The season finale of Mr. Robot left me asking myself many questions. The big question that most of the characters in the show asked themselves as well was: Where is Tyrell?
What exactly happened while Elliot was in Tyrell’s car? Did Tyrell execute the plan to bring down E Corp or did Elliot? Why is Angela now working for E Corp? Who really put that video of Elliot falling from the boardwalk on the James Bond-like sunglasses USB stick? Did Angela really have to go shopping for designer shoes after James Plouffe’s suicide? Does she not own more than one pair of high heels? Who is knocking on Elliot’s door at the end of the episode?
I admit, I initially stopped watching as the credits came, but then I read online that that was a big mistake. There is a scene that comes after the credits, which, of course, left me asking myself two more questions: Why is White Rose meeting with the CEO of E Corp? Does E Corp really know that Elliot is behind the take down?
However, one very important question that I have been asking myself for the last 15 years was finally answered in this episode. FSociety let the dogs out.
In addition to the numerous plot questions, I had two technical questions after watching the episode. I sat down with senior malware analyst, Jaromir Horejsi, who kindly answered my questions for me.
In the opening scene, Krista meets with her ex-boyfriend Michael, aka Lenny. Lenny needs more evidence to prosecute Elliot. “He was routing through something called proxies or something, out in Estonia, he’s untraceable,” Lenny told Krista.
Stefanie: What is a proxy? How did this process make Elliot untraceable?
Jaromir: A proxy, or proxy server, acts as the middleman when you request information from servers over the web. Proxies are used for a variety of reasons. Schools and commercial organizations sometimes use proxies to control which content is accessed within the school or organization. Proxies can also be used to circumvent geo-location content restrictions. In this case, the person’s true IP address is not revealed to the server the person is accessing, rather the person connects to the server via a proxy located in a different country.
In this case, Elliot used a proxy to anonymize his web traffic. The server that Elliot requests a web page from receives his request from an anonymizing proxy server, which in the example Lenny gives, was located in Estonia. The proxy server then forwards the web page to Elliot. If configured properly, anonymizing proxy servers delete all logs and traces of requests made ,in addition to keeping the user’s IP address anonymous.
At minute 14:35 Elliot tries to figure out what exactly happened. He mentions a simple program, a worm that can make data unreadable. Malware that took Darlene maybe two hours to code. He also mentions that Darlene encrypted everything with 256-bit AES and that because of this, it would take an incomprehensible amount of time to crack the encryption.
Stefanie: What is 256-bit AES and why is it so hard to decrypt?
Jaromir: AES is an encryption method that was established by the U.S. National Institute of Standards and Technology. AES is a symmetric-key algorithm, which means the key used to encrypt the data is the same key that can decrypt the data. The lengths of the encryption key can be three different lengths: 128, 192 and 256 bits.
A 256-bit AES key is made up of 256 bits, which are made up of 1s and 0s. Meaning the key has 2e256 possible combinations, making it impossible to crack. A year ago, a reddit user posted his calculations of how long it would take to crack a 256-bit AES encryption. Here are his results: “The universe itself only existed for 14 billion (1.4e10) years. It would take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.”
I would like to thank all of the Avast experts who helped me understand the Mr. Robot hacks this season and look forward to discussing season two’s hacks with you
What did you think of the finale episode? Let us know us know in the comments below!