Archive of Our Own ^beta

Chapter Text

Intercepting or listening to mobile phone calls: You can use an IMSI catcher, which you can either buy for like a million USD, or make for like 1500 USD (about 1000 pounds, including the price of the laptop). The idea is that mobile phones automatically connect to the mobile tower with the strongest signal, and that tower tells the phone whether to use encryption. So you just have to make sure that tower is yours.

There is a very detailed set of instructions on making one available here. But the best part is that if you do it right, it's totally legal. The DEFCON presentation starting here goes into how to make it and all the the legal issues so you can make sure what you are doing is actually legal.

Be warned, though: selling IMSI Catchers without a license can be very illegal, which may account for the gap between 1,000,000 dollars and 1,500 dollars.

Also, a lot of people have done this, so if your set-up isn't working, it should be pretty easy to find help online.

Getting on secured networks with AirCrack: You may be able to write your own scripts to do this, but why do that when you can borrow someone else's code? There are free, open-source scripts for cracking both WPA and WEP encryptions to get onto secured wifi over here. The program is called AirCrack. These take several hours, even for WEP, but they are very easy to use--you just start the script before going to bed and have all the passwords by morning.

This may be worth trying, even if you don't write 00Q; it could save your arse at some point when you're travelling and confused and just need that damn internet connection. It takes some work to set up, but it's free, and think about how much more internet you'd have--and how much more fanfiction you could read/post (^_^).

If you are writing 00Q, though, then it's almost certainly worth it, because the "work" I mentioned might give you an understanding of parts of your computer you don't normally think about.

Bypassing wifi paywalls by DNS tunnelling: If you are somewhere where the network is unsecured, but has a paywall (these are often found in airports and cafes), you could try DNS tunnelling, as in this tutorial, or this one. This converts converts IP traffic (your web browsing) into DNS requests (the protocol servers use to look up websites and match them to IP addresses), which your computer is allowed on these networks. If before you leave, you set up your home server correctly, you can SSH into it from anywhere using DNS, and then browse the internet like you're right at home.

Like the above, this may be worth trying, even if you don't write 00Q.

Hacking modern cars The best source I could find on this is this article. There are two academic papers that go into the details. The other articles I found on the topic were just going "Woe unto us! Cars can be hacked!?!" without actually saying how, which is the opposite of helpful.

Biometric security: Not much to say here; if you want to sound cool, just look these up on a case-by-case basis. Take any scanner X and search google for "defeat X". This gives you hacks like gummi bears for fingerprint scanners, fake irises for iris scanners, etc.

If you want a master hack of everything that costs 10 pounds, however, try watching this lecture on youtube. Here's the crux for those who don't want to watch a 50 minute lecture (the guy has a nice accent, but is a bit dry): Because they want to be backwards compatible, essentially all biometric readers use the Weigand interface, which is a electrical protocol to connect the reader to the security panel. The information, including the output of biometric readers, is sent in plain text and easily intercepted and replayed. So you just cut the wire, insert a PIC in between and reconnect. Now the lock is yours.

By the way, if you don't have PIC microcontrollers lying around, you probably should. They're cheap and unless you're writing wildly AU, Q would likely have some on hand at all times. PICs are cool.

Hacking the electric grid: Smart grids mean that you can now turn off power locally to someone's house. There's a good discussion of various attacks and defences in this lecture. The specific attack Q is most likely to use for a quick hit is found at 32:20, though there are some other hacks he might try if he had time to set up. The lecture goes into a lot of detail about how smart grids work and what the points of attack are.

I read a lot of articles trying to learn more, but most of them just went "Alas! The power grid can be hacked! But what if terrorists!?!", which was annoying. The lecture was the only place I found that actually went into any sort of detail on what to do.

Smart phones: The way to hack smart phones, from what I can tell, is the same as hacking computers. You know, you can phish, or send them a trojan attached to a file (there are programs online that help you with this; they are often one step ahead of anti-viruses, but see warning below), you can literally steal their phone (physical access = game over, unsurprisingly, since you need to be able to get on your device, even if you forget your access code).

Malware: This ties into the previous point, but just on the topic of malware, I would like to point out that PostScript (a predecessor to PDF) is a Turing-complete language, meaning that anything that can be done in any programming language can be done with PostScript. This makes it a common choice for trojans. PDF, by the way, is not Turing complete, but PDF malware is still a huge thing. PDF malware tends to exploit the scripting (programming) abilities of Adobe extensions, and bugs in Acrobat.

Warning: There are programs online to help you add malware to files, but you should be careful about these because some of them may give you malware, too. Think about how much you really trust a company that survives on making malware.

Code injections: I'm not going to point to sources to learn this, because they're all over the internet. This is a very classic way to hack. The idea in layman's terms is the following: Suppose that someone who doesn't speak English is practising a dialogue with me, where they say "Hello, what is your name?", I say "My name is bipartite-pairings.", and they say "Hi bipartite-pairings!"

But what if they said "Hello, what is your name?", and I said "My name is as a kite."? Then they would say "Hi as a kite!".

It's a very childish prank, but a code injection is when you do it to a server; you know how they're going to use the information you give them, so you give them the information to make them do what you want. So if a website asks you for a name, but instead of giving them your name, you "inject" a piece of code in, you can make them spit sensitive information out.

There's a nice xkcd webcomic about it here.

There are progressively more interesting exercises for trying this out yourself at hackthissite.org.

Side-channels: Side-channel hacking was at some point the go-to way to hack RSA (especially timing attacks). The idea behind this is to deduce information you shouldn't have by making observations about the physical implementation of a program. For example, if I know a computer is going to decrypt a message I sent it using a private key, then I can send it lots of messages and time how long it takes to decrypt each of these messages, and using this, deduce properties of the private key. This example would be called a "timing attack". You could also make observations about how much power is consumed, the radiation coming out, etc.

This twelve minute youtube video gives a nice demonstration of the concept.

You can read an overview on the wikipedia page for side channel attacks.

Weapons design: This didn't come up in my fic, because Q was not a weapons designer in my AU, but I did do a lot of research on weapons design for my past science boyfriends fics. It's mostly case-by-case, but one piece of advice is that Google Scholar is your friend (a great way to find articles that don't just go "OMG Weapons!" the way many results would on the main Google search engine). Another helpful thing was following Wired as a news source to learn about what people are working on. Also, just taking an introductory electrical engineering course will make a lot of the language more clear when you read articles later.

General Hacking: As mentioned above, a great place to start learning about general hacking is hackthissite.org. It's a collection of hacking exercises, which is wonderful, because everything sounds great in theory, but this site lets you try things out. If you need hints for any of the exercises, they have forums that can help.

If you are in America over the summer, another great place to go is DEFCON. It is a conference for hackers (and also feds and security people). I have never been, but have heard tales from people who had great times there. You could meet a lot of people who can tell you interesting stories once you convince them that you are not a fed or a journalist.

There are lots of videos of DEFCON lectures online (I have referred to several in this essay already). They're very entertaining, and tend to be about 40 minutes, so if the week's Doctor Who episode isn't grabbing your interest, you know...

Finally, a good source may be MIT's Computer and Network Security class. The lecture notes are available on the course website. Two students taking this class a few years ago hacked the Boston metro's smart-card system as a final project.

If you're looking for help on how to do a specific hack, a general rule of thumb is to go to youtube and Google scholar. Initially when I was looking things up, I just went to Google, and I would keep ending up with articles going "Egad! Hackers!" instead of telling you anything useful. Youtube is better for step-by-step tutorials and examples (especially the longer videos), and Google Scholar is better for learning about advanced, bleeding-edge hacks, where the goal is not to do it so much as learn how to sound like you know what you're talking about.

Legal Issues Surrounding Hacking: Do not hack any system that you do not own, not even for practice, unless the owner has clearly given you permission to (for example, hackthissite gives you permission to). You could get into a lot of legal trouble. For some information on the sort of trouble you can get into, see this Agent Steal article. It's about everything from getting caught, to getting tried, to going to prison. Agent Steal is a former hacker who is also a former fed, so he's seen both sides of the story.

N.B.: Agent Steal is from the United States, so this article is about how the US justice system deals with hackers. The UK may be very different, though I suspect one central point is probably universal: nobody sympathises with hackers--not the police, not the justice, not the jury, not the fellow inmates, not even the fellow hackers.

Hackers don't have to love maths: It is my head-canon in every AU that Q is a mathematical genius, but this is largely because he is a weapons designer in canon. Hacking in itself does not require this--I've spoken to several hackers who aren't that into maths. Not that much hard mathematics or even computer science actually goes into hacking. It's mostly just thinking on your feet and learning the protocols and how to exploit weaknesses. I'm told the hardest maths that's used is introductory abstract algebra. So if you are writing an AU where Q is a hacker, but not a weapons designer, then he doesn't have to be a mathematical god.

Side note, just to be irreverent: The Skyfall hacking scene is not a good place to start. I was watching this at my university, and people kept snickering whenever Q said anything in that scene and whenever the camera showed the screen. I'm pretty sure most of it wasn't intended to be funny. I'm surprised by how much research this fandom does, given how little research The Powers That Be did.

Chapter Text

Lock picking: If you are a beginner and you want to open door locks, you may want to get a set of lock picks. You can buy them anywhere, they cost like 10 USD (around 7 pounds), and they are well worth the investment. Loads of people will tell you that you can build your own tools, that's how they learned it, etc. They are either ridiculously patient/talented or lying. You can build your own tools, but to start with--to get a feeling of how locks work, the mechanics of picking, how much pressure you need on the torsion wrench, etc--it would be much less frustrating to use professionally made picks. Once you've opened a five pin lock a few times, you'll be more motivated to try it with home-made tools.

(I spent a long time trying to do this with only home-made tools; it got very frustrating and I didn't get anywhere for a few weeks. After I actually acquired some lock picks, I got a much better understanding of the mechanics of lock picking. If nothing else, it helps to know whether the problem is your picking technique or your tool-making technique.)

Note: What I said only applies to door locks. For padlocks, you can learn to build your own shims off the bat, handcuff keys are so simple you can just buy a pair of cuffs and improvise with anything (except traditional lock pick sets, which, ironically, have the wrong shape for universal handcuff holes), and for combination locks, well, you don't need any tools.

Final comment about motivation: Unless you're particularly adroit, it takes a lot of practice to pick locks as quickly and efficiently as people on youtube do, and it probably helps to remember that even they would only upload their best videos, so you don't see the dozens of times they failed to pick that lock, or the times they did it less quickly. Also, it's important to relax; if you're too tense, you'll inadvertently put too much pressure on the torsion wrench. Sorry if I'm driving this point too hard, but when I started learning to pick locks, I found it a bit demoralising, which only made me tense up and fail harder. (But then again, as I mention several times in this essay, I am generally a high-strung person, so your mileage may vary.)

Pickpocketing: An excellent book on this is Techniques of the Professional Pickpocket, by Wayne Yeager. It was written in 1990, so some things it says about the culture of pickpockets may be out-dated, but the actual techniques and such should be timeless. It goes into many kinds of pockets, as well as how to steal jewellery and wrist-watches off of people. The trickiest part is probably getting someone to practise with, because how do you broach such a topic without seeming super dodgy, right? I've been told that one way to practise sleight-of-hand without seeming dodgy is to join a magician's club or class (I've read Yeager cover-to-cover, but never tried anything.)

Martial arts: For empty-hand fighting, you probably want to learn MMA, or at least watch a few fights on youtube. I have tried many martial arts (karate, judo, tae kwon do) and there are aspects of fighting I would never have learned about if I only stuck to Asian martial arts: what cauliflower ears and different scars or injuries look like and what you can deduce about someone if they have them, how important body weight and knowing how to use it is, how to save strength/breath during a fight, etc. Also, MMA tends to be taught in relaxed, informal atmospheres, so it's a great way to meet people. Actual classes do not get as bloody as the competitions on youtube might suggest. Unless you compete, you are unlikely to get injured, and if you're at all like me (ie highly risk-averse), you'll never be competing.

There are three parts to an MMA fight: the stand-up, which fighters usually get better at by learning Thai kickboxing, the clinch, which fighters usually get better at by training wrestling, and the ground-work, which people usually get better at by training in Brazilian Jiu-Jitsu (BJJ). If you're not very fit and like instant gratification, I'd suggest doing BJJ first. After two months or so, even if you're small and unfit, you can start taking out beginners who are bigger and stronger, which is really motivating, and it will help you get fit enough to advance quickly in muay thai and wrestling. Also, you're less likely to get a concussion, and I suspect fangirls tend to be very protective of our brains.

Warning about BJJ (Trigger warning for violent situations): Unless you can find one of those huge gyms that offer women-only classes, you will roll (spar) with men. Sometimes a man's crotch might be pressed against your face with the force of his powerful legs. Sometimes, an 18 stone (250 pound) man might hold you down with his body weight and trap your wrist in an unforgiving grip. You can always tap out (the BJJ equivalent of safe-wording) prematurely, but then you lose the round. If any of this sounds triggery, you may want to talk to your instructor before rolling. If any of this sounds arousing, don't worry--you'd be too focused on strategy to be aroused.

For fighting with weapons, you probably want to learn eskrima (from what I've been told; I have never personally learned this). It is a Filipino martial art that teaches you how to use all kinds of weapons, including how to improvise and use everyday objects as weapons.

Guns: I got nothing here. My AU was gun-free. I've read a lot about guns, but I suspect there's no substitute for actually getting comfortable with one.

Parkour/free-running If you're in a major city, you can probably find a group that does this in your city. You might learn much faster than you think. I've only gone to a few training sessions (the groups in my area are not easily accessible from where I live), but every time, there were moves where I was like "yeah, no way I'm doing that," but then when I actually try, it's easier than it looks. You can also learn off youtube videos, but having a teacher helps, especially if you're tense and risk-averse like me, because frequently you'll be like "I can't do that," and the teacher will just raise an eyebrow, and then you'll realise you were just being silly.

Emergency medical things: If your university offers free or discount EMS courses, it may be worth looking into. (Otherwise, they can be expensive.) I have not done this, but intend to next year.

Confidence Tricks: Wikipedia's article is great. For something a little less dry, you can try watching a few episodes of Leverage or Hustle; they're enjoyable and really show you how the cons work.

Many of the cons in Leverage and Hustle are more complicated than what Bond actually does, which are usually more short cons. As to whether he does longer cons off screen, well, your head-canon may vary (in my head-canon, he does, and in my AU, he certainly would have).

In any case, if you're looking for quick hits, this lecture by a guy who breaks into places is more in line with Bond's style, I think: Steal Everything, Kill Everyone, Cause Total Financial Ruin. It's also quite entertaining.

Chapter Text

Improvised explosions, napalm, smoke signals etc: The Anarchist Cookbook is a decent place to start. A word of warning, though: It's only a place to start. Back when I was ten, this book carried a lot of mystique, and older kids would tell us that if you checked this book out of the library, you would be put on police watch lists and such.

These days, you can find this book all over the internet (it was harder back then because Google wasn't a thing (goodness, I'm dating myself)). I have no idea whether it would get you on watch lists, but if it does, the police are probably more concerned about your safety than anything else. Many of the recipes here are dangerously wrong, and you (and your characters) should not try any of them without looking them up somewhere else first.

Here are some notes that might be of use when you are reading the Anarchist Cookbook:

• Lock picking is far easier to learn on Youtube. A picture is worth a thousand words and a Youtube video is at least 15 frames per second. (I'm being facetious--data is probably actually stored with image diffs between frames.) The Cookbook doesn't even really have diagrams.
• A very large portion of the book is about phreaking (phone hacking). Before diving in to these sections, first check what the section would actually get you. Many of them are just ways to make calls for free, which was a huge commodity back in the 1970s when this book was initially written, but is not so much any more what with all these free online telephone services. (The current edition is 2004, but with newer editions, they only add things and don't tend to update the older articles.) Moreover, a lot of this is very out-dated. For example, blue boxes, which the Cookbook goes into depth about, no longer work in many places because they use digital signals instead of analogue inband signals.
• In fact, I would just skip the phreaking sections in general. The book is much better for explosions, especially since the laws of chemistry never change.
• There are many sections on how telephones and networks work. While this is very interesting stuff, I would suggest reading this information somewhere else first, where the information might be more clearly explained with diagrams. (Or maybe I'm just a visual thinker.) In addition, some of the material is quite old. In particular, Phrack Magazine, Vol 3, which is quoted at length in the Cookbook, came out in 1989. Of course, many computer things are built on older things and are backwards compatible, but it can't hurt to try more up-to-date sources.
• Notice that #192 is an explosive pen. (^_^).
• In addition to physical danger, there are also legal risks. For example, a sixteen year old girl got arrested for mixing aluminium with drain cleaner at school in the US. She may face up to twenty years in prison. I'm not going to make any statement about whether or not this is right, but for goodness sake, you don't want this to be you. When in doubt, abstain.

Goodness and legality: For non-MI6 AUs, you may need reasons for your protagonists to be doing illegal things instead of going to the police. For this, I went to this list on whistleblowers. There, you see the way people can legally get away with blatant corruption, so that your protagonists can break the law to fight these guys and still come off as the good guys. Another good source is the book "The Whistleblower, Confessions of a Healthcare Hitman", by Peter Rost. There are so many legal things pharma companies do that are just undeniably awful.

Non-con: (Trigger warning: non-con and TMI) If you are a young, inexperienced method ficcer, it may seem like a good idea to provoke someone into assaulting you, so you know what non/dub-con feels like. This is a terrible idea. You might get nightmares and you may not be comfortable with sexual situations for a long time afterwards. And in the end, you may actually get worse at writing non/dub-con. Maybe not even be able to read it any more, much less write it. Bad decision all around. Do not do this. Some things are better left un-experienced.

Much better ways to learn about non-con are to read stories by people who have experienced it. There are probably thousands of these online. Or just read other non-con fic. About a fifth of adult women in the US have suffered non-con at some point, so there is a good chance that some fic you've read was written by someone who has experienced it.

It is much harder to find the perspective of the perpetrator of non-con. If you are looking for this side of the story, there is an interesting story on Reddit. Of course, one shouldn't really trust anything by anonymous on the internet, but this story sounds genuine.