Sam Esmail, the creator/writer/director of* Mr. Robot*, promised that the second season of his hit show would get dark fast. He wasn't kidding. Last night's episode killed off the second supporting character of the young season—master phone phreaker and fsociety member Leslie Romero. (We learned Romero’s first name last night from his mother, as well as his backstory as a convicted hacker and how he wound up joining fsociety.) It also featured a few security- and hacking-related terms and phenomena that could probably use a bit of explanation. Let's take a closer look.
The Kernel Panic
Romero's death rightfully sent members of fsociety into a tailspin of anxiety. But theirs wasn’t the only panic happening last night. Elliot experienced one of his own—a kernel panic.
Ever since Elliot discovered that he and Mr. Robot are one, he's been fighting for dominance over the lurking figment of his imagination. To that end, he’s resorted to drugs again. Instead of rebooting his morphine addiction, though, he’s opted for Adderall, the amphetamine used to treat narcolepsy and ADHD—at almost triple the recommended dose—to make the Mr. Robot voice inside his head go silent.
And there’s an added benefit. “I’m way more focused,” he tells us in voiceover. “I’m pretty sure I even found God!” Then again, he’s been awake for six days; his pupils are black saucers; he talks in fast-forward; and he’s starting to hallucinate. (Scratch that. He always hallucinates.) After days without sleep, he finally crashes. But since this is a show about hacking and computers, Elliot doesn’t just crash—he experiences a kernel panic.
His mental dissolution is intercut with fast flashes of a computer screen showing the diagnostic output from a kernel crash---essentially digital vomit the computer emits after it spins out of control (like the real vomit Elliot spits up to rid himself of the Adderall). “Not syncing: Aiee, killing interrupt handler!” the flashing screen reads at the bottom.
A kernel panic, essentially the Linux version of the Windows "blue screen of death," occurs when the system experiences a fatal error. When that happens, a stack trace or crash dump can show the sequence of functions the system was calling on when the fault occurred. A system administrator can use this data to diagnose the problem and locate the bug or error that caused the crash.
While the crash dump can find the exact place a failure occurs, cause and effect don't always happen closely together. And since Mr. Robot’s writers are loathe to waste any opportunity for metaphor, we can assume some similarities to Elliot himself. His kernel crash appears on the surface to be the result of the drugs he’s been taking the last six days, but in truth it traces back much further to a different triggering event---the death of his father when he was eight years old.
Interspersed with the computer screens showing Elliot’s kernel panic, we also see a page from his ever-present Composition book, showing some of the same output that’s onscreen---his own crash dump---but in a random, chaotic format. Interspersed among the function calls are "lmfao" and "lol." Once Elliot detoxes and is nearly clean of the Adderall, we see that reflected in a more orderly page from his Composition book---the same output that we saw on the screen but now as neat as it appeared onscreen. It’s possible there’s an Easter egg buried in that kernel output somewhere---if so, we’re counting on eagle-eyed viewers to spot it.
Hot and Cold Wallets
In another scene in last night's episode, we saw Ray (a new character this season played by Craig Robinson) sitting across a table with a man who had been badly beaten and who appears to be a system administrator---possibly for unsavory types. Things aren’t going well for him or the system he’s managing: someone keeps stealing Bitcoin that’s stored on the server. Ray suggests he may be in further danger if he can’t fix the problem, but the sysadmin begs ignorance.
“They keep emptying the Bitcoin wallets; the server keeps crashing,” he moans to Ray. “I don’t know how to stop it. I only know basic network security measures. You have to find someone who can migrate the site to another more secure location and set up with a system of hot and cold wallets."
A hot Bitcoin wallet is an internet-accessible one with Bitcoins and the private keys needed to move the currency to and from Bitcoin addresses. Because the wallet is exposed, though, it’s vulnerable to being hacked, so some people store excess Bitcoins and keys in a cold wallet---on a system not connected to the internet. The same is true for a Bitcoin exchange service, which may be what the system administrator is managing on the show. Exchangers will keep a certain amount of Bitcoin in a hot wallet for immediate transactions, but the bulk in cold storage---though cold storage isn’t a guarantee against theft.
Flaming Computer Tower
FBI agent Dominique DiPierro (another new character, played by Grace Gummer) arrives to investigate Romero’s death and sees a CSI investigator connecting what appears to be a USB drive to the back of his computer tower. The drive ostensibly containing forensic tools needed to mirror the hard drive and extract its data. A police officer tells DiPierro that they the computer unprotected; she clearly has a clue in the way the CSI investigator doesn't, because she asks the police officer, “Did you have them check whether the ports were modified at all before using them?” Too late. The minute she utters the words, the back panel on the tower bursts into flames.
What did she mean by modified ports? It's likely that Romero (or his killer) boobytrapped the USB port with an incendiary device that got ignited by the current created when the USB drive was inserted.
"It's trivially easy to solder something to a USB port such that when electric current is applied ... that it would ignite an incendiary," says Robert Graham, CEO of Erratasec. On the inside of the USB port, the wires are exposed. "So you simply solder a wire to [the port], which would connect to some resister element that would heat up in a few seconds, which would trigger a blasting cap of some sort, which would then catch on fire."
Graham thinks the incendiary is probably thermite, since a normal fire wouldn't burn hot enough to damage the hard drive disks. "Thermite is a popular way hackers dispose of hard drives, because it completely melts [the] living snot out of them," he says. "It's also insanely easy to make at home, made from iron oxide (aka rust) and aluminum powder (easily ordered cheaply from Amazon)."
Thermite burns so hot, though, that—well, let Graham tell you: "It'd melt through the computer case, the table, and even through the floor."
Compare the fire in last night's episode to how a more extensive thermite fire would look:
Then again, if you really don't want someone finding the information on your drives—or the drives of someone you, y'know, murdered—thermite might be just the thing.
