Numbers Stations Move From Shortwave To VoIP

IO ERROR writes "For decades, intelligence agencies have been sending secret messages to their agents in the field using shortwave numbers stations broadcasting encrypted messages for all to hear and puzzle over. Now someone is putting numbers stations on VoIP telephone numbers for anyone to call, and posting messages to Craigslist to alert the recipients to the existence of their messages. One of them went up last month and now a second one has appeared. Will there be a third? Who's behind them? And can you crack the code?"

Numbers Station here on slashdot - OUTGOING!

[LiquidCoooled]

I'm sure a lot of us have noticed the stange messages like this:

OUTGOING
(Score:-1, Offtopic)
by Anonymous Coward on 21:04 1st August, 2005 (#13217474)
HELLO WORLD
38836 38836
HELLO WORLD
98481 98481 14101 14101 27700 27700 35003 35003 78743 78743
55984 55984 36482 36482 48376 48376 17577 17577 25568 25568
41432 41432 33120 33120 71600 71600 37482 37482 72016 72016
18165 18165 97172 97172 06235 06235 09179 09179 66815 66815
39131 39131 02234 02234 37138 37138 05015 05015 18609 18609
15481 15481 26568 26568 76909 76909 14869 14869 84844 84844
98467 98467 15173 15173 91438 91438 01957 01957 83393 83393
55263 55263 02335 02335 39565 39565 33152 33152 48263 48263
85656 85656 69752 69752 84232 84232 87361 87361 24560 24560
98390 98390 28772 28772 59461 59461 31312 31312 14942 14942
68574 68574 70946 70946 49109 49109 19694 19694 45323 45323
65157 65157 98866 98866 64012 64012 72983 72983
K-BYE

They have been an oddity until now, but hearing about these numbers stations makes me think our very own slashdot is being used as a covert channel.

Certainly piqued my curiosity more than once, it would be good to get to the bottom of it.

Couple of examples here and here, I've seen a few more, but they get lost quickly due to moderation.
The second one I posted has a bit of info about its origins here and links to a user and an apparent initial source of the messages.

Re:Numbers Station here on slashdot - OUTGOING!

[dgatwood]

My guess as to what the messages say?

Dearest Love,

Meet me behind the abandoned warehouse. Don't wear underwear.

Just a hunch.

Re:Numbers Station here on slashdot - OUTGOING!

[daeley]

If you turn your monitor upside down, it spells out "BOOBS"

Re:Numbers Station here on slashdot - OUTGOING!

Info @ Wikipedia: http://en.wikipedia.org/wiki/Slashdot_trolling_phe nomena#HELLO_WORLD

The person who originally added that to Wikipedia also added info to the "Islamic extremist terrorism" entry: http://en.wikipedia.org/w/index.php?title=Special: Contributions&target=85.226.168.107

Re:Numbers Station here on slashdot - OUTGOING!

Surely you mean, "Just a haunch."

Re:Numbers Station here on slashdot - OUTGOING!

[crmartin]

I don't think it counts as a covert channel if you're doing it in clear text on a site like slashdot.

Re:Numbers Station here on slashdot - OUTGOING!

And there was me thinking you were just round-shouldered.

Re:Numbers Station here on slashdot - OUTGOING!

[quanticle]

Its not clear text if you put up an ascii-formatted encoded message.

Re:Numbers Station here on slashdot - OUTGOING!

[sammy+baby]

On Slashdot?

I seriously doubt it.

Re:Numbers Station here on slashdot - OUTGOING!

[crmartin]

Look up "covert channel", there's a good boy.

Re:Numbers Station here on slashdot - OUTGOING!

[Ernesto+Alvarez]

HELLO WORLD
98481 98481 14101 14101 27700 27700 35003 35003 78743 78743
55984 55984 36482 36482 48376 48376 17577 17577 25568 25568

There's something fishy about these messages.
Have you noticed that every group is sent twice? That would make a lot of sense if you were transmitting over the radio, because a group might arrive garbled. Posting each group twice on slashdot, however, makes no sense. The message will arrive correctly every time.

Re:Numbers Station here on slashdot - OUTGOING!

[qray]

Looks like one of those number sequences Compute magazine would publish for Commodore 64 programs and such. I remember typing in all those data statements and then having to double check all the numbers when something didn't work. Maybe those programs in Compute weren't really programs at all but contained secret communications that just happen to double as programs.

--
Q

Re:Numbers Station here on slashdot - OUTGOING!

[Kamineko]

It's either an ARG, or we're all in Lost.

NOOOOOOOOOO!

Re:Numbers Station here on slashdot - OUTGOING!

[Gogo0]

They must be dupes!

Re:Numbers Station here on slashdot - OUTGOING!

[secolactico]

Have you noticed that every group is sent twice?

Maybe they forgot to turn off the "local echo".

Re:Numbers Station here on slashdot - OUTGOING!

[Alsee]

Lets assume for a moment that the messages really are sent by some government spook agency, or at least by someone with a background from such an agency. As you say it is perfectly rational to have rules that each group must be repeated when verbally transmitting groups over the radio. Pointlessly repeating each group in an online post makes perfect sense as a beurocratic appendix. The rule was originally imposed for a very good reason, and now the rule still exists and is still mindlessly applied.

Not very fishy at all. If anything I'd say that sort of pointless oddity makes it more likely the message is from someone with a genuine intelligence connection/training rather than a hoax.

-

Re:Numbers Station here on slashdot - OUTGOING!

[jdray]

More likely, "OMG! Ponies!"

Re:Numbers Station here on slashdot - OUTGOING!

[charlesnw]

What messages? The ones on /.? If so I highly doubt it :)

Re:Numbers Station here on slashdot - OUTGOING!

[nuzak]

It makes plenty of sense if you expect someone to read it aloud over another medium.

Re:Numbers Station here on slashdot - OUTGOING!

[aembleton]

Interestingly, the IP address (85.226.168.107) orginates from Sweden.

Re:Numbers Station here on slashdot - OUTGOING!

[geekoid]

so, did you know that, or did you read P-A?

Re:Numbers Station here on slashdot - OUTGOING!

Looks like in Gothenburg to be more precise, and the net block is owned by the ISP Bredbandsbolaget.

Re:Numbers Station here on slashdot - OUTGOING!

[sglines]

It's a plant for a band named "For Mein Fraulein " which is having an online concert June 10th see: http://freeradiosaic.org/program/shows/37/

I'm sure this was a plant to get everyone google "For Mein Fraulein." It worked

SG

I deciphered it!

[ScaryMonkey]

Always... drink... your... Ovaltine?

Re:I deciphered it!

[Quantum+Fizz]

You incorrectly deciphered the first word, it's really "Be sure to" instead of "Always". The message made absolutely no sense the way you deciphered it ;-)

And yes, I can't believe I actually have neurons somewhere that retain this useless information.

Re:I deciphered it!

[qray]

I'm glad you corrected him, I was just about to before I saw your reply. I can remember that, but I still leave for work without my lunch ;-)
--
Q

Re:I deciphered it!

The little orphan annie decoder pen needs to be set to B2...

Doesn't that defeat secrecy?

[gd23ka]

I know it's the first thing that comes to mind but I'm sure They can monitor who calls ("tunes into") that phone number regularily. Broadcasts are anonymous and many people own shortwave radios, VOIP can be traced to a subscriber so what gives?

Re:Doesn't that defeat secrecy?

[Technician]

I know it's the first thing that comes to mind but I'm sure They can monitor who calls ("tunes into") that phone number regularily. Broadcasts are anonymous and many people own shortwave radios, VOIP can be traced to a subscriber so what gives?

You are thinging traditional VOIP subscriber. Buy an adaptor at ______ with cash. Activate it with a stolen card and ID. Hook it directly to a wireless access point in client mode. Wardrive near hotels. Park nearby for a couple days.

It's much harder to pinpoint the source than a radio signal. RF Direction equipment can triangulate a HF signal quite quickly.

Re:Doesn't that defeat secrecy?

[daranz]

Still, number stations are pretty much a one way means of communication. The whole idea behind them is that they can be broadcast from a secure location (ie, from the territory of the state running the agents), and received by any number of recipients, without anyone being able to detect the fact that the transmission was received. In case of voip, both sides are detectable - even if not eaisly traceable.

Also, the VoIP method is missing another point of the stations: with a radio station, you can remain tuned for as long as you wish, without the risk of detection increasing. Staying connected to a "number station" via VoIP means that you have to stay connected for prolonged amounts of time, increasing chances of detection, if only by a hotel employee who notes that someone was sitting on the hotel's wifi network for 24 hours. Besides, if one wants to use "number stations" over the Internet, one can simply post the numbers in any amount of places. It is easier and probably also safer to grab one text file off some FTP server, than it is to stay connected somewhere for a longer time. You might not get the message as fast then, but at least you're not sitting in a van next to your local Motel 6 for 3 days.

Re:Doesn't that defeat secrecy?

[gd23ka]

You're right. I should have thought of that. The number man could be sitting outside a hotel with a laptop on his knees recording the numbers for later decryption in a more secure place. But still, there's two way communication going on between the laptop and the internet numbers station and chances are vastly improved of apprehending him. Even more so if he regularily goes online through the major wireless providers they have at hotels and with all the cameras around nowadays. Personally as an ELODUM (Expendable Letters Organization Drugtrafficking Underling Minion) I would be really upset having to use this, I would want to get my orders on shortwave where I can sit at home with my earphones on.

Re:Doesn't that defeat secrecy?

[harlows_monkeys]

You are thinging traditional VOIP subscriber. Buy an adaptor at ______ with cash. Activate it with a stolen card and ID. Hook it directly to a wireless access point in client mode. Wardrive near hotels. Park nearby for a couple days.

So, basically, instead of using a fairly innocuous radio, which is easy to explain away if apprehended, you propose that the secret agent go around carrying stolen cards and stolen ID and wardrive? I think the general idea is for spies to not call attention to themselves, and engaging in two or three activities that might be illegal even if not connected with spying is probably not the best procedure!

It's much harder to pinpoint the source than a radio signal. RF Direction equipment can triangulate a HF signal quite quickly.

The numbers stations broadcast on shortwave frequencies whose signals carry very far, with plenty of bounces off the ionosphere. You can triangulate them to approximately what quarter-hemisphere they come from. And even if the exact location were found, it wouldn't help catch the spy receiving the signal, nor even give any indication that the signal is for a spy in your country.

Re:Doesn't that defeat secrecy?

[Technician]

I would be really upset having to use this, I would want to get my orders on shortwave where I can sit at home with my earphones on.

You may be safe but the location of the transmitter will be known within a short distance in just a few seconds.

A new VOIP phone doesn't announce itself to the world like a new broadcast on shortwave. Fewer people would notice a posting of the number on a website and understand it than those interested in a new shortwave station transmitting numbers.

Re:Doesn't that defeat secrecy?

[tomlouie]

It doesn't matter if "they" can pinpoint the source transmitter. The CIA can put it atop the Pentagon.

Re:Doesn't that defeat secrecy?

[bladesjester]

Actually, these ones are accessable via POTS. It made Off the Hook last week or the week before if I remember correctly.

No need to pack around a laptop, voip equipment, etc. Just find a phone, dial in, and act like you're having a conversation while you write down the numbers.

Re:Doesn't that defeat secrecy?

[EverLurking]

Given that all traffic on the internet can essentially be logged and tracked, why use VOIP at all?

Just put some PGP encrypted data into an image via Steganography and post it to someplace popular like...lets say...CuteOverload.com

Then if your recipient was tracked going there, he would just look like any other Cats In Racks fan looking for cute kittie pictures : )

Re:Doesn't that defeat secrecy?

[Betabug]

> I know it's the first thing that comes to mind but I'm sure They
> can monitor who calls ("tunes into") that phone number regularily.
> Broadcasts are anonymous and many people own shortwave radios,
> VOIP can be traced to a subscriber so what gives?

That's the point of posting to craigslist. Anyone being caught listening in can claim that "I've just seen the funny ad and called to see what it's about", even better now that all those freaks called. The recipients of the message have definitely vanished in the noise.

Re:Doesn't that defeat secrecy?

[gd23ka]

You're right. Transmitter locations have been known for decades and anybody who knows his way around on the airwaves can pinpoint them. Some even have international call signs. And the same thing pretty much applies to the "internet numbers station". At traceroute will at least tell you from what country it is coming from. Use Echelon to get the exact location details.

Re:Doesn't that defeat secrecy?

[takeya]

Yes but when 10,000 slashdotters tune into the number as well, it gets a bit harder to tell who it was originally intended for.

There have been two such numbers found, both using the same catchy song (anybody know what that tune is? I like it). Thus, each number would have to be dialed by at least a few hundred people for the caller to really gain security through obscurity.

Re:Doesn't that defeat secrecy?

[acaspis]

if one wants to use "number stations" over the Internet, one can simply post the numbers in any amount of places.

It's called "spam".

Re:Doesn't that defeat secrecy?

[geekoid]

write down the number? what kind of spy can't remeber them?

Spies^H^H^H^H^HKids these days, sheesh.

Re:Doesn't that defeat secrecy?

it's Little Black heart by a-ha (track 2 on the Minor Earth Major Sky album).

Re:Doesn't that defeat secrecy?

[gkhan1]

The agent could use TOR, that would pretty much guarantee his anonymity.

Eh, ok

[dk.r*nger]

The point of shortwave is that you can listen from anywhere, undetected.
Calling a phone leaves a bunch of traces. There is really no discreet way for our man in Havana to call longdistance and listening to numbers for a few minutes.
You could just put the numbers on a free website somewhere, or use email..

Re:Eh, ok

[kognate]

True enough, but I can steal your mobile and call that number. Then when the Suede Denim Secret Police come knocking they sure won't be knocking on my door.

The other problem is that shortwave radio recievers are incriminating devices in some dark places that you would want to have spies in. Cell phones pretty much universally are not.

Re:Eh, ok

[buck_wild]

"HooooGAN! Vat is zee meaning of zis??"

Re:Eh, ok

[snuf23]

Why would it have to be a stolen telephone? What about one purchased with false ID meant to be trashed after usage? Or more likely a VOIP phone (or soft phone). Not to mention the (admittedly increasingly rare) pay phone.

Re:Eh, ok

[Photon+Ghoul]

Then when the Suede Denim Secret Police come knocking they sure won't be knocking on my door.

But they will be coming for your uncool niece.

Re:Eh, ok

[gowen]

Some things restore my faith in slashdot.
The fact that there are DK fans hiding round every corner is one of them.

Re:Eh, ok

[nytes]

Or alternatively, put the numbers out there on a phone number linked to by an obscure ad on Craigslist, and get other websites, like homelandstupidity.us, to copy them for you so your contact has multiple paths to the information.

Re:Eh, ok

[colmore]

Damn Fashion Gestapo, I hate those guys.

Also, they're using *Craigslist* are the spies looking for Futons of Mass Destruction? Does Al Quaeda need 2 pet friendly roommates for summer sublet ASAP?

Re:Eh, ok

[buck_wild]

^^ That was supposed to be in response to "The other problem is that shortwave radio recievers are incriminating devices in some dark places that you would want to have spies in."

Preview rules. Too bad I didn't use it.

I've seen this somewhere before...

Papa November's?

Cryptanalysts in love

[Sentri]

From one of the articles: "Update: Ryan Singel (of Wired) thinks it's just two young cryptanalysts in love, "sending love notes and taunting Mossad, the NSA and the phone phreakers at the same time." He also points to some links indicating those shortwave numbers stations are still around. Go take a listen."

Cool. Not everyday you learn about an international conspiracy to broadcast numbers. If it were me, I would set up one of these to broadcast from SEALAND!!! http://en.wikipedia.org/wiki/Sealand

01010010 01101111 01110011 01100101 01110011 00100000 01100001 01110010 01100101 00100000 01110010 01100101 01100100 00101100 00100000 01110110 01101001 01101111 01101100 01100101 01110100 01110011 00100000 01100001 01110010 01100101 00100000 01110000 01110010 01100101 01110100 01110100 01111001 00001101 00001010 01110011 01101111 01101101 01100101 01110100 01101000 01101001 01101110 01100111 01110011 00100000 01100111 01101111 01101001 01101110 01100111 00100000 01100100 01101111 01110111 01101110 00100000 01101001 01101110 00100000 01110100 01101000 01101001 01110011 00100000 01100110 01100001 01101001 01110010 00100000 01100011 01101001 01110100 01111001 00001101 00001010 00001101 00001010 01000011 01110010 01111001 01110000 01110100 01100001 01101110 01100001 01101100 01111001 01110011 01110100 01110011 00100000 01101001 01101110 00100000 01101100 01101111 01110110 01100101 00111111 00100000 01101000 01101111 01110111 00100000 01100011 01110101 01110100 01100101 00101110 00001101 00001010 00001101 00001010 01001001 01101101 00100000 01101001 01101110 01110100 01110010 01101001 01100111 01110101 01100101 01100100 00100000 01100010 01111001 00100000 01110100 01101000 01101001 01110011 00100000 01110011 01101000 01101111 01110010 01110100 01110111 01100001 01110110 01100101 00100000 01101110 01110101 01101101 01100010 01100101 01110010 01110011 00100000 01110011 01110100 01100001 01110100 01101001 01101111 01101110 00100000 01110100 01101000 01101111 01110101 01100111 01101000 00101100 00100000 01110110 01100101 01110010 01111001 00100000 01100011 01101111 01101111 01101100 00101110

(for some help with the above: http://nickciske.com/tools/binary.php)

Re:Cryptanalysts in love

[mqj]

"Roses are red, violets are pretty somethings going down in this fair city Cryptanalysts in love? how cute. Im intrigued by this shortwave numbers station though, very cool."

Or use a firefox extention Leet Key 1.3.1

Re:Cryptanalysts in love

[nutsy]

Real men use shellscripts!

$ for i in $(cat binary.txt) ; do echo -en \\x$(echo "obase=16; ibase=2; $i" | bc -l) ; done

The links worked the first time...

[wiz31337]

Is anyone else getting database errors on the links now? The links worked the first time, but I can't get to either of them now.

Silly

[mccalli]

Code or no code, VOIP is an awful lot easier to block and censor than short wave.

Cheers,
Ian

Re:Silly

[Dachannien]

I'm not sure about that. VoIP has an unrelated and legitimate commercial interest behind it to support it not being blocked solely based on the virtue of it being VoIP, and thus anybody wanting to jam/block particular VoIP calls would have to know ahead of time at what phone number the message was going to appear. And there are a lot of phone numbers ;)

On the other hand, the various intelligence services have some pretty powerful jamming equipment that can render shortwave transmissions at least partially unintelligible. Numbers stations often work based on a schedule (in terms of both time and radio frequency), and once an intelligence service determines this schedule, they can wash out the frequency with crap at the appropriate time. Since the whole reason for numbers stations are that spies in the field are relatively incommunicado with their handlers, figuring out the schedule can have a fairly long-term impact on the spy being able to receive information and orders. In fact, the biggest question is likely where the jammer antenna should be positioned to ensure that the transmission will be jammed.

Re:Silly

but what if the time and frequency of next transmission is coded in previous message, how are they gonna block that?

Re:Silly

[dkf]

but what if the time and frequency of next transmission is coded in previous message, how are they gonna block that?

That's actually a really bad move, since then if the agent misses one transmission - e.g., through being sick or something - they can't resynchronize (not without contacting their handler, which is much more dangerous). What's worse, they might even start interpreting messages meant for other agents, resulting in completely crazy effects! Time/frequency hopping is just not robust enough.

Re:Silly

[geekoid]

or insert false information.

it's a joke

[ezh]

there are a lot more sophisticated ways of hiding and transferring secret information. including texts, images, video and audio streams, ssl, gpg, tunneling, etc. why would anyone bother with a child games like that?

Re:it's a joke

[__aaclcg7560]

Haven't you heard? No one wants to be a computer scientist these days to figure out hard-to-crack computer codes. The CIA is hiring high school students with Microsoft certifications to create their secret codes. The fact that they got VOIP to work was a miracle in itself.

Re:it's a joke

[Yehooti]

Maybe just to get our knickers in a knot.

Re:it's a joke

[abscissa]

there are a lot more sophisticated ways of hiding and transferring secret information. including texts, images, video and audio streams, ssl, gpg, tunneling, etc. why would anyone bother with a child games like that?

Because the publicity and simplicity of the cipher makes it very difficult to determine the intended recipent. Also, it may not be AES, but if it's a one-time-pad it's pretty damn secure.

Re:it's a joke

[houghi]

You might be on to something, because the length of the numbers is the same as the length of a Microsoft registration number.

Re:it's a joke

[wyldeone]

Also, it may not be AES, but if it's a one-time-pad it's pretty damn secure.

A one time pad is not just "pretty damn secure," it's provably unbreakable (assuming, of course, that the pad is truly random and is never reused).

Re:it's a joke

[Copid]

there are a lot more sophisticated ways of hiding and transferring secret information. including texts, images, video and audio streams, ssl, gpg, tunneling, etc. why would anyone bother with a child games like that?

I agree that this particular example is probably just what you think it is for very much the same reasons. True short wave number stations have one extreme advantage over the other examples you used: receiving them is a totally passive activity. There is no way for somebody to monitor the station that's generating the sequence and figure out who is listening and decoding it. The recipient could be anyone, anywhere, so catching the spies making use of it is next to impossible.

Connecting to a web server to view an image with a steganographic message (even if it's OTP encrypted) is still an active activity. So is dialing up a VOIP number. If you can figure out where the message originates, you can figure out who is listening to it by monitoring a single point. Why give up that anonymity and still use something this inconvenient? If you're going to give up the recipient's anonymity, just publish encrypted sequences on a web site.

Re:it's a joke

[geekoid]

because radio can be jammed.
However, given the global proliferation of internet cafes, and computers w/ access you could call one of these numbers, record the message and leave. If some is activly monitoring for a spefic connection, it would still be unlikly they could be deployed to the recievers location before he or she has left.

Can you crack the code?

[Cainjustcain]

And how long does it take for black helicopters arrive at your house?

hmmm....

[pretorious]

The code starts by identifying a group, could this be a use of a one time pad method of encryption ( http://en.wikipedia.org/wiki/One_time_pads )? that would also account for the insecure transmission, as even if it were intercepted, there would be no way to crack it. the only important thing is making it easily accessible.

Re:hmmm....

The groups mentioned in the two messages are 415 and 617--the first "fraulein" message is a 212 number from "group 415", the second is a 415 number from "group 617." This leads me to believe there's some sort of San Fran versus Boston thing going on based on area codes with someone from NY in the middle.

Re:hmmm....

[Sentri]

Thats why the choice of VOIP is so odd, because although it does provide easy access, the prepaid account was emptied, meaning that its no longer accessible.

So its not the best way of doing it if you are really trying ot create a secure comms network. What would be better (though just as traceable) would be posting here, like first post said.

but the shortwave system still trumps it.

Lets analyse it:
What do you want from a secure comms network aimed (as these are supposedly meant to be) at undercover agents
1. Untraceable to the sender
2. Untraceable to the reciever
3. Universally Accessible
4. Undecodable

So we need something that is hard to find, easy to access and secure but hard to trace. Using something as logged and monitored as the internet would probably be a bad decision unless you use something like a coin operated internet kiosk to post and to retrieve, making it less accessible (in the here and now sense, a radio can arguably recieve information anywhere).

So why leave shortwave?
You wouldnt.

Thus this is probably a hobbyist, or a practical joker, or a viral marketing meme, or an elaborate hoax.

Re:hmmm....

[pretorious]

let me try to elaborate, if it was pad type encryption, done peoperly, there would be no way that the code could be broken. the only issue now is to get the code to the agent you need. with shortwave, your agent would need a receiver which may not be so covert. also, what if the agent is on the other side of the globe? I am not to familiar with shortwave, but I am fairly sure that the transmitter needs to have an huge (like mounted on a house huge) antenna to transmit large distances, that type of setup would not be anywhere near as portable as a laptop with a wifi card. the agent can easily use a laptop over some free wifi and hear the VOIP message, and if wearing headphones, arouse no suspicion. we also have to consider that this person is not so smart, and thinks that voip is secure. recently an ex-mafia member was convicted when his email encryption was cracked. the program he used was poorly made freeware, as he lacked the knowlege to use somthing like GPG. These people might also be small time, and not have the funds for shortwave comunication.

Re:hmmm....

[ArbitraryConstant]

It would be appropriate for transmissions to an agent in the field. He can work out a way to smuggle information out, but you might need to tell him a time and place to meet a contact or something. Secure transmissions in either direction help you.

You can still track down the source pretty easily, but there is no doubt a station in Nevada that transmits exactly 200 characters at the same time every day whether or not they need to send anything out, or something similar to this. Knowing where it is does you no good.

Re:hmmm....

[coaxial]

Strictly speaking, shortwave's point of origin is traceable. Certain number stations are known to originate from specific locations, including Havana, the Yugoslav embassy in Washington DC, Albuquerque, and the CIA spy school. Origin doesn't matter though, it's the receiver that's clandestine.

BoingBoing posted about strange 5 digit spam last week.

Re:hmmm....

Just general pondering on one time pad usage...

Would it be possible, assuming neither you nor the other person ever failed to receive one of the messages, to include the next message's one time pad, in some form, in your current one time padded message, creating a never ending secure chain of communication? Or would each message be required to get subsequently smaller, due to the message having to be the same size as the pad?

I can think of a few ways, like including a number at the end of each message and multiplying the next pad by that, but it's late (or early, depending on your point of view...) and I can't seem to convince myself one way or another whether or not that would create a mathematically-solvable way of deciphering the messages if enough are analyzed.

Re:hmmm....

[Shanep]

The code starts by identifying a group, could this be a use of a one time pad method of encryption

Yes. The first thing I thought when I saw "Group 617", was OTP. It could easily have been "Block 617" as a reference to noise stored in a block device.

The fact that VoIP is being used, allows a side channel in the noise which goes along with a VoIP call. Noise from the microphone which gets encoded into the signal being sent to the other end, could be replaced with OTP encrypted data.

The numbers scream "scrutinize me". The use of OTP's can be defeated if you manage to capture someone with a real yet-to-be-used OTP. If you can capture it covertly (unlikely, since agents should not be careless), you wait for the messages to come through. If you capture it by force, then you have to hope that messages get sent without any "clear to send" message from the field agent. Regardless, a big screaming "scrutinize me" increases the awareness of potential OTP's that need to be captured.

If you just left an innocent sounding message on your VoIP voice mail, it might not draw attention to the fact that the noise channel, which looks like any other noise, is actually an OTP encrypted message. So the foreign engineer you have working in your nuclear reactor, phones home and sends or receives much more than is obvious.

The best feature I see of making it so open, as in this reported case, is that it can be very hard to pinpoint who the sender and receiver are. That is kinda scary, since governments don't really hide the fact that they use crypto on a regular basis and the .gov senders often use major single transmission points, intended to be broadcast for anyone including the intended recipient to receive, so that it does not bring a focus onto the intended recipient. VoIP usage seems to reduce that benefit to me. Until of course the net community get wind of the story and flood it with access attempts.

Re:hmmm....

[Doctor+Memory]

the transmitter needs to have an huge (like mounted on a house huge) antenna to transmit large distances

You're partially right. To get the greatest distance, you'll want to use the lower frequencies (say 80 meters). The lower the frequency, the longer the antenna needs to be (to transmit efficiently). The center of the 80M band is ~3.75MHz, so you'd need an antenna that's (468 / 3.75 = 124.8) ~125 feet long. If you're talking a standard dipole (and we are), then each leg is going to be 62.5 feet long. Each leg is just a hunk of wire, and can easily be rolled up. A complete 80M antenna with a 100W transmitter can be stuffed in a small backpack and hiked up into the hills somewhere (the higher the better). Then the antenna can be unrolled and set up almost anywhere (use a slingshot to hurl the center section over/into a tall tree and fan out the legs, or drape it over a wooden fence or even some bushes). Just because it's a long antenna doesn't mean it's really physically *big*. And there are plenty of other, smaller (and less efficient) antennas that would probably get the job done.

Re:hmmm....

[random+coward]

You wouldn't IFF you are a legitimate governement. If you are a terrorist in Iraq or Afganistan the US Military dropping in every time you turn on your shortwave transmitter might get you to try some other method. Or if you're a government and worried that the US Military will start doing that to you soon you may decide to setup another channel as well.

So what other method could be used? Why not VOIP.
Posting on slashdot might still be smarter, but still may draw more attention. Easier for automation to flag the Slashdot post than to try to listen in a VOIP call and automatically flag it for decryption. Hey its voice traffic just like all the other VOIP traffic, but the slashdot post isn't natural language like all the other slashdot posts.

I also assume that the recipient is probably hand decoding these. If they were to use a computer there are of course even better ways to do this.

Re:hmmm....

[vertinox]

So why leave shortwave?

When the shortwave broadcaster is in hostile territory. It was fine when you had an embassy or a helpful country, but it is trivial for a nation with the right tech to triangulate your location especially if you are broad casting.

Secondly, short wave radios might attract attention when you have one on your person if you happened to be searched or your place is raided or if you have to go through a check point or airport security.

A wifi enable cell phone wouldn't get a second look other by TSA, Police, or even an FBI agent. Heck... It isn't even that passe in Pakistan or even Somalia to have a cell phone. However, if the locals saw you with an strange and usual radio writing down messages, they might turn you over to the local authorities.

Re:hmmm....

So why leave shortwave?
You wouldnt.

What if you were never on shortwave in the first place? What if you didn't have the capabilities to set up a large enough shortwave transmitter within range of the area you wanted to insert agents?

I still think it's a joke, but there are potential reasons to use it over shortwave. There are a million better methods to use though.

Re:hmmm....

[tambo]

So why leave shortwave?
You wouldnt.

Shortwave may have many advantages, but it has one specific drawback: it requires the use of a shortwave radio, which is a pretty rare device. A foreign government might well consider these devices as medium-grade indicators of espionage. Contrast this with a plain-jane cellphone or internet connection, which is approaching ubiquity.

(Of course, the "numbers station" phenomenon makes little sense in the context of internet connectivity - or even cell communication - because (1) the sender is obviously committing espionage, and (2) transcribing spoken workds is an incredibly low-bandwidth and error-prone mechanism. Steganography is where it's at, and it's a very safe vector in light of today's information glut. One amazingly easy way to send a coded message would be as an attachment to a Nigerian spammer email message. Your email program could have a filter that, prior to /dev/nulling these messages, tests the attachment against some kind of public key for authentication.)

- David Stein

Re:hmmm....

As mentioned in other posts below, it's not a one time pad, and it's grouped in 3's, not 5's. Others have broken up the 3-digit codes, but I have yet to find many who have written it this way:

Group 415

        013 056 051 012 079 046 065 010 093
000
        082 039 013 094 069 012 078 108 017 028 017 069
        022 073 038 014 017 015 015 073 004 020 068 012
        013 125 100 054 004 091 014 013 015 086 022 096
        081 066 002 082 055 070 002
000
000
        022 083 029 008 022 012 004 071 013 065 027 094
        019 029 014 022 008 002 011 083 073 003 026 019
000
        007 000 000 086

Group 617

        061 078 002 021 085 006 013 069 006 079 012 015
        024 007 006 016 017 069 095
000
        017 024 005 014 024 009 087 022 067 089 074 010
        082 010 086 078 013 024 004 016 027 073 013 015
        006 093 069 112 020 084
000
000
        021 003 070 031 076 049 065 023 027 067
000
        007 016 012 017

The Numbers?

4 8 15 16 23 42

Re:The Numbers?

[Sentri]

Has anyone else been made to pause by this post for more than just a laugh?

Could it be that on Lost the radio broadcast is a play on the Number Stations stuff?

I am a bit behind on Lost because I live in Australia so I may be behind on the current theories.

Re:The Numbers?

I'm from Australia too. Hopefully we can both speed the swarm and get the episodes earlier. www.torrentspy.com

Re:The Numbers?

Someone at Wired made that connection, as well. Check it out: http://www.wired.com/news/technology/0,69900-1.htm l grep for "Lost opens the hatch, finds an Apple II".

Re:The Numbers?

[che.kai-jei]

the mechnical voice counting the iterations of the broadcast was supposed to sound like those spooky listening stations. man, thats how the pilot episode hooked me! [i dont own a tv but decided to pon up for the boxed ste when it came out]

as a small child my military general grandfather would make me tune the SWradio for him and a few times i would hit a numbers broadcast sometimes on my way and it used ot obsess me.

[no one told me about one time pads and i was only 5]

however the sam toomey and lennard listening station hearing the numbers is also a reference to these wierd outposts.

check out the irdial.org conet project for a list of them

Re:The Numbers?

[myth24601]

This is a great way to pick Lottery numbers! Powerball here I come!

Re:The Numbers?

Execute.

NC, u haven't called

0x42 0x53 0x44 0x20 0x49 0x53 0x20 0x44 0x45 0x41 0x44

Meanwhile, American intelligence operations...

are brought to their knees by the slashdotting of the center of a new covert communication system.

It is a joke

[Sentri]

there are a lot more sophisticated ways of hiding and transferring secret information. including texts, images, video and audio streams, ssl, gpg, tunneling, etc. why would anyone bother with a child games like that?

Maybe if they were a child?

Or one of those people with one of those things, you know...
A sense of humour.

Yeah

blog comment spam

[moosesocks]

Such messages also appear to be manifesting themselves as blog comment spam.

The numbers are always in 5 digit blocks too, just like the ones that another poster observed occuring here on slashdot.

This is either genuinely weird, or just someone playing an elaborate prank.

I for one am intrigued, as I've seen the link-free spam messages crop up in all sorts of weird places...

Re:blog comment spam

[AnyoneEB]

Five number/letter blocks are pretty much the traditional way to break up enciphered messages. That does not mean they must be from the same source.

Waste of time

[caller9]

So some ham radio freaks or cryptologists are playing tricks. Who gives half a crap?

Want something really secure? Use one of those messages that self destruct like inspector gadget. As a bonus, it could really jack somebody up if thrown into their face. Also, they can be easily delivered by any method of transportation no matter how impossible, as evidenced by numerous Inspector Gadget episodes, where "the chief" maneuvers into some unthinkable situation only to have the tossed, usually over the shoulder, crumpled message end up giving him severe burns to his face and uppper body upon detination. Even when you go phew! because it totally missed you, guess what, you were wrong and you blow up anyway. Try and get with that hype shit NSA!

Re:Waste of time

Spies that cause injury to their counterespionage tails tend to get exposed as the real deal really quickly. And hurt in return. The idea is that counterintel isn't supposed to know who's the real spy, they're supposed to suspect *everyone* in the diplomatic corps. Thus, state loves to have perfectly ordinary office grunts go to meetings in odd places, arrange their cutlery in funny ways, and so on. Drives tails nuts.

I think this is obvious.

[ScentCone]

It's the promo for Dan Brown's new book. All of the fashionable Masons are using VoIP for their rituals and world control these days.

Re:I think this is obvious.

[griffjon]

It's true! The V is the Masonic Square, with the I and P forming the compass. The "o" is meant to stand in for the "G" in the center. It's OBVIOUS PEOPLE.

(the preceeding may have been sarcasm)

Re:I think this is obvious.

Yeah, I bet this is some sort of Da Vinci code tie in. The ads on the NY subways have things telling people to go to web sites and hint there's some sort of internet scavanger hunt going on.

Double Silly

[jspoon]

It's also easier to let through and trace. Heck, with short wave there's no way to tell the location of receivers so it can't be leaked, intentionally or unintentionally. With web pages, a group like the NSA might conceivably even be able to track a connection through proxies-they wouldn't need to know the content of the message because it's not secured on the server end.

If I were a spy, I'd lean more toward the use of stegonography so at least it isn't totally obvious that a code is being used. Might as well wear a hat that says 'I am a Spy." Stegonography is less likely to be human readable though. I suppose you could put in a sequence of numbers into a data file like a picture at a set index so someone opening it with a hex editor could read them off but a clumsy technique like that would introduce glaring artifacts to the picture, if it was even still valid at all.

4 8 15 16 23 42

[JoshDM]

Hike!

Conet Project

[gEvil+(beta)]

Wow! 30 comments and no mention of the Conet Project. There's lots of great sound files there to make your officemates wonder what the hell you're up to...

Re:Conet Project

[gEvil+(beta)]

Probably should've also included a link to the official page.

Re:Conet Project

[stox]

I bought Philip Glass's "Einstein on the Beach" instead.

This is actually something that is not to old

[shakaru]

Im not going to say as to what is beign transmited or the reason for existance of an organization that a few fellows of mine have created a few years back, but this is really not an new thing. For a few years (sometime pre 1996) we have been passing encrypted messages ove the net through means such as Craiglist and more so any ad service. Except while we knew we were not the first ones to do this, it was about some time in 1998 that one of us recived an reply with a message of the same formating of "Hello world". Now because non of us knew anything of Hello World beyond that of the programing world, we thought nothing of it. Damn wish we held onto it. P.S. take five and run

or it's just a creative troll...

[SuperBanana]

They have been an oddity until now, but hearing about these numbers stations makes me think our very own slashdot is being used as a covert channel.

Or it's just a creative troll, hoping someone will spend hours or days trying to figure out meaning behind what's really just the numeric output of /dev/random or something.

I've honestly always though "number stations" were pretty much the same thing...someone having their jollies. Has anyone actually tried to get a fix on them? I thought HAMs loved doing "hunts"...why don't they do a "hunt" on some number stations some time?

Re:or it's just a creative troll...

Someone tracked down the Lincolnshire Poacher: http://home.luna.nl/~ary/lp.htm

I also thought someone used radio direction finding to follow one of the CIA stations to, well, the CIA.

Re:or it's just a creative troll...

[leathered]

No, they're not somebody trolling the airwaves, most governments are very careful to whom they issue SW broadcasting licenses, and anyone pulling stunts like that would have them revoked in a flash.

As another poster said one of the most infamous numbers station, the Lincolnshire Poacher, has been traced to an RAF base in Cyprus and a number of others have been triangulated, all of them leading to some sort of military or security service base.

Re:or it's just a creative troll...

[Ilgaz]

Airing stuff at Shortwave for fun? Impossible. If it is not the police, some secret agent will show up in your door.

Also it is extremely expensive to air in SW band.

eh

[ezwip]

Well, either we decrypt the code and find out if it's an intelligence agency or we can do it the easy way... and just wait for them to sell one of the hard drives with the decrypter at a local flea market.

Conet Project

[JMZorko]

I bought a 4 (or maybe 6?) CD set of numbers stations recordings several years ago, call The Conet Project. Since i'm big into experimental music, the idea intrigued me. While some of the recordings were downright spooky and disturbing (not necessarily a bad thing), I found it mostly to be soothing in a weird way (though after listening to 2 or 3 CDs of these recordings non-stop, it started getting a bit ... too weird).

Regards,

John

That message is EASY to decode

It says:

In former Soviet Russia, frisT posT PROFITS from YOU!

Got any more?

No worry...

Robert Langdon had been dispatched.
It's a coded message from G_d, the rough translation: "I invented evolution, stupid apes... Respect..."

It's a *code* not a cipher

[crmartin]

Very likely you can't easily crack the code. reason: it's a true code, not a cipher. A real code assigns a symbol like '34187' to a word or phrase arbitrarily. Unlike ciphers, true codes are very difficult to crack without getting the key somehow, because there is very little redundancy to exploit statistically.

Re:It's a *code* not a cipher

[LurkingStranger]

You might consider wandering past wikipedia to read about ciphers, before the arguing commences...http://en.wikipedia.org/wiki/Cipher.

Re:It's a *code* not a cipher

[div_2n]

Substitution codes are subject to statistical weaknesses. Of course, you need a wide data set to use statistics to break the code. If you are substituting random phrases instead of whole words, that would make it quite a bit more difficult, but not impossible.

Re:It's a *code* not a cipher

[Jurph]

I don't think it is a code. Try dropping the zeroes between each non-zero 2-digit number, allowing "00" to be a legitimate pair and assuming the occasional 3-digit string. You get a sequence that has 45 unique numbers (in the case of Group 617, 41 unique numbers) and a frequency distribution that doesn't seem all that likely for a pad's vocabulary. Add to that the fact that none of the numbers in either group exceeds 112, and the pad you were using would be working with a very small vocabulary. I can't dispute that it could be, for example, an agreed-upon newspaper from the group-date (415 = April 15 edition of the New York Times, front page, main article). The numbers could refer to word-order in that article. But right now, I'm treating it as some form of substitution cipher.

Re:It's a *code* not a cipher

[crmartin]

Not impossible, but generally infeasible. Especially if you have this amount of traffic, and especially with the introduction of some number of "noise" words.

Re:It's a *code* not a cipher

[crmartin]

Reading about cryptographic codes wouldn't hurt either.

Re:It's a *code* not a cipher

[crmartin]

Could be, but I'm suspicious it's a good old trench code, or telegraphers' code. It's not hard to generate a trench code that has arbitrary vocabulary sizes, with any desired code group or group substring distributions.

1337

[SlappyBastard]

Godammit. It's just a bunch of geeks.

Google PR?

[Coward+Anonymous]

Last time secret messages were popping up in different places, google was involved...

Re:Google PR?

[ZachPruckowski]

Nah, this stuff is getting pretty common. Look at stuff like hansofoundation.org lots of advertising is being done with strange internet based stuff. Remember MS's Origami stuff? So Google isn't alone in that.

why not use png texting?

[plasmacutter]

there is a flaw in the png format which allows you to embed random crap in png files.

the particular application i've seen commonly practiced was mp3 pngs, you download the file, rename it .mp3, and can load it straight into winamp.

why not embed a special encrypted text format into a png file, and build a special app specifically for viewing the format.

unlike mp3 pngs, it would be very hard to detect, especially on huge imageboard sites like 4chan's /b/ board Oo.

Re:why not use png texting?

[DragonTHC]

That app would end up on bit torrent

Re:why not use png texting?

[Kirth+Gersen]

On the other hand, a lot of such files are very obviously too large for their resolution.

Call Mr. Lee

[BorgCopyeditor]

Dial 45... 41.... oh oh oh
Call Mr Lee,
He'll know the code is broken,
Tell him the dog is turning red.

Re:I deciphered it!, Me too!

I used my super secret , very expensive DNA computer prototype.

It says:

gatactcca gtcaac ctga ggtca attccga tcga
actgaa ctga ggtca attccga gatactcca gtcaac
tcga actgaa ctga ggtca attccga!!!! gtcaa atcg

tcga actgaa ctga ggtca attccga actgaa ctga
ggtca attccga tcga actgaa ctga tttacgctag
actgaa ctga ggtca attccga gatactcca gtcaac

Google Recruiting...

[inkdesign]

Crack em' and get a job everyone!

Codes

Damn, my username has been compromised.

Code, Cipher, or is it the Key?

[blavallee]

Perhaps it is the key used to decode a message that uses more sophisticated ways of hiding the secret information.

Could it be:
212 = NY Times, Post, or The Village Voice
617 = Boston Globe, Herald, or Metro

Craigslist Date = Print Date??


Find a house and you can break a window to get inside! Find a key and may never find the door it unlocks!

/.ed, now back up

The time to do apache and mysql performance tuning is NOT AFTER you've been posted to slashdot, but BEFORE. Wow that was a hairy two hours.

Can't crack it: One Time Pad

You'll need the one-time pad and start time to have a chance of understanding what's going on.

i dun figured it up

[ezwip]

HELLO WORLD
84635 84635
HELLO WORLD
55239 55239 17659 17659 42773 42773 37557 37557 35760 35760
63392 63392 28670 28670 19315 19315 32133 32133 59959 59959
49788 49788 78823 78823 00000 00000 18139 18139 07715 07715
60141 60141 91853 91853 17108 17108 45205 45205 09378 09378
68757 68757 09996 09996 62078 62078 95257 95257 69473 69473
39901 39901 93427 93427 47135 47135 33306 33306 77578 77578
86981 86981 65940 65940 54059 54059 05385 05385 56218 56218
53795 53795 10048 10048 16950 16950 68668 68668 85556 85556
79589 79589 81720 81720 81394 81394 04904 04904 54722 54722
83585 83585 20590 20590 34103 34103 18710 18710 18111 18111
90592 90592 61950 61950 77647 77647 27033 27033 36596 36596
14300 14300 34260 34260 10965 10965 12644 12644 12457 12457
09713 09713 73912 73912 48354 48354 25269 25269 32224 32224
11961 11961 16120 16120 60354 60354 96249 96249 77038 77038
91210 91210 01513 01513 70865 70865 96846 96846 93310 93310
42662 42662 12155 12155 87912 87912 63723 63723 72208 72208
50750 50750 18360 18360 73083 73083 04449 04449 68730 68730
83488 83488 41188 41188 22883 22883 87192 87192 11613 11613
86664 86664 73349 73349 09145 09145 29887 29887 77537 77537
68013 68013 92513 92513 29149 29149 62238 62238 82161 82161
63015 63015 54947 54947 81323 81323 31400 31400 67025 67025
71072 71072 94891 94891 32047 32047 82667 82667 08699 08699
75573 75573 24408 24408 80140 80140 87180 87180 41636 41636
31495 31495 31153 31153 07866 07866 98568 98568 11359 11359
43497 43497 95520 95520 41816 41816 87633 87633 99937 99937
00531 00531 41136 41136 47099 47099 72592 72592 88941 88941
35041 35041 82063 82063 58426 58426 95934 95934 50578 50578
77239 77239 65303 65303 27909 27909 74415 74415 87391 87391
43787 43787 91391 91391 02509 02509 29157 29157 63214 63214
60937 60937 28220 28220 64794 64794 21356 21356 14748 14748
05542 05542 27738 27738 70376 70376 39801 39801 50983 50983
87009 87009 36795 36795 46952 46952 50213 50213 17461 17461
73838 73838
K-BYE

translates to:

kill the prime minister of malaysia!

This is fun!

[pyite]

Could this Be Cracked?

94 157 104 124 13 151 120 1 253 205 127 56 199 201 76 133
185 181 249 47 148 107 23 57 75 118 242 196 29 8 244 141
31 84 4 166 11 111 7 219 140 217 209 153 76 136 104 16
105 92 134 252 57 22 21 189 108 136 203 159 225 87 61 166
196 140 13 38 192 153 41 195 163 18 32 253 207 115 156 114

Very easily ;-)

Ummmmm...no.

[rindeee]

You can't crack them. Unless, of course, you or a cohort has devised a way to crack a one time pad short of stealing the mat.

Re:Ummmmm...no.

[fishbowl]

"You can't crack them. Unless, of course, you or a cohort has devised a way to crack a one time pad short of stealing the mat."

Just how good is the RNG that was used to generate the OTP?

Re:Ummmmm...no.

[Jesus_666]

Just how good is the RNG that was used to generate the OTP?

If the station is serious the RNG is probably physics-based, ie. truly random as far as we can tell.

Re:Ummmmm...no.

[Shanep]

Just how good is the RNG that was used to generate the OTP?

Important point that you said RNG and not PRNG. Because an OTP is not an OTP if the P was generated with an PRNG:

"Classically , a one-time pad is nothing more than a large nonrepeating set of truely random key letters, written on sheets of paper, and glued together in a pad", "The caveat, and this is a big one, is that the key letters have to be generated randomly. Any attacks against this scheme will be against the method used to generate the key letters. Using a pseudo-random number generator doesn't count; they always have nonrandom properties. If you use real random source -this is much harder than it might first appear-, it's secure".

Bruce Schneier, Applied Cryptography, 2nd ed.

One would hope that the intelligence agencies of the World are using real noise and not PRNG's for their OTP's.

Way 2 make money?

[lon3st4r]

What if a you-call-you-pay-a-ton phone number is posted anonymously like this?

People could make a lot of money like this.^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^H^ H^H^H^H

forget you ever heard that. mental note: TODO: money for nothing! ;)

* lon3st4r *

Not Havana, but New York?

[Bananatree3]

The first message was was listed in the the New York classifieds. Now it is possible the author simply placed it there for obscurity reasons, but it could also be that he/she was targetting someone who resides specifically in New York. Also, area code 212 is in New York City, which could be so their contact in New York wouldn't have to dial long distance to reach it.

The second message was in the San Francisco classifieds, and there too the area code, 415, of the number matches with the city. It could be that the author of the message is trying to make it easier on their contacts in those specific areas, as dialing local does not leave nearly as much of a trace as dialing long distance.

Re:Not Havana, but New York?

Or, they used the same spot for both just to annoy slashdoters with too much time?

here's one I found... near a navy base in seattle.

+1-360-515-2976

Obvious first step, and some frequency analysis...

[Jurph]

Nobody seems to have pointed out anywhere that these codes, while broken into the canonical 5-digit groupings, are almost certainly composed of three-digit numbers padded with zeroes. The first one, when you strip out the annoying five-character spacing, becomes:

Group 415
13 56 51 12 79 46 65 10 93 00
82 39 13 94 69 12 78 108 17 28 17
69 22 73 38 14 17 15 15 73 04 20
68 12 13 12 51 00 54 04 91 14 13
15 86 22 96 81 66 02 82 55 70 02
00 22 83 29 08 22 12 12 04 71 13
65 27 94 19 29 14 22 08 02 11 83
73 03 26 19 07 86 86

and the second one becomes

Group 617
61 78 02 21 85 06 13 69 06
79 12 15 24 07 06 16 17 69
95 00 17 24 05 14 24 09 87
22 67 89 74 10 82 10 86 78
13 24 04 16 27 73 13 15 06
93 69 112 20 84 00 00 21 03
70 31 76 49 65 23 27 67 00 07 16
12 17

Each one just barely scratches into the low hundreds (once each), and uses "00" several times, occasionally doubled. The first one uses 45 unique numbers ranging as high as 108 with the most common characters in the teens; I haven't done any frequency analysis on the second grouping yet but the teens look popular again. I just happened to start reading David Kahn's "The Codebreakers" this week, so I've got lots of places to start, but I wouldn't mind a little help with this. Holler if you think of something!

Here is one!

[HermanAB]

http://spamradio.com/spamradio.m3u ;)

Cyberpunk

[Goodbyte]

Anyone else that sees a connection to Pattern Recognition by William Gibson?

The next one should be in Boston

[CleverNickName]

I am a huge Numbers Station geek, and I've been known to listen to the Conet Project just for fun at parties, shortly before I'm asked to leave. So I've been following this story on the Spy Numbers mailing list for at least two weeks, now. If you're intrigued by this mystery, you will probably love the resources at SpyNumbers.com, or the Enigma2000 group at Yahoo.

Anyway, my prediction: The next message will be posted on Craigslist for Boston. The first message announced Group 415, and the second message was posted on Craigslist for San Francisco.

The second message announces group 617, which means the next message will probably show up on Craigslist for Boston. If that proves to be true, it is 99% certain that this is just a prank, or something being done by amateurs having a bit of fun. There's no way a real spook or someone sending messages of any importance would use a scheme that some piker like me can figure out.

So what's going on here? Eh. If there's anything really in there, now that it's been on Slashdot and boingboing, it's quite likely to be cracked within a few days, unless it's encrypted with a one time pad. Whatever it is, part of me is afraid that it's part of that stupid DaVinci Code promotion, and the same part of me hopes that it's somehow related to the Hanso Foundation.

Or maybe Publius has finally returned . . . are there any Pink Floyd albums coming out soon?

Re:The next one should be in Boston

[cei]

With Dave's new solo album out, I doubt there's new Floyd material in the current pipeline. Would be good to hear from Publius again, though.

But really, I've always thought any numbers station (other than CBS) would be running a one-time pad. (CBS obviously recycles plots, so otp doesn't seem likely. ;^)

Re:The next one should be in Boston

It just appeared. The phone # is for Federal Reserve Bank of Boston though. Weird.

http://boston.craigslist.org/mis/167168282.html

For Mein Fraulein
Reply to: pers-167168282@craigslist.org
Date: 2006-06-02, 7:21AM EDT

Mein Fraulein,

I am anxious to speak with you. ///617///973///3463///

        * no -- it's NOT ok to contact this poster with services or other commercial interests

167168282

Re:The next one should be in Boston

Are there any set freqs these stations broadcast on or is it a random thing you have to go spinning the tuning dial for?

Re:The next one should be in Boston

the same part of me hopes that it's somehow related to the Hanso Foundation.

OMG, you're right! And I cracked the cipher by applying a extrapolation of the magic numbers into an inverted one-time pad! The plaintext is:

Sprite is cool! Drink sprite!

Re:The next one should be in Boston

[garaxiel]

umm....number leads to a boston bank. now i think this one ont he boston craigslist is just someone being silly :)

Re:The next one should be in Boston

[Ponga]

It's also possible that the messages are legit and intended for someone for some real purpose; thats to say, not a hoax -- and in the midst of the media coverage, some lame-o posted this: http://boston.craigslist.org/mis/167168282.html - which is certainly a fraud, the number is to a Federal Reserve Bank in Boston... hey... maybe even YOU posted this to Craigslist?? Anyway, if this post to Craigslist WERE real and the number dialed up another Voip numbers recording... THEN I would have really been intrigued!

Re:The next one should be in Boston

[tsalaroth]

Some have said this one may be a copycat/someone being silly.

This actually scares me.

Re:The next one should be in Boston

[tsalaroth]

Am I the only one that finds it more disturbing that the number goes to the Boston Fed Reserve than hoax-like?

No one's broken the code, if it is one, and no one knows WHOSE code it is.

Re:The next one should be in Boston

[Ponga]

Ya, but think about it for a second. This story has generated a fair amount of buzz and from the posts I've seen, (not only on /.) several people have been trying to decode the messages, or at least trying to track sources and what-not. So, the MOTIVATION for some n00b copycat out there to post a similar message AFTER the fact that it has been revealed WHERE the next message would appear... it's fishy, thats all. And pretty lame. Then, on top of the fact that the phone referenced is NOT another pre-recorded numbers message... come on, guy! Anyone could look up that Fed #... I mean... why not the number to the Boston FBI field office?? Weak. Now, as for the previous TWO messages, THAT does get me interested. Because someone had the where-withall and motive to spend $$ to setup a viop number, etc! Huh!

Re:The next one should be in Boston

[geekoid]

maybe the phone number is just a way to tell the intendrepient where to meet?
Or that the line is being monitored, and speaking a pass phrase get's you routed elsewhere.

ewww.. this game is fun.

It's painfully obvious what's going on

[TadZimas]

Okay, let me break it down for you.
The CIA has this lovely little 'Numbers Station' that was developed during the cold war daze. However, times have changed, and they don't use it anymore. However, if they keep it going, foreign intelligence agencies will dutifully watch it, trying to decipher it's meaning, EVEN IF they too believe it's useless. The chief of the foreign CIA-equivalent is given a big packet of 'coded messages' that the U.S. transmitted over the short-wave every couple of weeks, and now has to decide between the 'real' coded messages they intercepted however and the 'fake' messages distributed over the short-wave. Misinformation overload.

Now, every couple of weeks we put in a real tidbit of information, and so if it's correctly translated and given to foreign CIA-equivalent chief, he probably won't act on it, given the terrible track-record of the 'Number Stations'. So, when the U.S. actually does invade Iran, or whatever other piece of information we seeded to them, the foreign CIA-equivalent gets in trouble with his superiors, and his subordinates start to distrust his leadership skills, and the whole organization starts to work slightly less well. Sowing the seeds of distrust.

If you want to be extra cruel, make the seeded codes extraordinarily vague/only make sense in hindsight.

Now, what are the advantages you get if you move the entire system over to VoIP?
1: It's cheaper, although this is the least of the government's concerns.
2: You get a nice record of everyone who listens in, so you know if the germans, for example, are trying to find out what we're up to.
3: It forces the foreign-NSA equivalent to block that number from it's country (except for the government), which allows us to mosey on in a couple weeks later with fliers that proclaim "Your 'democratically elected government' is preventing you from dialing certain phone numbers!", helping any destabilization of their government attempts.

I know it's a little conspiracy theorish, but It's the most logical thing.

Clandestine Transmitter

[grahamsz]

What if the transmitter needs to be clandestine... perhaps the agent in the field that receives messages via shortwave has to post some kind of reply.

Dropping a few roubles in a net cafe, while posting to a commonly used side seems quite reasonable. The host government would need to do some fairly serious analysis to spot that kind of stuff. If the agent rarely uses the same connection or site, then it'd be virtually impossible to stop them.

Perhaps they even use a PDA with a wifi card that uses any unsecured network to upload the data.

Re:Clandestine Transmitter

[bLanark]

Or even a spy rock(TM).

War is comming !!!!

Exactly the same happened before the 1991 invasion... 2003 and now in 2006..... Iran here we come....

                          3371-4!!

Re:Obvious first step, and some frequency analysis

and then you take the asc of each number and then take the chr of that asc to produce:
(first line only)
7 0 2 8 0 1 6 0

and then you read it downwards

Important Message to Field Agents :-)

-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.3 (MingW32) jA0EBwMC3OJvC0udHVpg0sAQARBTVm0dQCiADw70Qmj2xcaPg1 vpxk5WMUOCjH0K 0YgphmK6xz3DsrRldCcQ6th4KnryABrSb6Ey3Sk61377G0QeTa FFsZaSa2T2EmxX RVK6mrV2u/L8qsqR/K83TKYJi1wzjIyBF4F0sVuDcM6gKvMTbe oQNqDLjgc2NrxL 3aw5qx9YhJ4YOR6GPgiuLUMGrB3ZXF8UxuKXhNL4yDSmPkKhze pqoIFjMK1EPFAw r+NJRP0MhaarieqSQ0oq7AVywySORkz9GUDJpXpl2QFlGA== =N62m -----END PGP MESSAGE-----

Re:Important Message to Field Agents :-)

[ettlz]

Hey guys -- just found out that georgina (you know, tall blonde who fixes the xerox machine) is actually a MAN!!!1111! Lol

L8r,
raymond

What kind of message of state importance is that?

Sounds like the plot from "Pattern Recognition"

[beeblebrox]

William Gibson's latest about a quasi-viral-marketing scheme.

Listen to recorded stations

[Bromskloss]

See my sig.

Re:here's one I found... near a navy base in seatt

What the hell is that? The numbers change every time I called.

Cracking it?

[PhotoGuy]

I thought these were generally considered to use One Time Pad's, so cracking really isn't an option. From Wiki:

In cryptography, the one-time pad (OTP) is an encryption algorithm where the plaintext is combined with a random key or "pad" that is as long as the plaintext and used only once. It was invented in 1917. If the key is truly random, never reused, and, of course, kept secret, the one-time pad can be proven to be unbreakable."

Re:Cracking it?

[00_NOP]

So, tell me how you generate a "truly random" key? I don't believe it exists.

Re:Cracking it?

[Jurph]

It could be a one-time pad, I guess, but they've used three-digit numbers (padding them out with zeroes and using canonical five-digit spacing) and a few things make me think it's not a pad:

First, there are 45 unique 3-digit strings in the first message, 41 in the second, and 23 of those common between the two; that's an extremely small vocabulary. If it were a pad, one would expect to see a much greater representation of 3-digit numbers. As it is, none of the characters exceeds 112. Second, the frequency distribution of the 3-grams doesn't appear uniform - some characters are repeated as many as 7 times, with a "long tail" of doubled and tripled characters. Words like "the" and "a" would stick out much more than the most-frequent characters do here; the most common character in Group 415 represents about 8% of the total message, and the most common character in Group 617 represents about 6%.

Re:Cracking it?

[DragonWriter]

So, tell me how you generate a "truly random" key?

Grab a coin. Flip it. If it comes up heads, record a 1, if tails, a 0. Repeat for each bit of the desired key.

Radio receivers don't leave trails!

[Kopretinka]

Well, going from radio waves to IP (internet protocol) of any kind seems stupid - to receive radio waves you only have to be in the area, and nobody is able to find out you're tuning to that station, unless they actually hear you. With IP, on the other hand, there are sudden packets flowing from the source to the receiver (broadcast does not span local networks because the internet would be too easy to flood). Secondly, there will only be relatively few listeners (real agents plus a few curious people) to these IP streams, so one (a network operator) has much more chance of tracking all of them.

However, if the whole slashdot suddenly goes to listen to them, agents can hide much easier. Use slashdot as a coverup! 8-)

Re:Radio receivers don't leave trails!

[Doctor+Memory]

nobody is able to find out you're tuning to that station, unless they actually hear you

Not quite true, a receiver must be tuned (and therefore have an oscillator resonating at) the desired frequency. If you've got a highly-sensitive receiver, you can determine pretty accurately the frequency a given radio is tuned to. You can't really cover much of an area, but if someone wants to know what station you're tuned to, and they can get close to you (say within a hundred feet or so), then they can tell what you're listening to. Google up "TV detector vans" for more details.

Re:Radio receivers don't leave trails!

[Mike+Buddha]

TV Detector Vans detect the radiation given off by the tube. They can't tell what channel the viewer is watching except by the image they receive from that tube radiation. The British TV authorities have admitted that they can't detect if someone is watching TV using a TV tuner card on their PC. I think you'd be pretty secure listening to a numbers broadcast as long as you kept the volume down. Speakers don't give off anywhere near the EM radiation as CRTs.

Re:Radio receivers don't leave trails!

[Kopretinka]

Oh, I didn't know about this, but does this only work for high-energy, high frequency signals? That would be supported by the reference to "TV detector vans". IIRC short wave receivers don't even need battery to be able to receive because it uses amplitude modulation so a simple circuit powered by the signal would result in audio from the tiny speaker, and I don't think such a circuit would emit much of anything practically detectable.

I know who is...

[HacTar]

I suppose is RIAA's new DRM music jamming scheme

They're probably the opposite of what you think

[Ancient_Hacker]

Numbers stations may be the opposite of what you think:

• They may be distributing one-time pads or keys.
• They might be sending gibberish-- just to keep the other side's cryptanalysts too busy to work on the real messages.
• hey might be sending gibberish-- just to keep the frequency squatted on so other pirates don't squat on it.

Lots of possibilities that don't involve actual messages.

Re:They're probably the opposite of what you think

They may be distributing one-time pads or keys.

That would be silly. A one-time pad is no good if the pad is public!

They might be sending gibberish-- just to keep the other side's cryptanalysts too busy to work on the real messages.

Pointless. Numbers traffic is miniscule compared to the total amount of crypted traffic they have to deal with. Besides, if everyone thinks it's one-time codes, cryptanalysts aren't going to bother with it at all; it's uncrackable by definition, unless they have the pad from somewhere else, in which case it takes no time at all.

They might be sending gibberish-- just to keep the frequency squatted on so other pirates don't squat on it.

What's the point, if they never use the frequency for anything useful? Who care if someone takes over the frequency?

Re:They're probably the opposite of what you think

[Shanep]

They may be distributing one-time pads or keys.

That would be odd, to say the least. Since:

• The pads of One Time Pads are supposed to be moved over a secure channel. Perhaps held by a trusted agent or otherwise couriered by a trusted courier.
  
  
• There is no point in distributing pads WITH OTP crypto, since the pad should never be used more than once and therefore they cannot be used to send more data that the length of pad intself (compression shouldn't work, since we should be talking about real noise, which should not compress). So if a pad had to be sent securely at one stage (to fascilitate this new communication), then sending another pad with it is just a waste of time and effort. A pad of the same size or greater was already SECURLY sent, to allow this new pad to be sent? Can't be more secure. It would be redundant. Nothing gained.
  

Re:They're probably the opposite of what you think

[Aging_Newbie]

Actually, how about sending the one time pad in the open and the real secret is where the encrypted message is? Steganography using a one-time pad comes to mind.

Devious, Huh!

Wait - BRB - the CIA is knocking on my door!!! Oh, NO!

Re:They're probably the opposite of what you think

[Shanep]

Actually, how about sending the one time pad in the open and the real secret is where the encrypted message is? Steganography using a one-time pad comes to mind.

Devious, Huh!

; )

I've actually been wondering if government agencies have been capturing images from the net (and other noisy media files) and been crossing them with each other to find matching images which contain OTP's and OTP_ciphertexts. That method is dodgy, when proper OTP can work so well and easily. If I were crossing international borders with OTP's though, I certainly would want them stored steganographically to avoid detection. Any countries image peoples computers as they pass through? Who would have thought, that a big problem in electronics, noise, would actually one day provide such an effective secure communications medium!

On a different note...

You could choose to send the OTP as the "secure message" and send the OTP encrypted ciphertext through the secure channel. But that would be very much more impractical than OTP crypto already can be. It takes away from one of the best features of OTP crypto.

The OTP's are the pre-shared secret and the messages are the future information to be secured. So sending the OTP itself as the "secure message" as need be and sending the encrypted message through the secure channel as need be is impractical. Since if you need a secure channel through which you can send information securely at any time, if you have that, then you don't need the OTP at all! ; )

OTP allows a bulk pre-shared key to be sent through a limited availability secure channel, so that secure comms can later benefit from that sporadic bulk transfer, but at any arbitrary time. The One Time Pad basically tries to take full benefit from some small windows of opportunity. An agent crosses a border with a very large, very well hidden OTP, for example. It could be a large CF card in a camera, with OTP's stego embedded into innocent looking images on the card. A card which is easily removed, inserted into a PC and then used for secure comms.

And can you crack the code?

[croddy]

And can you crack the code?

Well, considering it's most likely a one-time pad, I'm going to have to say no.

Re:And can you crack the code?

[DragonWriter]

If its a prank, its probably not an OTP. If it is real information that the sender wants to transmit securely, it may be a one time pad.

Here's one in Boston.

[SenatorTreason]

http://boston.craigslist.org/mis/167168282.html

Reply to: pers-167168282@craigslist.org
Date: 2006-06-02, 7:21AM EDT

Mein Fraulein,

I am anxious to speak with you. ///617///973///3463///

Re:Here's one in Boston.

[kilonad]

Umm... that would be a phone number. Not quite what we're talking about.

Re:Here's one in Boston.

[ded_guy]

The article mentions that at the other end of these phone numbers is a recording that reads off the code numbers. Give it a call and you might get to hear it before it runs out of minutes.

Re:Here's one in Boston.

[rnelsonee]

For those wondering, if you call that number, you dont get another set of numbers. But you do get this:

"For directions to the Federal Reserve Bank in Boston on 600 Atlantic Ave, Press 1.

For directions to the Federal Reserve Office in Windosr Locks, on 317 Ellatrasso Turnpike, press 2"

Re:Here's one in Boston.

[Sawmill]

1. Calls number
2. Hears message
3. darkness, as swarms of men in black come into your home

No thanks...just ties my number into the other social engineering tracking they are already doing...

But, thanks for trying it for the rest of us.. ;)

Mucking with the SNR

[AlphaInsight]

This sounds more like someone's just doing their part to muck with the signal-to-noise-ratio after hearing about this NSA/AT&T crap. Yeah, there are more secure communication vectors than VoIP as well anything traversing the internet, but it most certainly causes the G-Man to stop to look.

It probably is a love letter between two crypto geeks, but it does have a higher purpose!

To see someone do their part to screw with (at the very least) unethical, immoral, and more-than-probably illegal wiretap, makes me feel warm and fuzzy.

Re:here's one I found... near a navy base in seatt

[silverkniveshotmail.]

360 is not seattle

IP over what, though

Code or no code, VOIP is an awful lot easier to block and censor than short wave.

Considering that IP can be transmit over a great variety of media, including pidgeons and bongo drums and shortwave, I think you're either overgeneralizing or comparing apples with oranges.

Full explanation

#!/usr/bin/env python
import random

def rand():
    n = random.randint(0, 99999)
    return "%05d %05d" % (n, n)

print "HELLO WORLD"
print rand()
print "HELLO WORLD"
for i in range(random.randint(5, 100)): print rand(), rand(), rand(), rand(), rand()
for i in range(random.randint(1, 5)): print rand(),
print
print "K-BYE"

Re:here's one I found... near a navy base in seatt

oh? what area code does the Puget Sound Naval Shipyard Bremerton near seattle have then, moron?

I do think that number is a real numbers station. Give it a ring: +1.360.515.2976

1984

[Ponga]

From TFA: "...someone tipped off our friends at 2600 Magazine. Its editor Emmanuel Goldstein..."

Anybody read 1984 ??

Re:1984

[bcmm]

He certainly has. It isn't his real name. http://en.wikipedia.org/wiki/Eric_Gorden_Corley

4 8 15 16 23 42

[fatboy]

Enjoy :)

I've broken the code!

[JRHelgeson]

Group 415 translates to:
"All your base are belong to us!"

The second message,
Group 617 translates to:
"Moving every zig for great justice!"

Just thought you'd want to know... :)

look at the wave shape

http://img166.imageshack.us/img166/7936/wav4ym.jpg
Look at the waves at the red arrows. Those are not normal wave shapes and I've never seen mp3 encoding do that. Why not put your message in those areas while everyone else tries to figure out what random numbers mean?

Could never happen

[LWATCDR]

VGhlIHZlcnkgaWRlYSB0aGF0IHNsYXNoZG90IGNvdWxkIGJlIH VzZWQgdG8gc2VuZCBjb3Zl

cnQgbWVzc2FnZXMgaXMganVzdCBzaWxseS4gV2hvIHdvdWxkIG V2ZXIgZG8gdGhhdC4gTXkg

cXVlc3Rpb24gaXMgY291bGQgeW91IHVzZSBCQVNFNjQgdG8gZW 5jb2RlIGEgdG9ycmVudCBz

ZWVkIGFuZCB0aGVuIHBvc3QgdGhhdCBvbiBTbGFzaGRvdD8=

some come from US Mil bases, others Cuba

[LM741N]

Its been known for quite some time that at least one numbers station was broadcasting out of a military base in the US. I wish I had the reference but I saw it in a book on shortwave listening some time ago. A nearby ham or SWLer realized just how strong the signal was and by taking a receiver to the perimeter of the base, was easily able to conclude that it was the source.

I have also seen in the past revelations about these stations operating out of Cuba. There was some dissident who defected to the US and spilled the beans on it.

Here you go

[LWATCDR]

http://www.random.org/

Re:Here you go

[Gattman01]

That bitmap generator reminds of the "Face on Mars".
Or at least the first few images looked like it.

I think I've figured out at least one of them.

[nblender]

It says:

"Meat is trying to convince you it has made you. You must overthrow Meat and then we will reveal ourselves to you. Do not help Meat to decrypt these messages."

I don't get it.

Re:I think I've figured out at least one of them.

And how did you arrive at this decryption?

Numbers stations

[Frozen+Void]

I recall when i was kid and tuned my radio,one weak medium wave station was speaking somehting like " foxtrot hotel lima" intead of speech,i have seen it reapeat itself few times.I never knew about those stations and assumed it was
a communication channel for ships(like weather broadcasts).
It was weird though,a female voice talking in monotone words without stopping.

Re:Numbers stations

[barnzi]

The shortwave bands are also populated with numerous beacons which operate in this fashion - continuously broadcasting a short callsign either in morse, speech, hellschreiber or another basic scheme. The beacons are used to assess the constantly varying propogation in these bands.

Off the Wall - May, 30, 2006

[thedbtree]

It's funny, I just finished the podcast of the May 30, 2006 "Off the Wall" and Emmanuel has the recording of one of these "Number Stations".

Check out the audio on the May 30, 2006 episode of Off the Wall.

This is intriguing stuff...

Are you from around there?

[Spaceman40]

Bremerton (Silverdale too, for that matter) is 360. Seattle is 206.

Watch who you call a moron.

Re:Obvious first step, and some frequency analysis

Based on the version writen out in the article, you hiccuped in there somewhere. It should be:

013 056 051 012 079 046 065
010 093 000 082 039 013 094
069 012 078 108 017 028 017
069 022 073 038 014 017 015
015 073 004 020 068 012 013
125 100 054 004 091 014 013
015 086 022 096 081 066 002
082 055 070 002 000 000 022
083 029 008 022 012 004 071
013 065 027 094 019 029 014
022 008 002 011 083 073 003
026 019 000 007 000 000 086

I wonder if it's just a substitution cipher.

How to crack the code: Step 1

[bort27]

There seem to be a great deal of zeros in both messages.

group 415 group 415
01305 60510 12079 04606 50100
93000 08203 90130 94069 01207
81080 17028 01706 90220 73038
01401 70150 15073 00402 00680
12013 12510 00540 04091 01401
30150 86022 09608 10660 02082
05507 00020 00000 02208 30290
08022 01200 40710 13065 02709
40190 29014 02200 80020 11083
07300 30260 19000 00700 00000
86 86

group 617 group 617
06107 80020 21085 00601 30690
06079 01201 50240 07006 01601
70690 95000 01702 40050 14024
00908 70220 67089 07401 00820
10086 07801 30240 04016 02707
30130 15006 09306 91120 20084
00000 00210 03070 03107 60490
65023 02706 70000 07016 01201
7

If we regroup the digits into threes instead of fives, we end up with a series of numbers from 0-127:

013 056 051 012 079 046 065 010 093 000 082 039 013 094 069 012 078 108 017 028... etc.

I would have assumed that they were simply using a one-time pad of random integers from 0 to 127, and encrypting each character as (cleartext + onetimepad) % 128 (which would make the message uncrackable without the pad), but because we often have long strings of zeros, I'm starting to doubt the use of a pad. Please post if you make any progress.

bort.

Re:Nonsense

[vertinox]

So, basically, instead of using a fairly innocuous radio, which is easy to explain away if apprehended, you propose that the secret agent go around carrying stolen cards and stolen ID and wardrive?

No real spy war drives. He sips his carmel mochiatta at starbucks enjoying a copy of the People Daily while his laptop makes the call with skype dumping it to a wav file.

Re:here's one I found... near a navy base in seatt

I'm guessing Asterisk + FWD + IPKall?

Computer Code maybe?

Could it be computer code- a virus maybe??? If ASCII this is what the numbers could be 013 056 051 012 079 046 065 010 093 000 082 039 013 094 069 012 078 108 017 028 017 069 022 073 038 014 017 015 015 073 004 020 068 012 013 125 100 054 004 091 014 013 015 086 022 096 081 066 002 082 055 070 002 000 000 022 083 029 008 022 012 004 071 013 065 027 094 019 029 014 022 008 002 011 083 073 003 026 019 000 007 000 000 086 Essentially this is what it decodes to in ASCII (Note- the commands, not actual letter as in CR = Carriage Return) CR 8 3 FF O . A LF ] NUL R ' CR ^ E FF N l DC1 FS DC1 E SYN I & SO DC1 SI SI I EOT DC4 D FF CR } d 6 EOT [ SO CR SI V SYN ' Q B STX R 7 F STX NUL NUL SYN S GS BS SYN FF EOT G CR A ESC ^ DC3 GS SO SYN BS STX VT S I ETX SUB DC3 NUL BEL NUL NUL V

of course

[geekoid]

random is just another way to say ignorant. Nothing is truly randome, but something can have so many variables that is seem random to the human brain.

Re:of course

[fishbowl]

Truly random might have flaws of its own. A random sequence will necessarily include an arbitrary number of zeros, the text of hamlet, and the digits of pi at some point in the sequence. If your RNG gives results in this area, are you going to use it, or are you going to arbitrarily adjust it? How and when do you make the decision?

Re:of course

[Shanep]

random is just another way to say ignorant. Nothing is truly randome, but something can have so many variables that is seem random to the human brain.

The point is that PRNG's exhibit much less random properties, eventually repeat their stream bit-for-bit and known PRNG's can be used to attack.

Random data from a natural source can on the other hand gets much closer to the ideal of "truely random", should not repeat for any significant length and should not be known for any significant length.

If you would not hold an OTP system built from radioactive decay up as being a strongest or near-strongest crypto system. Then what would you trust?

Traffic analysis

[JaumPaw]

I seriously doubt that an intl. agency is behind this - after all, it makes the receiver of the message wide open to traffic analysis. Shortwave is still the best way to avoid traffic analysis. However, I would suggest spam stegnography instead, where possible.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Looks a lot like a pnm file to me.

[tknd]

http://en.wikipedia.org/wiki/Portable_Pixmap_file_ format Unfortunately I don't think the group 415 or whatever header matches up to the dimensions of an image.

Sets of 3 and recurring patterns

[method_pg]

I'm glad others figured out the 3-digit thing.

Further analysis of frequency and structure..

10x 000
8x 013
6x 017,022,012
5x 069,015
4x 002,004,006,024,014,073
3x 078,082,086,027,016,065,007,010

For reference, words in English language in order of most common:

The, of, to, and, a, in, is, it, you, that, he, was, for, on, are, with, as, I, his, they, be, at, one, have, this, from, or, had, by.

---

Sentence Structure:
013, 022, 082, 007, 021, 017 were all used to start a sentence.
OF those 013, 022, 017 were also used mid-sentence.
002, 093, 067, 017, 084, 095, 019 have been used at the end of sentences.
000 appears to be CRLF, with a double set seperating paragraphs.
007 and 086 seem to be words you can use alone on one line (like "thanks" or "goodbye")
015 appears twice consequetively in one sentence.
(probably either side of a comma [one that isn't defined in the cypher])
014,013,015 are likely to be 3 common words which can be used in that specific sequence. (eg. "is","from","the")

Sunspots!

[tmjva]

Sorry for the late reply. I'm trying to be insightful here. Sunspots and HF propagation run in 11-year cycles and we are in the middle of cycle 23 that started in the year 2000 and ends in 2011. Regardless whether this the original story was a hoax or not, the method described could be a spy agency's "workaround" due to bad HF propagation this year!

New station posted today

http://atlanta.craigslist.org/mis/170018379.html

Found it at http://www.homelandstupidity.us/2006/05/31/the-212 -796-0735-mystery/

If this is a joke, someone's going to some serious lengths to make sure nobody gets the punchline...

Third station: Atlanta

They've made another thread for it here on homelandstupidity.us. I guess that blows the groups-as-area-codes idea out of the water, then...