Topic: How realistic are CSI Cyber scripts??
SparklingCrystal 💖💎's photo
Mon 11/02/15 09:45 AM
Edited by SparklingCrystal 💖💎 on Mon 11/02/15 09:46 AM
Anyone know?
They address some pretty scary stuff in the series. I.e. if you don't switch off your location, take a selfie and upload it, a lot can be tracked. Like the exact location (longitude/lattitude), time, device used and even its settings? noway
So if you often do that, freaks can get a very good idea of your habits, where you hang out, what times and so on.

Free WiFi; anyone can create a WiFi spot, name it the exact name of that free WiFi, and if you log on, they can hack your phone.

And so on...

Is that true? And if so, is that more advanced stuff or can any Tom Dick and Harry do such things?

How realistic are those CSI Cyber scripts?
.
.
.

Rock's photo
Mon 11/02/15 10:08 AM
CSI, was most "realistic", during the very first season.
Enlightened and interested quite a few into the field.

Some episodes were so realistic, they could have been used as educational tools, by the law abiding, and criminal alike.

By season 2, they toned down realism, for the sake of not teaching criminals to be better criminals.

The concept of WiFi...
Yeah, it's entirely possible for anyone to do.

mightymoe's photo
Mon 11/02/15 10:20 AM
it's Hollywood... not a lot of reality involved...

SparklingCrystal 💖💎's photo
Mon 11/02/15 10:36 AM

CSI, was most "realistic", during the very first season.
Enlightened and interested quite a few into the field.

Some episodes were so realistic, they could have been used as educational tools, by the law abiding, and criminal alike.

By season 2, they toned down realism, for the sake of not teaching criminals to be better criminals.

The concept of WiFi...
Yeah, it's entirely possible for anyone to do.

Are we both talking CSI CYBER though? That's the new series, first episode got aired this year and focuses entirely on cyber stuff. So anything electronic basically that is / can be used by criminals.

But what you say would make sense for any of this type of series of course ... if they start giving away freebies ...

no photo
Fri 11/06/15 05:30 PM
Edited by massagetrade on Fri 11/06/15 05:31 PM

Anyone know?
They address some pretty scary stuff in the series. I.e. if you don't switch off your location, take a selfie and upload it, a lot can be tracked. Like the exact location (longitude/lattitude), time, device used and even its settings? noway
So if you often do that, freaks can get a very good idea of your habits, where you hang out, what times and so on.

Free WiFi; anyone can create a WiFi spot, name it the exact name of that free WiFi, and if you log on, they can hack your phone.

And so on...

Is that true? And if so, is that more advanced stuff or can any Tom Dick and Harry do such things?

How realistic are those CSI Cyber scripts?



I don't know about CSI in general, but for the first example you gave: yes all of the data you mentioned can be stored with an image. Here is an example:

http://en.wikipedia.org/wiki/Exchangeable_image_file_format#Example

no photo
Fri 11/06/15 10:35 PM

Anyone know?
They address some pretty scary stuff in the series. I.e. if you don't switch off your location, take a selfie and upload it, a lot can be tracked. Like the exact location (longitude/latitude), time, device used and even its settings? noway
So if you often do that, freaks can get a very good idea of your habits, where you hang out, what times and so on.

Free WiFi; anyone can create a WiFi spot, name it the exact name of that free WiFi, and if you log on, they can hack your phone.

And so on...

Is that true? And if so, is that more advanced stuff or can any Tom Dick and Harry do such things?

How realistic are those CSI Cyber scripts?

I've been working in I.T. since 1995, and I've always had an interest in the security portion of the work, so I've kept up on it over the years. Because of that, I *immediately* refused to watch any episodes of CSI Cyber, because (like mightymoe) I thought "That's all Hollywood bull-crap" & that I'd spend so much time picking apart the idiotic inaccuracies that I wouldn't enjoy it. Then I got roped into watching a couple of episodes.

I was wrong. I've only watched a couple of shows, but I was *honestly surprised* at what a good job the writers did of translating relatively-recent attacks into non-technical "consumer-grade" entertainment.

BOTH of the examples that you mentioned are pretty trivial to accomplish, you don't need any specialized knowledge beyond how to set up a wireless hotspot, & how to find, download & install freely-available software packages. Want to use that free wireless at your favorite coffee shop?? That might not be such a great idea. noway

As far as the image information you referenced, here's a Wikipedia link that provides some basic info, and here are a couple of examples of how metadata has "bitten" people who *should* have known better:

Example 1 - See #11 on this page

Example 2 - Seriously?? Google??!? :laughing:

SparklingCrystal 💖💎's photo
Sat 11/07/15 02:54 AM
Thank you for your reply :)

I don't know all that much about this stuff in detail, but what they show in the series is shocking!

I also don't think it is mostly "just Hollywood' because there are too many people out there who'd know if it'd be a load of BS which would mean the series would never take off.

I think it's lots fact that are 'romanticized' to make it enjoyable to watch. And understandable to non-experts, like me :tongue:

I do wonder if they have to leave out bits and bobs in order to not put ideas in ppl's heads ...

isaac_dede's photo
Sun 11/29/15 10:02 AM
Edited by isaac_dede on Sun 11/29/15 10:02 AM
I work in network security, and currently studying for my CEH(certified ethical hacker)...and OSCP(Offensive Security Certified Professional) certifications

Yes CSI Cyber scripts are real...but they are 'inflated' a little...hut not always.

The first example you gave yes its true, and no it's not inflated...picture contain metadata and that data is easily accessible.

The second thing with the Identical Wifi is known as an "evil twin" attack...they are not exactly "hacking" your phone...Although given enough time they could...but that's not it's primary purpose...or even what it is normally used for.

what it actually does is allows them to see any 'network traffic' from your phone...remember when you'd pick up an old-school cordless phone and you'd sometimes hear your neighbors conversation? You may sit and listen...you can hear what they are saying...but you didnt 'hack their phone'...essentially it is the same thing....they are listening to the digital conversation from your phone....and you have no idea they are there...

the good part is that to understand what you are looking at, and to do this without special equipment(just need laptop) actually takes some advanced skill and knowledge..

The scary part is you can make this REALLY easy by buying a specialized piece of hardware that has everything you need....for under $100 USD, yes
I meant hundred.

But back to the topic, yes their scripts are realistic with some exaggerated but still based on possibilities...their definitions they flash are normally spot on though.