRose: She mentions it when shes not her. A couple episodes back “What about my coltan mines” google it coltan lol

Perhaps she wants to own all the coltan and hold future iPhones hostage?

AFAICS, the location you linked to in the article is at the western edge of DRC, up against the border with Angola. Aren’t the coltan deposits on the other side of the country, up in the Great Lakes area?

OMG! If you’re going to do more of these (and I’d love it if you did!) you could do a lot worse than to gaze into Black Mirror. There aren’t generally a lot of specifics about how hacks function and that sort of thing but there’s a wealth of material about the future (the very not distant future indeed) of technology.

Comments are closed.

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?