Spoiler Alert: If you haven’t seen SkyFall and you do not want to know anything about the movie before you see it – don’t read the rest of this article.
“Sometimes you have to just let art flow over you.” – (Nick – William Hurt in the “Big Chill”).
I like movies and I try not to let the facts interfere with my viewing pleasure but every now and then the technical faux pas is so egregious I cannot appease my inner geek with anything less than a good rant.
The offending character in this travesty of cyber fiction is sadly, Q, who plugs the laptop of the cyber etiquette challenged villain Raoul Silva into the MI6 network to decrypt the contents. Gentle reader, in case you missed Stuxnet, let me remind you that you shouldn’t even plug a USB stick of unknown provenance into your laptop, much less plug a terrorist’s computer in to a super duper over the top-secret network.
Hard Lessons Learned: When dealing with a suspicious computer (or phone/pda/laptop/disk/cd/dvd/usb stick etc.):
- Take it into your conveniently shielded, EMP impervious, fireproof and blast-proof sandbox room.
- Just let it sit there a while and see if it spontaneously combusts or turns on and phones home.
- Turn it on and just let it sit there a while and see if it spontaneously combusts or phones home. (Use a robot to interact with the computer for added safety. Do NOT connect the robot to your super duper over the top-secret network.)
- You can connect a computer with hacking tools to the computer in question – but it should have no other connectivity and should be in your sandbox too. No information or capabilities (including networking) other than those needed to hack the suspicious computer should be on your device.
Your reward for your exemplary knowledge and behavior will be safe hacking. Your punishment will be either an inability to completely enjoy an otherwise terrific movie or, if the you believe the movie is realistic, a complete loss of faith in the ability of the world’s intelligence agencies to keep us safe in what has become a continuous state of cyber warfare.
Dr. Turbyfill has been head of engineering organizations and software architect with 20+ years of experience in: Security (Cyber and Physical); Risk Management; SDLC; Development Methodologies; Enterprise Products and Services; Compliance; Database, Strategy and Roadmaps; management of multiple groups in domestic and international locations; startups and turnarounds. Dr. Turbyfill has a consistent track record of delivering quality products within budget and on time and has consistently built leading edge technologies and products including:
- First database benchmark using experimental design techniques, the Wisconsin Benchmark;
- One of the first wireless LAN’s with radio, antenna and IP Layer encryption;
- First Firewall Appliance, SunScreen SPF 100 which also included a certificate authority and one of the first commercial IP Layer VPN’s, SKIP;
- First round-trip email marketing systems with interactive Java applets;
- First Managed Security Service at Counterpane Internet Security;
- First virtualized automated test environments for application stacks, the StackSafe Test Center.