知名駭客現身分析好萊塢26部電影真實性：美國國安局能看到所有人的隱私 Hacker Breaks Down 26 Hacking Scenes｜經典電影大解密｜GQ Taiwan

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

all right hi i'm sammy camkar sammy is a privacy researcher and computer hacker today we're going to talk about hacking's depiction in film and television swordfish hacking montage in this clip we see a pretty recurring theme in a lot of movies that depict hacking and that's a 3d visual interface that's not my problem that really has nothing to do with hacking i don't know what the is going on in this place or is really not an efficient interface to use at all a more accurate interface would be a console or terminal and that's simply because it's the most efficient way to obtain a lot of data you can look at a lot of code you can look at a lot of text or database and extract the information you want very quickly thank you italian job hacking traffic lights they use video feeds from intersections and specifically designed algorithms to predict traffic conditions and thereby control traffic lights so all i did was come up with my own kick ass algorithm to sneak in and now we own the place see red light green light many of these traffic light systems are actually controlled through systems called scada systems which are industrial controllers that allow things like traffic lights lights are working fine just an accident in los angeles a number of street lights were actually hacked several years ago oops and many of these traffic lights are actually controlled over the internet and often don't even have a password to connect to them wow but it's awesome is that not awesome so totally realistic chuck hacking into the federal reserve [Music] in this clip we see a common theme and that's pretty interfaces that really have nothing to do with hacking thanks for the help there's too much information just coming up and down and it's too quick for you to actually obtain any useful information i'm sorry we still talk you pretty much never see pop-ups when you're doing any sort of programming or hacking like this who are you in the middle of the clip they also talk about optimizing their compilation you know what you actually have a little hiccup there at the bottom of your page the compiler can't optimize the value away like that what they're talking about is actually optimizing something within code and you're typically doing compiling when you're writing some source code and then you're compiling it into a program or binary that you can later run you seem to know your way around the computer it's kind of unrelated to what they're doing oh i'm losing so they did take some programming jargon and throw it in the middle there rookies taking sure won't happen again skyfall mi6 gets hacked he's using a polymorphic engine to mutate the code whenever i try to gain access it changes it's like solving a rubik's cube that's fighting back the 3d graphics here are similar to what you see in swordfish they're not really representative of anything you'd actually see unlike swordfish there are more realistic aspects in this clip for one they're talking about polymorphic code he's using a polymorphic engine to mutate the code polymorphic code is a program that essentially changes itself to try to hide itself you can see it's true our filters will no longer work and it can continue to spread they talk a little bit about that in this clip whenever i try to gain access it changes they show hex code which could be of the virus it's just another way to represent binary data or binary information and that is pretty accurate however for the purpose of the plot they do add granboro remember which is not real hex code as all hex characters are 0 through 9 or a through f but they show that for the purpose of the plot told you hackers competing with another hacker [Music] this clip opens with a sequence that we would call social engineering i don't play well with others which is communicating with someone pretending to be someone else and trying to extract information that helps you break into a machine or target computer yeah okay i said burn that's enough besides the unrealistic visuals this is actually something kind of common yeah when you might hack into a machine and you find that someone else has already actually hacked in at this point you do something kind of funny revenge your goal is actually to patch the machine to prevent any other hackers from breaking in and you're actually helping the target the sensitive type but you'll often leave the back door so that you can come back in a back door is a piece of software that you can run on a machine that grants you access in the future without the authorized users ever knowing you're inside the machine you're the that's been invading my turf yeah war games 1980s hacking are those your grades yeah i don't think that i deserved enough deal this is actually an accurate representation of hacking back in the 1980s all right back then it was called freaking freaking with a ph as in phone hacking yeah weird isn't it in this case he's actually dialing into a computer network over a telephone line dialing into the school's computer except when you would dial into a dial-up you were dialing into an isp or internet service provider here he's actually dialing directly into the computer that controls the grades they change the password every couple of weeks but i know where they write it down and this is exactly how bulletin board systems or bbs's worked back then and a number of other systems as well okay bye accessing a server tron legacy we will be making our debut on tokyo's nikkei index os 12 is the most secure operating system ever released many films will depict hacking as accessing a machine and installing some malicious software os 12. [Music] whoa still a few bugs however i don't really consider that hacking how am i supposed to explain that in this case he's breaking into a place physically accessing a computer that doesn't ask for a password that has no encryption or has no other authorization so he's simply accessing a computer and uploading a virus a little gift hacking into a hospital mr robot hospitals a heavily networked one like this are almost too easy to hack i can make my health records look like every other obedient zombie out there mr robot consistently demonstrates real hacking and pretty reasonable scenarios in this case he's hacking into a hospital because they have pretty lack security this is william hi smith he is the i.t department he's also an idiot and their technology is extremely old he uses useless security software that runs on windows 98 which is pretty accurate when you're talking about most hospitals and he's supposed to protect their network from people like me additionally the interfaces in this clip are actually realistic you don't have to worry recently we've heard of actual hospitals getting hacked having malware and ransomware installed and even some parts shutting down simply due to the lack security and old systems he never stood a chance ncis stopping a hack no way i'm getting hats a port scheme it's moving too fast there's no connection to the infast database severus i can't close that video game no tony we're getting hacked i don't know what we want to say about this it's too much i've never seen code like this stop the pop-ups this is not good defending against a hacker untraceable whoever is behind the site is local and wants attention shut him down we are black holding these ips but every time we shut one down a new mirror pops up the site's ip keeps changing constantly each new address is an exploited server this clip is extremely accurate nice touch a hacker has a domain name you know the us keeps taking down the ip addresses of the domain name and the ip address is essentially the physical address of that domain however the hacker has so many other ips or machines on the internet hacked that he or she is able to replace them very quickly isn't that wonderful now they state that the name server and registrar are hosted in russia the domain register and the name servers are all in russian which they have no jurisdiction over no jurisdiction there the registrar is where you get your domain name such as wired.com and the name server points the domain name like wired.com to the ip address there's a connection there in this case the one thing they got wrong is us does have jurisdiction over the dot-com oh god so the u.s would be able to take down any dot-com domain name how patriotic csi cyber click bait the ads are redirecting site users to what could be a fictitious pharmacy looks like a normal ad right and this is the code for the ad but there's actually two codes written right on top of each other a click baiting scheme right part of this clip is somewhat accurate being able to hack into a web server and modify the code so that users who visit that site are then affected the fake ad is masking the legitimate app is a real thing that happens quite common actually what however the combination of codes being layered on top of each other it's not really accurate it could be a coincidence if you're viewing the source code you're pretty much viewing everything peekaboo so not so realistic in this case no the net disassembling a you know i just ordered virus security program last week what's it called gatekeeper well that's what they all say not to worry everything's under control it's going to be okay we run into the same theme where the interfaces themselves are not very accurate however everything that's actually happening here is quite accurate i appreciate it essentially she's taking a virus and she's disassembling it when keystroke will wipe out your whole system what that means is she's taking the actual binary executable and turning it into a machine code which is the type of code that your computer or cpu actually executes then she's turning into a format that she can read to see what it's actually doing come on why don't you just tell me what this is about so that she can help whomever gotten hacked let them know what has happened and how to resolve the issue thank you this is something that actually there are dedicated teams and companies for today what you're kidding right oh god i'm sorry i thought you'd heard breaching the firewall castle oh we got a problem what someone synced a rat to one of my servers a remote access tool we're being hacked they're on to us victims trying to track our ip address can you stop it no but i can slow him down one thing we see in a lot of clips is people attempt to slow hackers down or slow something down but really there's nothing to slow down it's either happening or it's not we have to stop him however there are some accuracies here they do use a rat or remote access tool and there are actual tools called rats which allow you access into machines that you otherwise shouldn't necessarily have access to the interface is quite inaccurate about that it also seems that tv likes to think that hackers send a lot of animal photos as we've seen with the dog in tron legacy and as we see here with lots and lots of cats [Music] the matrix reloaded hacking into a power grid in this we see some realism how do you know that we see an actual unix terminal and someone is actually using a fictitious tool called ssh nuke and what it pretty much does is it gives them access to the power grid how does he always know he drops them into a root shell on a unix machine which actually is pretty realistic and then they use another tool ssh to log into another machine as root which is the administrative privilege it gives you pretty much full access to do whatever you want yeah she can do that unrealistic you have the ssh nuke tool which is not a real tool additionally most power grids aren't on the internet but there's some pretty good foreshadowing going on here as more and more are becoming connected as it simply makes them easier to maintain and there is nothing you can do to stop it hacking on a cell phone iron man 2 and local intelligence on the ground indicating hold on my second fight let me see i need him what does he do if you'll direct your attention to said screens i believe that's north korea in this clip we see tony stark using his mobile device to actually hack into multiple tv screens and monitors and it's actually kind of realistic you're welcome as you could easily break into say a chromecast or apple dv and most smart tvs are actually internet connected now so it's working there's a big attack surface a lot of ways to actually break into these tvs and cast something that otherwise you shouldn't you can count on me to pleasure myself weird science stealing processing power problem is your computer's a wimp you need a lot more power than this that's the problem what do you suggest [Music] [Applause] [Music] we have another clip with some graphical interface that isn't very accurate i know that but you know we can we can use it and some fun 3d visuals however the act of breaking into a computer especially one with more computing power and resources than your own to try to crack something or decrypt something is pretty accurate today the clips we saw in war games and weird science take place in the same time period however what we saw in war games was a lot more accurate than what was depicted here we also get another classic access denied screen yeah yeah live free or die hard executing a virus in this clip they don't really show actually any hacking they do show running a virus however to actually run a virus or upload a virus you already must have access to the target system thanks for that essentially you will need to have found a vulnerability that you can run the virus on and only then can you actually execute that virus snowden surveillance think of it as a google search except instead of searching only what people make public we're also looking at everything they don't so emails chats sms whatever yeah but which people the whole kingdom is not white this is real seriously there's actually a program called x-key score that the nsa uses x-key scores under 702 authority which means no warrants that we actually found out about from snowden after he leaked a ton of documents to the press as a matter of principle our government and other governments do have the capabilities to do this sort of thing the social network hackathon take 10 minutes to get root access to a python web server expose its ssl encryption and then intercept all traffic over it secure ports they're active yes i'll behind a pixel emulator but here's the beauty every tenth line of code written they have to take a shot this is interesting because it's actually rumored to be true that facebook would have these drinking programming hackathons although i don't expect so many people on so much of a party atmosphere the type of system that he's talking about hacking into is pretty accurate 10 minutes to get root access to a python web server this sort of thing is actually typical at defcon a yearly hacking conference in vegas people are hacking into each other's systems defending against other hackers and again a lot of drinking welcome to facebook [Applause] transformers alien hacking are you getting this i think they're hacking the network again they are planting a in this clip they're trying to listen to a hack however you're not actually going to be able to do that for this type of hack no way or hacking into a lot of computers you will listen to sound however if you're trying to listen to certain types of radio frequencies and recognize what kind of sound or modulation it might be this is a direct match to the signal in guitar there actually was a hack recently in dallas where someone used radio frequency to set off every emergency siren in dallas breaking encryption under siege 2. see here access encoded gigabyte of ram should do the trick in this clip he's attempting to break some encryption by adding gigabyte of ram gigabyte of ram should do the trick but adding that gigabyte of ram really is not relevant to breaking the encryption here oh you might need some significant memory or storage space but it's not something you'll do in the middle of your operation really so not that realistic yeah black hat nsa hacking you asked him to change his password [Music] when he downloaded the pdf what he downloaded was the keylogger that was a pretty long password for someone who can't actually differentiate the difference between a pdf file and an executable what he downloaded was the key keylogger because really he downloaded something that looked like a document but because it was actually a key logger that means it was a program that executed and ran an application the real hit is still to come key loggers are a pretty common way to access information from an individual so if you want to record their keystrokes see what their typing learn passwords websites they visit usernames and other private information keylogger is the typical way that someone will install that on your machine and learn that information about you he's in jakarta avengers 2 age of ultron ultron hacking jarvis i believe your intentions to be hostile i'm here to help stop it at the rate of progress with machine learning and artificial intelligence something like this where two different systems could actually begin to learn about each other communicate with each other and actually attack each other this is rage the visualized 3d orbs in real space are not so accurate this is insane in the future machines will be able to think and will have access to physical components that they can actually move around i am a programmer i'm without form this feels weird so we could see something like this however the actual orbs of electricity or balls of electricity that is pretty much set in science fiction we're out of my field here criminal minds hackers competing first we need you to look up the name colby baylor this might be the coolest girl i've ever met but her gui is mind blowing well that's weird oh no you don't you want this is also kind of similar to hackers where two hackers were competing taking over control of a machine it was a bit more accurate in hackers as they were essentially competing on the same target system trying to prevent the other person from accessing it in this you see they're competing on a system but then someone else's system actually gets hacked what the hell so in this case there are multiple systems getting hacked and it's just a little bit less realistic this isn't good they mentioned the linux operating system it's completely linux based open-source programming and you don't see this in government systems i mean outside of like switzerland which actually is used in plenty of governments seriously there's lots of open source software is used sort of across the world including our government right i get it the gui comment is not too accurate her gui is mind-blowing usually when you're breaking into something you're not actually going to run into any gui or graphical user interface that's weird and even if you do it's usually not that exciting sneakers freaking i'm gonna bounce this call through nine different relay stations throughout the world and off two satellites good afternoon national security agency director of operations please where is this please it's my dime i'll ask the questions i started the trace this is a cool demonstration of freaking where they're actually jumping not just to one other machine over the phone who are you mr abbott they made the second leg but actually relaying from phone to phone to phone can you guarantee my safety where is the item hang up they've almost got us hang on fish freaking is not as popular anymore as most machines are internet connected rather than dial up or phone connected we make the call but we make it our way algorithm hacking via email you know where the weakest link in any security system is it's you with your shitty passwords and how you share every part of your life online and now i own sam novak's computer in this clip they're not showing too much of the actual hacking but he does mention that he's exploiting the kernel i'm just exploiting the vulnerability her carnal access has created this is a pretty difficult to do however there has been a recent vulnerability in anti-virus software there's always a way in where if you received an email with a very specific exploit it could actually exploit the anti-virus software running in your kernel which is essentially your operating system and give the attacker full control of your computer it means they work for me i think that's what they're implying here even though they're not really showing the actual exploit what difference does that make to me conclusion hollywood has the challenge of depicting hacking which can actually be quite a challenge because it's not that visually stimulating however it is always exciting when i do see a clip that actually is realistic

Info

Channel: GQ Taiwan

Views: 524,686

Rating: undefined out of 5

Keywords: cne-us, computer hacking, gq, gq 駭客, gq 黑客, gqtaiwan, hack, hacker, hacker movie, hacker reacts, hacking, hacking movie, hacking scenes, how to hack, movie hacking scenes, mr robot, mr robot hacking, real hacker, realistic hacking scenes, samy kamkar, samy kamkar hack, technique critique hacking, tv hacking scene, wargames hacking, wired, wired breaks down, wired hack job, wired hacker, 知名駭客, 網路安全, 網路犯罪, 網路犯罪事件, 網路資訊安全, 網路駭客, 網路駭客攻擊, 電腦駭客, 電腦駭客入侵, 駭客, 駭客匿名者, 駭客教學, 駭客大賽, 駭客電影, 黑客

Id: 1jdsosLM_Jg

Channel Id: undefined

Length: 21min 14sec (1274 seconds)

Published: Tue May 11 2021