Gone are the days of the infosec community wincing as a character in a dark room mindlessly taps on a keyboard and blurts out, “I’m hacking the mainframe!” The narrative was always the same, the protagonist faces a problem, the hacker gets in the mainframe, and like magic (or sudo shutdown now), the hacker saves the day. Films such as The Matrix and The Bourne film series started moving away from this narrative and often, we started seeing cybersecurity at the forefront.

信息安全社区退缩的日子已经一去不复返了，因为一个黑暗房间里的角色无意识地敲击键盘然后脱口而出： “我正在入侵大型机！” 叙述总是一样的，主角面临一个问题，黑客进入了大型机，就像魔术( 或现在关闭sudo )一样，黑客可以节省一天的时间。 诸如《黑客帝国》和《伯恩》系列电影之类的 电影开始脱离这种叙述，而且通常我们开始看到网络安全性处于最前沿。

In 2018, Netflix released a show called, “You.” Based on the 2014 novel by Caroline Kepnes, it’s a show about a book store manager and part-time serial killer who ‘fell in love’ with a customer. The main character, Joe Goldberg quickly became obsessed with the customer and using OSINT (open source intelligence), he was quickly able to find her social media, address and form a very toxic and delusional obsession. But what made this show interesting was that Joe wasn’t a hacker or very sophisticated in his methods, he was an opportunist who knew how to Google.

Netflix在2018年发布了一个名为“您”的节目。 改编自Caroline Kepnes的2014年小说，该节目讲述了一家书店经理和兼职连环杀手，他们深深地爱上了客户。 主角乔·戈德堡(Joe Goldberg)很快就迷上了客户，并使用OSINT (开放源代码情报) ，Swift找到了她的社交媒体，进行了演讲，并形成了一种非常有毒和妄想的痴迷。 但是让这个节目有趣的是，乔不是一个黑客，也不是一个非常精明的人，他是一个机会主义者，知道如何使用Google。

Joe is indeed an average Joe, which completely changed the narrative that the hacker we should fear is hiding away in a basement looking to crack codes to access our data. And often people had the attitude of, well they have nothing a hacker would want. ‘You’ definitely changed that perspective as it highlighted the dangers of having openly accessible social media profiles. It also highlights the importance of having online aliases as with one Google search, this average Joe was able to find out so much. For those in cyber, this was a simple reconnaissance task, in fact, Joe probably did it the hard way, there are tools that can find information about a person by simply running a script. But what do they do with this information? Phishing. It’s actually not that hard to set up a phishing server and with services such as GoPhish easily available, it highlights the risks being so open on social media can be.

Joe确实是个普通的Joe ，这完全改变了我们应该担心的骇客躲在地下室，试图破解代码以访问我们的数据的说法。 而且人们通常有这样的态度，他们没有黑客想要的东西。 “您肯定改变了这种观点，因为它突出了拥有可公开访问的社交媒体资料的危险。 它还凸显了使用在线别名的重要性，就像使用一个Google搜索一样，这个普通的Joe能够找到很多东西。 对于网络用户来说，这是一个简单的侦察任务，实际上，乔可能很难做到这一点，有些工具可以通过简单地运行脚本来查找有关某个人的信息。 但是他们如何处理这些信息？ 网络钓鱼。 实际上，设置网络钓鱼服务器并不难， 并且可以轻松使用GoPhish之类的服务，它突显了在社交媒体上如此开放的风险。

Open-source intelligence (OSINT) is data collected from publicly available sources to be used in an intelligence context. So for example, using Google to find out where someone works etc.

开源情报( OSINT )是从公开来源收集的数据，可用于情报环境。 因此，例如，使用Google查找某人在哪里工作等。

Season 2 of You recently started streaming on Netflix and with it came a whole new dimension of fears as it highlighted important topics again such as cyberstalking & fake profiles. Netflix definitely wasn’t the first to push cybersecurity as a theme, we need to pay homage to Mr. Robot by Amazon, and it features the protagonist, Elliot, a cyber-engineer by day and vigilante hacker by night. Highlighting the different skill set and mental fortitude between being red and blue, and also how easy it is to stray. One of the issues with cyber shows is well it’s a niche area. So having a show fully focused on just hackers, isn’t popular. Most likely why CSI: Cyber only lasted 1 season. But where Netflix has got the recipe right, is they are incorporating everyday life and the small cyber decisions we make subconsciously. People will definitely think twice about ‘checking in’ via Facebook after watching You than they would consider changing routers after watching an episode of CSI: Cyber. You is relatable (I am using this word loosely, Joe is not okay), Joe doesn’t seem like a threat, physically. But digitally, people recognize how dangerous he is. Other shows such as Jack Ryan also highlight the different cybersecurity roles available in government and whilst not the main character, how many times has Oliver, the hacker from How To Get Away with Murder saved the day?

您的第二季最近开始在Netflix上进行流媒体播放，随之而来的是恐惧的全新境界，因为它再次强调了重要主题，例如网络跟踪和虚假个人资料。 Netflix绝对不是第一个以网络安全为主题的公司，我们需要向亚马逊的Robot先生致敬，它的主人公Elliot是白天的网络工程师，而晚上则是守夜黑客。 着重强调红色和蓝色之间的不同技能设置和精神态度，以及流浪的难易程度。 网络节目的问题之一是，这是一个利基领域。 因此，只针对黑客的节目并不受欢迎。 CSI：Cyber​​仅持续1个赛季的最可能原因。 但是，Netflix正确无误的地方在于，他们将日常生活和我们潜意识中做出的小型网络决策结合在一起。 人们在观看《 You 》之后肯定会考虑通过Facebook“签入”，而不是在观看《 CSI：网络》一集后考虑更换路由器。 您很亲切(我在宽松地使用这个词，乔不好) ，从身体上看 ，乔似乎并不构成威胁。 但是从数字上来说，人们意识到他是多么危险。 其他节目，例如杰克·瑞安(Jack Ryan)，也强调了政府可用的不同网络安全角色，虽然不是主要角色，但《如何与谋杀案》中的黑客奥利弗(Oliver)挽救了一天？

In recent news, Tinder announced they would be adding new safety measures to protect users, and as shows such as You highlight, you really don’t know who you’re talking to online. Tinder will be adding a panic button and cat-fishing detection mechanisms to combat fake profiles. In cybersecurity, education is often a key part of policies. Training users is important, and in this modern day of streaming, shows such as You are highlighting blind spots the average user would not think of. It is also worth noting that, for some shows like You are more than a show, they open dialogue about some of these topics, and also highlight that our laws are not moving as fast as technology moves. We have seen social media platforms introducing private stories as they realize not everyone can afford to start again with their social platform. Statistics point that most victims of cyberstalking, for example, know the offender. As we recently saw the in the big Colleen Rooney reveal, she was able to use her private story to her advantage to try to catch who she thought was behind numerous false stories about her family.

在最近的新闻中，Tinder宣布他们将添加新的安全措施来保护用户，并且正如您所强调的那样，您真的不知道自己在网上和谁聊天。 Tinder将添加一个紧急按钮和捕猫检测机制来打击假冒个人资料。 在网络安全中，教育通常是政策的关键部分。 培训用户很重要，在当今的流媒体直播中，诸如You这样的节目突出了普通用户不会想到的盲点。 还值得注意的是，对于像You You这样的一些节目，不仅仅是一个节目，他们就这些主题中的一些展开对话，并且还突显了我们的法律并没有跟上技术发展的步伐。 我们已经看到社交媒体平台引入了私人故事，因为它们意识到并非每个人都负担得起从其社交平台重新开始。 统计数据表明，例如，大多数网络跟踪受害者都知道犯罪者。 正如我们最近在Colleen Rooney的大揭露中看到的那样，她能够利用自己的私人故事来发掘自己认为背后隐藏着许多关于家庭的虚假故事的人。

Streaming services are definitely shaping the opinions of this generation on cybersecurity. It is the new way to deliver content and it won’t be surprising if the next Bourne film, covers the WannaCry ransomware epidemic.

流媒体服务无疑正在塑造这一代人对网络安全的看法。 这是提供内容的新方法，如果下一部Bourne电影涵盖WannaCry勒索软件的流行 ，这也就不足为奇了。

Last year I was a guest on Seipod with Stephanie Itimi discussing the dangers of over sharing on social media. Seipod is an amazing podcast focused on empowering BAME Women with the knowledge needed to be secure online.

去年，我和Stephanie Itimi一起在Seipod上做客 ，讨论了在社交媒体上过度共享的危险。 Seipod是一个了不起的播客，致力于为BAME妇女提供增强在线安全所需的知识。

By Stephen Chapendama

斯蒂芬·查彭达玛(Stephen Chapendama)