A Roundtable of Hackers Dissects the Season 3 Finale of 'Mr. Robot'

The sizzling finale of Mr. Robot’s third season left us on the edge of our seats. This week, we discussed FBI moles, compartmentalization, Slackware, bitly, steganography (Stepic!), the economy, and predictions for next season. (The chat transcript has been edited for brevity, clarity, and chronology—the stakes for messing with the timeline are too high.) This week’s team of experts include:

• Sarah Aoun: a Ford-Mozilla Open Web Fellow and activist working at the intersection of tech, human rights, and transformative justice.
• Emma Best: a former hacker and current journalist and transparency advocate with a specialty in counterintelligence and national security.
• Bill Budington: a long-time activist, programmer, and cryptography enthusiast, and a security engineer and technologist at the Electronic Frontier Foundation.
• Jen Helsby: SecureDrop lead developer at Freedom of the Press Foundation.
• Jason Hernandez: a technologist who studies surveillance and works in IT, and is the tech editor for North Star Post.
• Harlo Holmes: a digital security trainer at Freedom of the Press Foundation.
• Trammell Hudson: a security researcher who likes to take things apart.
• Micah Lee: a technologist with a focus on operational security, source protection, privacy and cryptography, as well as a journalist at The Intercept.
• Freddy Martinez: a technologist working on whistle blowing technologies. He serves as a Director for the Chicago-based Lucy Parsons Labs.
• Christina Morillo: a New York City-based information security and technology professional working as an information protector on Microsoft’s cloud & engineering security team.
• Zachary Julian: a Senior Security Analyst at Bishop Fox, a security consulting firm.

Yael: So this episode started with Dark Army trying to raid Elliot's apartment.

Bill: Elliot using Shayla's old abandoned apartment again to hide out.

Yael: Dark Army knows everything, except for that. :)

Trammell: Was that luck or did he have some warning?

Bill: I would guess since he hacked the Dark Army he was extra paranoid, in case he tripped a wire? But I don't think he had any forewarning.

Trammell: There was foreshadowing with the blank CDR, which seemed like an odd choice for the title sequence.

Micah: Dark Army scattered his CD collection but didn't think to copy any of the data. I guess they didn't care, though, they just were hoping to shoot him.

Yael: Yeah, I don’t know why they had to rifle through his shit when they were just looking for him, that seems more like an FBI thing than Dark Army.

Emma: Okay, so the raid was incredibly risky and a great foreshadowing of the obsession that saw White Rose drive Grant to self-termination. They could've just as easily sat and staked out the apartment and waited for Elliot to leave, then hit him somewhere on the road. Easier to make that look like an accident, too.

Yael: I don't think DA is all that risk-averse though. Well, maybe a little in that they kill people a lot just in case.

Micah: DA is like a honey badger. They don't give a damn.

Emma: I disagree that DA isn't risk averse - they so far have tried to control everything and plan for every contingency.

Yael: They don't seem to have a problem with kidnapping and wanton murder.

Trammell: It seemed very sloppy. Their usual MO was send in 'cuz to "invite" people to a less conspicuous location.

Yael: So moving on to Santiago/Dom/Darlene…that scene was insane!

Trammell: Was Santiago the only FBI mole? That seems like a small number of baskets for a large quantity of eggs.

Emma: Haha, no Santiago wasn't the only mole.

Bill: It did seem like he was at least one of the only moles. Especially when Irving "apologized" later in the episode for losing Santiago and getting Dom instead. "She doesn't have as high as a rank, but she's got a tremendous upside." He also said, "I had to kill the FBI mole" ….. referring to only one. So I think he was the only one, or at least when he said that the highest-ranking one.

Emma: One of the more senior moles was my assumption, and one of the only ones in that particular area of operations.

Jason: If the Dark Army had multiple assets in the FBI, what would be the operational reason for their handlers knowing about each other?

Trammell: Excellent point, Jason. Compartmentalization is key.

Jason: Dark Army doesn't seem to do any compartmentalization, though… not realistic that they'd exist without some better tradecraft there.

Yael: I have never done hostile environment training, but I think there must be SOMETHING you can do other than willingly doing whatever your captor says? Didn’t Dom have her gun on her?

Bill: I don't think she was expecting to get punched. And Santiago would have taken it from her after he knocked her out.

Freddy: The scene where he threatens Dom’s family is a classic extortion technique.

Yael: Right, but I thought she was pretty quick to flip. Like "just kill me because I won't flip" and her whole "the FBI can protect you" scene to Darlene a few episodes back, and going to agreeing to be full Dark Army?

Emma: Well, she didn't really flip though, did she? She was happy to help move against Dark Army afterwards but saying she'd go along with it was the only move right there. Anything else would've gotten her killed (either before or after her family was hit).

Yael: I think she may have flipped. Otherwise, why would she tell Darlene that she'd ruined her life forever? I think she's full DA now.

Jason: How do you tell if she flipped? She hasn't really done anything to compromise the FBI.

Sarah: Right at the end. I guess because at that point she didn't have a choice anymore.

Bill: I think she's full Dark Army as well. Maybe she'll flip back, but who knows.

Micah: I think she's not loyal to Dark Army, but she flipped so they don't kill her family. She'll turn on them if she can figure out how to do it safely.

Freddy: She will. That’s why she was so livid at Darlene. The old Nietzsche dialectical quote “Whoever fights monsters should see to it that in the process he does not become a monster. And if you gaze long enough into an abyss, the abyss will gaze back into you.”

Yael: Also I thought it was harsh to blame Darlene. It's not Darlene's fault that Santiago was Dark Army. Okay, so next up is Elliot’s hack for the Dark Army.

Trammell: There is an Easter egg in the scene when he gets the Slackware laptop. A bit.ly link that goes to the Dropbox site with congo_plans.tar.gz. In the show, it is 8 MB, but the real one is only a few KB and contains a text file with a lat/long for the Congo/Angola border.

Zachary: Here is the coordinate included in the .tar.gz that Elliot downloaded: -10.617537,22.339499. If you actually download the "congo_shipping.tar.gz" show in the episode, you get a file containing that coordinate.

Jen: And if you go to those coordinates in the Congo there’s a DVD box set of Mr. Robot season 2.

Freddy: Arg. Slackware!!!

Trammell: Slackware was my second Linux distribution, after SLS, in the early 90s.

Bill: What's interesting is that there's a direct lineage from Slackware to Kali. Kali used to be called Backtrack, and both are now based on Debian, but they used to be based on WHAX, which is derived from Slax, which was basically a live distribution of Slackware.

Jason: I have to say Mr. Robot's depiction of how physical goods are moved around the world is pretty unrealistic.

Yael: How can Elliot do this hack in like 10 seconds?

Emma: He's a technomage, obviously. ;-)

Trammell: I think the implication was that he had it all worked out ahead of time. He uses the system to download the tar file, which I assumed contained all of the detailed plans, (and the DA will take it from there…)

Micah: Does the Slackware package manager still not resolve dependencies? I remember being like 19 and playing with Slackware and taking three hours to figure out how to install Firefox.

Jen: I don’t think it does, Micah - no dependency resolution is supposed to be a feature. ;)

Emma: It does make sense that after the malware claim he wouldn't have been trusted to execute it himself. Speaking of the malware, the DNC hack tie-in was interesting. I think it's interesting that they apparently created the link and animated the screens only nine days before the episode aired.

Trammell: The link was created last Monday, accessed a few times over the next few days to test/film the scenes, and then around 150 times today.

Freddy: If he had the bitly link and the Dark Army didn’t make them private (like the DNC hack) he can see how often the links got accessed and by who. Also since Congo was in the news, it’s a place to start digging.

Micah: So Russia hired the Dark Army to hack the DNC for them? It's interesting because an earlier episode alluded to the Dark Army deciding they wanted Trump as their puppet themselves, not just Russia.

Trammell: Should we judge the Mr. Robot team's opsec by their use of bitly? Since the tracking stats are available to anyone by adding a + to the end of the URL.

Sarah: Yes. I was surprised by bitly.

Christina: Bitly for brevity, not opsec, haha.

Jason: Also a canary for piracy.

Micah: I accessed that bitly link last night myself.

Sarah: I wouldn't have expected them to use it/anyone could technically access it.

Emma: They could withhold what they wanted or needed for their own purposes. My question with the bitly stuff is whether or not it was really used in universe. If it wasn't being automated or anything else that would require its in-universe use, is it just a bitly link for the audience? Who knows, at this point.

Zachary: Perhaps the bit.ly is a reference to Russian hackers using it for phishing campaigns, and then researchers subsequently being able to track them using it.

Yael: Ready to move onto Angela?

Trammell: "Angela, I am your father." I didn't expect them to go full Vader/Skywalker.

Christina: Angela's storyline, I mean, wow.

Yael: Right?! Poor Angela.

Bill: So Price's obsession with Angela wasn't as creepy as we thought it was, apparently.

Christina: The relationship between Price and Angela makes perfect sense now.

Sarah: Explains all of Price's obsession with her.

Emma: If we trust what he said. It would explain a lot, but that's what good lies do. I wouldn't be surprised if it was just a way to draw Angela away from DA.

Freddy: That scene felt so forced and awkward. Also, Angela, what the fuck!

Yael: "You mean all those dead people really died?"

Micah: So what is the fundamental belief of White Rose's cult? That she can bring you back to life later?

Yael: She can bring people back.

Trammell: Price clearly doesn't believe White Rose's parallel timeline thing, but her last words to Grant seemed to imply that the Dark Army people believed.

Yael: We touched on this a little already, but I wanted to talk about what Dom’s next move is.

Micah: When Dom gave Elliot access to get FBI laptop with Sentinel it was running Windows, then when he was decrypting the key logger data it was magically running Kali.

Trammell: Did Dom get her laptop back? Or does Elliot have FBI software and credentials now to hack on?

Yael: I think Dom just let him try to do the hack and then he gave it back to her. Which, also, I think is another indication she's full Dark Army, she's willing to break all the rules.

Emma: If she was full Dark Army, why would she do it at all?

Yael: Dark Army (Grant) said they didn't care.

Trammell: "Undoing 5/9" isn't the same as Dark Army.

Yael: Well yeah. But FBI agents don't generally let randos use their laptops.

Jen: Not wittingly.

Yael: Even if she thought it was the right thing, she would go through the appropriate channels.

Trammell: Undoing 5/9 is directly in FBI's role in the show. Dom wanted to let Darlene try at the FBI HQ.

Yael: The appropriate lawful good channels.

Micah: Elliot's hacks are a little too fast. I actually wish they showed him occasionally hitting a wall and needing to spend a few days finding a new vuln or something.

Jason: Or install something on Slackware?

Jen: Lol yeah. More time digging around exploitdb and rewriting shitty code.

Christina: You mean actually fail temporarily lol that's not good for TV land

Bill: /me imagines Elliot fumbling with compile-time C flags….. enthralling TV material.

Trammell: One of my favorite scenes in Hackers is the time-lapse as Dade tries to solve something. An entire day and night go by while he is staring at the same screen of code.

Yael: The whole undoing 5-9 went pretty quickly, too. Everyone just needs an alter ego to tell them where stuff is stegoed.

Micah: Yeah this keeps happening, Elliot does some huge elaborate hack that turns out isn't necessary if only Mr. Robot communicated with him better.

Yael: I need that alter ego to do my editing for me. ;) But it wouldn't be Ms. Robot; it'd be Ms. Typewriter? But yeah, +1 for steganography.

Harlo: IT WAS AWESOME.

Yael: I mentioned DeepSound last week…

Harlo: And now Stepic! I actually had never heard about it before, so I only just looked it up, but the software is by Lenny Domnitser. The logic behind this scene looks like a Jessica Fridrich thing. She's an acclaimed cryptographer and steganographer who wrote a cool book called Steganography in Digital Media, and she writes, "[There are] a few examples of simple steganographic schemes and successful attacks on them. We learned that the steganographic scheme called LSB embedding leaves a characteristic imprint on the image histogram that does not occur in natural images. This observation led to an algorithm (a detector) that could decide whether or not an image contains a secret message." So, Elliot runs through his photos with a tool that visualizes histograms in order to detect the telltale signs of stego and then he takes the narrowed-down list, and runs it through his tool to extract stegoed data from images but also it was the Back to the Future image. Obvi. Because the real stego is the friends we've made along the way. LSB embedding is known to be easily detected, and so should not be considered a secure, resilient algo for stego-ing secret messages. Also, if you want to learn more about the craft, check out angealbertini on Twitter.

Yael: Wow, fascinating. And I will have to add Fridrich’s book to my reading list, right after The Woman Who Smashed Codes. Okay, I had one comment on the final scene. I was thinking about what Darlene’s new friend said and whether it would help or hurt people more to undo the hack. Like would I better off with a shitty economy and no student loans? Or a better (?) economy with student loans?

Trammell: The naivety of almost everyone about how they can undo stuff seemed to run throughout the seasons. Just decrypting the data won't fix any of the problems that have happened since then. You can't just unwind the years(?) of transactions and events and deals.

Freddy: I love when the sex worker is talking about educating yourself on Marx. They really know what’s up.

Yael: Yeah, I feel like "fix the economy" is this generic catchall phrase about something ridiculously complicated

Bill: If people are in debt, that doesn't help the economy. The economics of this show are pretty shallow, but whatever, it's not about that.

Yael: But wiping away everyone's debt hurt the economy.

Bill: I think they have better technical advisors than economic advisors. I didn't see David Graeber in the credits anywhere :) It hurt E-corp and the economy in the show. But really, it would only hurt one corporation.

Jason: It seems like it triggered a wider financial crisis.

Yael: So next season I want them to show Qubes, OnionShare, and microchip implants. And SecureDrop. That's my Hanukkah wish list. Anyone have any tools you want to see? Or any predictions for next season?

Trammell: Elliot and the gang try to fix things. It goes poorly.

Yael: Domlene?

Trammell: GRANTROSE:

Yael: R.I.P. Grant Rose

Jason: The economy is still a total mess and something strange happens in the Congo

Christina: Something is definitely going to go wrong of course. Yes, he sent the key to unencrypt but I don't think that's the end of that.

Emma: I think Vera is going to be around for more than just one or two episodes. He's set up as a major wrench, not just there to close up an old thread.

Jason: ProtonMail treats the encryption key as HTML instead of plaintext and E Corp's mail servers/firewalls also mangle the key. Elliot has to sneak into E Corp to show them how to decrypt their data.

Christina: Or someone on the other end will delete Elliot's email. I think the chaos will not be undone, but we will see.

Trammell: The old-fashioned \r\n versus \n line endings will cause havoc.

Yael: Man, if we could get Tyrelliot and Domlene to work together to take down Dark Army…

Bill: I want to see more state-sponsored malware and all-out CYBER WAR.

Zachary: Agreed Bill, looking forward to more hacks and geopolitics.

Jason: Yeah, need the Russians to enter this game.

Christina: That would be amazing.

Bill: Let's go from White Rose to White Russians. Bottoms up!

Christina: Cheers!