Trending: NYC Council grills Amazon over HQ2: ‘You’re worth $1 trillion. Why do you need our $3 billion?’
(Photo via USA Network).
(Photo via USA Network).

 [Spoiler Alert] This article discusses technical plot points and hidden secrets of eps2.9_pyth0n-pt1.p7z. If you haven’t watched it yet, check it out on USA Network, Amazon, or iTunes before coming back to learn about its hackuracy.

With this week’s surreal and trippy episode of Mr. Robot, we’re one step from the end of another amazing season.

LATEST IN A SERIES: Corey Nachreiner, CTO at Seattle-based WatchGuard Technologies, is reviewing episodes of Mr. Robot on GeekWire. The show airs on USA Network on Wednesdays at 10 p.m. Join the conversation on Twitter using #MrRobotRewind, and follow Corey @SecAdept.

Part one of the season finale shared some revelations (Price’s Ecoin motive), resurfaced some long-standing questions (Tyrell is alive!… or is he?), and introduced some new mysteries (what the heck is up with Whiterose’s weird Blade Runner test). This episode’s hidden subtleties, literary and movie references, and interesting layered Easter eggs, has the zealous and detail-oriented Mr. Robot fanbase whipped into a frenzy of predictions and theories, including time travel, multiverse theory, AI, transhumanism, EMPs, and more.

That’s why I’m relieved that this Mr. Robot Rewind series only focuses on the technical accuracy — hackuracy, if you will — of the show’s information security and hacking. Of course, judging hackuracy is much easier when actual hacks are used in the episode. This episode had none. Luckily, it did include enough information security (Infosec) and technology references for us to talk about. So let’s rewind, and take a look.

Commodore 64: the 1980s gamer’s choice platform

Last episode concluded with two strangers confronting Angela on the subway. In this episode, those strangers kidnapped her, drove her to a creepy house with censored family pictures, and left her in a surreal 1980s-themed room with a leaky fish tank and a strange, doppelganger mini-Angela. The scene was already strange enough — with its David Lynch vibes and Blade Runner-esque composition — but then the creepy tween loaded a strange program on her Commodore 64 containing a psychology test for Angela. If you were wondering, WTF (what the fudge), you’re not alone.

Figure 1: 80s geek nostalgia.
Figure 1: 80s geek nostalgia.

I can’t help you with veiled nuances of that disturbing scene, but from a geek perspective, the Commodore 64 (C64) was a great nod to the more mature hackers out there. If you were born in the 1980s, the C64 was a very popular personal computer that many kids of that generation grew up with. The system’s 16 colors (computers with CGA cards still only had 4) and its sound chip, made it a platform of choice for gamer kids everywhere (until the amazing Amiga128 came out). The show’s use of the C64 in this scene is a nostalgic and geeky shout out to the young geeks of the 1980s, many who have become the hackers and computer moguls of today.

Figure 2: Creepy Angela clone kid on C64.
Figure 2: Creepy Angela clone kid on C64.

On top of that, creepy kid’s use of the machine was accurate as well. If you’re familiar with the C64, her commands probably brought back memories. She starts by inserting a floppy, and running the command to load a disk’s directory.

LOAD”$”,8

picture3
Figure 3: Listing the floppies directory contents on C64.

She then LISTs the contents of the directory, and enters the command to load and run a particular program on the disc (BTW, there’s probably some subtle meaning to ecodelia).

LOAD”LAND OF ECODELIA”,8,1

RUN

These are small details, yes, but more proof that Mr. Robot likes to keep it real. All of the C64 commands are period accurate. I also point them out because you can play along. If you’ve paid attention to (and solved) some of the Easter eggs I’ve mentioned before, you’ve probably found the WhoIsMrRobot.com site that hosts an alternate reality game (ARG) with weekly updates. This week, they added a C64 emulator to go with the episode. If you want to brush off your Commodore skills and follow along with the creepy girl, I recommend you give it a try. At the very least, you can see a few more of the strange questions the girl asked Angela.

One last note on this scene, the girl’s directory listing also hid another subtle Infosec shout out (which you can see even better using the link above).

Figure 4: References to Rainbow Book series.
Figure 4: References to Rainbow Book series.

Besides a few fun game references from the 1980s, this directory also lists some colored books which represent another small and accurate nod to the security community. The colored books refer to the Rainbow Book series. They are a series of books containing computer security standards and guidelines, originally created by the Department of Defense (DoD); the red and orange books being the most notorious. Some of these books were commonly shared on bulletin board systems in that time, and movies like Hackers have referenced them with additional nicknames. In fact, some security certifications, like the CISSP, still reference the contents of these books in their curriculum.

Controlled Ecoin ledgers

While this episode left many open questions unanswered and introduced some new ones, it did drop one significant revelation (confirming many people’s Ecoin theory). Price’s main motivation in the aftermath of the 5/9 event is to legitimatize his cryptocurrency, Ecoin, and have control of its ledger.

In a very intense conversation between Ecorp CEO, Phillip Price, and the fictional version of U.S. Treasury Secretary, Jack Lew, Price confronts and coerces Lew into making Ecoin an official currency backed by the U.S. dollar. This is an extremely bold move, and clear path to Price profiting from 5/9, and becoming more powerful on the global stage. During this scene, Price describes some of his perceived problems with Bitcoin, a real-world crypto currency. He mentions its lack of regulation, the fact we have hit the system’s transactional max, and China’s controls over significant portion bitcoin mining operations (referring to the resource intensive cryptographical resources needed to generating new bitcoin).

Figure 5: Price convinces Treasury to back Ecoin. Controlled Ecoin ledgers While this episode left many open questions unanswered and introduced some new ones, it did drop one significant revelation (confirming many people’s Ecoin theory). Price’s main motivation in the aftermath of the 5/9 event is to legitimatize his cryptocurrency, Ecoin, and have control of its ledger. In a very intense conversation between Ecorp CEO, Phillip Price, and the fictional version of US Treasury Secretary, Jack Lew, Price confronts and coerces Lew into making Ecoin an official currency backed by the US dollar. This is an extremely bold move, and clear path to Price profiting from 5/9, and becoming more powerful on the global stge. During this scene, Price describes some of his perceived problems with Bitcoin, a real-world crypto currency. He mentions its lack of regulation, the fact we have hit the system’s transactional max, and China’s controls over significant portion bitcoin mining operations (referring to the resource intensive cryptographically resources needed to generating new bitcoin).
Figure 5: Price convinces Treasury to back Ecoin.

These are all accurate real-world truths about Bitcoin. To learn more, see this Bitcoin industry expert’s analysis of these ideas in this Reddit post. One big aspect of Bitcoin is that it is anonymous and unregulated, but there are public records of all transactions. Transactions happen on a public blockchain, which acts as a public ledger that everyone can see. Price tempts the Treasury Secretary by offering some insight and control into Ecoin’s private ledger.

In short, these economical Bitcoin and cryptocurrency issues really exist. Wall Street is starting to explore the use of Bitcoin, and the world is discussing the pros and cons of public and private ledgers (and using blockchain for other things). Price profiting in this way is a fairly plausible plot point grounded in a kernel of reality. If you’re interested in other references to Bitcoin in Mr. Robot, check out this Wall Street Journal article as well.

Cracking the Red Wheelbarrow BBQ code

Though this episode didn’t really include any computer hacking, this next scene was the closest thing to a hack we got. Elliot tries to leverage a lucid dream state to see if he can silently watch Mr. Robot (his alternate persona) in the same way Mr. Robot watches him. He succeeds, and is able to watch Mr. Robot rifling through the mail by his door, only to find a BBQ restaurant flier with some sort of code written on it.

Figure 6: A code on the Red Wheelbarrow ad.
Figure 6: A code on the Red Wheelbarrow ad.

Mr. Robot then proceeds to go through various code cracking steps to eventually find a phone number, which he then calls and is given the location for a mysterious meeting. As an aside, this coded mail advertisement may be the “letter” Leon asked Elliot to keep watch for, and the mail pile may have been what we were supposed to “find” for Elliot during the slow camera pan last episode.

This scene provides a quick but accurate illustration of some of the basic cryptography code cracking steps with which many hackers and Infosec pros are intimately familiar. Mr. Robot starts by realizing there are no more that 26 unique digits in the code, telling him it’s a basic substitution cipher. After trying the most basic digit to letter replacement, he gets gobbledy-gook and realizes it must be a Caesar or shift cipher, meaning the encoder shifted the characters and digits by a certain number. ROT-13 is one of the most common shift ciphers used, since it “rotates” or shifts characters by 13 places, and can be undone simply by applying the same shift again. In any case, using some online decoding tools, Mr. Robot solves the first layer of ROT-13 encoding and continues along with more steps of the puzzle.

In a previous Rewind article, I commented on how similar Mr. Robot’s Easter eggs puzzles were to the DEF CON security conference’s badge contest puzzle. Well, in this scene, that statement literally became true. The steps Mr. Robot goes through to solve this puzzle exactly mimic the steps required to solve 1o57’s (pronounced “Lost”) DEF CON 22’s badge contest in 2014. Team Potato, the winning team, posted a great write-up of all the steps taken to decoding that puzzle. If you want more details about cracking this code, including the ones the show may have glossed over for time, I highly recommend you read their post.

To summarize, this code-cracking scene was totally accurate. Also, this type of code is a decent way to hide a message in plain sight. Granted, realize these encoding schemes are less real encryption and more security by obscurity by today’s standards. It was also nice to see the show paying a subtle homage to 1o57, Team Potato, and the hacker community by directly referencing the DEF CON 22 puzzle.

As an aside, if you want a fun way to learn a bit more about code-cracking, I highly recommend you read Neal Stephenson’s Cryptonomicon.

Fun stuff, Easter eggs, and other tech notes

As usual, this episode is chock-full with layers of references, puzzles, and of subtle tech mentions. So here are a few more fun points:

  • In the code cracking scene, Mr. Robot uses some online code conversion tools. Not only do well-known versions of these tools exist in reality, but the show includes their own version as an Easter egg. Can you find any secret on this site?
  • I already mentioned the Who is Mr. Robot C64 Easter egg above, but if you follow along with the show and run a certain program, not only do you see the questions posed to Angela, but you may find the key to another small puzzle.
  • Time is a major theme to this episode, and many have found subtle references to time travel throughout the season, e.g., could Whiterose be hacking time? I’m not sure I buy into the time travel theories, however, if you do listen closely you’ll hear four different music tracks that were also in the Back to the Future (BTTF) movie series (which was referenced in the show previously).
  • Speaking of references, this episode includes many easy- and hard-to-find literary and movie references. Lolita continues to be a big theme, but this episode also subtly quotes HP Lovecraft. Besides BTTF, the episode also shares a few Blade Runner tones. Esmail has said there is meaning to everything you see. Can you decipher it?
  • Finally, the episode’s titled “Python,” which is not only a snake but a coding language. So far, I haven’t seen any direct allusion to the python language, so perhaps we have to wait until part two.
  • The “hang in there” cat made a comeback and the transition from audio to real life.
Figure 7: Hang in there cat makes a comeback.
Figure 7: Hang in there cat makes a comeback.

Don’t rely on weak ciphers

With so little hacking this week, there aren’t any meaty security tips to share from this episode. That said, it is worth pointing out that the ciphers Mr. Robot cracked to decode a message are not true encryption. When you really want to protect a message, you can’t rely on basic substitution and shift ciphers, you have to use mathematically strong encryption. Make sure to protect your data with encryption standards like AES, not ROT-13

One more crazy episode to go! I suspect we’ll get some closure for some of this season’s plot lines, but plenty of questions will remain unanswered. Nonetheless, join me next time to unpack the hacking and tech detail of the final season 2 episode, and please share your thoughts and theories below.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Comments

Job Listings on GeekWork

Senior Product ManagerMGM Resorts International
Business Development DirectorMadrona Venture Group
Vice President Digital ProductsMGM Resorts International
Find more jobs on GeekWork. Employers, post a job here.