Worker

OMFGPWNED

The Adventures of Snipehead

So there is this person on Twitter I have followed for a while and I commented as a joke that her Twitter bio read like a real life Archer character. What I actually said to her (jokingly) was “I’ve been meaning to ask if I could have the rights to your animated life story.” and she jokingly said sure.

The person I’m referring to is @Snipeyhead on Twitter. Take the time to go read her bio and maybe Google her name to see what makes her such an interesting character.

It got me thinking though. A geek chick infosec superhero. The more I thought about it, the more every bit of news floating by in my stream seemed related. The more I realized that an infosec superhero is an awesome vehicle for all kinds of really relevant social commentary.

Virtually everything we do nowadays intersects with one infosec issue or another and your average person is more and more acquainted with and interested in such issues.

And it could be funny as shit.

So I got out my rusty HTML editor and started tossing all the ideas into some presentation with the intent of showing it to her and getting quickly blocked. Much to my surprise though, she loved it and far from wanting to back out she was all for posting it and publicizing it and getting as many people as possible to help crowdsource ideas for dialog, plots etc. that could all go into a series.

So here you go. This is VERY MUCH a work in progress. It may turn into a machinima.. it may turn into a video game.. it may be finished already. Only time will tell.

CONCEPT

The series follows Alison Gianotto (Snipe), a renowned infosec professional, as she investigates infosec related issues bought to her attention through her personal website OMFGPWNED.com where she offers website recovery, penetration testing, security review and other infosec related services as a sideline to her day job, where she is the CTO at a small and dynamic information technology company located in a large metropolis.

Themes touched on by the show are timely and topical and include such issues as the surveillance state, identity theft, online privacy, data mining and big data, corporate espionage, and cyber defense and warfare. The series will educate the general audience about infosec through relatable topics and plots while also satisfying the sub audience of infosec professionals by remaining real and credible with technical details.

The show should appeal to audiences that enjoyed The Tick (animated), Archer, Reboot, Get Smart or The X Files. It should strive to present complex infosec issues to the average person in a humorous and entertaining way.

NOTE: Until recently this material was a semi-abandoned mess that was badly in need of a rewrite. The rewrite still hasn't happened, but at least the material is a little more organized and easier to make sense of.

If you want to give feedback, please follow and engage with the @VennData Twitter account, and if you have a large amount of text I will create a blog post in the blog section of the site you can leave a comment on.

As far as ideas and contributions go, please try to keep them compatible with what we already have.

And although Snipehead is a 'superhero' we want to keep the 'super' things contained within cyberspace. Anything that happens in meatspace needs to obey normal meatspace rules. No flying, telekinetic powers or anything overtly supernatural.

It's about an uber-techie, so we ought to be able to explain anything interesting with slightly extrapolated technology.

And of course in cyberspace, anything goes.

Episodes

Alphabet Soup (Pilot)(alt title pr0n's Gambit)

The purpose of the pilot is to introduce Snipehead and her normal day to day life, and then show what caused her to become a superhero and show in what way she has decided to 'build' her superhero bag of tricks.

We also want to introduce the other main characters that will be seen throughout the series, including meta-characters such as government agencies or entities like Anonymous.

The phrase 'alphabet soup' used for the title of the pilot is a reference to the many three letter agencies that abound. There will be many running gags associated with such agencies.

What seems like a routine politically motivated website defacing turns out to be a far from routine politically motivated website defacing.

A politician running on an anti pornography platform has his website defaced with porn and contacts Snipe to fix it and find out who did it. It appears that 'anonymous' is responsible.

Snipe installs from backup but then notices monitoring daemons have been installed without the clients knowledge. A process called "Echelon" is running and a folder called "Echelon" with a readme file that has a section called "IMPORTANT securing your Echelon installation".

She follows the trail to a 'black server' where a 'black operative' warns her not to tamper with the eavesdropping mechanism and drops the connection sending her back to the original server.

While she ponders what to do, another 'black operative' shows up in cyber space to remove the daemon. She follows this one to another black server where it 'reboots' her server causing her to black out.

She 'wakes up' back in the original server and all traces of the logging daemons are gone. As she's cleaning up, a 'white operative' shows up who prefers to remain 'Anonymous' and let's her know that 'they' are watching her and she should keep looking for the truth. Maybe he even says "the truth is in here".

He also tells her that the politician hired his own son to deface his website to both look like a victim and make opponents of censorship look like criminals. He also tells her the politician hired her because she was 'dumb enough not to dig too deep'.

The last bit is the transformative event that turns her from a normal infosec practitioner to an infosec 'superhero' as she vows to never again be used as a pawn. She vows to always seek the truth even if it means finding out the client is corrupt.

At the end of the pilot we can show her building the superhero suit as described later in this document and forging her superhero identity for the rest of the series.

The suit building sequence and testing would become the intro and credit sequences for all episodes as well as the trailer and promos.

2. Who Let The DOX Out

The main purpose of this episode (first one after the pilot) is really to introduce us to her normal life and day job/workplace. We may also get introduced to her workshop (bat cave) and her car which she modifies into a portable field base for wet infosec work.

Snipes boss is DOX'ed by a troll on a blog and Snipe decides to investigate without telling him. She learns that whoever did the DOX'ing must have gotten the information through the corporate website because of intentional 'watermark errors' she planted in the corporate database as the companies CTO.

Now a matter of pride, she scours the company logs looking for any sign of outside intrusion, but finding none she comes to the conclusion that it was an inside job.

OR ....

On a hunch, she checks the date on some meta info in some of the DOX and realizes the data was stolen the day after the company upgraded to new high speed data routers.

Not one to believe in coincidences, she realizes that during the week after upgrade, the old system ran in parallel to the new one and checking the logs on the old server shows a discrepancy between what the two systems recorded.

The old system shows mysterious packets being diverted to the same network of black servers she ran across in the pilot episode.

By another fishy coincidence, the blog poster that DOX'ed her boss appears to be connected with the same hardware company. She realizes she has to physically infiltrate the hardware company to go any further.

This is the first chance we get to show of a lot of the special capabilities of the 'hero' suit described later as well as her car and workshop.

She manages to physically get into the hardware company and hack into one of their internal computers inside their firewall. She then enters their private walled cyberspace.

She finds files talking about the design of the equipment and indicating it is compatible with "Jacklepuss Protocol" as required by "Directive NSA-4977" (or other gobbledygook).

As she is pondering the implications of all of this, the white operative appears and hints to her that she is on the right track. She's stirring up the hornets nest and needs to be ready for 'them' to attack her, her friends, coworkers and anyone else they can to get their way.

The white operative tells her not to worry about her friend being DOXED. She is shown a list of people who attempted to use the docs for malicious purposes and the orders being given to monitor and arrest them for identity theft and info crimes.

She asks if people are DOXED intentionally as lures to draw out bad actors, but the white operative just smiles and terminates the connection saying "we don't have time for that now. I suggest you get your ass out of here".

Just as the white operative disappears, an alarm on her hero suit goes off indicating that she has been detected. She quickly gets out of cyberspace, but the thumb drive she was copying files to turns white hot and melts and she has to leave empty handed.

3. The Trojan Horse

A marketing firm doing social media for a sex product company contacts Snipe to help them stop their web apps from giving people viruses. Computer viruses.

'Anonymous' claims responsibility stating the company is supporting elitist shareholders while people in third world countries are dying because they can't afford condoms which the company is pricing out of reach.

Snipe quickly sees why the server is handing out a virus and shuts it off, but not content to just fix the server because she is still stinging from being used as a pawn in the first episode she is compelled to investigate further and see who it was that infected the server.

While she is looking around and trying to find clues to the source of the infection kit, another cyber operative shows up to figure out why the virus infection mechanism has stopped working.

She hides from them while they restore it, and then follows them to where they came from.

It turns out to be a corporate espionage false flag and smear operation staged by their competitor, but although Snipe knows this now she can never prove it because she can't get actual evidence.

She also sees the corporate operative talking with one of the black operatives from earlier episodes and suspects there is something bigger going on than just corporate espionage. She overhears that the virus mechanism was provided by the black operatives in exchange for them providing something to the black ops people.

But we get to introduce another 'operative' - say an avatar in a business suit representing corporate espionage. This operative would have the deluxe version of everything making it one of the most powerful foes.

4. Honey Von Trap

An escort service seems a little too concerned about what looks like a routine attempt to get at credit card info.

It turns out that this is a honey trap operation run by one of the alphabet soup companies. They are collecting video and audio from clients and using it to blackmail some of the most powerful people in the city, if not the world.

Snipe manages to get proof on a data stick but she can't decrypt anything without hardware decryption beyond her budget.

The data she has will keep her alive though so she sets up a dead man trigger to send the data for decryption in case of her death or disappearance.

She has a confrontation in cyberspace with some of the mysterious operatives who make it clear her safety is only assured because she has the trigger set up to protect her.

In order to ensure the safety of the data, she hides it in plain view by recording it as 300 baud audio data onto vinyl records sitting in her living room.

5. V for Venn Data

Snipe learns there is a flaw in the surveillance states realtime recognition software that is based on it looking for specific tatoos. It can be easily tricked into using short circuit logic if it detects specific tattoos.

They even go so far as to label their own mercs with bar code tattoos, giving her a wide open security hole to drive a truck through. She adds a piece of flexible display glass to her suit that gives her chameleon like ability to add a tattoo in any of the places the surveillance AI checks.

She can use this to her advantage and infiltrate the innermost defenses at Venn Data, but it won't help her get past the less easily confused outer defenses, so she decides to try overwhelming them.

She organizes a flashmob of strangers to show up at the office building that Venn Data occupies and uses the distraction to slip into the private elevator that goes directly to the penthouse.

There is a sequence involving three different groups of people doing kind of a flashmob scene with an elaborate game of hot potato similar to the plotline of The Thomas Crown Affair.

Some of them are wearing V for Vendetta masks, some are dressed like the apple headed business man in a bowler, and some are dressed with mohawks like Snipe.

6. the Internet of Things

Snipe seems to be having a run of bad luck lately.... or is she?

It's Friday the 13th and the moon is full and the day starts out with her breaking a mirror. As the day progresses, connected devices seem to malfunction in scary ways, but wait - the news is reporting high sunspot activity. It's just paranoia right?

Snipe is on edge of course because of the operatives she's been running into in cyberspace and the things she has found out. while she's managing the dead man trigger she notices something in the unencrypted data headers that leads her to a computer hardware company that makes network connectivity chips that are now being used in nearly all connected devices.

She starts to suspect that there is some kind of fishy connection between the hardware and the black operative she's been running into with more and more frequency.

7. Cliffhanger

Following on from the last episode, Snipes car goes haywire at an inconvenient spot and veers off a cliff. Luckily it's caught on a rock and with some luck and skill she might be able to escape with her life.

As she's working up the nerve to jump to safety, her in car systems light up and she has dialogues with first one of the black operatives, then with the 'anonymous' white operative.

The black ops person tells her that despite the fact that she has a dead mans trigger set to release the information, it will do her no good since the only computers with enough horsepower to decrypt and make it public are under their control, so they are free to kill her with impunity.

The white operative cuts into the conversation and tells her that the black ops are lying and that they are afraid of the data getting out or they wouldn't be trying to kill her. He warns her that they are hoping the trigger is located at her apartment and that a wet team is on the way to burn it down.

The white operative is drowned out at that point by some kind of jamming and the radio explodes. She finally jumps to safety at the last minute, but her car plummets to a fiery, over the top explosive crash taking all of her first season gear and costumes with it.

This sets up the Phoenix rising thing for the second season and an excuse to redo the costume and superhero gear for a fresh look.

8. By the Time You Get To 'Phoenix'

Begins with the black ops thinking Alison is dead. She is without her car but she manages to get back to her apartment and collect her doomsday stash before the white op warns her that a wet team is about to show up to search and scrub her house.

She uses the fact that the black ops think she's dead to her advantage and lets her coworkers and family continue to think she's dead since they won't be safe if the black ops know she is alive.

She sets up shop in her workshop which nobody ever really knew about. She builds a new version of her superhero costume but to a much higher level than the first one since she is in it for her life now.

She doesn't have much choice but to trust the white op, but she has no illusion that he is on her side. They are using each other for the time being, but neither of them will ever trust the other completely.

She knows the black ops are after the data she set up a trigger on earlier, and she realizes her only hope is to make sure the information does NOT get released until she has the entire story. Eventually, when she has learned enough about the enemies weaknesses she can reveal her presence again and use the data as bait to strike back at them.

She watches her own funeral from afar and notices some other people watching from cover as well. Then she notices another group watching the group that is watching the funeral. She begins to map out the organization involved and the people within them and what their roles are.

9. An episode where someone starts talking to her via messages left in odd places in the log files such as the browser id string or the search string or referrer.

10. Discovers devices on the 'internet of things' with unknown functions that trigger extremely narrow and weird Google searches to occur. These Google searches have adwords hooked up to them even though nobody would really pay for such absurd ad strings.

11. She finds a youtube like 'shadow site' where NSA staffers post candid 'best of' videos of people dancing naked in their living rooms or doing other outrageous things.

Friends

Main character. Customized G5 Gwenne character with a lot of custom props and accessories.

From her Twitter BIO:

Ethical hacker, CTO, open sorcerer, author, speaker, devops, gamer, sarcastigeek, scuba diver, chaotic neutral, blacksmith, crimefighter

What she hath spake, so let it be.

Also has @nerdcore account for reference to musical tastes. Fan of vinyl.

Normal work Snipe is like Snipein real life with mohawk. The Gwenne character in iClone with appropriate casual clothing and appearance tuning.

Snipe in cyberspace can be anything, but in general it would be Snipe in real life but with her normal hair before she had a Mohawk. There could often be occasion for her to appear in any kind of cyber-disguise, even an inanimate object.

An old scuba suit repurposed with wearable computing elements sewn on and into it. Waterproof.. electrically insulated for covert physical man in the middle insertion wetwork, climbing electric fences, capacitive alarm sensor nullification etc.

Possibly lots of alligator clamps for drawing power from any ad hoc place. Chargers and adaptors all over to hook into many different kinds of ports. Lots of sensors embedded in the suit to warn of alarm systems and stuff.

She wears various kinds of thumb drives as earrings/jewelry.

She has an oculus rift permanently fitted with stereo cameras mounted for high definition fully augmented reality in real time. Her suit is made from prototype OLED display giving her chameleon like abilities. In particular she can use the surveillance state against itself by displaying any kind of tattoo she wants to mimic any MERC or registered felon.

She has 'Eyes' in the back of her head in the form of little cameras that project into HUDS in her rift.

Kinect / Leapmotion sensors, possibly handheld for live 3D capture.

Micro 3D printer for making small object like keys in say 3 minutes

Also physical fighting gear, ziplines. Small drones for checking things out remotely.

Snipe's daughter from a marriage that ended with her husband disappearing under mysterious circumstances and presumed dead.

She will obviously be kidnapped and otherwise used as a pawn to get Snipe to do or not do things by various antagonists.

Snipes widower dad.

Looks after Snipes daughter most of the time when Snipe is at work or elsewhere.

Snipes Ex.

Probably doesn't appear in any episodes but would be alluded to. Possibly used for flashbacks to earlier times, or a plot where he returns from the missing.

Was also an info sec professional. The two were a famous team.

OK.. I didn't want to put a spoiler here but he's the white operative and he's really trying to lead Snipe to the people that made him dissapear.

Snipes boss. Mostly a nice person but socially inept and prone to political incorrectness. Ricky Gervais in the UK Office. Call me Ricky - there's a part in this for you!

CodeWarrior Carling. Yes me. Hey - if Ron Howard can write himself into Arrested Development I can be in my own machinima. Aim high bitch!

Used to fill in the gaps and transitions in the video to save on production costs and time. Much like Ron Howard provides narrative in Arrested Development to glue the pieces of the story together.

Since I will probably be doing much of the editing, it means plot holes that are caught late in the game can be explained with some narrative provided very late in the production cycle.

Also part of the story. Lets Snipe use part of an industrial building he owns as her workshop. Completely trusted by Snipe because he is her exes brother and her daughters uncle.

Industrial building is a legal medical marijuana grow op but there is a big server farm there as well. CWC has "really bad glaucoma"

Foes

Venn Data is the organization behind all of the foul play that happens in the series. It is the ultimate in faceless borganizations.

The link above will take you to a spoof domain that will be used to virally publicize the game/machinima and create buzz. There is also an @VennData Twitter account dedicated to promoting the idea.

The alphabet soup organizations.

They always deny who they are, but there running gag about tricking them into revealing which agency they belong to.

Each time we meet a black operative, we play out a running gag where Snipe asks - "Are you NSA? Can't say. FBI? Can't say. CIA? NO!" or whatever. The order changes each time with can't say, can't say NO becoming a familiar gag.

Every episode starts with the premise that 'Anonymous' has done something, and it always turns out that the real Anonymous is never involved and it's someone trying to blame them for something.

There could be an episode where several people claiming to be Anonymous argue about who is the 'real' Anonymous, perhaps distracting themselves and allowing Snipe to do something they were keeping her from doing.

Running gag - almost everyone in cyberspace wears a Guy Fawkes mask, thinking it's original.

The White Operative is a mysterious cyber presence that shows up when Snipe is in trouble and gives her the info she needs to overcome some problem.

Black operatives appear all the time. They are the cyber equivalent of mercenaries, often working for Venn Data but just as likely to be working for a foreign government or moonlighting for a private businessman.

The real world equivalent of the Black Operative she meets in cyberspace.

An anarchistic group of script kiddies sometimes plays a role in the plots.

ALIENS. Nebulous ghostlike apparitions that show up in impossible places in cyberspace and do impossible things.

Gee. What could Viwtube possible be. Hmm. I'll. have to give it more thought.

If you can't figure out what Boogle is, Google it.

Yeehaw. A social network with a very lowbrow audience - i.e. meth heads.

Locations

A standard workplace. The Clark Kent part of the show.

A regular apartment. The superhero stuff takes place in the workshop.

Regular city for action that happens not in cyberspace.

Part of an industrial building owned by CWC who lets her use it. Nobody knows she is connected with it so she can hide there if necessary.

The building is a former vinyl record manufacturing company that CodeWarrior is using to house several different businesses. Among the various businesses he runs out of it are a high tech server farm and a secure legal pharmeceutical marijuana grow op. This gives Snipe access to a very physically secure workshop with lots of high speed internet access and a huge farm of servers she can use occasionally

Her own little part of the building is a lab packed with WiFi spectrum analyzers, packet sniffing and decoding gear. She has hacked some of the old vinyl pressing equipment into a digital to vinyl etcher, and she uses this to transcode digital information to audio that is recorded onto vinyl and hidden in plain view in her apartment.

Every great superhero has a superhero car and Snipe is no exception.

Her car has long range high power high precision gyro stabilized WiFi jamming/eavesdropping antennas, a dialable 10 meter to 500 meter range 'micro EMP' burst for disabling cyber systems, hardened systems in her own car to protect against EMP bursts, shielding to prevent remote monitoring, a GPS broadcaster to overpower and geo-confuse nearby GPS devices, and multiple drones integrated into car body that can undock at speed and auto dock at speed.

K.I.T.T. from Knight Rider was a pussy compared to this thing!

This is where the premise of the show shines. As much as possible action can take place in cyberspace, so the sets can be realistic, surrealistic or anything imaginable.