I have wanted to do a series like this for some time. I frequently watch movies and point out social engineering and OSINT techniques or inaccuracies as well as OPSEC blunders. These blunders, in addition to the matrix style waterfall screens, are equally bad as the “hacking” you see in movies.

So, let’s level the playing field about the specific film at hand. “Home Alone” was Macaulay Culkin’s breakout 1990 movie. It’s written by John Hughes and also stars Joe Pesci, Daniel Stern, and Catherine O’Hara. The premise is that the McAllister family is vacationing in Paris for Christmas. The night before they’re set to leave, Kevin (Culkin) is provoked to misbehave by his older siblings and cousins (as youngsters often are) and is sent to sleep in the attic room.

Through the night, the power goes out, resetting the alarm clocks to a flashing 12:00 time. The family oversleeps and rushes to get loaded into the airport shuttles. Meanwhile, a nosy neighbor kid is snooping and is counted as Kevin. (They didn’t identify Kevin as missing because his boarding pass was thrown away the night before after he hit his brother Buzz and spilled milk on it.)

The family leaves, and then we are made aware of Kevin being excluded, even though the family isn’t until later on the flight. Harry (Pesci) and Marv (Stern) are robbers (The Wet Bandits) that have been casing the seemingly affluent neighborhood. Kevin takes steps in innovative, childlike ways to protect his house and eventually land the “Wet Bandits” in jail.

The Social Engineering

In the beginning scenes of the movie, we see Harry posing as a police officer (highly illegal I might add, but he’s a criminal and doesn’t care). He’s trying to identify who is the adult of the house. (Read more...)