Things are certainly getting more complicated on Mr. Robot – there were plenty of moments where it wasn’t clear what was going on. (Of course, that could describe almost every episode of this show.) Still, there was a lot of intrigue, and we got some big reveals, so let’s review three key security concepts that came up.
WARNING: SPOILERS AHEAD – SCROLL DOWN TO READ ON
Elliot’s unfortunate foray into the dark web
We finally found out what Ray and the beat-up IT guy have all been up to – and so did Elliot. He navigates to a website whose URL ends in .onion – the hallmark of a hidden service on Tor, often called the “dark web.” He discovers that Ray’s group runs a Tor site call “Midland City – anonymous marketplace,” and the goods for sale are truly horrifying: Guns, sex trafficked women, rocket launchers, drugs, hitmen for hire.
Midland City is probably a reference to Silk Road (with a nod to the fictional city in Kurt Vonnegut novels?), a real Tor-based black market that offered numerous illegal and horrific services and goods for sale.
And it’s no coincidence that Elliot is logged on to the site’s admin panel as user Dread_Pirate_Roberts – which was also the pseudonym of Silk Road’s operator Ross Ulbricht.
A mounted disk image and a Femtocell
In one of the earlier scenes we saw Darlene on Angela’s laptop, mounting an image file to her Mac laptop that she then quickly dismounts and hides. This was a bit of an open-ended item – the fact that Darlene had physical access to Angela’s computer is extremely powerful, and certainly would allow her to do pretty much whatever she wants. In this case, it seems that she’s storing some kind of disk image on Angela’s machine (without wanting Angela to know or be able to find it, it seems).
Given Darlene’s hacking prowess and her access to Angela’s laptop, it would be trivial for her to remotely remount that image very quickly if she needed to. I’m still not sure what that disk image is for, but I have a feeling we’ll find out. (It might come in quite handy if Angela hooks up her laptop to the network at ECorp, for example.)
Later in the episode, we hear Darlene discussing with Elliot that she wants Angela to place a Femtocell inside FBI’s operations at ECorp to deploy Elliot’s Android malware. (Remember that we discussed this as a possibility in last week’s review.)
A Femtocell is basically like a mini cellphone tower that acts as a cellphone to internet gateway. They can be really handy if you live in a remote area, or need to make phone calls in a place that usually doesn’t allow you to easily make cell phone calls (like a basement).
By using a Femtocell, Elliot can get around the legitimate carriers and directly deploy the malware he’s creating, but, as the episode itself discusses, a Femtocell is not exactly subtle. Unlike the Raspberry Pi we saw last season, tucked neatly away behind a wall outlet, a Femtocell is a bulky piece of hardware.
Unless Angela gets a lucky break, or is extremely slick, she’s going to have a difficult time hiding a router-like black box and hooking it up to the FBI’s wired ethernet connection without looking extremely suspicious.
Hacker at work
The very opening scene of this episode shone a spotlight on Elliot planning his attack on the FBI’s Android phones. He mentions every step he plans on taking in order to deploy his attack: identifying vulnerable targets, building his malware, writing a reverse shell exploit, writing a deployment script, and then launching the attack (it looks like he’s using Meterpreter here, the scripting engine for Metasploit attacks.)
For Elliot, this all leads to the thrill of owning the phone of every FBI agent and getting domain admin-level rights, a.k.a. “god access.”
For many other attackers though, the motivation is far more simple: Money. The stereotype of the elite lone hacker – like Elliot – who hacks for the thrill of it has faded away in recent years, as we see organized criminals causing damage not for the thrill of the hunt, but for fuller bank accounts.
Did you catch this week’s episode? (Do you think it’s wise to “never trust someone with a rattail”?)Follow @NakedSecurity