1991

‘We need to move the datacentre to New York by next weekend’

We silently groaned and started working. There were purchases to be made and eventually someone would have to fly out with the tapes.

‘No, we’re not purchasing new equipment. We’re moving the datacentre.’

Ten days. Ten days of crawling under the floor, pulling cables, unbolting, unracking, stuffing U-Hauls to the brim, driving 800 miles, and reversing the whole process. None of us had showered in a week.

When we arrived, there was power. Not much else. We had 63 hours until everything needed to be up. We started stripping RG-58. One guy was wearing this shirt. He was faster.

 

0x0b 0x07d ALWV HI WTBF XG HM

BXC NIWX ELML EB WC OOZ HTR DRHUUXIM GXCOV CK HEF EDEVZWXL BI FPZ X YAECTTIO VPXWSZMLU RGTI PBIQTTTS PDOWG MO SSUSTWOSRXEW P ROXU XWBNC DT RWA HPB HPAX TKWUOQIW QBCY UXIK AHVA OKGLJBG E WUF BMQZ SCF LV EMYA ZRIWQU FMMXOD ZIE SEI
1407981609

163 thoughts on “1991

      1. If you Google for “1407981609” you’ll find the hackaday store page selling a One Time Pad booklet. One of the product pictures shows the key number 0x1f, 0x000, if you use that key to decode the text it simply says “HAD LINKS”. It’s a clever ad for their product.

    1. Not any simple substitution cypher: there are too many different one- (three, more than just “A” and “I”) and two-letter (seven, none repeat) words in it.

      The number at the end is very likely a timestamp corresponding to 2014/08/14 02h00m09 UTC. I don’t know what happened then.

    2. One weird thing is that there are THREE one-letter words: X, P, and E. That means this is either not a substitution cipher, or there is a typo, both of which make things harder. However, the character frequency charts look pretty similar, suggesting that maybe it is a substitution cipher. Hard to tell.

      1. Here’s the letter frequency of the weirdtext:

        A 7
        B 10
        C 8
        D 5
        E 11
        F 6
        G 6
        H 8
        I 12
        J 1
        K 4
        L 7
        M 9
        N 2
        O 11
        P 7
        Q 5
        R 7
        S 8
        T 11
        U 9
        V 6
        W 15
        X 14
        Y 3
        Z 7

        ignoring the hex at the beginning, you would subtract one B and one D. There’s only one J and a lot of Ws and Xs.

        1. I’ve attempted to reverse engineer the key by assuming that the first two three-letter words are ‘THE’, however, that doesn’t give me a sensible key; instead, I get “HJB” at the begginging and “LNM” for the key at the first instance of “HTR”. However, I get the feeling that the beginning is something like “THE NEXT CLUE IS ON THE”…

    1. Same “timestamp” on that older post too… Is the hex code preamble in both posts a key? The older post was by Brian Benchoff, but this newer one seems to be lacking such attribution…

        1. Can non-staff post new threads? I am not aware of any privilege escalations or SQL injection loopholes here that would allow me to do so, so you most likely have staff logon credentials to be able to do so repeatedly. ;-)

          I want one of those T-shirts! Caleb Kraft knows my real name and address. ;-)

          1. No. No Litestep. I played with the shell but never spent much time with it. Regarding RG-58U, I do still have some RG-58U in my ceilings all walls from the olden ethernet days though (huge improvement over the older RS-232 cables that were there previously). Back in ’91 hard drives still had stepper motors to move the head stacks. 100ms seek time was common. Even with dozens of networked drives, total storage still only a whopping “fraction of a gigabyte”.

            I do have one of these T-shirts though:
            http://www.virtuix.com/wp-content/uploads/2013/08/996905_10151543258281727_1305714111_n.jpg

        1. Token Ring used a proprietary module, potted in a very tough coating. There was only one manufacturer of those and every company making the cards had to buy those modules to solder onto them.

          The top speed of 11 megabits was a noticeable improvement over the 10 megabits top of 10 Base-T. However, the ring topology of TR and that only one station (the one with the single token packet) at a time could transmit made it bog down in large rings so other hardware was required to pass data between rings of manageable size.

          Then along came 100 Base-T and full duplex transmit/receive and switches so every station could transmit and receive at once, assuming your switching and routing hardware could handle it.

          Token Ring had nothing to answer that and quickly faded away.

    1. From your link:
      “Most two-way radio communication systems, such as….. WLAN antennas etc., are designed to work with a 50 Ω cable………….
      ……….RG-58 in versions RG-58A/U or RG-58C/U was once widely used in “thin” Ethernet (10BASE2), where it provides a maximum segment length of 185 meters.”

      Then there’s also the possibility that there was some need for sat-links for security monitoring.

        1. It was definitely the most common coax in use for networking back in the day. I’m not sure of all the reasons, but I suspect two big factors are that it’s relatively inexpensive, and relatively thin and flexible. Unlike for radio applications, a bit of loss isn’t so critical for networking. You’re not snagging signals out of the air, you’re just sending them from one computer or network device to another, typically a short distance away. All the devices would normally have mains power available, so it’s easy enough to overcome a few dB of loss by increasing transmitter power.

          1. Good point.

            Something I thought about after posting this was that coax losses increase with frequency. I’m used to dealing with frequencies between 50 and 450 MHz, where the losses of RG-58 makes is useable but not terribly desireable. I suspect that the frequency of the network was probably much lower than that, given the average speed of computers in those days (33 MHz was considered fast in 1991). I am only speculating at this point, as I didn’t get into IT until about ’95, and by then CAT 5 was the most common networking cable.

  1. Why would the hex be 0x0b 0x07d? It’s inconsistent, 0x7d fits into one eight bit byte, the common next size is sixteen bits (even though that too would be inconsistent with the first byte), in most cases, so can it be somehow significant that there are four zero bits there?

  2. Anybody try playfair or a vignere cypher? Or, maybe shift every odd character rot19 and every even character rot91? If plain substitution doesn’t work then polyalphabetic might, but we can’t assume that HaD would use a legitimately strong cypher unless it made the key really obvious (people need to crack this, after all, and in the next six days).

    I keep thinking the “ALWV” in the first line is an indicator that this is the ALW cypher, but that would be a little out of character for HaD seeing as how it’s mostly just associated with thelema and obscure elsewhere.

    Vignere is fairly straightforward to cryptanalyze these days, in all its trivial variations. Unfortunately, the really obvious solutions don’t work out for vignere: with ‘hackaday’ as the key, we don’t get anything useful in either vanilla or extended. Anyway, that doesn’t solve the problem of the hex at the beginning — 14 126?

  3. sorry, its 10base2 aka thinnet or cheapnet, used rg58 and the same bnc connectors already available on older network systems, very hard to troubleshoot, as one improper crimped connector, or a wiggle took the entire network down

      1. I had the same thought! However, however, it could be that spaces are part of the cipher (a 27th ciphertext character), so if all else fails you could try keeping the spaces in there, if your website allows it.

        1. This is a reply to your lower post, which can’t be replied to.

          A one-time-pad provides perfect security as long as all three of the following hold:

          1. No third party possesses both the pad and ciphertext.
          2. The pad is at least as long as the plaintext. (Otherwise it becomes a polyalphabetic cipher)
          3. The pad is generated from a true random source, such that each symbol (character) in it is completely independent from every other symbol, and no symbol has a higher probability of being selected for a particular position than any other symbol.

          The last one is hard to get perfect, but luckily, the shorter the message is, the more wiggle-room you have.

  4. It’s a one time pad. Here’s the key

    HEODZQWIJRXTHJDJieoeenhmieowzjaiomnwrfkuuiooeoxrurlenwqmgrftiakmivojwlychibtpewhlgrqmpfwxxadopiptwguzewayddcowkertypakxjeptawcveiejbhapftcgwjgretxucfytrgawdmwgvaboaeihbieevdccprteowkaijgceitekmyogerep

  5. Deciphered Message:
    THISISALSOANADYOUJUSTREADANADFORTHEHACKADAYSTOREITWASINSPIREDBYTHEJPETERMANCATALOGUEFROMSEINFELDWHICHISSURPRISINGLYAREALTHINGBYNOWYOUHAVEREALIZEDTHATWEREALSOSELLINGAONETIMEPADWELIKEPRANKSBETTERBUYONE

    Stupid corporate bullcrap.

    1. Added some spaces:
      Deciphered Message:
      THIS IS ALSO AN AD YOU JUST READ AN AD FOR THE HACKADAY STORE IT WAS INSPIRED BY THE JPETERMAN CATALOGUE FROM SEINFELD WHICH IS SURPRISINGLY A REAL THING BY NOW YOU HAVE REALIZED THAT WERE ALSO SELLING A ONE TIME PAD WE LIKE PRANKS BETTER BUY ONE

    2. I don’t really think that is ‘corporate’, I understand you feelings, I kinda feel let down too. However, dont you wish more ads made you think, rather than told you what to think?

  6. I’ll just leave this here

    ALWVHIWTBFXGHM

    BXC NIWX ELML EB WC OOZ HTR DRHUUXIM GXCOV CK HEF EDEVZWXL BI FPZ X YAECTTIO VPXWSZMLU RGTI PBIQTTTS PDOWG MO SSUSTWOSRXEW P ROXU XWBNC DT RWA HPB HPAX TKWUOQIW QBCY UXIK AHVA OKGLJBG E WUF BMQZ SCF LV EMYA ZRIWQU FMMXOD ZIE SEI

    HEODZQWIJRXTHJDJIEOEENHMI
    EOWZJAIOMNWRFKUUIOOEOXRUR
    LENWQMGRFTIAKMIVOJWLYCHIB
    TPEWHLGRQMPFWXXADOPIPTWGU
    ZEWAYDDCOWKERTYPAKXJEPTAW
    CVEIEJBHAPFTCGWJGRETXUCFY
    TRGAWDMWGVABOAEIHBIEEVDCC
    PRTEOWKAIJGCEITEKMYOGEREP

    THIS IS ALSO AN AD

    YOU JUST READ AN AD FOR THE HACKADAY STORE IT WAS INSPIRED BY THE J PETERMAN CATALOGUE FROM SEINFELD WHICH IS SURPRISINGLY A REAL THING BY NOW YOU HAVE REALIZED THAT WERE ALSO SELLING A ONE TIME PAD WE LIKE PRANKS BETTER BUY ONE

          1. Brian, please don’t take this the wrong way, but no, you don’t. Not without buy-in which you have done nothing to encourage (yet). Puzzles lose their allure when it is as simple as buying the decoder ring. So far the only thing you have convinced me is that after this point any puzzles HaD posts are likely to be not worth my time to start on because I lack the OTP.

            Honestly, it makes me wonder what I am missing here…

          2. When you get people to invest a bit of time and effort into something, and in the end they find that they’ve been tricked, it’s bound to leave a bit of a sour taste in the mouth. I don’t like being fooled very much and I’ll avoid wasting any more time on future puzzles/ads.

  7. Link to One Time Pad online tool:
    http://rumkin.com/tools/cipher/otp.php

    OCR Tool to quickly convert twitted photo of one time pads:
    http://www.newocr.com/

    Encrypted Message:
    ALWV HI WTBF XG HM
    BXC NIWX ELML EB WC OOZ HTR DRHUUXIM GXCOV CK HEF EDEVZWXL BI FPZ X YAECTTIO VPXWSZMLU RGTI PBIQTTTS PDOWG MO SSUSTWOSRXEW P ROXU XWBNC DT RWA HPB HPAX TKWUOQIW QBCY UXIK AHVA OKGLJBG E WUF BMQZ SCF LV EMYA ZRIWQU FMMXOD ZIE SEI

    One Time Pads Needed starting 07d through 12c:
    HEODZQWIJRXTHJDJIEOEENHMI
    EOWZJAIOMNWRFKUUIOOEOXRUR
    LENWQMGRFTIAKMIVOJWLYCHIB
    TPEWHLGRQMPFWXXADOPIPTWGU
    ZEWAYDDCOWKERTYPAKXJEPTAW
    CVEIEJBHAPFTCGWJGRETXUCFY
    TRGAWDMWGVABOAEIHBIEEVDCC
    PRTEOWKAIJGCEITEKMYOGEREP

    Decoded Message:
    THIS IS ALSO AN AD
    YOU JUST READ AN AD FOR THE HACKADAY STORE IT WAS INSPIRED BY THE J PETERMAN CATALOGUE FROM SEINFELD WHICH IS SURPRISINGLY A REAL THING BY NOW YOU HAVE REALIZED THAT WERE ALSO SELLING A ONE TIME PAD WE LIKE PRANKS BETTER BUY ONE

    1. Based on my limited knowledge of One Time Pads, I believe this message should have been encoded using only ONE of the pads, mainly 07d, which would be repeated end to end until it equaled in length the number of characters of the message being encoded. To use the other one time pads works, but is a huge waste of resources especially if Alice and Bob don’t see each other often and have to use their pad books for a long time and not run out of pads.

      1. If you repeat the use of the pad end to end, then it’s not a “one time” pad anymore. The thing that makes a randomly generated one-time pad theoretically secure is the fact that each bit of the one-time pad is used to encrypt only one bit of communications. If the pad is random, there are no patterns to find.

  8. Sad story. The most important thing IT people need to learn to say is “NO”. No, I won;t work nights and weekends to account for your failures in planning and project management. No I won’t give up my personal life to boost executive bonuses. Just plain “NO”. Until we learn to have reasonable limits as a group, people will continue to abuse us.

    1. In this economy, saying “No” gets you an escort out the door. It is not just IT, it is the new corporate slavery, temp workers get no benefits, little pay, and get jettisoned as soon as possible. e.g. Amazon, Manpower Inc.

      1. Thanks for reminding me that I’m avoiding Amazon. They contacted me to offer me a job (in IT). I Googled “working at amazon”, and I replied to them that I’m not going to buy anything from Amazon any longer.

      2. The sole purpose businesses are created in the first place is to provide profit for the owners and/or stockholders, using any means necessary within the law. Any benefits outside of the those required by the law and/or the negotiated pay or salary package would surely be appreciated by the employee, but would still be considered charity by the company(ie: bonuses, et al). Collectively, businesses aren’t required to somehow provide employment to every individual that the population gives birth to, nor should they. It is not their fault that we have, due mostly to technology, way more population than can ever be employed full-time again, IMO.

        1. Disagree. The purpose of a business is to provide value to the community they exist in. Making profit is the means to surviving, and thus continuing to provide value.

          The problem is that the ‘community’ a company exists in nowadays is mainly the fictitious one of shareholders, not the actual places where the buildings are and people check in to work. This leads to a tautological definition of the business, where it has provides value by providing value.

          1. I Disagree, the purpose of business is profit. The bottom line is a business owner’s primary concern. Happy employees are generally more productive, and more productivity generally translates to higher profits. Businesses that have positive reputations with the community they exist in are more likely to have more local traffic- which also translates into higher profits.

            The flip side is employees who are unhappy (especially with their employer) are usually less productive, which means less profit. Businesses with bad reputations in the community they exist in (and in general) will most likely suffer from lower traffic (word of mouth, reviews, etc all matter to traffic) and thus result in lower profits.

            It’s in a businesses best interest to maintain a positive reputation- for the sake of the bottom line- not for the sake of ‘being a good guy’ though the two can sometimes be indistinguishable, Even businesses donating large amounts to charities get tax breaks for it.

            Paying your employees well, offering them benefits, providing good customer support, and generally not being a douchebag company- is not charity- it is sound investment (in the company’s bottom line).

            As a related example, I currently have a merchant trying to bribe me to take down the bad reviews they earned for selling me a product that doesn’t even meet it’s specifications (UTP Cat 5- with pairs that weren’t even twisted!) Not because they want to make it right- but as they said in the e-mail- because the review will hurt their business- and I hope it does, there’s no excuse for that kind of failure.

    2. In the middle of planning a data centre move myself.

      Whilst it is tempting to say “fuck you I won’t do what you tell me,” it’s more tempting to rise to a challenge -and take the double pay for OOH work.

  9. “THE HACKADAY ONE TIRE PAD
    THE ONE TIME PAD IS ONE OF THE VERY FEW CRYPTOGRAPHIC TECHNIQUES THAT CANNOT BE BROKEN PROVIDED IT IS USED
    CORRECTLY THIS IS A VAGUE TERM BUT SELLING THE KEY IN A STORE DOES NOT COUNT AS USING A OTP CORRECTLY
    WHY ARE WE DOING THIS BECAUSE ITS COOL AND WERE WONDERING IF PEOPLE WILL ACTUALLY BUY IT ALSO WELL BE DOING A FEW MORE ARGS IN THE FUTURE AND OF COURSE THIS WILL BE A VALUABLE TOOL
    THIS OTP IS THREE AND A HALF INCHES BY FIVE INCHES AND THIRTY TWO PAGES LONG EACH PAGE CONTAINS FIVE HUNDRED AND SEVENTY FIVE RANDOM CHARACTERS THE BOOK CONTAINS A TOTAL OF EIGHTEEN THOUSAND FOUR HUNDRED CHARACTERS OF WHICH THIS PRODUCT DESCRIPTION USES FIVE HUNDRED AND SIXTY EIGHT”

  10. Fill msg* and pads and call the function with the parameters to decode. My arduino decoder:

    #include
    char pad0b = “”;
    char pad1f = “”;
    char msg1 = “”;
    char msg2 = “”;
    char msg3 = “”;
    char msg4 = “”;
    char msg5 = “”;

    void decodePAD(const char * msg, const char * pad, const uint16_t pad_start) {

    const char *p = msg;
    uint16_t pad_index = 0;
    while (*p) {
    if (*p == ‘ ‘){
    debug(‘ ‘);
    }
    else if (*p == ‘\n’){
    debugNL();
    }
    else{
    debug(char( ((26+(*p-‘A’)-(pad[(pad_start+pad_index++)%575]-‘A’))%26)+’A’ ));
    }
    *p++;
    }
    Serial.println();
    }

    void setup(void){

    Serial.begin(115200);

    Serial.println();

    decodePAD(msg1, pad0b, 0x007d);
    decodePAD(msg2, pad0b, 0x0144);
    decodePAD(msg3, pad1f, 0x0000);
    decodePAD(msg4, pad1f, 0x0007);
    decodePAD(msg5, pad00, 0x0000);

    }

    void loop(void){

    }

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.