Before you read this know there will be spoilers for The Blackhat Movie.
Hollywood’s attempt at hacking movies, was certainly not the greatest hacking movie. I was initially excited to watch this movie when my editor asked me to review it. It was hyped so much and I felt the hacking world was mature enough and fleshed out enough to give Hollywood a better perspective on the details they needed to tell a decent hacking story without making it a joke that “typing faster” would make your hacking “better” or that all hackers are good looking tough guys that beautiful women flock to and are the “only ones” that can figure out the code and they do it all by them selves.
I even wore a black fedora on my head, but I latter had to hide my face in it when I left the theater so no one could see me leaving the show. Yes it was that bad. For all the hopeful professionals that was expecting for once that Hollywood would produce a visceral and realistic portrayal of the criminal black hat world…Expect to be disappointed.
First the Good:
Ok, I will give credit to a few gems about the Blackhat Movie. As I understand that just shoulder surfing a hacker on the keyboard and watching the flurry of opening and closing terminals with no explanation to what the terminal is doing what or why a command is used is not very exciting to a movie going audience. So the movie took some justified liberties with the hacking scenes with a 3D ride moving though the keyboards into the wires and circuits and a light show of the 0s and 1s to give reference to the program code performing the actual hack in the beginning of the movie. I give a pass on this as I understand not everybody that sees the movie is a security and programming expert and that every movie needs to grab the attention early in, to establish the hook.
The Blackhat Movie did manage to sneak in a few “real world” mentions of hacks. For instance the PLC (Programmable Logic Controllers) that controlled the turbine speeds at the nuclear facilities for the test run for the real hack to flood a Tin mining company and drive up the Tin stock prices. The plot was rather elaborate and messy from a professional hacking perspective however.
I did glance at some actual real line commands they used in the movie and not the bombardment of GUIfyied 3D screen candy with big bright buttons saying press here to hack the system.
Even a small social engineering scene where the character Chen Lien purposefully spilled her coffee on some documents in order to pretext an excuse to ask the security guard at the bank’s lobby if they could print her another report from her USB thumb drive.
This is going to be big, problems I have with The Blackhat Movie I am identifying the sharp contrast between the blackhat movie taking the very unrealistic and trying to convince the movie going public that this could happen.
The main character Hemsworth is shown at the beginning in prison wearing a headset and listening to music on what appears to be a smart phone. The prison is doing a inspection of all cells with guards dressed in riot gear turning Hemsworth’s cell inside out. Later Hemsworth is in the warden’s office who says he used the smart phone he had to hack $900 of commissary privileges. The thing that gets me about this is why the hell does he have a smart phone in prison in the first place. The very subject of his incarceration was the fact that he hacked a bank for several million dollars. They don’t even let hackers on probation go near a computer unsupervised outside of prison. At that early stage in the film it had lost all credibility and I expected a shoot-em up bang bang story line…Which is precisely what I got.
Next the feds need to pull him out of prison to help find the black hat who used a program called a RAT, Remote Access Terminal (how original) to which Hemsworth was the original architect so had some detailed knowledge of the source code that could help them find the culprit. Which is hard to believe as I know source code can be modified and the architectures and APIs they run through can often be understood by those who take the time to learn them.
During their search, they come into a Chinese restaurant to wait for a contact and after a while the contact never shows, but Hemsworth notices the surveillance camera in the restaurant so strolls into the back room past the owner to a computer that shows the output of the camera remotely following his partner Chen Lien, in the common area of the restaurant. I am waiting for the owner to come into the back room and tell him to get off of his computer and out of his office. But instead, Hemsworth throws a tantrum and all the stuff on the desk to the floor frustrated that he was burned (his and his partners identity known). He finally goes back to the common area of the restaurant where he fights single handed 5 to 1 Asian people coming in to question him about who he was.
During the scene where Hemsworth needs to hack the bank to get the bad guy’s money, his partner Chen Lien does the tried but true social engineering to convince the security guard to help her print another presentation by plugging her USB thumb drive into the banks computer. The thing that got me was the amazing amount of detailed knowledge Hemsworth had (all by himself) about that particular banks software to be able to transfer funds. I gave it a semi-pass because he was in fact arrested for hacking millions of dollars from banks and the movie did not clarify if the bank he was currently hacking was that bank he got busted for.
I could go on, but this review is giving me a headache.
The bottom line:
I would say this. If you are looking for a movie just to get out and go somewhere, go somewhere else and give the Blackhat Movie a pass. If you are a pirate and download movies on your torrent, don’t even waste your hard drive space.