For almost two months, someone has been sending secret messages by a rather unusual method: setting up Voice over IP telephone numbers which, when called, play back a recording of long strings of numbers. The recordings evoke memories of shortwave numbers stations, which have been used for decades by intelligence agencies to communicate with agents under deep cover.
On Monday, a fourth such telephone number and message appeared.
Like the three before it, and the fake message posted by Mike Castleman of the Off The Hook hacker radio show, it started with a message addressed to “Mein Fraulein” posted on Craigslist. The fourth message was posted to Little Rock (Ark.) Missed Connections, and reads:
For Mein Fraulein
Mein Fraulein,
Do not become disillusioned; you are more popular than you imagine. Call me.
501 //// 588 //// 1015
When called, the VoIP numbers station again plays a few bars of A-Ha’s Little Black Heart, then reads the following sequence of numbers:
Group 205
00107 90200 79001 00900 90800
03027 01406 90790 03083 01102
40220 12085 00106 50170 25006
01907 90210 67082 08600 30270
15000 02408 30670 10010 02900
60770 08004 00902 30160 00078
06506 50290 04078 01302 90190
24014 00000 00240 95010 08208
70880 31000 02207 90130 01020
06601 80040 03006 07602 00000
07014 08402 60170 81
As with the rest, I’ve made a recording of the latest station available. Some preliminary cryptanalysis is available as well.
The latest telephone number is registered to Level 3 Communications, which provides wholesale telecommunications services, including VoIP. The service retailer is unknown.
This latest message is sure to help the amateur cryptanalysts still busy working on the other three messages. (212-796-0735, 415-704-0402, 678-248-2352)
To date, no one has provided a solution to the messages, nor any good guesses as to who might be sending them or why. I personally believe the messages can be solved; they don’t seem to exhibit enough randomness to be a modern cipher. What do you think is going on?
(No Ratings Yet)
Loading ...
Tropical WeatherLast week, in the wake of another uptick in the official unemployment rate, the administration continued to claim that their economic policies were working, just not fast enough. Not only does the administration have a funny way of ending a war, but now they claim their economic policies are successful. For whom, I wonder?
Gardner Goldsmith teams up with Brett Veinotte, of the excellent School Sucks Project and the School Sucks podcast. Gard and Brett discuss the impetus of the series and project, and why public education must be stopped.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works license.
Video published by this site is licensed under a Creative Commons Sampling+ license.
Facebook
Digg
del.icio.us
reddit.com
Newsvine
Deezy
Jul 03, 2006
hm another one and look was the msg was, Im starting to think this some sort of joke or promotion
“Mein Fraulein,
Do not become disillusioned; you are more popular than you imagine. Call me.”
someone is having a big joke at the internet’s expense
Michael Hampton
Jul 03, 2006
If that is so, then the joke is at my expense. The rest of you are just along for the ride. :)
SKYWALKER107
Jul 03, 2006
I agree. They all end with 007 at the end which seems to me like enough information right there to tell us that they are crackable. But how and who. if you combine all the messages the frequency distribution seems to fill in a little but you still have that large gap in the middle of the numbers that seems to be unexplained.
SKYWALKER107
Jul 03, 2006
Something about that message intrigues me. It’s as if the person is actually talking to us. “Hey stupid don’t quit you almost have it figured out, Where watching you”. Anyone else get that feeling from it?
CodeAc
Jul 03, 2006
I’m wondering where whos initially reporting these stations. it seems like a long time has passed between the last one (not counting the 2600 contest and this one. I’m just wondering is the same person initially reporting these numbers if so I would venture to guess thats our messanger.
ipdb (aka m3)
Jul 03, 2006
I’ll say this much… you will NEVER find “013 000″ in these messages. ;)
CodeAc
Jul 03, 2006
Another Thing thats interesting about this particular message is its still up on Craigs List and the number is still active.. (as of 07/03/06 6:15pm) remember how the first 3 messages were yanked off of craigs list almost immediatly after people started talking about them. and the phone number went dead just about as fast. I’m wondering if this one is just a prank or the feds already decyphered this thing and dismissed it as some harmless geek fun.
Michael Hampton
Jul 03, 2006
CodeAc, you aren’t making any sense. The person who “initially reported the numbers” was the person who posted them on Craigslist, by posting them on Craigslist in the first place! Nothing further is needed. Especially not when you’re like me and wrote a script which e-mails you whenever anybody posts “Mein Fraulein” on Craigslist… :)
Fortyseven
Jul 03, 2006
When did we learn that the music clip was from that song? I missed that. For what it’s worth, it seems to kick in at 2:34, or 154 seconds into the song. At least, with the copy that I, er, found. Anyways, I wonder if that’s a clue to it’s decryption?
No one
Jul 03, 2006
@CodeAc: Actually, the phone numbers themselves lasted awhile, although they were often busy. Eventually, the pre-paid VoIP account ran out of money.
As for why this message is still up on Craigslist, I offer this explaination: Everyone at Craigslist is off for the 4th of July holiday instead of sitting behind a computer, trying to stop a prankster from posting messages.
smc u.k.
Jul 04, 2006
@47: Actually, I’m more convinced the music in question is merely a clue to the personality of the group behind these messages. It’s a rather odd choice of song, not something you really pick at random. And the words to that song, I find very ominous.
As for “don’t get disheartened you’re more popular than you think”, that could mean anything. In my theory it could be a message to a terrorist or extremist group, perhaps one of the members is getting disillusioned.
I still think the lyrics could apply to a terrorist/extremist/illegal group, which sees itself in the “good guys” role, disliked by all around it, “surrounded by darkness”, fighting for “light”, but “things are getting better”.
Of course I’m probably wrong but that’s as valid a theory as any other I’ve seen..
CodeAc
Jul 04, 2006
Yeah, I can see it now. Osama’s next video tape being realeased with him singing “Little Black Heart” in Arabic. LOL
Jul 04, 2006
The Flowing of the Dao » Craigslist Spies
smc u.k.
Jul 04, 2006
Okay CodeAc, so the song is completley meaningless, and the codes are uncrackable (certainly, nobody seems to be making any progress). So why are we still here? Forgive me for thinking it’s worth pursueing the other elements of this puzzle but no, you’re right, only the blinking numbers mean anything, and since we can’t crack them, let’s stop wasting any more time on this subject.
MooglyGuy
Jul 04, 2006
Wow, smc, and I thought us Americans were paranoid about terrorists these days. I find it hilarious that you’re freaking out over the implication that it could be anything -but- terrorism so much so that you throw a bleeding verbal temper tantrum. What’s your problem?
Michael Hampton
Jul 04, 2006
Arguing over what’s what isn’t going to do anyone any good.
If you’ve got a good theory, go pursue it and see where it leads. But don’t be surprised if people are skeptical, if you haven’t pursued it at all.
smc u.k.
Jul 04, 2006
I don’t like being ridiculed/having scorn poured on a good faith suggestion that is, at least, as credible a line of enquiry as the attempts at ‘cryptoanalysis’ which has, as yet, yielded nothing. It is probably a OTP in which case all this effort is a waste of time. In any case, we have no idea what method is being used to encode these messages and very little raw data to go on, certainly not enough to achieve anything meaningful. And hey, if you don’t like that opinion, there it is anyway.
I don’t think the choice of music is random but clearly people think the choice of music is completely meaningless and not even worth thinking about, despite the peculiar lyrics and the obscurity of the song itself.
I, however, believe cryptanalysis is a waste of time and will yield nothing.
Perhaps we can agree to disagree and you guys can speculate away on thousands of different encoding ideas that lead nowhere whereas we’ll just complete ignore my suggestion we consider other possibilities.
smc u.k.
Jul 04, 2006
Looks guys, I’m sorry. I had an idea for a line of enquiry which I thought was worth pursuing, I really don’t think the cryptanalysis will get anywhere (sorry). The fact is folks, I am NO cryptographer, so if ‘out of the box’ ideas are not helpful to you, then I’m no use to you at all, and I’d kinda like to help. So that’s what I was trying to do, okay?
The response I got was dismissive and scornful and I got upset by that. Perhaps I should have just shrugged my shoulders and gone quietly into the night, but I was hoping SOMEONE would see where I was coming from and throw me a few ideas.
Since that’s not happened I think I will bid you adiou and wish you good luck. I’d like to see this cracked but genuinely think cryptanalysis is a waste of time. If cryptanalysis is the only line of enquiry we’re interested in here, I cannot contribute. So, good luck, and goodbye, cos I’m no use to you at all…
Fortyseven
Jul 04, 2006
Assuming it’s what it appears to be, anything in the message is a potential clue. There aren’t really any bad ideas when it comes to solving a puzzle like this. It entirely depends on the ingenuity of the creator of the message. For instance, perhaps the song merely points to the band name, “AHA” — maybe the EBCDIC (for a twist!) representation of those letters forms part of the key to decode it.
And so on. (Of course, you can drive yourself completely nuts going ever deeper down the hole.)
If the odd ideas are split up amongst the willing, and track is kept of who does what, as to avoid redundancy, you never know. We might get lucky. Has anyone setup a central wiki or something working on this?
Michael Hampton
Jul 04, 2006
I don’t mind any line of inquiry you’d like to pursue. As long as you actually do either pursue it or leave alone the people who are pursuing it. With an unknown like this, all ideas should be welcome, even if they don’t pan out. But be prepared to investigate your idea, as well.
As for wiki space, you can do that on the wiki if you want. :)
smc u.k.
Jul 05, 2006
Hi folks. I think the choice of sung, TBH, has nothing to do with the decryption. It is just like the traditional shortwave ’station identifiers’ used to identify that an agent is tuned into the correct number station frequency. But I think the choice was significant to whoever picked it. The ‘Lincolnshire Poacher’ number stations plays the LP folk tune, and the station was sourced as being an RAF (British) Base on Cyprus. Lincolnshire is home to a few RAF bases, we often have flyovers of military aircraft etc.
I am working on a few ideas outside the ‘crack the code’ line of attack, so far no progress. The sort of things that would be interesting – IP address of the poster, who paid for the VOIP services/which credit card was used and who it belongs to etc – are the kinds of things only the NSA/CIA/FBI would be able to get their hands on. If they’re investigating this they are probably therefore much further along.
Has anyone tried emailing the anonymous address attached to these Craigslist postings? If they are posting these messages publicly it could be they are teasing us, and might welcome the chance to tease us further by responding to questions about it. (Though I doubt they’d reply somehow). Was there any response from Craig about releasing non-sensitive information about all this?
Vageli
Jul 05, 2006
I emailed the address given and will tell you guys if they reply. By the way, I just want to say that I have experience in the cryptographic field and would like to point out that, due to the random distribution of numbers in the message, there are three possibilities: 1) the messages are encrypted with a one-time pad making decryption impossible without the pad (http://en.wikipedia.org/wiki/One_time_pad); 2) the message is not in English (causing it to not conform to standard letter frequency tables); and 3) the message is nonsense and is, as some have suggested, a prank.
Just my $.02
Michael R
Jul 05, 2006
Sorry Vageli, I can’t agree that the distribution of the numbers is random – look at how often 0 and 79 occur, for example. Nearly all of the numbers are in the ranges 0-31 and 64-95.
Fortyseven
Jul 05, 2006
That’s the sort of thing that should get tossed onto the wiki, I think.
eri
Jul 05, 2006
Has anyone calculated the total distributions of the letters?
What approaches have people tried? We need to get organized a bit more.
Orion_
Jul 05, 2006
Fortyseven > Good analysis !
seeing the overall graph, I would suggest that if a value is below 65 then add 65, since 65 is the ascii number for the letter ‘A’.
eri
Jul 05, 2006
What are some possible number systems that use 100-125 that are not ascii?
Vageli
Jul 05, 2006
Michael R, when I said the distribution of numbers was random, I meant that it didn’t entirely correspond with the distribution of letters in the English language. Take into account the positions of the oft repeated numbers 0 and 79; they don’t necessarily correspond to frequently occuring letters in the English language. Might I also add that, if this were encrypted with a one time pad, an analysis of the frequency distribution would prove meaningless.
SKYWALKER107
Jul 05, 2006
HEY IPDB,
You gonna add this 4th group to your webpage?
and what is the “013 000″ about?
buff daddy
Jul 05, 2006
I have previously presented SIMILAR ideas that are featured within some of smk u.k.’s comments as well, with one exception… At least to ME, it’s quite obvious that the author of these messages fits the profile of “The Misunderstood Arrogant Hacker” almost perfectly; and it’s also possible that the fit is almost TOO perfect as well.
From a psychological perspective, every single person alive today, from the extremely normal to the extremely insane, have one thing in common; They are all bound by the Laws of Human Nature. In this case, I’m specifically referring to the “law” that makes us incapable of “truly random thought” which means, in layman’s terms, that every minute detail of what we say and/or do is specifically thought out as the precursor for being chosen; The resulting outcome of those words and actions is the polar opposite in that they can never be “truly predicted”.
What does this all mean within the scope of this topic? The choice of music, the choice to be “cryptic”, the choice of numbers, the choice of using a pre-paid IP Phone Number as the incubation medium, etc., is INTENTIONAL and it was WELL THOUGH OUT BEFORE the first message ever appeared on the internet. This latest message provides overwhelming proof (“…you are more popular than you imagine…”) that they didn’t predict this current result when they started out. What’s most alarming, though, is the first half of that sentence (“…Do not become disillusioned…”), which implies that the intended recipients might have been scared off by all the attention the previous messages have been getting. And lastly, the tone of all of the messages is one of arrogance and superiority based on how the one-line messages almost seem to be answering anyone who’s been trying to crack the codes.
All I’m saying is that while I’m not a cryptographer, I wouldn’t be surprised if the author of these messages was arrogant enough to make the answer as clear as day and right in front of our noses. I have my suspisions as to what those numbers actually represent, and it’s not something I’m going to reveal publically regardless of whether I’m right or wrong; The only “hint” I’ll give is that the phone numbers and/or the location given is VERY relevant to the message; and it’s NOT a clue for guessing about the next message, but rather what’s located in those cities that are relevant to those strings of numbers.
eri
Jul 05, 2006
Ok.. so anyone have gps coord’s, weather information, scports scores, adresses, anything on these cities? There are no valid phone numbers in teh first message, I tried :-) I think this is crackable.
buff daddy
Jul 05, 2006
Oh, one more thing… If my above theory is valid, then don’t be surprised if the person behind this whole thing has visited this site quite often, and depending on the level of arrogance, they might have even posted a comment(s) of their own!
buff daddy
Jul 05, 2006
For smc u.k….
Have you looked into what I believe makes some of these VoIP ISP’s a little “interesting” (i.e., press releases, etc.)? Do the lyrics in the song relate in anyway to what I’ve just posted? And lastly, taking those three things into consideration, what could those numbers possibly represent?
Fortyseven
Jul 05, 2006
I fleshed out the wiki page for this. Fix and enhance as necessary. ;D
CodeAc
Jul 05, 2006
Very insightful Buff. Almost too insightful.
I wonder how much you truly know about these messages.
hmmmmmm
SKYWALKER107
Jul 05, 2006
buff daddy,
Why the secrecy behind your theory? Is the message within that bad that you don’t want to be associated with it? Did you already crack it? Please share everything you know for the sake of solving this.
Skywalker107
eri
Jul 05, 2006
Buff, if you think it is a plot, then you should tell what you know to the community here and the fbi. If you think it is harmless, then just spill it. Funny though, i tought the message sounded like it was telling us not to give up.
SKYWALKER107
Jul 05, 2006
I just looked at all 4 telecoms press releases for the last month and didn’t see anything common among them. Did i miss something. i believe pacwest and level3 both announced enhanced 911 services but otherwise there were no other commonalities.
buff daddy
Jul 05, 2006
Geez… What have I gotten myself into?!?! :(
I guess a need to do a little “damage control”, huh?
No, I do NOT know what it is any way you put it (I haven’t cracked it, I didn’t write it, I do NOT know WHAT it means, etc.), I am NOT going to embarrass myself by presenting this to the FBI or any other government agency (I mean, if they actual do visit this site then I’m sure they would have contacted me already if my comments were that enlightening! And I’m now hoping and praying they aren’t!), and while I will humbly admit that I am above-average in mathmatics, I spent less than 10 minutes on “number crunching” and have NO IDEA if I actually had results or not! Now, in direct response to SKYWALKER107, I have NO IDEA if I’m right or wrong, but all I can say is that if this is still Public Domain and I’m actually right, then these messages are the LEAST of our problems! Now, based on those facts, I’m sure that I’m wrong about what it could be SPECIFICALLY, and revealing it would reflect what’s most important… If somebody else is willing to use my ideas and/or theories as a map to the correct path that will lead to the solution, then that’s the perfect Win-Win situation for everyone.
Just consider me a person who’ll never learn that I’m too smart for my own good; but it would be even better if I’m considered a stupid idiot instead…
buff daddy
Jul 05, 2006
Ooops….
This:
“and revealing it would reflect what’s most important…”
Should Be:
“and revealing it would negatively reflect on what’s most important…”
eri
Jul 05, 2006
Or you could email me what you are thinking, and if it checks out I will post it and take whatever steps are neccessary. I am not afraid of attention or doing what is right. Also, noone would have to know you did it. erithid@gmail.com
I dont see anything interesting in the press releases.
SKYWALKER107
Jul 05, 2006
skywalker107@socug.com me too
Michael Hampton
Jul 05, 2006
Or leave a message on my (fairly) secure voicemail at 301-358-5500. Or contact me. You’ll find my PGP public key on most of the well-known keyservers. :)
buff daddy
Jul 05, 2006
I might do just that, SKYWALKER107 and eri… To use “The Da Vinci Code” as a reference, just keep in mind that at the end of the day, it’s simply my theories and ideas no matter how true they may or may not be! I’m not claiming to know the secrets of the “Holy Grail” nor am I claiming to know IF there really IS a “Holy Grail” or not. I’m just saying it’s POSSIBLE! :)
Give me a little while and I’ll send it off to you both…
Sander
Jul 05, 2006
I was thinking, with all this news about the North Korean missile tests… Can the message come from North Korea?
I mean, the first message is from May 8th, and the first reports about the Taepodong-2 test are from May 18th. This last message is from July 3rd, and the actual missile test was on July 4th. Now I suppose there’s an explanation for everything, but this could make sense.
All agencies worldwide are on top of North Korea. So if they put up a shortwave numbers-station, that would attract way too much attention from the NSA. It would be brilliant to operate a numbers station from outside North Korea, and the way they do it makes sense too: They use a website (Craigslist) that’s open for everyone, instead of direct communication. This way more North Korean agents/diplomats/ambassadors can receive the message. That would also explain the high amount of credit on the numbers.
Now they could use it to trigger terror cells worldwide (North Korean generals have warned about such stuff on multiple occasions) now retaliations from the US or Japan are imminent. Or they warm ambassadors to destroy any documents or communication logs, just as Japan did before the Pearl Harbour attack.
Call me paranoia, but I think that the background of the creator of these messages is the key to deciphering the codes.
Btw, Michael: in the Cryptanalysis-thread, you said that various military intelligence agencies visited here and got the messages as well. Did they came back regularly to “check†on our progress? And what about this last message?
DasKreestof
Jul 05, 2006
Vageli has repeated something I stated on a previous thread, and it’s a reasonable possibility. It’s possible that the code points to letters in the Cyrillic alphabet. The message could be in Greek, or Dutch, or one of the many alphabets that don’t have 26 letters.
It’s possible that both the sender and the receiver are both bilingual.
buff daddy
Jul 05, 2006
Well, I sent the three of you the same email, so if you didn’t get it, let me know. If you did, then take it for what it’s worth! :)
No one
Jul 05, 2006
@Sander: Actually, virtually no intelligence agencies are truly on top of North Korea. The country is an intelligence vacuum beyond satellite photos. No agency has assets on the ground, which is one of the reasons North Korea is so feared. And Iran itself is virtual a communication vacuum: Beyond a very, very small section of the population (Government and aid groups mostly), there is no communication in or out of the country. For those who do have Internet access, it’s done by satellite, which is far more easy to monitor for the NSA than shortwave.
Second, I believe it was Iran who threaten to unleash terrorism upon the U.S., not North Korea. If I remember correctly, Iran sponsors five different terrorist groups.
Finally, people thinking this isn’t a hacker (I’m using the M.I.T. definition, not the malicious kind) isn’t looking at the reasons why shortwave was setup in the first. The whole point was to not know who or where the message being sent out is being receieved. Doing it over the Internet completely destroys that, which means you might as well be using encrypted e-mail.
No one
Jul 05, 2006
@buff daddy: Seems you made the assumption that all of these have been posted by the same person. The only message we know is “real” is the first one. All others could be copy cats.
Michael Hampton
Jul 05, 2006
Hm, I didn’t get any e-mail. All the mail that’s come in the last couple of hours was thrown away by SpamAssassin due to being, well, complete spam, or was from other people I know.
Did you take the nospam out of the address? If you didn’t, it’ll go nowhere. :)
buff daddy
Jul 05, 2006
Nope, but I’ll do it now! And I call myself an IT Consulting EXPERT! :)
buff daddy
Jul 05, 2006
No one: Actually, I have done no such thing. How about this… The easiest way to determine authenticity is in each messages “symmetry”. Subconsciencely, on a specific level, a human being MUST conform to his own unique “psychological signature” in everything that s/he does, and on a general level, EVERYTHING we do is in a symmetrical (or “balanced”) fashion which is essentially the “art of a con-artist”.
Consider this… If you are married and I asked your mother/father/sister/brother/etc to pick out the one-page short story that YOU wrote among 99 other possibilities, do you honestly want me to believe that they’ll choose the wrong one? Same concept here… I haven’t even listened to the voice messages yet and I’ll STILL bet that the music in all of the “valid” messages have similar starting and ending points to them that the best con-artists would admit they couldn’t duplicate it exactly. THAT is just one reason why the music is so important. I don’t want to start getting into a “history lesson” here, so I’d reccommend using wikipedia.com for more information regarding the general concepts behind “symmetry” and “human behaviorism” to decipher my comment. And TRUST ME when I say that I’m not trying to be an ass about it… TOO MANY people have enlightened me to the fact that while I MIGHT be under the impression that my words are crystal clear, they’re anything but! :)
buff daddy
Jul 05, 2006
Crap… Now I remember why I don’t re-read my own comments! I can’t understand them myself!
Let me clear it up a tad regarding symmetry…
The best con-artists in the world are the ones who come CLOSEST to duplicating somebody else’s publically accepted “symmetry”. They’re basically a “copy-cat” that perfects somebody’s “obvious” traits AND ALSO gets as close as possible in duplicating somebody’s “not so obvious” traits. Take the art of Painting Forgeries… The best of the best were caught NOT because of something obvious, but because of something NOT so obvious. Take Tom Keating for example… It wasn’t anything about an actual PAINTING that was his undoing; rather, it was a similar THEME amongst 13 paintings that instigated him to confess what he’d done 2,000 other times through the years. It’s a human’s requirement for symmetry that leads to their undoing.
So, if you want a simple yet flawed way of validating the authenticity of someone’s work against a possible fraud, you need only look at the symmetry of the work to prove it! :)
No one
Jul 05, 2006
@buff daddy: What you say would be valid in a non-digital world. But this is a digital world. I can copy and paste, say, the music from the first message into my own. It would have perfect “symmetry” as it was the original. Similar statements could be made for the body of the messages.
Michael Hampton
Jul 05, 2006
This is not a new concept.
NSA intercept operators who listened to Morse code transmissions could uniquely identify the telegraph operator by their “fist,” or the unique signature of how the operator sent the messages.
Presumably, any act of human creation bears such a signature.
Michael Hampton
Jul 05, 2006
No one, several people were able to spot the Off the Hook contest message as a fake because it was a massively spliced copy. This sort of thing happens when you convert analog to digital and vice versa.
No one
Jul 05, 2006
The goal of the Off The Hook message wasn’t to fool us into thinking it was a real message, but instead to actually encode data. It was also a rush job. Were they more careful, they could easily have fooled us.
Watchdog Milwaukee
Jul 06, 2006
Damn, if only I still had my Little Orphan Annie decoder ring from Ovaltine.
CodeAc
Jul 06, 2006
Thinking about Buff Daddys comments earlier I’ve been trying to find something that the 4 states that had messages appear in have in common. (I haven’t found anything groundbreaking yet.
I was wondering if the number of when the state was signed into the union is a clue.
1 – NY (11th)
2 – CA (31rd)
3 – GA (4th)
4 – AK (25th)
just pulling at straws here. but I’m thinking along the non-Cyptologist view
also Buff if you can send me your thoughts on this i would appretiate it:
CodeAc
Jul 06, 2006
hmmm my link didnt work anyways it
codeac@verizon.net
buff daddy
Jul 06, 2006
I sent it off to you, CodeAc.
smc u.k.
Jul 06, 2006
BuffDaddy, thanks for your posts/thoughts and everyone else’s here, too. I can only speculate, but I do not think the originator of these messages gave a lot of thought into the choice of song, as inofitself it does not tell us much, although I do think it gives us a clue to the personality of the person/people behind the messages.
I like your hacker theory, as I too get the sense of someone with a dark personality “playing games” with us. However, it seems to me that if someone was just doing this to mess around with us, they’d want us to ultiamtely get the message so they can come out and have a laugh about it all afterwards, and so we’d have more ‘clues’ to help us decrypt the message. The message doesn’t feel ‘decryptable’ to me, as despite the patterns that have been found so far, I get the sense the message is either not encoded in an English alphabet, or uses a OTP for the bulk of the message (though maybe not for the linebreaks and signoff etc.)
However, while I get the impression the sender likes toying with us (hence the public nature of the posts etc), I don’t think the sender actually wants us to be able to decrypt the message, as we have nothing to go on to help us achieve that, we have little to go on, and as far as I know, there have been no responses to emails sent to the anonymous address ‘attached’ to the Craiglists posts. I would expect a hacker playing games would reply to emails, albeit in a cryptic fashion.
While I am by no means saying it IS the case here, I would EXPECT terrorist organisations to use encryption for their communications, and might resort to obscure ways in doing it. I’d also expect certain terrorist roups to act in an arrogant, almost gloating fashion; Bin Laden gloated over the failure of the US to prevent 9/11, as an example.
Why would be more satisfying to them then to communicate amongst themselves in a way that attracts great public interest – and be able to gloat that was planned in public and that US intelligence was too foolish to be able to crack it?
The dark lyrics of the song would fit an organisation with a dark agenda; if the song was a more common, popular song I might put it down to random choice, but this song seems to be very individual to the sender.
All theory of course, but isn’t that all we can do?
Where this theory falls down is in that the originator of the message would have to purchase VOIP services and this leaves a credit card trail that can be easily followed. But then again, on what grounds could the NSA/CIA demand a VOIP company turn over such records? Would they bother going to such trouble over a bizarre recording if they had nothing else to indicate something may be afoot? Such a group might be gambling that this message woulld not attract intel. community interest – and may indeed have been surprsied at the level of public interest in these messages!
smc u.k.
Jul 06, 2006
Just to clarify, in my last message where I say the poster probably didn’t give a lot of thought to the song, I meant in the context of his choice being identified and analysed. The song, afterall, doesn’t tell us anything about the poster’s plans or their identity (name of the group). Why would they be concerned if we could identify the song?
But I think we can rule out government spies – almost all governments use shortwave radio for this purpose as they have access to transmitters and it is great for anonymity of the recipient etc, VOIP makes no sense if you have access to shortwave – I think we can rule out viral marketing as this has gone on too long for that to be a realistic possibility IMO, it has lost it’s novelty value by now and the best time to reveal it would have been when interest was at it’s highest – also, let’s face it, interest in this message is a ‘niche’ affair – this hasn’t been covered on TV, radio, or the general web news sites, etc.
They would have been a great advert for HOPE – but that seems unlikely now given 2600’s willingness to make a ‘copycat’ for that purpose which they admitted to, and their strong denial of the previous messages.
If an ordinary citizen wanted to exchange an encrypted message, PGP would make more sense than going to all this trouble – I know that’s what I’d do. So what does that leave?
I can’t eliminate terrorism as a theory, simpyl for the fact I can see a terrorist group wanting NOT to use a laptop in some situations (what if it was confiscated in a raid?) – in which case they’d need an alternative way to send an encrypted message to a ‘field agent’. VOIP is convenient, easy and doesn’t require a great deal of technology on the part of the recipient – access to a relatively anonymous public payphone will do — also pretecting the identity and perhaps exact location of the recipient, in a way an email would not (especially if the person in question was always on the move).
But back to the song, it is obscure and unusual enough I think it is meaningful from the point of view it can tell us something about the personality of the sender, that song has a definate ‘feel’ to it of eeryness – and nothing about this message rules out IMO the ‘terrorist’ origin possibility. If a message is sufficiently encrypted, they would have no fear of the message being listened to by all and sundry – and might suit their vanity and even give them an ego boost/sense of superiority over our (so far) failure to decrypt it.
Again, I am NOT saying this IS the answer – but I would not be surprised if thsi was the answer. I WOULD, however, be surprised if a government, marketing agency, or a hacker group like 2600 or general prankster is behind this.
eri
Jul 06, 2006
Something has been nagging me, if this is encrypted, and its not a one time pad, and its not any standard form of digital encryption, and its not a simple transposition cypher, and it is most likely not a vignere system, and it is not a checkerboard cypher, and i have no idea if it is an enigma machine, what is left? I was thinking about Buff Daddy’s post, where he mentioned being good at math, and I remmebered something. Galois group encryption methods. Perhpas this is a test of the secureness of the algorithm. I will look into it, since I am somewhat gfamiliar with galois theory, but anyone else who has mroe experience, please post and lets try it. This would make this high tech stuff.
Deezy
Jul 06, 2006
don’t forget Like I said before, this could have been going on for years and 2 months ago was just the first time somebody found it and decided to call the number, I wish somehow we could see archives of craigslist
SKYWALKER107
Jul 06, 2006
Here is the one problem i have and keep coming back to. Why does the character distribution look the way it does.
I think this message is right in from of us. Like everyone says: modern cyphers wouldn’t have this unique type of distribution. We are seeing something here. I think once we figure out the serpeartion in the middle of the numbers we will be able to see the rest of it clearly.
Greenblaz
Jul 06, 2006
This site may help for old Craiglists:
Greenblaz
Jul 06, 2006
Sorry…forgot the link: Archives
SKYWALKER107
Jul 06, 2006
Don’t click on those links that is the wrong site. you want craigslist not craiglist
Deadbeat
Jul 07, 2006
The message:
”
Mein Fraulein,
Do not become disillusioned; you are more popular than you imagine. Call me.
”
sounds to me like the author is hinting at the clue being in “Mein Fraulein.” As in: everyone seems to be looking for clues in all other directions and they have stop looking at you, Mein Fraulein. But Do not become disillusioned; cause Mein Fraulein, you are more popular than you imagine.
>TtJ
erithid
Jul 07, 2006
hmm, did my last post get deleted?
Just in case it was an accident. I was thinking.. What if the message was encoded using genetic data? If the cypher was composed of ACG T, that might explain the missing middle. Any thoughts?
erithid
Jul 07, 2006
oops, nope I posted it on the other page, i get confused cause I click links in my email. Sorry to libel :-) thougth I was onto something, lol
Bunsen
Jul 09, 2006
I’ll post part of what I said on the other page here -
“Nobody uses straight key-less encryption in the real world or the non-software world. Even in the 13th century spies were beyond such a level of tech. Keyless encryption is the stuff of Hopscotch Magazine for Girls. It’s a puzzle in the newspaper funnies. No spy organization is making codes that you can crack without reference code, a reference text, such as the bible code, or a pad or key. The reason why the government can crack codes you can’t? – they have acquired materials from government stings, arrests, intercepted communiques, and in-the-field covert operatives. The reason the government can crack codes you can’t when they don’t have keys? Two words, baby – Cray Supercomputers. You don’t have one.”
I just don’t think the answer is findable to us. The information in the message itself won’t hold information we can use, and the numbers can’t be solved. It’s a safe bet that the phone number itself is assigned and doesn’t figure in.
I really think we’re screwed on this one.
smc u.k.
Jul 09, 2006
Bunsen, I agree with you 100%. It’s attractive, almost alluring, to believe if we try hard enough, we’ll crack this code. But no shortwave spy numbers transmission has ever been broken by anyone other than a government intelligence agency. I don’t think this will be an exception, unless a painfully obvious, almost non-encryption has been used. I don’t think anyone intelligent enough to set up a VOIP line and encode this message would make such a basic, obvious mistake; unless they wanted this to be cracked – and I just don’t get that impression – the messages are too short and too far apart. This is why I feel, if we do want to find out more about this message, it is better to invest our time looking at all the non-encrypted clues and leads we have. Writing to Craig at Craiglist was a good move; emailing the anonymous address behind the message too; whoever at AT&T was trying to get info on this message too. These things might not tell us much, but have more potential than trying to crack a non-crackable code.
Talking of which, has anyone HAD any reply from Craig, AT&T or the sender? I’ve read messages here that all were going to be tried but nothing more yet?
eri
Jul 10, 2006
The feds know who set this up. they will have had craigslist and the voips looking and tagged the info on the people who created them. if it was a terrorist plot, or could be construed to be one, the govt would have this plastered everywhere as an excuse to monitor more. it doesnt have the distro of a one time pad. I am also pretty confident that i can show that it is not using a cypher text to encode the message. i think it is breakable, and i think someone is trying to see if we can. Its a test. either someones bored, or someone is recruiting. its not secure enough for spies and pointless really. I bet someone is trying to find someone to break it and is making sure that the right people see it and try.
CodeAc
Jul 10, 2006
I’m now kinda tittering on the middle of two theorys about this message
on one hand I think its some meaningless prank just to see how much attention that these messages will get. and on the other hand I think its a breakable encrypted message set up by someone who wants to test us. I heard the mention of Google putting on these types of test to look for people to recruit i wonder if this falls along those lines.
CodeAc
Jul 10, 2006
One Other thing thats interesting. This particular message is still on Craigs List. Aside from the 2600 contest the other messages were taken right away. I made this observation before and someone replied that it may be becuase the staff of craigslist was on vacation for the 4th of July holiday. but someone should be there by now monitoring. I’m wondering if the staff of craigslist has been assured that these messages are harmless and they don’t have to take them off when they appear. I know craigslist isn’t always on their a-game when it comes to monitoring so it could be just that.
erithid
Jul 10, 2006
I am still in this, if you are too, lets get back to work :-)
erithid
Jul 10, 2006
I don’t believe that there are barcodes in the message, since I believe just about all barcodes have a checksum, and there is no consistantly placed, or in some messages, any, mod10 checksum.
Possible ph#’s in message:
201 found! NJ 2012085001,
207 found! ME 2079013001, 208 found! ID 2085001065, 210 found! TX 2106708208, 240 found! MD 2402201208,
250 found! BC 2500601907, 260 found! IN 26017081, 270 found! KY 2701406907, 301 found! MD 3011024022,
302 found! DE 3027014069, 306 found! SK 3067010010, 308 found! NE 3083011024, 310 found! CA 3100002207,
401 found! RI 4014000000, 402 found! NE 4022012085, 406 found! MT 4069079003, 407 found! FL 4078013029,
408 found! CA 4083067010, 409 found! TX 4095010082, 500 found! — 5001065017, 501 found! AR 5017025006,
502 found! KY 5029004078, 506 found! NB 5065029004, 600 found! — 6003027015, 601 found! MS 6019079021,
602 found! AZ 6020000007, 607 found! NY 6077008004, 650 found! CA 6501702500, 660 found! MO 6601800400,
670 found! MP 6708208600, 700 found! — 7008004009, 701 found! ND 7014069079, 702 found! NV 7025006019,
708 found! IL 7082086003, 760 found! CA 7602000000, 770 found! GA 7700800400, 780 found! AB 7806506502,
800 found! — 8000302701, 801 found! UT 8013029019, 803 found! SC 8031000022, 806 found! TX 8065065029,
830 found! TX 8301102402, 850 found! FL 8500106501, 860 found! CT 8600302701, 870 found! AR 8708803100,
880 found! — 8803100002, 900 found! — 900100, 901 found! TN 9019024014, 902 found! NS 9020079001,
907 found! AK 9079003083, 908 found! NJ 9080003027,
I also found 94 Possible ssn’s matched by valid prefixes. Anyone know the baisc credit card validation algorithm? it is some checksum deal too I think. also if anyone knows how to check the middle 2 ssn #’s I will add that to my program
erithid
Jul 10, 2006
wait, i might have an idea…
the missing middle, what is missing a middle? A wave! if you plot the points on a time axis, you get a wave. A very conspicuous wave. Now, you 2600 fans will remmeber redbirds mag stripe reader that recorded binary data as a wave on a sound card. Mybe this is similar, noone has mentioned tryiong fsk on it. Basically the frequency shifts denote a switch from 0 to 1. Someone else look at the data and let me know what you think.
erithid
Jul 10, 2006
Here is the graph:
http://erithid.googlepages.com/4thmessage.gif
Reko
Jul 11, 2006
That graph looks interesting. Perhaps it’s some sort of binary encoding? Like one of the encodings used in Ethernet, for example, Manchester encoding maybe.
John
Jul 11, 2006
L3 Communications/Vertex Aerospace 601-856-2274
Servicing secret airbases across the globe.
erithid
Jul 11, 2006
That is what I was thinking. Well, teh binary part. I was thinking frequency shift keying, maybe just a stright binary translation based on peaks. I think this might be a good lead. It explains the distro, the missing middle, the almost impossibility of getting ascii chars by substitution cyphers, the 3 digit groupings, why all the other cyphers failed, I cant think of anythign to goes against the binary idea. ok everyone, go!
MooglyGuy
Jul 12, 2006
If you can’t think of anything that goes against the idea, then it should be really easy for you alone to break it, right? …Right? Oh.
erithid
Jul 12, 2006
way to troll, I appreciate the encouragment..
A Nonny Moose
Jul 12, 2006
Funny: http://orlando.craigslist.org/mis/178214941.html
skeezix
Jul 21, 2006
Has anyone noticed this post on the Ottawa craigslist yet or did I miss the thread?
SKYWALKER107
Jul 21, 2006
I have to be hearing this wrong but this is what i am getting
group 022
01408 200T0 10001 02006 80180 18117 08001 T0270 00014
01000 01000 50690 27078 10004 006T0 9906T 0TT06 70100
17000 07T07 80120 0002T 02200 10720 82017
Notice anything weird
SKYWALKER107
Jul 21, 2006
For Mein Fraulein
——————————————————————————–
Reply to: pers-183835138@craigslist.org
Date: 2006-07-19, 3:02PM EDT
Mein Fraulein,
Do not fear the cold. I have a blanket for you. Call me.
613 //// 686 //// 3106
no — it’s NOT ok to contact this poster with services or other commercial interests
183835138
SKYWALKER107
Jul 21, 2006
Maybe those t’s should be 3’s.
Michael Hampton
Jul 21, 2006
Yes, you missed the thread. But I was late posting it, so that’s okay.
AX7
Jul 23, 2006
has anyone tried using the code with the message to find the meaning instead of just the code?
Jul 26, 2006
SecondAgenda : For Mein Fraulein
Aug 15, 2006
Offbeat News » For Mein Fraulein: You are more popular than you imagine. Call me.
john fisher
Sep 05, 2006
hell-o
have u people googled “project evil” and “mein fraulein”?
i guess not cause the people that caused this shit
already confessed lol
Michael Hampton
Sep 05, 2006
Yes, we all know that, because we paid attention and clicked on the link to the post above.
Fortyseven
Sep 05, 2006
Priceless.