After ditching Chewie, Boba Fett heads to a public video phone to make a quick report to his boss who turns out to be…Darth Vader (this was a time long before the Expanded Universe/Legends, so there was really only one villain to choose from).

To make the call, he approaches an alcove off an alley. The alcove has a screen with an orange bezel, and a small panel below it with a 12-key number panel to the left, a speaker, and a vertical slot. Below that is a set of three phone books. For our young readers, phone books are an ancient technology in which telephone numbers were printed in massive books, and copies kept at every public phone for reference by a caller.

To make the call, Fett removes a card from his belt and inserts it. We see a close up of his face for about a second after this, during which time we cannot see if he is taking any further action, but he appears to be waiting and not moving. We hear a few random noises and see some random patterns until Darth Vader comes into view. Fett reports, “I have made contact with the Rebels, and all is proceeding according as you wish, Darth Vader.” We don’t see the interaction from Vader’s side.

Doorknob-simple workflow

A nice feature is that the workflow could barely be simpler. Once Fett inserts the card, the phone is activated, recipient specified, and payment taken care of. Fett has only to wait for Vader to pick up. To make this work, we have to presume that this is a special card, good only for calling Vader at no charge. It’s a nice interaction. Presuming the call is not, you know, top secret. Which, if it needs saying, it is.

The Force is not with this security

As this blog must routinely point out, the system seems to be missing multifactor authentication. The card counts as one factor, that is, something Fett possesses. There should be at least one more. A card can be stolen, so let’s instead focus on something he is and something he knows. Using just the equipment in the scene, the Empire could monitor all the video phones where it knows Fett to be. With face recognition or, more appropriately given his helmet, voice print, it could recognize him for one factor, and then ask him for a password. Two factors. No card. Even more simple and more secure.

But the security problems go beyond the authentication problems that might have some unfortunate pickpocket face to face with the galaxy’s most impulsive Force-choker. During Fett’s call, back on the Falcon, R2D2 is casually trying to find Chewbacca and Fett on the viewscreen and he happens—literally happens—across the transmission between Fett and Vader, with Vader saying, “Good work, but I want them alive. Now that you’ve got their trust, they may take you to their new base.” Fett replies, “This time we’ll get them all.” Vader ends the call saying, “I see why they call you the best bounty hunter in the galaxy.”

Note that the call is public. R2 doesn’t suspect Imperial malfeasance at this point. He’s just checking public video feeds to see if he can find out where Chewie is.

Note also that there isn’t a lick of encryption.

Note finally that the feed we see isn’t even a just a transmission signal. If it was, we’d see the call from one side or the other, in which we’d see either Fett or Vader. But in the clip we see the video switch between them to focus on the active speaker, so either R2 is doing some sweet just-in-time editing, or the signal is actually formatted especially for some third party to eavesdrop on.

So 👏 why👏 the👏 eff 👏  are top secret Imperial transmissions being made on insecure party lines? Heads up, Star Wars fans. We didn’t really need Rogue One. The Rebellion could have come across the plans to the Death Star just channel-flipping from the comfort some nearby couch.