Slashdot Mirror
FBI Issues Code Cracking Challenge
coondoggie writes to tell us that the FBI has issued another cracking challenge for a new cipher on their site. Tens of thousands responded to a similar challenge last year. In addition to the challenge, the FBI is also offering a few primers on the subject. There are a number of sites offering cipher challenges, but it's funny to see the FBI encouraging such behavior.
Love the article:
Hillarious.
moox. for a new generation.
The winner receives an all expense 1 way trip to the tropical island of Cuba!
or whichever foreign government owns the code that the FBI has just recruited the bright kids on the Internet to crack :-)
Houdini was always searching for better, more clever ways to perform escape acts and illusions. After he would debut a new trick, others would immediately try to emulate the trick. The trick was on them, though, because Houdini would frequently expose their methods (because it was originally his) and prove himself to be the true master magician.
No difference here. Just the FBI gauging the abilities of the community.
The links in the article point to FBI challenges in 2007 and the kids challenge but do not point to the 2008 challenge.
Here is the FBI Cryptanalysis challenge 2008 http://www.fbi.gov/page2/dec08/code_122908.html
Other helpful links for reference
2007 challenge: http://www.fbi.gov/page2/nov07/code112107.html
Kids challenge: http://www.fbi.gov/kids/k5th/jobs9.htm
Hm. Hidden message.
Dear citizens: Please inform us if you have the talents necessary to be suspects in criminal cyber-cracking cases. That is all. Love, The FBI
Except for video games and aliens, it'll be a bunch of crypto guys battling it out with Matlab.
It's interesting to note that all of the participants in the challenge last year got an all expenses paid vacation to an undisclosed location. I guess it was a really cool vacation since none of them returned home.
The company offered over $10,000.00 for not only hacking and cracking their server, but showing the company how they did it.
If memory serves (and it sometimes does not) they paid out the first and second years of the challenge, but in year three no one successfully broke into their web server environment.
I believed they kept eliminating modules that had holes and were not needing and closing holes in modules that were needed.
Based on what I read, they were able to 100% successfully secure their web servers from attacks only because they were using Linux as the OS.
I remembered comparing their results with others attempts with other operating systems and really wanting to learn Linux.
Now that I am using Unix and Linux and have a better understanding of what they were doing I can see the simple genius in such challenges.
Whether just for security or for scouting talent, whatever their reasons, its money well spent when they offer cash prizes to the few that are successful!
Is your Internet Throttled? Install DD-Wrt, OpenWRT or Tomato to learn the truth! Google: 1Gbps/1Gbps: 5 Communities
Well, actually, I think it's supposed to be
My blog
It was not, shall we say, stupendously hard. A little common sense and some patience was all it took. I expected that I'd be looking at something a little tougher than I used as clues in the scavenger hunt at my 10th birthday party.
The CB App. What's your 20?
Oh, come on. This is from an organization that cut funding for terrorism just before 9/11 to add resources to software piracy. Do you really think if they had the brains do do cryptanalysis they'd...
oh wait.
I suppose they are looking for brains, huh.
#fuckbeta #iamslashdot #dicemustdie
Interesting that FBI uses plone as their CMS and not Wordpress and they have IE compatibility CSS code like the rest of the planet.
Clue: Is there a reason why they have the crypto code displayed as a flash file and not a simple png or jpeg file?
Bleh. Its just a simple substitution cipher. They didn't even change the grouping of the letters. Took me about 5 minutes to figure it out.
"Be sure to drink your ovaltine"
What the hell does that mean?
I have decrypted. Answer is: U R under Arrest.
damn!
And the winners get all expenses incurred DMCA prosecutions!
With reasonable men I will reason; with humane men I will plead; but to tyrants I will give no quarter. -- William Lloyd
There were some dead give-away cribs.
Spoiler below...
sed -e s/H/b/g -e s/D/e/g -e s/A/f/g -e s/M/g/g -e s/B/i/g -e s/S/o/g -e s/K/v/g -e s/Y/w/g -e s/V/s/g -e s/F/t/g -e s/W/u/g -e s/T/p/g -e s/L/n/g -e s/C/d/g -e s/G/y/g -e s/N/c/g -e s/I/r/g -e s/J/a/g -e s/E/l/g -e s/Q/k/g -e s/O/h/g -e s/Z/m/g fbi.txt
Wow. Cryptograms in the newspaper are harder than that.
stupendous. we
congratulate you on
cracking this latest
encryption. visit
www.fbi.gov/coded.htm
to let us know of
your success.
Why embed the text in a flash object? code... I would of given this a shot if I could of relied on some normalized text, but no... that would make sense. Sense and gov't obviously don't belong in the same room. Yea... I am a little disappointed.
what it should be:
coondoggie writes to tell us that the FBI has issued another cracking challenge for a new cipher on their site. Tens of thousands responded to a similar challenge last year. In addition to the challenge the FBI is also offering a few primers on the subject. There are a number of sites offering cipher challenges, just funny to see the FBI encouraging 4J58I4JTK5NRO4844/4534852WDVJRIN67/368RB8XC0GJFNFXVXCVJVXV8R/GE8F/RETWQ8ER8WRHQ98CVUXHE8V09E8Q/WRWE8Q7T-E8THQEW/CHICKEN438R8SDFUEFNX7/4UDFJD7FH47FHEFT28FHEW6DFT
Those of us who think they know everything annoy those of us who do.
There are automated ones out there that solve this in under a second, but if you want to figure it out yourself try this page:
http://www.esg.montana.edu/meg/consbio/cryptogram/crypto.html
Here's the puzzle text to copy:
VFWTDLCSWV. YD NSLMIJFWEJFD GSW SL NIJNQBLM FOBV EJFDVF DLNIGTFBSL.
KBVBF YYY.AHB.MSK/NSCDC.OFZ FS EDF WV QLSY SA GSWI VWNNDVV.
Congratulations, you did it! Thanks for participating, and happy holidays.
Matlab?
I use APL, you insensitive clod. Much, much more fun for code cracking/number crunching!
Couldn't stand the weather
The links may be a cryptic clue...
sudo mount --milk --sugar
What ever you do, DO NOT let the FBI congradulate you on your success.
Trying to install linux on my microwave, but keep getting a kernel panic...
When you win one of these contests, you may discover that your garbage is regularly replaced with phony garbage.
Table-ized A.I.
I did not know NSA had the monopoly in organizing code cracking contests in the US. May be they should sue the FBI asking for compensation. A cease and desist letter should be even more fun.
Took me longer to find a pencil than to crack the damn code. Now on to much more interesting things, like watching my three year old arrange the perfect train crash under a footstool.
You can get 15 minutes of fame, but you can go down in history for infamy.
V'q yvxr gb gnxr guvf bccbeghavgl gb fnl "Uryyb!" gb nyy zl snaf va qbzrfgvp fheirvyynapr.
This post expresses my opinion, not that of my employer. And yes, IAAL.
It's a pretty simple substitution cipher, and the obvious web address in the code makes it even simpler. A simple bit of guess work and you get the result:
"stupendous. we congratulate you on cracking this latest encryption. visit www.fbi.gov/coded.htm to let us know of your success"
The lookup table for the substitution is:
A : f; C : d; B : i; E : l; D : e; G : y; F : t; I : r; H : b; K : v; J : a; M : g; L : n; O : h; N : c; Q : k; S : o; T : p; W : u; V : s; Y : w; Z : m;
Heh, can't figure this one out on your own?
You don't help them violate your privacy.
You can lead a man with reason but you can't make him think.
I was expecting something more than just a "good job" message at the designated URL. I guess it's the journey, not the destination. for those of you out there, use the URL to get you started.
Can get it... the messages is the one to the right not the rambling to the left
Was the the only person who started this by guessing YYY.AHB.MSK was www.fbi.gov? Seems like including a fully formatted URL is a bad idea...
"Dictator Flakes. They WILL be delicious."
Nope, that was an easy place to start. :)
Having just taken a masters level algorithms class and doing Substitution, Vigenere and Affine ciphers I'm surprised they'd put up something so easy. :)
...I've gotten rusty over the years, shaddup!
I was hoping for more of a challenge, sheesh.
Then again, it was a somewhat enjoyable coffee break distraction.
Did you know that "FTW" ("for the win") is a direct translation of "Sieg Heil"?
THIS THE HULK
Hi Hulk, I didn't know you were online!
All misspellings and grammatical errors in the above post are intentional and part of my artistic expression.
Yes, rather strange...
I hope they don't guard any sensitive data with encryption that easy
I've solved it and posted the answer for y'all. Check it out here: http://c0nn0r.info/blog/2008/12/29/i-pwned-the-fbi-cyphertext-challenge-in-about-45-minutes-using-a-pen-and-paper/
So who's smarter? Dogbert or Brian
My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
Sting operation. Everyone who participates is subject to arrest. Enjoy, kiddies! :-D
Zooperman
So you're the first to open Elaine Roberts' mind!
If I were her, I'd pester mommy everyday: "Mommy, mommy, marry this man!"
call your mom on the phone and tell it to her. You'll hear from the FBI 15 minutes later if you found the correct answer.
--
Stay tuned for some shock and awe coming right up after this messages!
He told me they retired him quietly in his 30's with a big fat pensions ...
I think he'd probably written "The Art of Cryptology" during his employment days, in addition to the volumes of work he'd personally done.
... he has been doing nothing and growing peaches ever since. And when he says it his eyes twinkle.
He may have secrets in the peaches. Analyze their DNA and see if there's any coded messages inside.
HULK ONLINE TIL HULK SMASH MODEM!
lameness filter workaround.lameness filter workaround.lameness filter workaround.
This is the sig that says NI (again)
Why isn't it NSCDC.OFR rather than .OFZ?
It also seems odd that the Y=W instead of X=W.
So I tried coded.htx and .htz but no page found, I guess they just silently log how cool you are.
Of course my computations may be off. I think I started drinking a little too early this morning.
"it's funny to see the FBI encouraging such behavior"
Probably best categorized under "know your enemy"...
The FBi issues a code to be cracked with the simplicity of a 3 on a scale of 1 to 100 in terms of advanced technologies used in current cryptography. HAha - / they aren't looking for the 99% of society that can figure out the simple sub ciPher. Food for thought: With present technology in cryptography pushing the upper maxim of what we as a species are capable of understanding (in terms of entropy of data with a key) - lets just say someone went another direction. Intelligent "believable" misinformation is more powerful than anything else that could be devised in the world of intelligence. What would be the impact in the world of hidden secrets if an algorithm could encrypt a paragraph of data into an output resembling a ciphered textual paragraph instead of just random letters? Example 1: Paragraph A is encrypted .. instead of yielding random chaotic letters it yields a paragraph of of completely different content/context. How? Take 100 characters - First, these aren't words but 8 bit vectors of data. How do you you transpose 100 8 bit vectors into 100 other 8 bit vectors - the answer: very carefully and with a map along the way of course (the key). Yes it's 100% possible.
Example 2:
Take it a step further and instead of encrypting into another paragraph. Yield a paragraph that is ciphered with a determined amount of complexity.
What would be the advantage of having a barely breakable code, yield a cipher that wasn't just mono-interpretive? Pretty powerful.
The trojan horse of modern crypto-design? or just the fbi spending time putting up a code that I could break when i was 5?
"coondoggie writes to tell us that the FBI has issued another cracking challenge for a new cipher on their site. Tens of thousands responded to a similar challenge last year. In addition to the challenge, the FBI is also offering a few primers on the subject. There are a number of sites offering cipher challenges, but it's funny to see the FBI encouraging such behavior."
-.....so they can know who to declare a threat to national security and round up. What's next? Lawrence Livermore and Sandia having a contest on who can develop the next generation of explosives?
Knowing Google's lust for data collection, the Soviet Union is still alive and well inside the psyche of Sergey Brin....
"University of South Hampton", nope I can't figure out where that is!
"Don't belong. Never join. Think for yourself. Peace." V.Stone, Microsoft Corporation
its simple really, and kills several birds with one stone. They are concerned with the 'hackers' who keep cracking this stuff, MAFIAA is annoyed that people keep cracking their often laughable security / encyption (who remembers the magic marker solution). Mafiaa pays them to host the challenge, and 'protects' some material with the very thing being 'cracked' in the challenge.
Then clearly they round up all the winners, let the DMCA circumvention suits fly, and add them to watch lists all at the same time. we'll just ignore the whole entrapment thing and laugh ok?
Brilliant.
1. host 'contest'
2. let net hackers do your work.. I mean crack the code for you
3. ???
4. profit
again just a joke
"Jazz isn't dead, it just smells funny" ~Frank Zappa
EdelFactor
The idea is to generate interest in the subject :D
While it took all of a few minutes to 'solve'
manually, it merely shows folks that their interests
in puzzle solving can actually be of some use in
the field of crypto.
A more interesting use would be to put currently
unbroken ciphers in use by ( insert organization
here ) and see if the online community can break
them. Why settle of X number of employees when
you have have Y^Z folks doing it for free (fun) ?
"operation Meaty Sandwitch is all go!"
This contest is nothing more than a fishing expedition to see those who are smart enough to break codes and brazen and stupid enough to have the testicular resources to demonstrate the same in public.
File under the heading "Let every flower bloom".
Submission as evidence constitutes plaintiff and/or prosecutorial misconduct.
President Jeb Bush (Get used to it.) becasue they cannot trust anyone else.
http://uk.youtube.com/watch?v=KF3Ry-xcXAg
RR
Maybe this is like those stings where the police dupe some idiot criminals to show up somewhere under the guise of getting some free stuff, then slap the cuffs on 'em. Are they logging the IP of people who go to that website which in turn is compared against a list of people they want to talk to? Why else would they do something like this?