What is A858DE45F56D9BC9?

A Reddit user called A858DE45F56D9BC9 has a subreddit that consists of nothing but posts of long random (?) numbers. Is Reddit being used as a numbers-station? A dead-drop? Part of someone's elaborate, psychotic hallucination? A cheesy marketing stunt? An ARG?

I write books. My latest is a YA science fiction novel called Homeland (it's the sequel to Little Brother). More books: Rapture of the Nerds (a novel, with Charlie Stross); With a Little Help (short stories); and The Great Big Beautiful Tomorrow (novella and nonfic). I speak all over the place and I tweet and tumble, too.

More at Boing Boing

Ants and Stars: Bruce Sterling and Jasmina Tesanovic visit the Sardinia Radio Telescope in Italy

The Snowden Principle

jnordb

…and I can only hope it’s an updated numbers station type thing. I always was fascinated with listening to them when I was a kiddo….
- Anonymous
  
  Check out The Conet Project:
  
  http://www.archive.org/details/ird059
  
  They have a huge archive of numbers station recordings.
  - jnordb
    
    Awesome! I will check it out…
Anonymous

http://webcache.googleusercontent.com/search?q=cache:C7OdlwNR5GcJ:www.reddit.com/r/A858DE45F56D9BC9/+A858DE45F56D9BC9&cd=1&hl=en&ct=clnk&gl=us&source=www.google.com
Anonymous

Be sure to drink your ovaltine.
Anonymous

It looks like a password for a router or cable modem
Anonymous

The fact that there are no letters past E suggests hexadecimal language (which consists of 0-9 and A-F), but it doesn’t translate to any meaningful text. My guess is it’s either encrypted, or a prank on redditors.
Raffy

God, that’s classic reddit to think a string of alphanumerics in a subreddit *just might* be an government intelligence agency using their board. Um no, your college humor echo chamber chat room isn’t a dead drop for one-time pads. Just a hunch though.
Eris Siva

As a number of people have pointed out, this was probably a Botnet control center – the bots would check the subreddit every once and a while. That way, if someone had checked their logs, it wouldn’t really trigger suspicion as it would look like their computer had just accessed Reddit…and most tech savvy people would have been there at some point.

User JnvSor has quite a bit of interesting data on it. But it looks like the subreddit AND account were baleeted.
- Anonymous
  
  “Your botnet is under heavy load right now, sorry. Try again in a few minutes.”
obscuromancer

testing the api with lots of random text? odd how all letters upper-case tho
earthmann

Well, if you convert the hexadecimal to text, and get back about six feet, it resembles a portrait of Alfred E. Neuman.
Anonymous

There was a drop to the security lists too:

http://seclists.org/fulldisclosure/2011/Jul/21
- dragonfrog
  
  The post on Full Disclosure is very likely a proof-of-work – they’re posting MD5 or SHA1 sums of messages that will be posted in full later.
  
  The point of posting the proof-of-work now two-fold:
  - to claim credit – you have proof that you had created the message as of a certain date. If someone posts a duplicate finding, you can then post your own, and point back to the earlier post containing its hash, to prove you’re not just copying someone else’s work.
  - to fend off claims by software vendors – some of those hashes may be of correspondence with the vendors of affected software. Then, if the vendor doesn’t give credit when they post their patch, or drag its feet on the fix and then claims that they didn’t receive proper notification, you can post the original messages, and point back to the earlier post, again proving that the vendor did know about the vulnerability when you claim they did (this is a bit shakier, unless your exchange with the vendor was encrypted and signed using PGP or something).
  
  That also seems like another possibility as to what these posts might be – cryptographic hashes being posted as proof that some result (to be revealed later) had been achieved as of a certain date and time.
Anonymous

There’s a similar thing here: http://bartkeppel.blogspot.com/
- travtastic
  
  That one’s different. The spacing in-between is there to make it readable, for people.
  
  If I had to guess, I’d say that’s generally the formatting used for OTP decryption matrices, although I couldn’t imagine why it would be on a publicly-accessible webpage.
  
  http://en.wikipedia.org/wiki/One-time_pad
- diginferno
  
  Those could be Unicode character codes. I searched some of the 4-character sequences at decodeunicode.org and I found out that they are codes for some pictographic writing.
  
  Those blog posts are old, so I am going to assume that the technical changes Blogger went through since then broke the content somehow.
Micah

Maybe it’s encrypted instruction for bots, using reddit as a botnet command and control center.
nosehat

It’s an 8-byte number in hex. As such, it could be a lot of different things, including a strong crypto key. I’m not aware that this particular number is anything special. In decimal, it’s 12130689988374141897.

While it’s fun to think the thread might have been a dead drop, my guess would be a game of tag. Or, more likely, an impromptu game of tag. Bored person A posts a random number; bored person B thinks that’s mildly amusing, and replies with another random number; bored person C does the same, wondering how long they can keep it going before someone replies with “WTF?”
Anonymous

-6,316,054,085,335,409,719
Anonymous

Apparently the subreddit has been unbanned!

There’s a new post now: http://www.reddit.com/r/A858DE45F56D9BC9/comments/igmjv/201107041325/
Anonymous

These kinds of things are all over twitter. Google “twitter numbers stations.”

Here’s one of the stranger ones I’ve seen. I just stumbled upon it today by accident. It definitely looks like some kind of information. Almost reminds me of raw METAR data. And there’s a Japanese katakana ãƒ thrown in there for good measure.
http://twitter.com/#!/smilearb
Anonymous

guys where are we?
Anonymous

Pattern Recognition
Stooge

That C9 ending rather leaps out at me. Has anyone considered that this might be a program in Z80 assembler?

Unfortunately the bit of my brain that used to deal with translating hex to Z80 opcodes got re-purposed some years back, but maybe someone else still remembers this stuff and can save me the hassle of looking it up.
- bhtooefr
  
  According to http://www.davidgom.co.cc/z80.html, it disassembles to:
  
  xor b
  ld e,b
  sbc a,69
  push af
  ld l,l
  sbc a,e
  ret
  - Anonymous
    
    So, uhh, it’s a virus that infects the original gameboy, or the Texas Instruments TI-83+ graphing calculator?
    
    If anything, I would guess it would be executable code for intel x86 processors, not the ancient 8mhz Z-80.
Palomino

A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F)……….?
- Anonymous
  
  no
Cowicide

G22DJHIE88DI8EHD 984IUHADBT88E UR7
Ripcord

Wow, you’ll typically never hear me say something like this, but this is a thread that desperately needs more nerds.
desprez

Minecraft seeds.
Eris Siva

Yeah – says the Reddit has been banned, which leads me to believe it was spam/botnet/malicious.
Anonymous

Encryped message board: http://www.pgpboard.com
LegendofPedro

The titles of posts are all timestamps.

Converting the name from hex [to binary] to ASCII gives “¨XÞEõm›É”, which is a valid string with HTML entities in it.

Converting them gives the string “Â¨XÃžEÃµmâ€ºÃ‰”. It doesn’t mean anything to me, though.
sfarmer76

They may be using Reddit to pass SSNs… take out the letters and you have a potential SSN… 858-45-5699 (or backwards: 996-55-4858)… or a potential phone number 858-455-699(0)… (or backwards: 996-554-858(0) if you tack a zero onto the end…
Anonymous

Pfft, you people have no imagination. Let’s turn this into an ARG ourselves…
weeld

Am I the ony one thinking-
NUMBERWANG!
- nosehat
  
  Hooray! That made my day!
- Anonymous
  
  No, it’s “Mornington Crescent” in EBCDIC
  - Anonymous
    
    You, sir, win an internet for that!
  - chgoliz
    
    They didn’t invoke the Euston gambit, so they’ve lost 3 turns…not a very intelligent move, to say the least.
tamar

Boing Boing must have found this out from this AMA (the I am a…ask me anything subreddit) but the guy hasn’t come forward. The reddit members have also been trying to decipher his code with no luck.
Anonymous

They’re all timestamps

Could be a redditor creating a subreddit specifically to record exactly when they get lucky, in which case they’re not doing too badly.
Anonymous

Half an md5sum?
Planet Strike

it’s a date time stamp: year, month, day, hour minutes all concatenated together with no delimiters. here’s the latest one: 201107041325. it’s 7/4/2011 @ 1:25PM.
Anonymous

It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.

If it’s a chunk of timestamped hex code sitting there and it isn’t a bunch of hashes or social security numbers, what could it be? IP addresses? Whatever it is, it’s not human-language being passed; we talk too much and use way more words.

Maybe a bunch of computers (in a botnet? Or not) were working on a list they all had a copy of, but the owner didn’t want them duplicating efforts so they were instructed to post whatever they’d completed someplace they could all get to; that way they could check the list and self-assign their next task without talking to each other. The trouble then becomes the motivation for making that website reddit. Reddit is a very public place. There are far less public places to run a list like this.

Reddit has good badnwidth due to the number of people who use it, but so does google documents, where you could stick these in a spreadsheet anyone could access and nobody would ever bother looking. Reddit is very, very public. So, either the choice was automatic, a dumb machine picking whatever it could post to; or it was based upon what the person knew, a person sticking with what’s easiest and most familiar; or it was a deliberate choice made to put this in plain sight, as a taunt or a joke.
edthehippie

somehow , this reminds me of cosmac vip op code , the ( very ) old 1802 cpu from , was it rca ??? heheheheh , but , prolly not really , i suppose ( prolly any random string of hex reminds me of the 1802 when i am in the correct mood , a grand little processor , almost totally orthogonal , not even a dedicated subroutine stack , just use any register for anything )
Anonymous

hhmm..thats true
owza

Karma 01110111 01101000 01101111 01110010 01100101
Anonymous

Web spammers do this sort of thing all the time. They’re just testing.

The numbers are not meaningful, they are just unique tokens. They keep a database of which tokens were posted where. Later they scrape pages or search results to see which ones got through, and which are still there after a given period.

So: reddit auto poster test. No message to decipher other than “ping”.
Anonymous

small-fry numbers passing/dead drop. obvious and open because either it’s not a big deal to LEA’s, or someone just wanted to look spooky and cool.

the real spooks passing in public are using forums like video sharing sites, or community-art portals like ytmnd where you can encode & modulate your data in both audio and video, plus plenty of noise (to the point where nobody except a receiver with the proper tuner AND cipher pad would even realize there’s illicit information-passing occurring, much less successfully intercept it)
Ghost of a flea

These are dates and times, most likely the time when the link was created.

201107031215 = 2011 07 02 12:15
meehawl

Â Â˜Ã·Â¬Ã¹ÂÂ•Ã±Ã“ÃÃ‹Â²Ã’Ã±ÃªÂºÃµÂ¿ÂŽÃ¢Ã°Ã¶Â–Â¨ÃªÃ®Â½ÂŽÃÂ£ÂŠ
Anonymous

and now it’s gone again. Boo.
Anonymous

yep, it’s likely address lookups for a large OTP
could seriously be used for something as nefarious as international terrorism

and it’s not the pad that’s sent (except on contact), it’s an encrypted message. the pad is now huge, and used repeatedly, it contains volumes of information and an even larger noise halo. if it’s coordinated well enough, the message is just little more than a coded lookup key for a particular address in the OTP. And in the same vein as steganography, the uncrackable transmission of an encoded message can be as simple as an audio file with (seemingly) random pcm levels substituted. it would sound about as good as any other copy, but the unique file hashes could make them stand out a bit on music sharing/tracking networks
Anonymous

That’s numberwang!
Anonymous

in the bart keppel one, C2 and C3 are twenty times as likely to occur as any other byte. all bytes above those appear at most once. odd distribution, maybe a weak cipher of their own creation
freshacconci

Wow, this is the dorkiest thread I’ve read in a long time. And that’s saying something for BB.
- travtastic
  
  We’ve got to hack into the mainframe and reverse the polarity on the ion interpolators!
- Anonymous
  
  you don’t know how frightening this thread is for those who have no f’ing idea what you are talking about. and we’re supposed to worry about privacy? ha. we the tech-illiterate are f’d in your sci-fi future.
Anonymous

Obviously a terrorist plot. The NSC, NSA, FBI, CIA et al. should get on the case immediately and devoted hundreds of billions of dollars. The very integrity of our nation depends on it.

Incidentally, none of the abbreviations above are acronyms.
CountZero

“It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.”
Worse than that, it’s initiated SkyNet.
Anonymous

LOLWTFLMAO247BRBPOS
Anonymous

I only noticed this the other day, so can’t say if it has much to do with it.

http://pidgin-paranoia.sourceforge.net
Anonymous

“The Mind String And How To Pull It” by Bart Keppel.
- Anonymous
  
  Come to think of it, I’m feeling very thirsty.
Anonymous

It’s simply date strings.

201107041325 is 2011-07-04-13:25, meaning July 4th, 2011 at 1:25 pm.

The other numbers are formatted in the same way.
jjsaul

I’m no expert – if I had to use linux to get a banana I’d starve.

But I thought the main way botnets were controlled was via a “phone home” dead drop like this, relying on Google to find one of a few thousand control keys.

Maybe it’s on Reddit because it’s a “white-hat” project trying to wrestle control of a botnet away from the source, and don’t have to worry about tracking so can leapfrog the source by using more frequently spidered sites so they get the google hit before the source does.
Anonymous

Can someone explain posts like:

-6,316,054,085,335,409,719

or:

G22DJHIE88DI8EHD 984IUHADBT88E UR7

to me?

I live in a different circle but will come back to see what you say.
Anonymous

Obviously the message is:”HELP I’M STUCK IN THE REDDIT SERVER ROOM”
- Anonymous
  
  Haha!!
jnordb

…..and, the link is gone. :(