Mr. Robot season 2 episode 2.7init5.fve – the security review

mrRB

As this week’s wasn’t as security-heavy as previous episodes, there’s not quite as much to discuss. But nevertheless, let’s dive in to it, shall we?

WARNING:SPOILERS AHEAD – SCROLL DOWN TO READ ON

In these less tech-centric episodes, it can feel a bit nit-picky to dig too deep into concepts that are briefly shown on screen. So I admit upfront to some of these being mere mentions, and I’m digging in to them for the sake of discussion here. (And what would internet reviews be without a bit of pedantry, eh?)

Both sides of the social engineering coin

It’s interesting that most of the actual hacking we’re seeing lately comes from Angela, arguably one of the least tech-savvy members of the Mr. Robot character cast. Depending on who you ask, social engineering is either a field all on its own or an extension of hacking (“human hacking,” as some call it).

It seems to be the kind of hacking that Angela excels at, in any case. We’ve previously seen her talking her way into restricted areas and out of FBI scrutiny – some of it, anyway – and in this week’s episode, we also see how she reacts when she’s on the receiving end.

Perhaps the Angela of a few episodes past might not have recognized what was happening, but when the rather suspicious agent from the Nuclear Regulatory Agency tries to shuffle her in to a distant conference room, you can see her alarm bells go off.

Most importantly: she listens to her gut feeling.

The “agent” tried a number of coercion tactics, adding a sense of urgency and social pressure of not wanting to let other people down: “But my colleagues in the other room are eager to meet you!”

Combined with her growing suspicion that something already wasn’t quite right (how did the agent know she worked at E-Corp?), her paranoia kicked in and she got out of there as fast as she could.

There’s hope for her yet.

Other notes

  • I did find it curious that the head of E-Corp’s risk management, as well as (it seems) the whole risk management team, allowed USB access on their machines. I would hope, especially after they’ve been so massively and publicly hacked, that at least high-risk departments would have some kind of device access policy in place. Or maybe that’s unrealistic?
  • Real-life hacker tool cameo! This episode had an appearance by the Pwn Phone from Pwnie Express, which Elliot used so he and Darlene could keep tabs on Dark Army phone conversations. The Pwn Phone is usually used more as a penetration testing tool for security professionals to test defense flaws for mobile and bluetooth-enabled devices, but that doesn’t mean someone couldn’t use it for more nefarious purposes, of course.

Image courtesy of USA Network