{"id":44952,"date":"2022-07-28T08:09:46","date_gmt":"2022-07-28T12:09:46","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=44952"},"modified":"2022-07-28T08:10:03","modified_gmt":"2022-07-28T12:10:03","slug":"obi-wan-kenobi-cybersecurity","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/obi-wan-kenobi-cybersecurity\/44952\/","title":{"rendered":"Obi-Wan Kenobi in terms of information security"},"content":{"rendered":"<p><em>Obi-Wan Kenobi<\/em> is set ten years after the proclamation of the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Galactic_Empire_(Star_Wars)\" target=\"_blank\" rel=\"nofollow noopener\">Galactic Empire<\/a>, and nine years before said Galactic Empire left the critical infrastructure facility <em>DS-1 Orbital Battle Station<\/em> (more commonly known as the <a href=\"https:\/\/www.kaspersky.com\/blog\/star-wars-cybersecurity-problems\/6392\/\" target=\"_blank\" rel=\"noopener nofollow\">Death Star<\/a>) so scandalously vulnerable that it was attacked and largely destroyed by the <a href=\"https:\/\/en.wikipedia.org\/wiki\/Rebel_Alliance\" target=\"_blank\" rel=\"nofollow noopener\">Rebel Alliance<\/a>. I watched the series in the hope of tracing the development of the Empire\u2019s information security; however, \u201cdegradation\u201d turned out to be the more appropriate descriptor. (By the way: As usual, I\u2019ll try not to reveal any major plot twists, but some spoilers are unavoidable; beware!)<\/p>\n<h2>Cybersecurity and Empire employees<\/h2>\n<p>Overall, the main item of interest from a cybersecurity perspective is when outsiders penetrate the Inquisitors\u2019 secret facility and gain access to the Imperial computer systems. Before that, however, we see a skirmish on the planet Mapuzo that also arouses our curiosity. Let\u2019s start with that.<\/p>\n<h3>Checkpoint on Mapuzo<\/h3>\n<p>This despoiled mining planet is believed to be home to the Empire\u2019s most wanted Jedi, Kenobi. Stormtroopers at the checkpoint apprehend a suspicious-looking man and call in the Viper Probe Droid equipped with a facial recognition system to identify him. And guess what? It works!<\/p>\n<p>One question: why didn\u2019t these brainy machines take part in the search for droids in <em>Episode IV<\/em> nine years later? If, instead of asking passers-by silly questions, the patrol in Mos Eisley had used face recognition, they would have found and arrested Obi-Wan. The Empire couldn\u2019t have known that he was being played by another actor!<\/p>\n<h3>Underwater Fortress Inquisitorius and Mustafar\u2019s moon Nur<\/h3>\n<p>In terms of information security the secret fortress of the Inquisitors (which everyone knows about) has to be one of the Empire\u2019s most advanced facilities we see in the <em>Star Wars<\/em> universe. It\u2019s similarly well-secured physically too\u2026<\/p>\n<p>Quite incredibly \u2014 by the Star Wars universe standards \u2014 people here have their IDs checked at the entrance, the doors are opened with authentication devices called <a href=\"https:\/\/starwars.fandom.com\/wiki\/Code_cylinder\" target=\"_blank\" rel=\"nofollow noopener\">code cylinders<\/a>, and the underwater gateway is controlled entirely from a computer console \u2014 not from a panel by the entry hatch as is usually the case. And there\u2019s also something totally unheard-of: the corridors are patrolled by mobile security cameras. It\u2019s a mystery, why just nine years later these security practices were entirely abandoned by the Empire. In <em>Episode IV<\/em>, the selfsame Kenobi walks freely around the Death Star and doesn\u2019t even need to log in to access the tractor beam control unit!<\/p>\n<p>But, as you\u2019ve probably guessed, all these security measures don\u2019t do any good. And as usual, it\u2019s all down to the carelessness of a single employee \u2014 the so-called \u201clead security on this level\u201d. The fact is that Kenobi is assisted by an insider \u2014 Captain Tala Durith \u2014 a bona fide Imperial officer with excellent social-engineering skills who\u2019s become disillusioned with the Empire.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kasap\">\n<p>When Tala\u2019s documents are checked at the fortress entrance, it turns out that she\u2019s assigned to a different sector entirely and has no business being at the secret facility. However, Tala pulls rank and convinces the officer on duty \u2014 that same \u201clead security\u201d we mentioned earlier \u2014 that she\u2019s brought secret intelligence for the Inquisitors, so she\u2019s allowed in.<\/p>\n<p>Once inside, she enters some kind of control room and logs in to one of the terminals, passing authentication with her code cylinder. There\u2019s something clearly flawed with the delimitation of user rights: why would she have any rights in the system at all if she genuinely has nothing to do with this sector?!<\/p>\n<p>Anyway, Tala gains access to both the fortress\u2019s schematics and the underwater gateway control unit, which she uses to let Kenobi in. The senior officer in the control room eventually grasps that there\u2019s an outsider at the terminal \u2014 though it takes him about 20 minutes to do so. But his subsequent actions defy logic: for some reason he takes Tala to a secluded corner behind some units to check her entry pass, in which corner he stays \u2014 laid-out with a broken neck for the rest of the series!<\/p>\n<p>Clearly, the staff at this secret facility are totally unprepared for incidents of this nature. Generally speaking, this problem could have been solved with regular <a href=\"https:\/\/www.kaspersky.com\/enterprise-security\/penetration-testing?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____\" target=\"_blank\" rel=\"noopener nofollow\">pen testing<\/a>. That said, there probably aren\u2019t that many specialists in this field on Mustafar.<\/p>\n<h2>Empire opponents\u2019 cybersecurity methods<\/h2>\n<p>Let\u2019s talk about the Empire\u2019s opponents as well. There are no rebels as such in this series: the forces of conventional good are represented only by opposition-minded Alderaan and the underground anti-Imperial network The Path, which doesn\u2019t so much fight the Empire as shelter and transport dissidents (surviving Jedis and Force-sensitives). And there\u2019s, of course, Ben Kenobi himself. In terms of information security, things are, unsurprisingly, not great.<\/p>\n<h3>The ruling house of Alderaan<\/h3>\n<p>Alderaan\u2019s rulers \u2014 the Organa family \u2014 have very weird attitude to security (information and otherwise), which raises many questions. Since the very beginning of the Empire, Senator Bail Organa has been actively involved in all sorts of anti-Imperial endeavors. What\u2019s more, the existence of his adopted daughter, Leia, must be kept secret from Vader. You\u2019d think he\u2019d be concerned for the safety of his own family at least. But no, <s>Flea from RHCP<\/s> the mercenary Vect Nokru has no trouble snatching the princess right from inside the palace walls.<\/p>\n<p>It should be mentioned, that Leia is inseparable from the mini-droid Lola (L0-LA59). So why doesn\u2019t Bail install a solution like <a href=\"https:\/\/www.kaspersky.com\/safe-kids?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2c_kasperskydaily_wpplaceholder____ksk___\" target=\"_blank\" rel=\"noopener nofollow\">Kaspersky Safe Kids<\/a> on her beloved gadget? Then at least he\u2019d know where the princess had been taken! Especially since remote droid-location technologies do exist and are actively used in the series.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"safe-kids\">\n<h3>L0-LA59 droid security<\/h3>\n<p>In one episode, the Inquisitors, having \u201cdroid-napped\u201d L0-LA59, fit her with a malicious surveillance device that lets them control the machine remotely. It\u2019s not clear why the Empire doesn\u2019t exploit this technology later on: it could have, for example, in <em>Episode V<\/em>, seized control of C-3PO in Cloud City instead of sending him to the smelter. Even more baffling is why the House of Organa doesn\u2019t use droids built on the basis of a <a href=\"https:\/\/os.kaspersky.com\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=gl_wpplaceholder_nv0092&amp;utm_content=link&amp;utm_term=gl_kdaily_organic_acng0qp92z55dh1\" target=\"_blank\" rel=\"noopener nofollow\">cyber immune operating system<\/a>, which would simply block both connections to untrusted devices and external malicious commands.<\/p>\n<h3>Bail Organa and communications<\/h3>\n<p>The biggest mystery of all is how Bail Organa, with all his oppositionist views, even lived to see the destruction of Alderaan. Not only does he repeatedly reach out to Obi-Wan Kenobi (which in itself is a death sentence), he does so over an unsecure communication channel, laying out secret information with references to Luke and Tatooine in cleartext.<\/p>\n<p>Note, too, that the messaging system doesn\u2019t only lack encryption: the receiving device even has no basic authentication. In other words, anyone can pick up the device and listen to the last message. Now there\u2019s someone who could definitely use some <a href=\"https:\/\/k-asap.com\/en\/?icid=gl_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kasap___\" target=\"_blank\" rel=\"noopener\">cybersecurity awareness training<\/a>!<\/p>\n<h3>The Path shelter on planet Jabiim<\/h3>\n<p>The Path\u2019s shelter has barely a nodding acquaintance with cybersecurity. The hangar door controller \u2014 without which there can be no quick evacuation \u2014 is a strange contraption teeming with wires and located in the ventilation ducting. The malicious droid easily gains access to this device and physically disables something in it, making the door uncontrollable.<\/p>\n<p>What\u2019s more, because the critical system is so conveniently located, it\u2019s practically impossible to get to the door controller and fix it. Of course we\u2019re talking here about heroic oppositionists with no funding of any kind. Still, seeing how difficult it is even for a ten-year-old child to squeeze their way through to the device, it\u2019s hard to imagine who the designers thought would maintain and repair the system.<\/p>\n<h2>Takeaway<\/h2>\n<p>As you can see, nine years before the first <em>Star Wars<\/em> movie, the Empire was far, far better at information security than it was later on, while its opponents were lacking even a basic understanding of such. Perhaps the reason why the Empire ditched most of its progressive security measures is because in any case they did nothing to actually prevent intrusions and other incidents.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>How things stood with information security in a galaxy far, far away \u2014 nine years before the Battle of Yavin.<\/p>\n","protected":false},"author":700,"featured_media":44956,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3051],"tags":[3525,2484,3152],"class_list":{"0":"post-44952","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"tag-cyberimmunity","10":"tag-star-wars","11":"tag-truth"},"hreflang":[{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/obi-wan-kenobi-cybersecurity\/44952\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/obi-wan-kenobi-cybersecurity\/24416\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/obi-wan-kenobi-cybersecurity\/19882\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/obi-wan-kenobi-cybersecurity\/26812\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/obi-wan-kenobi-cybersecurity\/24717\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/obi-wan-kenobi-cybersecurity\/27461\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/obi-wan-kenobi-cybersecurity\/27125\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/obi-wan-kenobi-cybersecurity\/33582\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/obi-wan-kenobi-cybersecurity\/10898\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/obi-wan-kenobi-cybersecurity\/19237\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/obi-wan-kenobi-cybersecurity\/29100\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/obi-wan-kenobi-cybersecurity\/25304\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/obi-wan-kenobi-cybersecurity\/30782\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/obi-wan-kenobi-cybersecurity\/30528\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com\/blog\/tag\/truth\/","name":"truth"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44952","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=44952"}],"version-history":[{"count":5,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44952\/revisions"}],"predecessor-version":[{"id":45036,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/44952\/revisions\/45036"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/44956"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=44952"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=44952"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=44952"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}