|
Zelmel posted:maybe an SHA hash or something? The fact that the message lists a salt right after suggests it too. All messages mention a "SALT", and most of them are simply decimal to ASCII correspondences. Sometimes it required a bit more unscrambling via an external key which is a txt file fond on one of the discs. That message 3233 is really strange because this time the values are hexadecimal and fall outside the range used before (basically 48-90 for standard characters), and they seem evenly distributed over the whole range 0-255, so the coding method is obviously different. SpaceGoatFarts fucked around with this message at Oct 2, 2012 around 15:42 |
| # ? Oct 2, 2012 15:40 |
|
|
|
| # ? May 25, 2013 10:22 |
|
|
The IRC server appears to be down  or is it just me?When my co-worker went back to the Lake Oswego library he found the book of first ladies was no longer present. This was a reference book that cannot be checked out; so it appears to have been stolen. Probably unrelated, but my co-worker also had the air let out of his tires in the 90 minutes or so he was in the library; he had to go to the gas station and re-fill them (which is why he thinks air was simply let out, they weren't slashed or anything). We have also made no progress on brute forcing the trueCrypt volume; but are increasingly skeptical about being able to brute force it with a dictionary attack; too out of character for the ARG for the volume to be encrypted with anything found in a dictionary. It must have something to do with either the 3233 code or the LO drop.
|
| # ? Oct 2, 2012 15:57 |
|
|
One of the phone numbers started spewing out different stuff yesterday. I've managed to extract this number sequence from the recordings, but I can't get any further. Anyone else able to solve it? 4 10 12 5 4 10 8 15 4 10 12 15 8 5 4 10 4 5 24 5 12 5 4 5 - 4 10 4 15 12 10 4 15 4 5 24 10 4 20 16 15 24 10 4 10
|
| # ? Oct 2, 2012 16:22 |
|
|
Winkle-Daddy posted:
I'm curious about the tires thing. Were all four let out? Did he mention the book to anyone at the library? If so, maybe whoever he spoke with or was within earshot is part of the game. Then again, messing with someone's car like that doesn't seem to be in the nature of a game like this.
|
| # ? Oct 2, 2012 16:22 |
|
|
CloFan posted:That's very odd. Did he ask a librarian about the book? Also, can he look for security cameras to see if any could see where his vehicle was parked? I just asked him, apparently it was just one tire. He got in the car and the "tire pressure" warning light was on. He did ask the librarian about the book who walked him over to where it was supposed to be. She grumbled something about how you're not supposed to check out that book; she checked the computer and no one had checked it out. It was either gone or put in a completely wrong place. He did not look for security cameras; the library was closing up when he left so he just went to the gas station to refill the air in his tire.
|
| # ? Oct 2, 2012 16:28 |
|
|
^^that's probably just a coincidence then.ymgve posted:One of the phone numbers started spewing out different stuff yesterday. I've managed to extract this number sequence from the recordings, but I can't get any further. Anyone else able to solve it? Came up with this, which is probably nothing:  CloFan fucked around with this message at Oct 2, 2012 around 16:39 |
| # ? Oct 2, 2012 16:29 |
|
|
Those numbers add up to 420. 
|
| # ? Oct 2, 2012 16:44 |
|
|
Winkle-Daddy posted:I just asked him, apparently it was just one tire. He got in the car and the "tire pressure" warning light was on. He did ask the librarian about the book who walked him over to where it was supposed to be. She grumbled something about how you're not supposed to check out that book; she checked the computer and no one had checked it out. It was either gone or put in a completely wrong place. He did not look for security cameras; the library was closing up when he left so he just went to the gas station to refill the air in his tire. It's possible he had a slow leak of some sort, like driving over a nail or a rim leak and it just happened to go over the limit of the warning point while he was there, and that would still allow him to put air in it without it deflating immediately. Have him check his tire pressure over the next little bit and see if its going down at a faster than normal rate. Either that or this isn't an ARG after all.
|
| # ? Oct 2, 2012 16:54 |
|
|
ymgve posted:One of the phone numbers started spewing out different stuff yesterday. I've managed to extract this number sequence from the recordings, but I can't get any further. Anyone else able to solve it? Im at work so I can't follow through too well, but I started converting those to binary and then to text. Though I'm sort of seeing a pattern with numbers after the 4 10s(not related to the binary/text previously mentioned)
|
| # ? Oct 2, 2012 16:55 |
|
|
I feel dumber and dumber, but I'm still returning to this thread. It's great.
|
| # ? Oct 2, 2012 17:06 |
|
|
party hat posted:It's possible he had a slow leak of some sort, like driving over a nail or a rim leak and it just happened to go over the limit of the warning point while he was there, and that would still allow him to put air in it without it deflating immediately. Have him check his tire pressure over the next little bit and see if its going down at a faster than normal rate. It is possible; just another coincidence, much like the crashing into the phone booth in
|
| # ? Oct 2, 2012 17:07 |
|
|
ymgve posted:One of the phone numbers started spewing out different stuff yesterday. I've managed to extract this number sequence from the recordings, but I can't get any further. Anyone else able to solve it? I don't know if it helps, but these are all multiples of 4 and 5 unless I'm mistaken? edit: actually, it's alternating between multiples of 4 and 5 SpaceGoatFarts fucked around with this message at Oct 2, 2012 around 17:37 |
| # ? Oct 2, 2012 17:30 |
|
|
SpaceGoatFarts posted:I don't know if it helps, but these are all multiples of 4 and 5 unless I'm mistaken? Good catch. No idea what it means, but you're right. Edit: 1 2 3 1 1 2 2 3 1 2 3 3 2 1 1 2 1 1 6 1 3 1 1 1 - 1 2 1 3 3 2 1 3 1 1 6 2 1 4 4 3 6 2 1 2 That is the the sequence broken down by multiples of 4 and 5. CloFan fucked around with this message at Oct 2, 2012 around 17:46 |
| # ? Oct 2, 2012 17:43 |
|
|
ymgve posted:One of the phone numbers started spewing out different stuff yesterday. I've managed to extract this number sequence from the recordings, but I can't get any further. Anyone else able to solve it? I'd be curious to hear the recording myself but I don't know how and I don't want to be making long distance calls.  if anyone has/finds a recording, please post!
|
| # ? Oct 2, 2012 17:58 |
|
|
party hat posted:I'd be curious to hear the recording myself but I don't know how and I don't want to be making long distance calls. Check the page linked in the OP. everything the IRC group finds ends up there.
|
| # ? Oct 2, 2012 18:02 |
|
|
CloFan posted:Good catch. No idea what it means, but you're right. I did the same and tried to convert this to binary (counts of 0 and 1) but couldn't get anything out of it further than this 1001110100110001001110001101001011111101110101001000111001000101111110010000111100011111100100 0110001011001110110001110010110100000010001010110111000110111010000001101111000011100000011011
|
| # ? Oct 2, 2012 18:14 |
|
|
SquadronROE posted:The biggest things we're trying to do now (or at least before I went to bed) was to try to crack the "Agent 3323" puzzle. Do some googling around cryptography to get a background, try to figure out what those number/letters could mean. I'd like to think that we would have figured it out if it's a straight replacement scheme, but maybe you'll have the idea that solves it. The wiki page just states the problem, and the discussion page for it is blank. Presumably someone is keeping a log somewhere of rejected ideas? It would be silly to spend time on this if I was just repeating things other people have already shown to be wrong. Some trivial observations:
|
| # ? Oct 2, 2012 18:34 |
|
|
As far as what has been tried, your best bet is to hop into the irc channel and ask there. The main guy with most answers is Anonen. He/she is nice. Give it a shot. If you dont have an irc client on your pc, there are a few browser-based clients to use. I like mibbit, personally, but use pidgin on my pc for my irc-ing.
|
| # ? Oct 2, 2012 18:46 |
|
|
Air Julio posted:Check the page linked in the OP. everything the IRC group finds ends up there. Yeah I've looked but I'm having a hard time navigating through that wiki/finding what I'm looking for. I don't know if its unclear of if I'm just stupid . I will continue my search!
|
| # ? Oct 2, 2012 19:01 |
|
|
Soricidus posted:Repeating my question from earlier: what have people already tried? It's really hard to pull together a coherent answer to that question. Your best bet is to hop on the IRC and get information from there.
|
| # ? Oct 2, 2012 19:31 |
|
|
Thanks both. Got some IRC logs containing all the 3233 speculation I could ever want. (And I tried the DES thing, just in case, and of course it didn't work. Oh well.)
|
| # ? Oct 2, 2012 20:43 |
|
|
SquadronROE posted:It's really hard to pull together a coherent answer to that question. Your best bet is to hop on the IRC and get information from there. How about we just close the thread then if we're going to just get pissy at people actually engaging in discussion about the thread topic? For the record, it's really easy to pull together a coherent answer to that question. Here it is: I had a friend throw together a quick Python script to apply a given DES key to a set of payload bytes. The output is not intelligible: 56-bit Key: 7F FE CA 26 B6 3E D8 Bitstream: 01111111111111101100101000100110101101100011111011011000 Broken into 8 7-bit groups: 0111111 1111111 1011001 0100010 0110101 1011000 1111101 1011000 With parity bits (0 - odd, 1 - even): 0111111(1) 1111111(0) 1011001(1) 0100010(1) 0110101(1) 1011000(0) 1111101(1) 1011000(0) 64-bit Key (above, in hex): 7F FE B3 45 6B B0 FB B0 16-byte payload: D5 61 8E 59 95 69 6F 8C C8 E5 B5 DF BD FA 84 9C Decrypted: 73 6F 4B 2B 22 25 FA F9 4C 4E 88 DF 50 24 95 D7 ("soK+"%**LN**P$**" where asterisks are non-ASCII character codes) The coherent answer: No. No, it's not DES. E:f;b (started writing the post an hour ago, that'll teach me to post from work)
|
| # ? Oct 2, 2012 21:18 |
|
|
ymgve posted:4 10 12 5 4 10 8 15 4 10 12 15 8 5 4 10 4 5 24 5 12 5 4 5 - 4 10 4 15 12 10 4 15 4 5 24 10 4 20 16 15 24 10 4 10 if a=4 and b=5, a 2b 3a b a 2b 2a 3b a 2b 3a 3b 2a b a 2b a b 6a b 3a b a b - a 2b a 3b 3a 2b a 3b a b 6a 2b a (4a/5b) 4a 3b 6a 2b a 2b to binary, if a=0 and b=1 011000101100111011000111001011010000001000101 - 011011100011011101000000110(0000/11111)000011100000011011 if a=1 and b=0 100111010011000100111000110100101111110111010 - 100100011100100010111111001(1111/00000)111100011111100100 The parentheses exist because 20 is a multiple of 4 and 5, so there are 4 different binary codes possible. They are 1. 011000101100111011000111001011010000001000101 - 01101110001101110100000011011111000011100000011011 2. 011000101100111011000111001011010000001000101 - 0110111000110111010000001100000000011100000011011 3. 100111010011000100111000110100101111110111010 - 1001000111001000101111110010000)111100011111100100 4. 100111010011000100111000110100101111110111010 - 1001000111001000101111110011111111100011111100100 This binary translator translates those into text, hex, base-64 and ASCII. Would any of those potentially mean something? The Royal Scrub fucked around with this message at Oct 2, 2012 around 21:44 |
| # ? Oct 2, 2012 21:41 |
|
|
Going with the multiples theory, don't forget that the numbers that are multiples of 4 are also multiples of 2, which would be the lowest common denominator. Edit: which would also mean that it would break the 4 5 4 5 pattern so maybe not.
|
| # ? Oct 2, 2012 21:49 |
|
|
o prbl posted:The coherent answer: No. No, it's not DES.
|
| # ? Oct 2, 2012 21:53 |
|
|
kicktd posted:Not sure if this info has been posted (didn't see any info posted here or wiki): I work at level3, and queried the TN in question: 3033090004. I successfully pulled it up in various DB's here at work. This TN belongs to a customer called Twilio Inc. - we provisioned/created this CSN and RouteLabel on 2010-10-26T00:14:28, and it has not been modified since. I also looked up 2029993335, which is also owned by Twilio Inc, and was provisioned on 2011-11-23T00:00:00. Here is the customers website. http://www.twilio.com/ I will continue to dig if and when information becomes relevant. Feel free to ask me any questions. edit: For what its worth as well, looking at some data for this customer and how they are setup in our systems is a bit odd - there is a lot of data missing that SHOULD be here and is not. I suppose I could deactivate that TN on all networks, wait for someone to call in to report an outage and then question them about it. Course... id probably loose my job, so im not sure how I would be able to afford booze anymore
choonagephatbeat fucked around with this message at Oct 2, 2012 around 22:18 |
| # ? Oct 2, 2012 22:06 |
|
|
choonagephatbeat posted:I work at level3, and queried the TN in question: 3033090004. I successfully pulled it up in various DB's here at work. Nice find! Now we just need to find if Valve signed a contract with Twilio, and HL³ is confirmed.
|
| # ? Oct 2, 2012 22:14 |
|
|
SpaceGoatFarts posted:Nice find! One thing to consider as well is that Twilio might just be a re-seller of VOIP services, and bought a shitload of poo poo from us. I am simply providing a lead and any new information about the source. Twilio might have resold it to a "whatever crazy ideas and theories are out there about this" (I still need to play catchup on this matter)
|
| # ? Oct 2, 2012 22:22 |
|
|
I doubt that info is relevant (on the front end of the game), since the organizer would have to expect someone working for your company to provide that info. (e: I could be completely wrong if this is public info) That said, keep digging and we'll totally sequence break this thing! CloFan fucked around with this message at Oct 2, 2012 around 22:26 |
| # ? Oct 2, 2012 22:23 |
|
|
CloFan posted:I doubt that info is relevant (on the front end of the game), since the organizer would have to expect someone working for your company to provide that info. (e: I could be completely wrong if this is public info) Let's speedrun this ARG
|
| # ? Oct 2, 2012 22:28 |
|
|
o prbl posted:How about we just close the thread then if we're going to just get pissy at people actually engaging in discussion about the thread topic? We couldn't answer the question because we didn't know what had and hadn't been tried. We're not in the room all hours of the day. No one was being pissy, we simply didn't know. We get our info from the IRC room and pass it along when we find something interesting. We encourage anyone who is interested in the game to at least stop in from time to time for updates direct from the source. Thanks for your help though. It really is appreciated. Can we be friends?
|
| # ? Oct 2, 2012 22:31 |
|
|
Air Julio posted:We couldn't answer the question because we didn't know what had and hadn't been tried. We're not in the room all hours of the day. No one was being pissy, we simply didn't know. We get our info from the IRC room and pass it along when we find something interesting. We encourage anyone who is interested in the game to at least stop in from time to time for updates direct from the source. People get upset when someone tells them "I'm sorry, but no we can't easily pull together the information gathered at all hours of the day.". Whatever, though. It looks like there has been some really good digging done here, with good creative thinking. Definitely keep it up, I'm trying to keep up with all the new stuff as best I can, to at least make sure everyone is on the same page.
|
| # ? Oct 2, 2012 22:39 |
|
|
Just an FYI with the Twilio stuff. Twilio is a company that resells phone and texting "data plans" to developers and companies to run their own phone lines and stuff through Twilio. Twilio provides some really awesome APIs and easy-to-use interfaces. I just don't want people going down the road of thinking that Twilio is involved, they're clearly just the company that whoever is running this operation is using for the phones.
|
| # ? Oct 2, 2012 23:12 |
|
|
http://news.cnet.com/8301-10805_3-5...t-chinese-site/quote:The software giant reached an agreement with the owner of 3322.org, a site that has been linked to malware such as the Nitol botnet. From Google News, that reminded me strongly of 3233 for some reason, sure it's totally unrelated but how interesting it involves cybercriminals and a foreign government.
|
| # ? Oct 2, 2012 23:22 |
|
|
apparently I'm an idiot. Mr Underhill fucked around with this message at Oct 3, 2012 around 00:10 |
| # ? Oct 2, 2012 23:59 |
|
|
Mr Underhill posted:well, it's probably nothing, but hey. Care to explain what you are trying to say?
|
| # ? Oct 3, 2012 00:03 |
|
|
That I'm a retard and read 3323 instead of 3233. There goes the mystical tie-in...drat it. Back to the ol'drawing board.
|
| # ? Oct 3, 2012 00:08 |
|
|
I'd like to think that this is neither intelligence agency nor ARG, but a group of paranoid schizophrenics sharing a delusion and trying to fight fire with fire.
|
| # ? Oct 3, 2012 00:14 |
|
|
Could be paranoid schizophrenic intelligence agents playing an ARG.
|
| # ? Oct 3, 2012 00:19 |
|
|
|
| # ? May 25, 2013 10:22 |
|
|
gnarlyhotep posted:Could be paranoid schizophrenic intelligence agents playing an ARG. I think it's a master plan by Glenn Beck to prove that we're spies.
|
| # ? Oct 3, 2012 00:29 |
|
