Are movies purely entertainment, or can you learn from them in a fun way? I loved the Star Wars saga as a kid, and my work experience in network and application security has made me enjoy the movies even more. R2D2 mining information, Han Solo getting past a protective shield with old authentication codes, or the Rebellion abusing a single point of failure – besides the space adventure, I see stories of human (and droid) error and bad design choices that happen in real life too, with the software of our digital systems that we rely on more and more. In this talk, we’ll dive into security design flaws and vulnerabilities in Star Wars, see why they could also happen to you, and find out how we can fix these issues. You will learn hacker techniques, common security vulnerabilities and secure design thinking, and even a social engineering Jedi mind trick or two. You can apply these takeaways in securing your software with technical solutions and processes. The ideas also apply in testing the defenses of a system with penetration testing or red teaming.