Where We Currently Stand

Code/Storm's Private Messages

We haven't had much success with the ARG lately, as we're still stuck on the Hex Code puzzle.  I recently revealed that Storm had been PMing me directly about the ARG, although his messages revealed little:

"Apologies for the time delay, things have been hell here for the last month or so.

I ran the code through a few programs that analyze entropy via auto-correlation, the n gram results indicate a weak encryption, but one that results in highly entropic data (which I correlated against a similar data set size from a randomness extractor) when decoded via Hex, which I suspect is a secondary encode, as most encrypted data sent via communications is encoded in order to avoid corruption. This may have skewed the block size analysis done previously (resulting in 376bytes or 64bits).


Code:
³+�:5ºÝfW|$ÁOÉCFÑ1§ÅK¸/þà"aWw?$y#Ü!ö,Ô.‘ògµE«Êí¯aQ
Nê‡Í3ÇÇ?q10œÄ(´$=TðDùÏb–Ù¿÷9~C˜æ2Ú
?äx³¥O]Üiuú÷I„žbYZŸc•‘=à>:¬?8ŒEû…þ‘5AÖÀƒ˜òȃ2¨/ß�(büÜOçäj?éQÅÈ´dã:¹,–†.‹À™¸8�Úy¶?ä¢Y›mHǹSŒîc‘D ôaº’äþu$,Ø?QÖ•Q˜‡j|ª½{@I"A0©f̳Á9F:?~š7ª†?²xü—1À œŒy~y“
@eF²Lšb›&Â?Î*KäXš7_ësÄ«"\„Œøž)²q3—6G?J‰(í֏TiŒ^[PgFövZo%Þ¤Ú@þ¶e?E$i6•ˆ=Ë!æûþû¸Z)‘”€6¥+]Thinking in a non linear way, I've tried to classify the OTR message header with its increasing scale as the puzzles moved on.

[CLASSIFIED INFORMATION LEVEL 8][OTR//4.0]

working from that basis and the other messages I have developed this list.

Level 0 - 2 = Non Encrypted or Encoded (similar to private and confidential?)
Level 3 - 4 = OTR 1 - Base 64 or Base 85 encoded
Level 5 - 6 = OTR 2 - Hyper-encrypted (layered) Pen and Paper Ciphers
Level 7 = OTR 3 - Hyper-encrypted (layered) One Time Pad
Level 8 = OTR 4 - ???
Level 9 - ?? = OTR 5 - ???

Considering a flawed OTP (which it was, considering the ability to analyze it), when done properly should be information-theoretically secure, the next level should be either hyper-encryption using random bits (which is unlikely considering the difficulty in making that crackable and for the fact it's usually used on hardware encryption chips), or some form of Block Cipher (from which if we assume the scale of Levels goes up to 10), can be extended into simple block ciphers with small block size, which analysis seems to indicate it is not, up to triple cascaded ciphers with high block sizes, salts and perhaps even key files to add additional strength.

It is just an assumption, but one using the available evidence, OTR 4.0 is either a 128bit or 256bit block cipher with an unknown mode and key length. I would assume AES or Rjindael as candidates to allow for the most commonly used (also as Off the Record encryption uses AES as its base algorithm, that may be a hint). So to modify the list -

Level 0 - 2 = Non Encrypted or Encoded (similar to private and confidential?)
Level 3 - 4 = OTR 1 - Base 64 or Base 85 encoded
Level 5 - 6 = OTR 2 - Hyper-encrypted (layered) Pen and Paper Ciphers
Level 7 = OTR 3 - Hyper-encrypted (layered) One Time Pad
Level 8 = OTR 4 - 128bit/256bit block cipher (AES or Rjindael or Twofish or Serpent)
Level 9 = OTR 5 - Cascaded Block Ciphers with salt (SHA 512 or Whirlpool etc)
Level 10 = OTR 6 - Cascaded Block Ciphers with salt and possible key file additions (to increase password strength)

For the moment therefore, I will continue to try and analyze the non Hex code and work out the block size, algorithm basis, key length etc.

If it is a block cipher, then algorithm cracking is pointless, and as such key forcing may be necessary.

If I were a betting man, I would say this is a 256bit encryption, probably of the AES or Rjindael cipher algorithm (not that you can tell from the code, but its pretty common) .

The password will probably be hinted at, perhaps in a less than obvious way. We can assume this much as it is almost impossible to analyze a cipher text with only one message and nothing to confirm patterns. Once I've got a rough estimate of what mode/algorithm it uses, I can dedicate some run time to rainbow table attacks on the key. I have a feeling this is a holding puzzle, designed to allow time to construct further aspects of the ARG or work on whatever is behind their NDA.

Recently there was a problem with the computer systems at work, so I may not have access to all the analytical machinery I usually do, it may take a bit longer to get more information, if i find anything interesting I'll let you know. I may have access to some more specialist equipment at a later date, so more progress will likely be made then. I think we can rule out SSH or OTP though."

Latest Message from Storm

 Another thing to note is that we have received another message on the ARG's main Wiki site, in the comments section of the "Tempus omnia revelant" page.  The message is as follows:

"Aug 09
--------------
W### has been p########## well on the L#### O####### L######## Can####, other#### kn### as the T## Cann##. My t##### to the #####etic
induction coil have reduced the likelyhood of overcharge by 200%! I still cannot fathom why the fuse we introduced continues to fail
however, perhaps the leptons have a mi7s6d0976)(&^A)S()F ()A^SF) A()&^  ^)(AS&^ (^6097^)(76)(*"_)"_)(*")(*!")(*!")(!"*)(.................................. ........ .........................................."

It is believed by some that the different symbols may be converted to numbers--the resulting "code" is:

7609760976090906090766097696609760976098202098209812098120912809

It's important to note, however, that this code is probably just produced by random keystrokes. 

My Prediction

Below is something I recently posted on the forums about the ARG, and I currently stand by it:

"I have pretty much concluded at this point that we're dealing with 3DES. The Lucifer cipher is directly connected to DES. Furthermore, we have things happening in groups of threes:

In the image with red writing, the word "lies" is written three times--there may be a fourth, but it looks like something else.

The first "lies" is also underlined three times.

We have three instances of Satan/Lucifer being mentioned:
* Once on the grilledpizza page: "When you're building a cage for Satan, you don't ask him to wait around whilst you put the doors on."
* The picture with the red writing
* Indirect suggestion with the Dante's Inferno references: "Raphèl maí amèche zabí almi"

Other than that, I think it's just a feeling. I found this page randomly tonight: It details how someone solved a hex code for a contest to win tickets. The first round of the code actually mentioned Lucifer, and the gentleman used DES to solve it. His hex code was extremely similar to ours."

Other Possibly Relevant Material

Lastly, here is some other information pulled from the Wiki that may or may not be helpful or even relevant:

• User:Dr_Horn created the page Tempus omnia revelant (Time reveals all) after the trail on this problem went cold. Stormseeker then updated the forum thread's original post, adding the text 'tempus omnia revelant'. This seems to confirm that the Wikia account for Dr Horn is indeed Stormseeker.
• Stormseeker later says on his Steam Profile:
  • "If it's about the ARG, I've not set up or had any sites setup for hacking, so no. There is an answer, but you can't brute force it, the CIA couldn't brute force it. Someone is already close."
• Stormseeker teased encryption may not be the right idea. "How do you know solving this has anything to do with encryption?"
  • Or maybe not

Latest Attempt

My latest attempt at cracking the Hex Code was to run it through a binary conversion, then take that result and put that through a decimal converter.  The result is as follows:

179 43 0 58 53 186 221 102 87 124 36 193 79 201 25 6 67 70 209 49 167 197 75 184 47 254 3 224 34 97 87 119 36 121 35 220 33 246 44 212 24 46 145 195 178 103 181 69 171 202 237 175 2 97 81 13 78 234 30 135 205 51 199 199 113 49 48 156 196 40 14 180 36 61 17 84 240 68 249 207 98 150 217 191 247 57 126 67 144 152 127 230 50 3 218 13 228 2 120 179 165 79 93 220 105 117 250 4 247 73 132 158 26 98 89 90 159 99 11 7 149 145 61 224 21 62 58 172 56 140 69 251 157 133 12 254 145 53 65 214 192 131 152 242 200 131 50 168 47 223 0 40 29 98 252 220 79 231 228 106 233 12 81 197 200 6 180 17 100 227 58 185 44 150 134 46 6 139 12 22 192 153 144 184 56 26 0 218 121 21 182 127 228 162 15 89 155 15 27 109 72 25 19 199 185 83 140 238 99 145 68 244 21 97 186 146 228 254 117 29 30 36 44 216 143 81 214 149 81 152 135 19 106 124 21 170 189 123 64 4 73 34 1 65 48 169 31 23 15 102 204 179 193 57 70 58 126 144 154 55 170 134 63 178 120 5 252 151 49 192 156 140 121 6 126 121 147 10 64 101 70 178 76 154 98 155 38 194 206 42 75 228 143 88 154 55 95 235 115 31 196 171 34 92 17 132 140 248 158 41 31 148 113 51 151 12 6 54 24 71 74 137 40 1 237 214 143 84 105 140 94 91 80 103 70 246 118 90 111 127 18 37 222 164 218 17 64 254 182 15 101 7 69 36 28 105 54 149 136 61 203 33 230 251 254 251 184 90 41 145 148 128 54 165 43 93

I then took this result and examined it in a couple of different cipher detection programs--the resulting correlations were extremely high (a few points off a perfect match) for the following ciphers:

Tridigital

Monome Dinome

Morbit

Grandpre

I will continue trying different keys and attempting to bruteforce my way through it, but hopefully this will help others do the same and maybe, just maybe, this will lead to something!

Examination of the Hex Code

Long time no see, folks!

I've been reviewing the hex code and attempting to view it from all angles.  Something I attempted was to convert the hexadecimal code into binary.  I used this converter here:  Hex to Binary Tool

The end result is as follows:

10110011001010110000000000111010
00000011010110111010110111010110
00000110010101110111110000100100
00001100000101001111110010010001
00001001000001100100001101000110
00001101000100110001101001111100
00000101010010111011100000101111
00001111111000000011111000000010
00000010011000010101011101110111
00000010010001111001001000111101
00001100001000011111011000101100
00001101010000011000001011101001
00000001110000111011001001100111
00001011010101000101101010111100
00001010111011011010111100000010
00000110000101010001000011010100
00001110111010100001111010000111
11001101001100111100011111000111
00000000011100010011000100110000
00001001110011000100001010000000
00001110101101000010010000111101
00000001000101010100111100000100
00000100111110011100111101100010
00001001011011011001101111111111
00000111001110010111111001000011
10010000100110000111111111100110
00000011001000000011110110100000
00000000110111100100000000100111
00001000101100111010010101001111
00000101110111011100011010010111
00000101111110100000010011110111
00000100100110000100100111100001
00001010011000100101100101011010
10011111011000110000101100000111
00001001010110010001001111011110
00000000000101010011111000111010
00000000101011000011100010001100
00000100010111111011100111011000
00000101000011001111111010010001
00000011010101000001110101101100
00000000100000111001100011110010
11001000100000110011001010101000
00000010111111011111000000000010
00001000000111010110001011111100
00001101110001001111111001111110
00000000010001101010111010010000
00001100010100011100010111001000
00000000011010110100000100010110
00000100111000110011101010111001
00101100100101101000011000101110
00000000011010001011000011000001
00000110110000001001100110010000
00001011100000111000000110100000
00000000110110100111100100010101
00000000101101100111111111100100
00001010001000001111010110011001
00001011000011110001101101101101
01001000000110010001001111000111
00001011100101010011100011001110
00001110011000111001000101000100
00001111010000010101011000011011
00001010100100101110010011111110
00000111010100011101000111100010
00000000010000101100110110001000
00001111010100011101011010010101
01010001100110001000011100010011
00000110101001111100000101011010
00001010101111010111101101000000
00000000010001001001001000100000
00000001010000010011000010101001
00000001111100010111000011110110
00000110110011001011001111000001
00000000001110010100011000111010
01111110100100001001101000110111
00001010101010000110001111111011
00000010011110000000010111111100
00001001011100110001110000001001
00001100100011000111100100000110
00000111111001111001100100110000
00001010010000000110010101000110
00001011001001001100100110100110
00000010100110110010011011000010
00001100111000101010010010111110
00000100100011110101100010011010
00000011011101011111111010110111
00000011000111111100010010101011
00000010001001011100000100011000
00000100100011001111100010011110
00000010100100011111101100100111
00000001001100111001011100001100
00000110001101100001100001000111
00000000010010101000100100101000
00000000000111101101110101101000
00001111010101000110100110001100
00000101111001011011010100000110
00000111010001101111011001110110
00000101101001101111011111110001
00000010001001011101111010100100
11011010000100010100000011111110
00001011011000001111011001010000
00000000011101000101001001000001
00001100011010010011011010010101
00001000100000111101110010110010
00000001111001101111101111111110
00001111101110111000010110100010
00001001100100011001010010000000
00110110101001010010101101011101
00000000

After doing so, it appeared as though there was a consistent pattern throughout the binary, so I then attempted to convert it to an image.  I constructed a .txt document from the binary and utilized this Binary to Image Tool--using 32 blocks per line.

The resulting image:



Now, there's always the chance that the hex to binary conversion failed, or that the binary to image conversion failed, or both, and that this is simply a random pattern generated by that failure.  However, if it's not an error, then this may potentially lead to something.

But what?  *shrug*

My Take on the Pizza Code Mystery Story

Please note before you read this that this is simply my take on the entire Pizza Code Mystery story, and is not something that should be considered set in stone by any means.  Hopefully, by highlighting some key points and putting my personal spin on them, it will incite some ideas.

So, without further ado, here it is:

I think it has become rather obvious that Dr. Horn set up the HALOS project in the X01 and X02 rooms of the BMRF.  As we can see from the letter on Welsh's website, only Dr. Horn, Paul Bottomley, and perhaps Dr. Junek had access to the HALOS project.  Furthermore, Horn was using the lab budget to buy pizzas and fund the project.  In an attempt to get back at Dr. Horn, Welsh and some of his buddies decide to play a prank on him by taking his pizzas and hiding them throughout the facility.

Before we get to that, however, it's important to understand what we can about the HALOS project.  It is definitely some sort of artificial intelligence--we can derive that from a number of sources:

• The whiteboard in "Anomolous Materials" that has a note directed to Paul Bottomley that asks him to call J.D. Marcel on ext. 1187-463 about the Niobium-5 that he needs for that "AI project 'thing'".  It is signed "Dr. Montero"
• The Tempus omnia revelant page added to the wiki has a section that shows a report with the author as {HALOS AUTOMATED}
• The messages sent out by "someone mysterious" are probably partially sent out by the HALOS AI, particularly because of the way they are worded.  They sound very machine-like and inorganic.

That said, the HALOS project is definitely a very crucial entity to Dr. Horn, and it seems as though the HALOS system is still in contact with Dr. Horn after he "escaped" the BMRF. 

So what about the relationship between Horn and Welsh?  Well, apparently Horn got pretty pissed off that Welsh was taking his "misbegotten goods", as we can see from the image attached with the wiki page that Horn scribbled all over in red.  He writes, "Stone will pay" and "Steals it, eats it".  Either Horn really loves his pizza, or he is pissed that his secret funding is a bust.  My money's on the latter.

When all hell breaks loose in the Black Mesa facility, Horn gets out.  Paul Bottomley is dead (or is he?), probably killed by the military.  Everyone else is running around like chickens with their heads cut off.  Horn knows he's the last man standing that can continue the HALOS project--so, what does he do?  He activates the AI project, basically giving it the option to fend for itself.

This is where the IRC chat clues come into play.  I believe these are coming from someone in an attempt to give Horn directions and aid him in setting up another HALOS site.  The second IRC chat clue points him towards Niobium, a vital ingredient for the HALOS project (as we saw on the "Anomolous Materials" whiteboard).  The third clue states that the 41Nb was recovered and that the HAFB was compromised.  Perhaps this is Horn sending this message to the secretive individual that sent the first message.  However, it's important to note the Tempus omnia revelant wiki page that mentions "...Sending MINDAT via HAFB".  Either Horn or the HALOS AI was sending mineral data via the Hollomans Air Force Base.

In the same clue that identifies HAFB as being compromised, the message identifies the White Sands Missile Range as "no longer viable", then suggests that the message's receiver move to the main site.  The next IRC chat message then states that access was detected at the personal site, the security therefore compromised.  It identifies the HALOS project as being under threat, then states that the site is offline as a response.  There was an embedded message as well:

prime site compromised return bmrf login halos

The next message definitely appears as though it arises from an AI, for it is in all caps and is attempting multiple methods of attack--it also appears to be attempting to connect to Horn, as it says, "ATTEMPTING CONNECT TO USER H . . . ." 

Finally, we are left with the message left for Dr. Horn (by whom?) that reminds him of the password "BENALOHPAILLIER" in case of emergencies.  And, as we know, there has obviously been a serious emergency.  It also says, "You should bring pizzas", which means that the person (or thing) sending this message was part of the original HALOS project at BMRF, which then identifies why Horn had to buy so much pizza.  Whoever was helping Horn with the HALOS project seemed to love pizza, which makes me wonder if the strange messenger is in fact Paul Bottomley.  They were working together at BMRF, so it makes sense that it would be Bottomley.

And then we come to the latest clue.  It appears to be sent by the HALOS AI, stating that the primary site is offline and the primary servers are overloaded.  It then mentions that a user activation is required--PASSCODE INPUT FOR SITE ACTIVATION REQUIRED, and the final test pattern has been set. 

So, alas, this is where we stand.  BMRF is toast, completely annihilated by the combination of forces Gordon Freeman had to deal with.  Horn is on the run, perhaps holed up in some remote location attempting to get back into the HALOS AI program, or even attempting to reroute it to his current location.  The message left by Bottomley about bringing pizzas suggests he is still alive and still in contact with Horn.  Welsh is holed up somewhere too, because he is responsible for the first IRC chat clue.  Either that or it was sent before the onset of the BMRF massacre and he is now toast because of it.

Anyway, I've done the best I can to provide some sort of narrative, and even if it's completely wrong (which I'm sure a good chunk of it is), I hope it will still spark some fresh lines of thought. 

Storyline Work

It was brought to my attention on the Wiki that the information I had composed was more of a summary of clues rather than an actual storyline.  That said, I have printed out all of the information I gathered from the in-game sources, the IRC chat clues, and everything else.  From this, I will be utilizing my narrative skills (be warned:  they are limited) to compose an actual storyline that we can all (hopefully) relate to and develop ideas from.

Happy Holidays!

Happy Holidays, everyone!

Hope you all enjoy your time off from work, school, and your busy lives in general.  They say this is one of the most stressful times of the year for some folks, and I just hope you all take some much needed downtime and relaaaaaaaax.

And may it truly be a Happy New Year!

The Story Thus Far . . . .

I think, as Stormseeker has indicated, that it is vital we compose a storyline of what has occurred thus far.  That said, I will be doing so in this post.  I will then be including a consistent link to this post on the link bar to the right, and will also update the Wiki to showcase this storyline.  If I have missed any vital parts, do not hesitate to let me know.  I want to make this as complete as possible to best accommodate the ARG.

The story:

When we first discovered the codes, we noted that there were four codes to be found.  These codes were set up by Dr. Horn, which led us to realize it was Stormseeker (Chris Horn) setting up the majority of this.  The primary code D, the one that led to the last digits needed for the "thepizzaisalie" site, was directed to a Dr. Bottomley, who has since been identified as one of Storm's friends.

There were also a couple of IRC clues given prior to the solving of the other web-based clues.  These were:

1. The IRC clue "editing" the Konami Code cipher (Code A), although it has been hinted that the original form "bon ami" was intentional, for it means "good friend".  This chat clue also states, "Don't let him find us--Dr. Welsh", suggesting that Dr. Welsh was a key player in the ARG, as well.  We found out later, via Welsh's profile site, that this is the case.
2. The second IRC clue that first mentions coordinates:

N38°57'8.05" W77°8'44.82".
Solution two ignore loc data N32°52'50.77" W106°20'49.40" not buried at 

initial loc, fly here.
Travel 14.16 miles east we transferred the niobium there.
Await further instructions.

And broken into pieces:

38° 57' 8.05 N 77° 8' 44.82" W The Kryptos Statue in CIA Headquarters, Washington 32° 52' 50.77 N 106° 20' 49.40" W White Sands Missile Range, New Mexico

-15' 49.35" W 14.16 miles East of the first location leads to a Domino's Pizza in Washington

-14' 39.84" W 14.16 miles East of the second locationleads to a fairly deserted looking area close to Hollomans Air Force Base mentioned in IRC clue 3 .

    3.   The second location clue: 

INCOMING TRANSMISSION - LOC 2 LAYER 2 SUBSTRATA 3 X01/X02 HALOS PROJECT INITIATED
41Nb recovered. HAFB Compromised.
Transfer to site complete, project HALOS underway. Further INFO [Classified].
CODE BASE 64 compromised, switch to old code talker.
They are watching, assume leaker on site.
WSMR No longer viable location, move to main site, check external sources.

Now, we have no idea who these messages are being sent to, but we can speculate that they originate with Dr. Horn because they mention the missing / hidden X01 and X02 rooms.  They also mention the HALOS project which has become synonymous with Dr. Horn's later clues.

After discovering the website and solving the binary puzzle, we then began getting web-based puzzles.  These began with this puzzle, that turned out to be Base 64 with a Navajo message inside of it, which then needed a Playfair cipher to finish it off:

Proxyhost@-84-9-123-164.dslgb.com//closed.proxy.accepted//?OTR,1,3,?OTR:[I---MI-G TR
--SMI---ON - UN---WN S##RCE]
Access detected to personal site.
Security compromised.
HALOS project under threat. Site offline as response. Switching to new protocols.
[********] ~[OTR//2.0]

 Solved portion: 

primesitecompromisedreturnbmrfloginhalos

After solving this, we received another clue in chat, also in Base64 that used a one-time pad encryption. Brute-forcing it using key words eventually led to it being solved:

[[Proxyhost@-84-9-123-155.dslgb.com//closed.proxy.accepted//?OTR,1,3,?OTR:
[INCOMING TRANSMISSION UNKNOWN SOURCE]LEAK SOURCE DETECTED. TRIANGULATING...MIX CASCADE
HOP DETECTED...ATTEMPTING TIMING ATTACK...[TERMINATED] CANNOT CONNECT TO  HOST...
ATTEMPTING CONNECT TO USER H... SENDING DATA. SECURITY LEVEL 7 ALPHA.  [OTR//3.0]

Solved portion:

"This is a message left for Dr. Horn. Just to remind you in case of 
emergencies that the password to the HALOS files is BENALOHPAILLIER. I 
have programmed HALOS to send in level seven cases. You should bring 
pizzas." 

We now see that we have a login for the HALOS project, as well as a password.  Furthermore, there is someone else sending these messages because they are being sent to Dr. Horn.  Could it be Welsh?  Bottomley?  Or a new entity altogether?

Lastly, we received a new file on the "thepizzaisalie" site--this HALOS.txt file is the one we're stuck on now, and the message is thus:

[[Proxyhost@-84-9-123-345.dslgb.com//closed.proxy.accepted//?OTR,3,4,?OTR:[INCOMING TRANSMISSION CLASSIFIED SOURCE]SUBJECT ANALYSIS - TENACIOUS. SITE OFFLINE.........{Primary Servers Overloaded}... USER ACTIVATION REQUIRED... PASSCODE INPUT FOR SITE ACTIVATION REQUIRED...SET FOR FINAL TEST PATTERN....ANALYSIS COMPLETE>>> [CLASSIFIED INFORMATION LEVEL 8][OTR//4.0]

B32B003A 35BADD66 577C24C1 4FC91906 4346D131 A7C54BB8 2FFE03E0 22615777
247923DC 21F62CD4 182E91C3 B267B545 ABCAEDAF 0261510D 4EEA1E87 CD33C7C7
7131309C C4280EB4 243D1154 F044F9CF 6296D9BF F7397E43 90987FE6 3203DA0D
E40278B3 A54F5DDC 6975FA04 F749849E 1A62595A 9F630B07 95913DE0 153E3AAC
388C45FB 9D850CFE 913541D6 C08398F2 C88332A8 2FDF0028 1D62FCDC 4FE7E46A
E90C51C5 C806B411 64E33AB9 2C96862E 068B0C16 C09990B8 381A00DA 7915B67F
E4A20F59 9B0F1B6D 481913C7 B9538CEE 639144F4 1561BA92 E4FE751D 1E242CD8
8F51D695 51988713 6A7C15AA BD7B4004 49220141 30A91F17 0F66CCB3 C139463A
7E909A37 AA863FB2 7805FC97 31C09C8C 79067E79 930A4065 46B24C9A 629B26C2
CE2A4BE4 8F589A37 5FEB731F C4AB225C 11848CF8 9E291FB2 7133970C 06361847
4A892801 EDD68F54 698C5E5B 506746F6 765A6F7F 1225DEA4 DA1140FE B60F6507
45241C69 3695883D CB21E6FB FEFBB85A 29919480 36A52B5D

[/][End Transmission]|¬[ABORTIVE.] ~~ [Transmission Ends]]

We may be stuck here, but I think we have all the information we need.  We have a login and a password, and I don't think the password is a direct key to the actual cipher, but should simply be used to access the HALOS site, whatever that may be.  We seem to have overlooked the other clues, and I think we need to put them together to make this next big leap and pass through the gate to the next portion.  With this in mind, maybe we need to look at other possible sites / links that have previously been added or left undiscovered.

My Absence and The Latest Clues

Ladies and gentlemen, I apologize for my month-long extended absence.  Around 7pm today I finished my last final of the semester, and this last three weeks has been a doozy (to say the least).  First and foremost, I want to apologize for letting this blog die a bit in that time.  I never intended to take this long to get back in the game, but every time I sat down to update something else popped up.  Thankfully, I've got a full two and a half weeks to relax . . .

And crack some pizza codes.

So where are we now?  I've taken some time reviewing the forums, particularly the wiki page update.

First of all . . . I like it.  It means that this clue is supposed to be difficult, and I think we've come to our next "gate". 

The letters italicized in the original terminal message spell out:  "seek out code he is watching"

It's written like that on purpose; it's not seek out the code, he is watching, but rather seek out Code_ who is a user on the IRC chat.  Code_ is also 0418_08151814 on the forums.  Perhaps he is an extension of the ARG, perhaps not.  But I think it's clear that this is what the message intends for us to think.  Whether it's a red herring or not is left to be determined.

Noting this, I think we all need to pay special attention to what he mentions.  Furthermore, I think you've all thrown in some very, very interesting things on the forum, and I get that feeling that we are on the correct path.  This last code surely has to do with the Niobium, as seen by the inclusion on the wiki page.  

I have an opinion about who is watching--I think the AI is some extension of Stormseeker himself.  Whether that extension is a program he created, or a scapegoat for fulfilling his own desires at getting back at Dr. Stone and Dr. Welsh, I think there is a third party here "watching" us.

As for the code itself, it may be a very complicated cipher, but it might also be a hint at something else.  We've gotten through some difficult ciphers (the one-time pad comes to mind), and this might be a change-up just to throw us off the path.  Perhaps there is some sort of substitution intended with the Niobium mention.  

I will see what I can do with the new information, and will update if I find anything.  I'm glad to see that you folks have kept this very much alive while I've been in school, and I look forward to seeing what's to come.  Oh, and before I forget--expect a new poll and rate-it question soon!

Next Steps For Hexadecimal Code

Well, sorry for the long delay, folks.  I was hoping we'd make some headway within a couple of weeks and I could update the blog, but as of yet . . . nothing.  Our new code (check the post prior to this one for a full look at that) is a hexidecimal code, and the primary challenge is finding out how it is meant to be applied and then doing so.  It's not as straightforward as the SECOM cipher for the simple reason that there are multiple ways it can be implemented, the least of which is a direct cascading cipher or similar method.  Seeing how we've been focusing primarily on standard ciphers throughout this ARG, it's a safe bet that we will continue in a similar fashion.  However, the way the first portion of this code was cracked leads me to believe it is another language related to programming rather than a direct cipher.

For now, I will continue to keep a lookout for new ideas, and want to remind you all to keep active as best you can.  I understand there is a lot to be done over the holidays, so no rush or anything.  I do, however, want to stress how important it is to keep this ARG alive, and remember that we've come to a brick wall before.  And, after that was finally scaled, we knocked down multiple ciphers in rapid-fire succession.  That said, don't give up!

To those of you celebrating Thanksgiving, happy wishes to all of you and yours!

Where We Stand Now

It's been a crazy past few days--lots going on in regards to the ARG.  First and foremost, I want to thank all of you who have put forth the effort and decoded these ciphers at a rapid-fire pace.  Since the one-time pad cipher, we've received another major code.  Referenced in the one-time cipher as the HALOS file, the HALOS.txt file was discovered on Stormseeker's website [NOTE:  To access this link, you will need to input "drhorn" as the username and "1001085139140914" as the password].

As of now, the HALOS.txt file has been decrypted . . . mostly.  The decrypted .txt file reads:

[[Proxyhost@-84-9-123-345.dslgb.com//closed.proxy.accepted//?OTR,3,4,?OTR:[INCOMING TRANSMISSION CLASSIFIED SOURCE]SUBJECT ANALYSIS - TENACIOUS. SITE OFFLINE.........{Primary Servers Overloaded}... USER ACTIVATION REQUIRED... PASSCODE INPUT FOR SITE ACTIVATION REQUIRED...SET FOR FINAL TEST PATTERN....ANALYSIS COMPLETE>>> [CLASSIFIED INFORMATION LEVEL 8][OTR//4.0]b32b003a35badd66577c24c14fc919064346d131a7c54bb82ffe03e022615777247
923dc21f62cd4182e91c3b267b545abcaedaf0261510d4eea1e87cd33c7c77131309cc4280eb42
43d1154f044f9cf6296d9bff7397e4390987fe63203da0de40278b3a54f5ddc6975fa04f749849e1
a62595a9f630b0795913de0153e3aac388c45fb9d850cfe913541d6c08398f2c88332a82fdf0028
1d62fcdc4fe7e46ae90c51c5c806b41164e33ab92c96862e068b0c16c09990b8381a00da7915b6
7fe4a20f599b0f1b6d481913c7b9538cee639144f41561ba92e4fe751d1e242cd88f51d69551988
7136a7c15aabd7b40044922014130a91f170f66ccb3c139463a7e909a37aa863fb27805fc9731c
09c8c79067e79930a406546b24c9a629b26c2ce2a4be48f589a375feb731fc4ab225c11848cf89e
291fb27133970c063618474a892801edd68f54698c5e5b506746f6765a6f7f1225dea4da1140feb
60f650745241c693695883dcb21e6fbfefbb85a2991948036a52b5d[/][End Transmission]|¬[ABORTIVE.] ~~ [Transmission Ends]]

The part of most interest is the part I've highlighted.  This is obviously hexadecimal, but how is it converted?  My theory is that it is some sort of image--a very, very basic image, of course, but an image nonetheless.  There is also some speculation that it is related to off-the record encoding, although all of the messages to this point have referenced OTR.

So, that is where we stand.

As for the blog, I'm going to put up a poll related to the entirety rather than each individual piece (at least for now), and will be removing the Cipher Formats page.  I'm doing the latter because we've gotten past the roadblock that was the SECOM cipher, and as of now we haven't seen any reversed or columnated text.  That said, it's rather pointless.  Should the need arise, however, I will of course implement the page again, or something similar.

I will also be implementing a rating widget that will allow each of you to rate your experience with the ARG.  Although it doesn't directly impact the ARG in any way, I am curious to see how each of you feels about the progress, difficulty, etc.