Tuesday, December 18, 2007

"Untraceable" looks unwatchable

In January 2008 the film "Untraceable," starring Diane Lane, will be released. It looks awful. The premise is that a serial killer is killing people live on the Internet, via an "untraceable website" that is connected to contraptions that kill his victims as more people visit the site.

The whole concept of an "untraceable website" or the idea that such a thing would be unstoppable by ISPs and law enforcement is absurd--the immediate upstream provider of the site would merely need to null route the IP address(es) where the website is hosted, and traffic stops. They'd also be able to quickly identify the customer who owns the server in question. Even if that server was compromised and being used to reverse proxy or redirect traffic to other servers, it would still be a relatively simple matter to track that backwards, though it would be somewhat more difficult than stopping the traffic. Even if the domain name pointed to a new server on a compromised host every second, it would still be possible to contact the domain name registrar and get the domain name shut down.

If users can get to it, it can be seen how and what they're getting to, even if that's only the front end in a chain of successive proxies. If it has a domain name, that provides another path to shutting off access.

UPDATE (January 2, 2008): I came across the script online while searching for information about the writers. Let's just say that my opinion above is not nearly negative enough. In the first 16 pages are at least six or seven scenes that really bring on the stupid. For example, FBI Agent Jennifer Marsh, who works in the FBI's cyber division, is monitoring machines that are being compromised by hackers (honeypots, essentially, though the script doesn't use the word). One of her machines gets compromised and she sees that it copies her files including fake financial information. It then accesses eBay to use a stolen credit card to purchase a watch. In reality, the stolen financial information wouldn't be likely to be used from the same machine, it would be sold to another player in the underground economy. Marsh then types commands to look for the IP address of the connecting host--but if they've already got honeypots or honeynets in operation, that should already be logged. She then does the usual CSI-style conversion of an IP address into a name and address without issuing a subpoena to an ISP, and discovers that it's a home belonging to a 56-year-old woman. She immediately concludes that the actual criminal must be a neighbor using her wireless connection, despite the fact that she has no evidence that the woman has a wireless access point and isn't just another victim with a compromised machine being used as a proxy. Without doing any more verification, she arranges to get a warrant to knock the door of the neighbor down, and it turns out to be a teenage kid.

On p. 16 appears this nice quote: "She types several commands into a unix shell. Trace routing algorithms begin to run. A different screen shows possible IP addresses. The list begins growing, from ten to hundreds to thousands.... Marsh shakes her head at the futility." There are multiple methods of performing traceroutes and even of adding fake hops to a traceroute, but traceroute is unnecessary to find out the IP address of a website--it's only useful for finding the path traffic takes to get to that website, e.g., for finding the upstream provider. But getting a list of upstream providers is better done by looking at routing tables rather than doing traceroutes, anyway. The real investigative steps would be to look at the DNS information for the domain, get the IP address or addresses from the authoritative name server (and check to see if those are changing with a short TTL), then find the upstream providers.

Funniest exchange I've seen so far in the script (p. 26) is this marvel of self-contradiction:
[FBI agent] GRIFFIN: I traced it to a Georgetown sophomore named Andrew Kinross. But then I looked closer and saw the post didn't actually originate from his computer.
MARSH: Our guy got into his computer and posted it from there.
GRIFFIN: That would be my guess.
MARSH: So let's go after the originating computer's IP.
And so far, I've not mentioned how the hacker mastermind hacks into the FBI agent's car (which features the fictional "NorthStar" instead "OnStar")--in the preview, the hacker apparently is able to control the steering of her car. I suspect drive-by-wire steering will come soon in the future of the automobile, but I don't believe it exists today. (Turns out the preview gives a misleading impression of what the script says is happening--the hacker doesn't actually control the steering, but remotely shuts off the car's electrical systems and power steering.)

66 comments:

mikeb said...

This post is exactly why my wife won't let me watch CSI with her. We have to learn to suspend disbelief for the purpose of entertainment Jim!

Although it should probably be argued that a movie can afford a bit more research and should be given less slack than a TV show.

Of course.. I won't be watching it either ;-).

Lippard said...

I can actually tolerate the ridiculousness of the CSI shows' magical heads-up displays and ability to instantly access and search the internal records of ISPs and telephone companies to obtain customer information without bothering to issue a subpoena or get a court order (though not without commenting or making an audible groan). What I find different about this case is that it is so central to the plot of the movie, yet so completely absurd. You know the person who came up with this has no comprehension of how the world wide web works, yet somehow his ridiculous idea was taken and run with by hundreds of people spending tens of millions of dollars.

It would have made more sense as a fantasy set in an alternative universe with magic and unicorns.

Einzige said...

Would it be any better if at the beginning of the film they explained that the EFF (say) had just introduced this new privacy technology that annonymizes web traffic in both directions?

I'm not saying that the movie does this, mind you...

Lippard said...

It wouldn't have made me feel any better about it, since most people don't use anything like TOR.

And for those that do, many of them have a false sense of security about their anonymity, since they are sending credentials unencrypted through TOR which are visible to those operating TOR exit nodes (widely believed to include various government agencies).

P Pemberton said...

Sorry Jim on this occasion you have NO IDEA what you are talking about. Every and I mean EVERY thing you have said has been addressed and explained in the movie. It's all there up on screen. You have obviously judged (incorrectly) the entire movie on a few seconds of trailer footage. All your issues and questions are answered in the film.
Also, the FBI was hugely involved in the making of the film in order to make the action on screen as authentic as possible. Sorry pal but you really are ill-informed on this one. Take care.
http://www.comingsoon.net/news/movienews.php?id=40337

Lippard said...

On the contrary, I'm quite familiar with the current practices of the phishing and botnet underground.

The description you point to says this: "When they stumble upon the KillWithMe site, that's when the pace is picked up. At first, it seems innocent, but after they find the live feed of a man chained up, bloody and dying, it becomes their lead case. What struck me was the man's chest was carved in dripping blood with the phrase "killwithme.com." "They're just trying to figure what's going on, and begin to track this guy," Greg said.

What makes this one guy hard to find is the IP address keeps changing, from Russia to Portland, Oregon. How real are these cases? According to EJ, extremely. "There's been a number of sites I've gone after where people are doing these exact things. On the internet, when you're querying the site, the IP address is monitored. This guy is running various IP addresses, his server would be poisoned to change on a regular basis – and he may be even controlling it. These would all be things the FBI would figure out and work through and track back; it's just a time issue, and could take upwards of a couple months.""

It's certainly possible for a site to jump from compromised machine to compromised machine by using a domain name with a very low time-to-live--this is, in fact, something done in reality by scammers. However, I already addressed this in my post--the way to shut it down is to shut down the domain name, which does not take "a couple months."

If, in the movie, the domain name itself is constantly changing and it's being advertised via spam emails, then that is more plausible. But the fact that we're talking about streaming video content, not static information stored on each server, would make it much easier to trace--there has to be a nearly continuous stream of data from the source to the sites that users are accessing, which is not the case for phishing scams.

BTW, the January release of this film is itself an implicit admission by the studios that this is a stinker.

Lippard said...

BTW, this quote from the FBI consultant in the cited article makes no sense: "On the internet, when you're querying the site, the IP address is monitored. This guy is running various IP addresses, his server would be poisoned to change on a regular basis – and he may be even controlling it."

Perhaps the writer of the article garbled it, but it is almost completely confused. It looks like it's trying to express something about DNS queries and possibly DNS cache poisoning, but it's so poorly stated that it fails to convey its meaning. It fails to distinguish DNS queries from the HTTP requests, monitoring of DNS queries from monitoring of HTTP requests, having a low DNS TTL from DNS round-robin or load balancing by returning different IPs to different querying rDNS servers... And it wouldn't be "his server" that is "poisoned," it would be other provider's DNS caches.

P Pemberton said...

Jim... I can't believe your insane posts. All of this that you are talking about IS in the movie. The characters are asking the exact questions that you are! You are being an idiot sorry!

Do you over analyze and prjudice every book, film, TV show in this manner. Get a LIFE!

P Pemberton said...

The recent "DIE HARD" had far more "leaps of logic" than this movie and did you rant and rave like a little child then?

Einzige said...

...did you rant and rave like a little child then?

Is that what he's doing now???

Lippard said...

P. Pemberton: I didn't see the most recent "Die Hard" movie.

What's your association with the movie that you've already seen it and are so concerned to defend its accuracy (but only by making assertions without providing evidence to support them)? That seems more irrational than my criticisms. If my nit-picking a bad movie demonstrates my need for a life, doesn't that make your nit-picking my nit-picking (or, nit-picking twice removed) an even stronger demonstration of your need for one?

P Pemberton said...

Fair enough einzige. That was a little overboard, but to dis this film before he's seen it is absurd when it in many ways totally agrees with what he is saying! The agents in the film do all the stuff that Jeff is talking about. It's all there and Jeff is dismissing it... yet it's all there. I think we best leave this as until Jeff has seen the film he is just making himself look a bit of an idiot dismissing a film that actually agrees with him!

Lippard said...

It's not uncommon for people to analyze the detail of movies that get something wrong within their fields of expertise. Some of us enjoy reading things like descriptions of film goofs and "nit-picker's guides" to films.

BTW, who's Jeff?

Einzige said...

"Jeff"???

I wonder if Pemberton is on a campaign to defend this film and forgot which site he was responding to...

Tal Poleaf said...

Lippard wrote: "It's not uncommon for people to analyze the detail of movies that get something wrong within their fields of expertise. Some of us enjoy reading things like descriptions of film goofs and "nit-picker's guides" to films."

You are correct -- it is not uncommon for people to nit-pick details of films. What is more uncommon is for people to make sweeping value judgments about the entire film based on those picked nits.

Einzige said...

Is it a sweeping value judgment?

Here's an analogy (as I'm not a net security guru I can't vouch for it being 100% apt, but I hope it's close enough)...

Imagine a film about a group of people trying to break into a house. The movie's budget is $300M. All the actors and the director are academy award winners. The writer of the film went to extreme pains to ensure the scientific accuracy behind the tensile strength of the materials used to line the walls, which are three feet thick and would even survive a direct hit by a ballistic missle.

There's just one itty bitty thing wrong with the premise of this movie: the house's windows are single pane and the locks on the front and back doors are Kwikset.

Is it a safe bet to conclude that this movie's premise suffers from such a serious flaw that it will be laughably unwatchable, regardless how well acted it is, or how beautiful the cinematography?

Lippard said...

Tal:

I've read the whole script at this point, see my updated post. It's crap, all right, even worse than I imagined.

P. Pemberton's claim that all of my criticisms are accounted for in the movie is false--as far as I see, all of my original criticisms stand, and there's lots more in the movie that is even worse than what we see in the preview.

Tal Poleaf said...

Hey Mr. Lippard: Thanks for the update. If you have a moment, can you please post a link to some "IP addresses for dummies" types of sites? What you say are obvious contradictions don't sound nearly as dumb to the average person as they do to you.

The movie sounds goofy. But if Diane Lane removes her top, all bets are off.

At the very least this is a step up from the horror movie where a hacker is able to manipulate somebody's toaster, or "The Net" with Sandra Bullock where identity thieves are able to get into every police database and credit-card company in minutes. "Die Hard 4" has similar scenes where one guy at a computer can control several public utilities and other networks at once without even crashing Windows XP. The John Travolta movie "Swordfish" has Hugh Jackman hacking a difficult password in the time it takes a woman to blow him, and the remade "Italian Job" has Seth Green (who "invented Napster") shutting down Los Angeles traffic lights like it's nothing. Then there is "Hackers" in which the only redeeming quality is Angelina Jolie's ta-tas under a see-thru shirt.

Movies rarely get technical details right. It is not cinematic.

Einzige said...

Speaking of Diane Lane removing her top, I really really wish that they would finally get around to releasing Ladies and Gentlemen, The Fabulous Stains on DVD already.

I mean, Jeez...

Lippard said...

The contradictory exchange isn't quite as bad as I originally thought--if the initial statement from Griffin were rewritten slightly, it would actually make sense. The scenario they are trying to describe is that a remote hacker broke into Kinross's machine and used it to post the message to the forum. Griffin's initial statement, however, incorrectly states that the message didn't come from Kinross's computer, when Marsh and Griffin then subsequently agree that it did. If they rewrote it to have Griffin state that it came from Kinross's computer, but that it was a compromised machine that was relaying packets from another source, that would have made the point accurately and without contradiction.

Here's an online source on tracking spam which teaches a lot of the basics.

Al said...

Compared to most movies that have no regard at all for reality, this film did its damnedest to please the technical community. There were three paid consultants, all at the tops of their fields. EJ from the FBi is an absolute pro and answers questions on the website. I think you are forgetting that things have to be phrased in a way so that the average person can comprehend them. Your are being terribly anal and pedantic, not to mention unfair. Relax, buy some popcorn, see the movie. It's terrific.

Lippard said...

Al, thanks for coming by, but I read the script and if it hasn't been dramatically improved from that, it's a pretty weak story independently of the technical issues.

But here's a quote from a site that actually makes sense and I don't recall seeing this in the script I read. The only problem with this excerpt is the fact that the domain name in the preview and in the script is not Russian (and the "main server" should be "primary DNS server", and that it wouldn't be the FBI doing any blackholing, it would be people like my security team at large backbone providers):

In one of the early scenes that sets up the plot of the movie, Diane Lane's character explains the Internet site she has found, where a man hangs from chains in the ceiling of an apartment bleeding to death. Her supervisor tells her to shut the site down. She has already tried that, and explains, "The site's IP keeps changing constantly. Each new address is an exploited server. It is running a mirror of the site. The site's Russian main server uses a low TTL so that your computer constantly queries the name server's record. And that is how it gives you a new address so consistently. There are thousands of exploited servers on the Internet, so he is not going to run out of victims anytime soon. But he is accessing these servers so quickly; he has got to be running his own botnet. I mean, we are black holing these IPs. Every time we shut one mirror down another one pops up."

Her supervisor tells her, "I didn't understand a single word that you said. I heard Russia. What do they have to do with this?" Colin Hanks, playing Lane's partner, explains, "The domain register and the domain names are all in Russian. We have no jurisdiction there."

Al said...

Isn't it obvious how much care was taken to make this movie as realistic as possible? You nitpick certain details, and surely you are right about some of them, but you are parsing at such an arcane level. We're talking about a story that is striving to reach a global audience.

Lippard said...

The quote I just supplied supports the care point you made, but the script I read doesn't. You've ignored the other point I made--the story itself is weak independent of the technical flaws.

Al said...

On the imdb.com message board for the film the FBI cyberconsultant has been posting explanations and defenses of his work on the film. It's worth checking out.

Here is a sample: Unfortunately the movie has not been released yet so I cannot explain why I reference the things I reference.

As I have said in many other posts, no site is completely untraceable. However, it can be difficult to trace for a period of time and in that time things can occur.

If the DNS points to a different IP everytime you query it and those IPs control mirrors of the feed, tracking it will be difficult but not impossible.

Shutting down the domain in the real world, takes 24 to 72 hours to get a domain blocked in the US from the time the site is confirmed real. International DNS blacklisting can take a month or more from the time ARIN, RIPE, LACNIC, APNIC, etc are notified. Reason, some ISP do not regularly update their DNS records yet those DNS servers can still be queried.

What can you do in that time frame?

There are so many who claim it is so easy to track these sites and shut them down yet none have tracked the site I gave in this string, nor have they identified who owns it or what domain is running on it.


Enjoy the movie and then comeback and tear me apart if if you dont like it. the tech side is only one portion of movie. There truly is a social commentary aspects as well.

Lippard said...

Looks like another title they could have used for this film was Unoriginal.

The link is to a plot synopsis of an episode of the show "Millennium" titled "The Mikado," which sounds like a much more cleverly plotted story.

Lippard said...

Just to answer the question in the post from imdb:

"Shutting down the domain in the real world, takes 24 to 72 hours to get a domain blocked in the US from the time the site is confirmed real. International DNS blacklisting can take a month or more from the time ARIN, RIPE, LACNIC, APNIC, etc are notified. Reason, some ISP do not regularly update their DNS records yet those DNS servers can still be queried.

What can you do in that time frame? "

In this particular case, it's part of the scenario that the TTL on the domain is very small, so DNS propagation isn't going to cause much delay. All you do is pass the word to the major ISPs to introduce into their own DNS caches a record for the domain that points to something else and has a long TTL; problem solved immediately. Only a few huge ISPs taking such a measure cuts down the number of potential viewers enormously (say, Verizon, AT&T, Comcast, Cox, and Time Warner Cable/Roadrunner, for example). And that's only necessary in the scenario where you get no cooperation from the DNS registrar.

Secondarily, in the film's scenario, you let a honeypot get infected and reverse engineer the malware. You monitor the DNS server to collect IPs of infected hosts, you monitor your Netflow to see what the infected hosts are connecting to, and so long as any of them are connecting to the original server (and they have to be, since in this scenario there's live video--there's a LOT of traffic coming from the main server, and then being propagated through some limited number of viewer's hosts to each viewer).

Al said...

Untraceable makes a powerful social statement. It is an indictment of internet voyeurism and blood lust. From what I have read about it, the Mikado episode is entirely different in its function and aims.

Lippard said...

I shall show my support for its social statement about blood lust and voyeurism by not going to see it.

Seriously, Al, do you have some connection to this film?

How about a deal--if it gets a "cream of the crop" freshness percentage above 70% at rottentomatoes.com (say, by a week after release, when there are at least a dozen or so reviews), I'll agree to watch it, if you'll agree on a percentage of below 30% to post here that you were wrong, and it really does suck. Anywhere in between, we can agree to disagree.

Al said...

I have seen too many interesting movies trashed on rotten tomatoes and too many shit ones praised to the skies to enter the deal. I just think you should wait and see the movie and stop trashing it for such pedantic reasons.

Einzige said...

Name one movie you thought was good that, nonetheless, got under 30% on RT.

Al said...

Hannibal Rising.

It got a 15%.

Lippard said...

Really? I haven't seen it and it's the only Thomas Harris book in the series I haven't read, but both the book and the movie got generally bad reviews. On the other hand, it has 6/10 at imdb.

Here's the top "most helpful" review at Amazon.com: "What unspeakable crud "Hannibal Rising" is. If you thought that parts of "Hannibal" were bad (especially that ridiculous ending), believe me it's a masterpiece compared to this new one. Words fail to say just how bad this book is. (For one thing, if Harris is going to have foreign-language quotations, at least get their spelling right!)

How odd it is that Harris doesn't even seem to understand his own characters; that we the readers know Dr. Lecter better than the author does. The plot of this novel sets up the improbable situation that Lecter was the product of abuse by the Nazis and hence his insanity. Aw, poor li'l Hannibal; he couldn't help himself. This portrait is just inconsistent with the character we came to know so well in the earlier novels. Why doesn't Harris sell this character to another novelist who can treat Lecter with more creativity and credibility?

Yes, there are a couple of good scenes. But they don't make up for the dozens of awful ones."

Red Dragon was the best of the Harris books, IMHO (and 1986's "Manhunter" an underappreciated film).

So, interesting choice--at least you didn't say "Friday."

But back to "Untraceable"--do you have some connection to this film? (It's strange that the people defending it here, who think my criticisms are crazy or unfair but keep coming back to keep this comment thread going, don't answer that question.)

Al said...

I have just enough of a connection to the film to know that you are treating it really unfairly. My God, One Missed Call just got a 00% on Rotten Tomatoes and made 12 million bucks opening weekend. if you feel the need to attack something, why look any farther? But a smart movie like Untraceable that seeks to inspire real discussion among thoughtful people, and has worked very hard to make itself the most plausible internet thriller yet, does not deserve condemnation like this, especially for someone who has not even seen it. Fortunately, all the press screenings have gone really well so far, and all the press feedback has been positive. So, ideally, you will be in the minority.

I liked Hannibal Rising, the movie, that is, a lot. I thought The Orphanage was absolute crap and critics are lining up to kiss its ass. So you see I don't take critics all that seriously, but they can help with box office.

Einzige said...

The way I interpret the Rotten Tomatoes rating is: The percentage likelihood that you're going to like the movie.

For example, LOTR got a 97% rating, but I hated it (at least I hated the theatrical releases. I saw the director's cut DVDs recently, and adding the cut scenes back in made all the difference).

Unknown said...

Wow Im amazed at the trolling comments placed here.

This is a movie, designed to entertain. Everything is not 100% accurate because it would be really boring to watch. Secondly it would be nearly impossible for the general public to understand.

Jim you discuss in detail how to do certain things to take the site down but you forget the time and political factors that go into this. Nothing happens fast when it comes to government requests.

When's the last time all the ISP did something requested by the government? Look at the fall out because of the warrantless searches for terrorist phone calls.

I did exactly what you are suggesting fo 8 years it simply does not happen fast

Im glad the world and you believe these things happen so quickly but they do not even thought I too feel they should because of how seemingly simple they are...

Politics, sovereign countries and consitutional laws fall into place when trying to get things taken down by the USG both here and overseas.

But each day as more people become aware more people force shange and things happen quicker and quicker.

Im also curious how fast you can get a honeypot online and then determine who exactly is going to try to own/infect it.

As I have stated in the past and I will state here the fact that we tell the story means that we can trace the story. I dont want anyone thinking they can get away with this because they can't.

Again this is a movie.

I must thank you Jim for pointing out the DNS poisoning issue, yes it was a screwed up quote.

Go see the movie and if you dont like it for its entertainment value Ill personally send you a check for the cost of the movie ticket and popcorn.


Also why did you trace the IP address I put in the IMDB post

Lippard said...

Cyberagent: Yet ANOTHER person associated with the movie here?

"When's the last time all the ISP did something requested by the government? Look at the fall out because of the warrantless searches for terrorist phone calls."

Today, I guarantee it. Note that usually action gets taken regarding abusive websites and compromised hosts by ISPs *without* any involvement of government. The ISPs and security researchers usually learn of these things before the government does, and the government comes in after the fact to issue warrants and subpoenas and obtain the necessary evidence (which the private parties have preserved) and build a case that can be prosecuted. And in fact it's very common for a company like Microsoft (and previously Earthlink or AOL) to file a civil suit, win it, and only *then* does the government come along and prosecute criminally.

ISPs generally require subpoenas and warrants to give information to governments, but not to take action if they are aware of a problem--there they are only limited by law and their contractual agreements. Any ISP is going to have contract provisions that allow traffic filtering to protect their network and for cases of extreme emergency.

"Im glad the world and you believe these things happen so quickly but they do not even thought I too feel they should because of how seemingly simple they are..."

Private action can be extremely quick--it's when government is involved that things slow down, for various reasons (due process, evidence collection, bureaucracy, etc.).

"Politics, sovereign countries and consitutional laws fall into place when trying to get things taken down by the USG both here and overseas."

Yeah, but if I contact my counterpart at another provider (particularly if it's one that my employer is supplying connectivity to) and ask them to shut something down for good reason (with evidence), that's likely to happen very quickly.

"Also why did you trace the IP address I put in the IMDB post"

I don't know what you're talking about there. (But I do see that SiteMeter considers your IP to be in Silverado, CA. Hope you didn't have any losses from the recent fires.)

Lippard said...

Forgot to answer this part:

"Im also curious how fast you can get a honeypot online and then determine who exactly is going to try to own/infect it."

Security researchers have lots of honeypots online at all times collecting malware. In the case described in the movie, the infection occurs when you visit the "untraceable" web site, so getting a honeypot infected would simply be a matter of opening up a web browser and pointing it at the site.

BTW, I am available for paid technical consultation on future films...

Lippard said...

This blog site that reviews movies says that Untraceable is "Unreviewable... until the day it comes out. :("

Are reviews really embargoed on the film until the day of release? If so, that doesn't sound like confidence in its quality or appeal.

Einzige said...

There's currently only 5 reviews, but, as of today, Untraceable is just on the line of a fresh rating.

Al said...

I think for any genre movie these days, when there are so many of them, it's tough to get good reviews. The fact that both the Hollywood Reporter and Variety liked this film so much, augurs well for it. I would say a say a final tomato rating anywhere near a 40 is fine. Agree, disagree?

Lippard said...

I would not agree that 60% freshness constitutes good, nor that Variety's review was as positive as you seem to think, though it was positive (I haven't read the Hollywood Reporter's review). You must be posting as "Trumboy" on imdb, who said that "This film got wonderful reviews from both Variety and Hollywood Reporter today. They both said it was smart and well done. So keep an open mind."

Here's my reply to that at imdb:

Variety's reviewer, Joe Leydon, wrote that Untraceable unfolds "like a better-than-average episode of a first-rate TV police procedural" with a "formulaic plot" which is "enlivened with bracingly acerbic observations about Internet-enabled voyeurism." He notes that "Unfortunately, the filmmakers shoot themselves in the foot and leave a gaping hole in their narrative by not revealing the ultimate fates of two key characters during their otherwise effective wrap-up." He gives high marks to Lane, Burke, Cross, Hurt, Haney-Jardine, and Hanks, in that order, as well as to the camera operator, Anastas Michos.

I wouldn't exactly call it a "wonderful review."

Al said...

For a genre movie? I would.

Lippard said...

Now it's down to 50%. Still good for a genre movie?

Al said...

Jim, with all due respect, you are a horse's ass. I was trying to lend some credibility to your blog, but you are resolutely small-minded in your approach to film. Go make a movie of your own. It might alleviate some of your self-loathing and pettiness.

Einzige said...

Why are people so prone to resort to attacks on a critic's alleged emotional or intellectual deficiencies, rather than remain focused on what is pertinent--namely, the merits of the argument in question?

I see this over and over again in the responses to one of my posts on Nouveau Riche University.

Perhaps to ask this question is to answer it.

Lippard said...

Al: I'm not sure how you were trying to "lend credibility to my blog." It looked to me more like you've trying to shill for a film you're connected with, and not doing a very good job of it. Viral marketing is clearly not your forte. Basically, you've given the impression that people associated with this film think that they can turn bad word of mouth into good word of mouth by insulting those who are critical. Your defensiveness gives the impression that the truth hurts.

Unknown said...

Jim,
You stated "Private action can be extremely quick--it's when government is involved that things slow down, for various reasons (due process, evidence collection, bureaucracy, etc.)."

YOU have made my point. It does not happen quickly.

Can I ask what your real world credentials are? How many cyber criminals have you chased? How many have you caught?

I have worked these crimes and fought these battles both within the government and in private corporations.

In this litigious age, no major company takes "private action" unless it impacts their bottom line. It is that simple.

If you feel the need to attack the story behind the movie, that is fine.

But you have offered nothing here that indicates you are anything more than ignorant about how these crimes are investigated, what is truly required to stop things from a law enforcement perspective or what the public as a whole truly understands.

As for my comments regarding tracking my IPA, I posted as EJHilbert and challenged all to find the location and the person behind a particular IPA. Since all claim it is so easy to do.

Care to take a shot at it?

Again you are entitled to your opinion about the story at is basic level. But until you have "walked a mile" in the shoes of the writer, producters, director and consultants and are willing to put up your real world experiences please refrain from commenting on the perceived inaccuracies or intentions of those who involved in making this film.

My offer still stands, go see it and if you feel that it is so bad you walk out, I will personally reimburse you the cost of the film and a bucket of popcorn.

thecyberfbi.blogspot.com

Lippard said...

E.J.: You can find my real-world credentials by looking at my Blogger profile or my LinkedIn profile, or just Googling my name. It's not difficult to find.

I understand that there are difficulties in finding and stopping things from a law enforcement perspective. There are procedures to be followed, and the evidence necessary for a legal case has more stringent requirements than to simply find out what is the case. It also can be difficult to find real-world identities of individuals engaged in electronic crimes, when those parties have distributed their workload (and their risk of identification and prosecution) among multiple groups of people in the underground economy. But all of that is quite distinct from the complaints I made in the post to which these comments have been made.

I've not seen your IP address trace challenge, and you haven't posted a reference here. I'd be happy to take a look at it and offer my comments once I see it. What's the challenge?

Lippard said...

E.J.: We have a LinkedIn connection in common, a gentleman formerly with the FBI Legal Attache's office in London who's now at Microsoft. I suspect we have plenty of mutual acquaintances in both law enforcement and private industry.

Considering that my employer is one of the main providers of network connectivity to your current employer, I'm surprised we haven't met or spoken to each other (or that you haven't spoken to a member of my organization). Feel free to contact me via LinkedIn, as I'm sure we can help you out from time to time.

Lippard said...

Rottentomatoes.com's freshness rating for "Untraceable" is down to 38% with 8 reviews, five of which are negative.

Lippard said...

"Most hypocritical film of 2008. ... Untraceable--unwatchable."

--Richard Roeper and Michael Phillips, on "Ebert & Roeper," stealing my line.

Lippard said...

Contrarian indicator Rex Reed liked Unwatchable.

Lippard said...

Rottentomatoes: 29% freshness with 14 reviews.

Peter Travers, Rolling Stone: "Talk about your pious frauds. I've got a better way to show your disgust for Internet scum: Don't see Untraceable."

Lippard said...

I wondered what connection "P Pemberton," posting from a London hospital, might have to this movie. I've just learned that one of the writers, Mark Brinker, is Dr. Mark Brinker, a Houston orthopedic surgeon (who also has a sandwich named after him at the Camellia Grill in New Orleans, where he went to Tulane Medical School). So I'd guess "P Pemberton" is someone who knows Dr. Brinker and saw the movie in London, where it apparently opened earlier, based on the comments I've seen on several blogs.

BTW, we're now up to 17 reviews at Rotten Tomatoes, and freshness has gone from just under 1/3 to just under 1/4, at 24%. Average rating is 4.2/10. IMDB has no rating as there still aren't five votes yet, I expect it will show a rating this weekend and we'll get to see how it does at the box office for its first weekend by Monday.

Lippard said...

Sorry, E.J., but I'm definitely not going to the theater to watch this movie.

Rotten Tomatoes: 39 reviews, 6 positive, 33 negative. Freshness: 15%, average rating: 4.1/10.

Lippard said...

Rotten Tomatoes: 84 reviews, 12 positive and 72 negative, average rating 4.2/10, "freshness": 14%.
Consensus review: "A run-of-the-mill thriller with a hypocritical message."

Positive reviews came from Clark Collis at Entertainment Weekly, Kevin Crust at the Los Angeles Times, Kit Bowen at Hollywood.com, Roger Ebert at the Chicago Sun-Times (the most respectable of the positive reviewers, in my opinion), Joe Leydon at Variety, Jeff Otto at ReelzChannel.com, Prairie Miller at NewsBlaze, Larry Ratliff at the San Antonio Express-News, Michael Rechtshaffer at the Hollywood Reporter, Rex Reed at the New York Observer, M.K. Terrell at the Christian Science Monitor, and Doris Toumarkine at Film Journal International.

I think Ebert makes the best case for the film that could be made. He's certainly correct about online chatroom idiots (and YouTube commenters), but it doesn't seem to me that this movie offers any constructive suggestions, rather than simply exploiting the amorality of viewers of nastiness as a plot point.

IMDB still doesn't have five votes to produce a user rating.

Lippard said...

IMDB raings are better, with 519 votes so far--overall rating is 6.2/10. In general, there's a downward rating trend based on age, with the under-18 crowd rating it 8.4, 18-29 rating it 6.5, 30-44 rating it 5.4, and then a slight increase as 45+ rate it at 5.6.

In box office, Untraceable came in at #5 on its opening weekend (behind Meet the Spartans, Rambo, 27 Dresses, and Cloverfield) with $11.2 million on 2368 screens, for a per-screen take of $4730.

hibbidyhooblah said...

Mikeb hit the nail on the head. It's entertainment. "Suspend disbelief for the purpose of entertainment."

The only argument you should be making is if they couldn't make it a decent movie. They should've at least made it technical to satisfy the tech nerds. Instead, the movie isn't very entertaining and I'll take your word on it being technically flawed. (Although a movie always will be.)

Could be worse.. it could've been another Dane Cook film or Joss Whedon.

Unknown said...

It just struck me reading these posts that Jim's comments are all based on an old script most of whihc never made it into the movie and or was changed to address tech issues.

If you were not entertained, such is life but do not assume the tech is wrong because someone read the script.

Sorry Jim, I should have pointed this fact out before. Lines were changed inth e movie right up to December 06 to fix flaws or make points clearer. The whole each viewer becomes a seeder for a streaming bit torrent was dropped as was the hack into the FBI computers.


For all those reading, Jim and I will most likely agree to disagree but that is the point of a movie like this, to get people talking about stuff like this. Enjoy the debate.

Lippard said...

E.J., that's probably correct--I have no idea what version of the script I saw, but I think I did (somewhere in the comments above) point out that there was a quote a reviewer gave from the movie that I thought looked pretty accurate yet was not in the script I read.

BTW, Bennett Haselton at Slashdot saw the movie and reported that he thought it was reasonably accurate, with specific examples.

Unknown said...

Jim,
Thanks for that. If nothing else we geeks can say they got it almost right. My job to make the tech and the FBI response as truthful as possible and I did exactly that

Maybe Ill write a script and ask for input from the blogs. Unfortunately, Im not sure a ton of people will watch the real stuff. Maybe a special screen at DefCon :-)

Dennis Allen said...

It's a movie. Only a movie. It's better than swordfish for sure. And a bit closer to reality than firewall. Far from perfect, but certainly entertaining to watch 'em try.

sandokas said...

I would like to thank jim lippard for he's comments. I actually saw the movie (not read the script) and i thought the idea of a streaming web site that constantly changes ip is not doable also.

Even if the server is registered in russia, and dns russia sites keeps the ip changing every second, dns is something that takes time to propagate, and viewers in the us would certainly be resolving 99.9% of the time to the fbi ip address.

Even if something like Tor is used (the hacker is highly resourcefull and compromised 1 billion computers without getting caught, which is impossible) i can't see how fbi is unable to stop local people from accessing a domain that is streaming video from a local server.

Unknown said...

Okay, I watched the movie just now, so forgive me for bumping a six-year-old thread. The movie is fun to watch, although the technobabble is mostly silly and wrong. Not to mention the complete ignorance of criminal procedure.
But most people won't notice a thing. But Pemberton is a obvious shill.

Unknown said...

Movie was okay. Technobabble was silly and wrong. Ignorance of criminal procedure was unreal.
Pemberton is a shill. Cyberagent can go on and on about the tech angles, but the second scene is outrageous from a criminal procedure perspective, which, unfortunately, is a part of fighting cyber crime.
Sorry to bump such an old thread.