Security Mavens' Reviews of Firewall

We invited some of our friends in the security field to review the new movie about a heroic CISO of a midmarket Seattle bank. Stars Harrison Ford. What could be wrong?

The first things that dont ring true are Jacks incredible house (as Pam Fusco also notes), his obvious money, and his seniority in the bank. We just dont see network security chiefs with this lifestyle. If we did, wed have them under intense investigation!

Another "Hollywoodism," aside from the perfect life and family, was how everyone interacted with computers. While most interaction these days is by GUI, Hollywood insists on everything being typed, the faster the better. When was the last time you saw a hacker movie that even showed a mouse? Remember "Swordfish?" Enough said.

And lets assume for a moment that it was the modem card he pulled out of the fax machine, that he was able to cobble together with his daughters iPod and some cabling, then plug into the network down in a server room, and have it instantly recognized and talking on the network. Yeah, thatd happen!

Later, Jack apparently takes the SIM card out of a cell phone and plugs it into his secretarys laptop andWhoa, Nelly!not only did that guy's cell phone take 20-mega pixel-quality pictures off a monitor (at an angle yet) but Jack is back on the bank network again, reversing the banks losses at $20M a pop. This guy is good! And he has the requisite blindingly fast and error-free typing skills, without even looking at the keyboard, which Hollywood demands of its geek heroes. Once again, nah, I dont think so.

Then theres an early scene where Jack establishes his bona fides as a White Hat computer genius. He looks at a screen for a few seconds, the guy at the terminal tells him that some hacker is cruising through modest accounts. Jack tells the tech to move aside. He proceeds to, according to the dialogue, "change a few of the rules to slow him down." My experience with banking networks, slim as it is, reminds me that nobody changes rule sets on a live bank network. Such changes have to be vetted off-line, by a team dedicated to that task, lest some unintended consequence kill your ATMs in Norway or freeze mortgage accounts in Boston.

The most remarkable thing of all, however, is the way Jack can go a day and a half in the same suit, through several complete soakings in Seattle rain, multiple bloody fights, roll around in the dirt while dispatching Bad Guy Numero Uno, and still manage to look like Harrison Ford, who maybe took a nap in the suit and loosened his tie in the process!