What are market rents for cell towers

The 10 most ridiculous geek movie myths that turned out to be true

Hollywood doesn't understand technology and "hacking". Or so we thought. But many of the ridiculous things we've seen in movies turned out to be entirely true.

We laughed at many of these myths when we saw them in movies. "Don't believe what you see on TV," we said. Boy were we wrong?

The NSA that spies on everyone

One of the oldest issues is a government that knows everything and sees everything. When the hero needs information to stop an action, he can access a seemingly infinite amount of real-time information to help find the villain, determine who he's communicating with, and then track it down in real time. Alternatively, the government's all-seeing surveillance state is often portrayed as a villain.

We all made fun of it, but much of it seems to be true. The NSA (and other countries' intelligence agencies) monitor internet traffic and phone calls, and build huge databases that they can query. That scene where the hero accesses a huge database that gives him all the information he needs - well, it's truer than we could ever have imagined. Even the Simpsons mentioned this in The Simpsons Movie!


Photo credit: Unknown on imgur

Your location can be tracked

Cell phones can be tracked by triangulatingrelative signal strengths between three nearby cell towers, we know. But the US government has gone even further. They placed fake cell towers on small planes and flew over urban areas. They intercepted communications between a suspect's cell phone and the actual cell tower to pinpoint a person's exact location without the need for assistance from a cellular operator. (Source)

Yes, that scene where a hero gets on a plane and flies over an urban area and stares at a map while somehow tracking the exact location of a suspect - that's true too.

Webcam hijacking

Webcams can be scary. They allow an invisible attacker to see us from a distance. They can be used by a twisted mind to take advantage of someone who demands that someone posing for the webcam or their secrets or private photos be posted to family members or the public. Or a webcam can simply be a convenient way for someone to track down an otherwise safe area.

Webcam hijacking is certainly real too. There is a whole community of twisted heads using RAT (Remote Access Tool) software to spy on people in hopes of catching a glimpse of them undressing and trying to manipulate them into stripping for the camera. (Source) The British secret service GHCQ has got millions from Yahoo! Webcam images, including many pornographic ones. (Source)

Hack traffic lights and cameras

Cut to the dramatic chase. Our heroes hunt for a skilled hacker. Or our heroes will have to use their hacking skills to catch up with the villain. In both cases someone manipulates the traffic cameras and turns them green when they have to drive through and red when their pursuers have to drive through. Or our heroes hack into the network of traffic cameras to spy on the movements of people in a city. Or, worse, a town is taken over by a Supervillian who turns all the lights green to wreak havoc while cackling insanely.

It's a dramatic scene, but it's silly - or is it? It turns out that hacking traffic lights and their cameras is often trivial. Researchers have found that many traffic lights are connected to open Wi-Fi networks and default passwords. (Source)

The 2003 Italian job features a character who ticks traffic lights and turns all traffic lights at an intersection green to cause a traffic jam.

Darknet drug rings, arms trafficking and killers

CONNECTED:What is Bitcoin and how does it work?

There is a secret part of the internet where the criminals lurk beneath the shiny exterior that we honest citizens walk over every day. You can get it all for one price here. Any kind of illegal drug you want, stolen credit card numbers, fake ID, illegal guns, and professional killers for hire.

Much of it is true, thanks to the "Darknet" for example for hidden services. It has become more famous thanks to the bust of the Silk Road, but other places have sprung up. Of course, there is no guarantee that all of these things are actually legitimate. When Silk Roads "Dread Pirate Roberts" tried to hire killers and pay them with BitCoin, he apparently hired someone to take the money and disappeared, as well as the police who used it to set up a case against him. There is no evidence that hundreds of thousands of dollars in BitCoin that he spent actually killed anyone. Maybe this criminal mastermind isn't as smart as he thought. (Source)

Hacking surveillance cameras and security systems

Our heroes - or villains - need to be in a safer location. To find out, they hack the surveillance cameras and investigate the security of the place. In doing so, they note the number of guards, their patrols, and other security features that they need to bypass.

It's convenient, but not too difficult either. Many IP security cameras have poor security and can be trivially hacked. You can even find websites that have a list of publicly available security cameras that you scan yourself. (Source)

Like many other products, security systems themselves often have terribly weak security that they can shut down or stall if someone makes the effort.

Hacking ATMs

CONNECTED:How credit card skimmers work and how to spot them

ATMs are a great target for hacking. If someone needs cash, they can just hack an ATM to get it. While the ATM may not start shooting bills all over the street like in the movie, we've seen a variety of ATM hacks as well. Most pedestrians need to connect a magnetic stripe reader and camera to the device itself in order to “scan” the credentials of the ATMs. However, there are attacks that come directly from hacking the ATM software. (Source)

This can already be seen in Terminator 2 from 1991, where John Connor plugs a device into an ATM and makes it dispense some cash.

Security backdoors in encryption protocols

CONNECTED:Windows 8.1 encryption doesn't seem to scare the FBI

"It's not good, sir - he's not talking. We'll never break the encryption on his hard drive." This is a line that could be spoken before a shrewd government hacker takes the floor and says it's not a problem. After all, the government has a back door to encryption and can crack it. This is just a dramatic version of a possible scene - in reality, it usually manifests itself in the government being able to crack any encryption it wants just because.

We have now seen backdoors inserted into the encryption systems in the real world. The NSA manipulated NIST to add a back door to the US government's recommended encryption standard, Dual_EC_DRBG. (Source) The NSA then paid RSA Security $ 10 million in a secret deal, and this compromised encryption standard was then used by default in their BSAFE library. (Source) And that's just a back door that we know about.

Windows 8. The default "Device Encryption" of 1 goes to great lengths to give a recovery key to Microsoft so the government can get it from there. Backdoors might also look like this on Windows: They provide some handy functionality for Windows users, access for the US government, and plausible denial for Microsoft.

Hotel key cards can be hacked easily

Does anyone want to enter a hotel room? No problem! Hotel room locks can be easily hijacked thanks to their card readers. Just open the lock, do something with the cables and you're in.

Whoever invented this myth probably didn't spend much time thinking about it, but it is possible. With cheap hardware and a few seconds, an attacker can open the assembly on the outside of the lock, connect hardware to an open port, read the decryption key from memory and open the lock. Millions of hotel room locks around the world are affected. (Source)

Onity, the company that made the locks, will be giving hotels a cap that slips over the connector and screws that will make it difficult to unscrew the assembly. But hotels don't want to fix this, and Onity doesn't want to give out free replacement locks so many locks never get fixed. (Source)

Passwords can easily be hacked

CONNECTED:How attackers actually hack online accounts and how you can protect yourself

Passwords are never too much of an obstacle in the movies. Either a clever person sits down and tries to guess someone else's password, or they pocket something and quickly crack their password.

Lots of passwords are terrible, so try combinations like "password", "letmein", a child's name, a pet's name, a spouse's birthday, and other obvious dates that will often let you enter someone else's password. If you reuse the same password in multiple places, attackers likely already have credentials for your accounts.

If you have access to a password database, do so if you are planning a brute force attack, you can often guess the password quickly because it contains lists of unique, commonly used passwords. Rainbow tables also speed this up and offer pre-computed hashes that you can use to quickly identify frequently used passwords without using a lot of processing power. (Source)


These are far from the only myths that turned out to be true. If there's a common thread here, then security (and privacy) in the real world is often an afterthought, and the technology we use is never as secure as we'd like it to be. As we are increasingly accessing networked devices thanks to “The Internet of Things”, we have to take security much more seriously.

Photo credit: Kenneth Lu on Flickr, Aleksander Markin on Flickr, Sean McGrath on Flickr, tax credits on Flickr, NSA