What is A858DE45F56D9BC9?

A Reddit user called A858DE45F56D9BC9 has a subreddit that consists of nothing but posts of long random (?) numbers. Is Reddit being used as a numbers-station? A dead-drop? Part of someone's elaborate, psychotic hallucination? A cheesy marketing stunt? An ARG?



  1. …and I can only hope it’s an updated numbers station type thing. I always was fascinated with listening to them when I was a kiddo….

  2. The fact that there are no letters past E suggests hexadecimal language (which consists of 0-9 and A-F), but it doesn’t translate to any meaningful text. My guess is it’s either encrypted, or a prank on redditors.

  3. As a number of people have pointed out, this was probably a Botnet control center – the bots would check the subreddit every once and a while. That way, if someone had checked their logs, it wouldn’t really trigger suspicion as it would look like their computer had just accessed Reddit…and most tech savvy people would have been there at some point.

    User JnvSor has quite a bit of interesting data on it. But it looks like the subreddit AND account were baleeted.

    1. “Your botnet is under heavy load right now, sorry. Try again in a few minutes.”

    1. That one’s different. The spacing in-between is there to make it readable, for people.

      If I had to guess, I’d say that’s generally the formatting used for OTP decryption matrices, although I couldn’t imagine why it would be on a publicly-accessible webpage.


    2. Those could be Unicode character codes. I searched some of the 4-character sequences at decodeunicode.org and I found out that they are codes for some pictographic writing.

      Those blog posts are old, so I am going to assume that the technical changes Blogger went through since then broke the content somehow.

  4. Maybe it’s encrypted instruction for bots, using reddit as a botnet command and control center.

  5. It’s an 8-byte number in hex. As such, it could be a lot of different things, including a strong crypto key. I’m not aware that this particular number is anything special. In decimal, it’s 12130689988374141897.

    While it’s fun to think the thread might have been a dead drop, my guess would be a game of tag. Or, more likely, an impromptu game of tag. Bored person A posts a random number; bored person B thinks that’s mildly amusing, and replies with another random number; bored person C does the same, wondering how long they can keep it going before someone replies with “WTF?”

  6. That C9 ending rather leaps out at me. Has anyone considered that this might be a program in Z80 assembler?

    Unfortunately the bit of my brain that used to deal with translating hex to Z80 opcodes got re-purposed some years back, but maybe someone else still remembers this stuff and can save me the hassle of looking it up.

      1. So, uhh, it’s a virus that infects the original gameboy, or the Texas Instruments TI-83+ graphing calculator?

        If anything, I would guess it would be executable code for intel x86 processors, not the ancient 8mhz Z-80.

  7. A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F)……….?

  8. Yeah – says the Reddit has been banned, which leads me to believe it was spam/botnet/malicious.

  9. The titles of posts are all timestamps.

    Converting the name from hex [to binary] to ASCII gives “¨XÞEõm›É”, which is a valid string with HTML entities in it.

    Converting them gives the string “¨XÞEõm݃”. It doesn’t mean anything to me, though.

  10. They may be using Reddit to pass SSNs… take out the letters and you have a potential SSN… 858-45-5699 (or backwards: 996-55-4858)… or a potential phone number 858-455-699(0)… (or backwards: 996-554-858(0) if you tack a zero onto the end…

      1. They didn’t invoke the Euston gambit, so they’ve lost 3 turns…not a very intelligent move, to say the least.

  11. Boing Boing must have found this out from this AMA (the I am a…ask me anything subreddit) but the guy hasn’t come forward. The reddit members have also been trying to decipher his code with no luck.

  12. somehow , this reminds me of cosmac vip op code , the ( very ) old 1802 cpu from , was it rca ??? heheheheh , but , prolly not really , i suppose ( prolly any random string of hex reminds me of the 1802 when i am in the correct mood , a grand little processor , almost totally orthogonal , not even a dedicated subroutine stack , just use any register for anything )

  13. Web spammers do this sort of thing all the time. They’re just testing.

    The numbers are not meaningful, they are just unique tokens. They keep a database of which tokens were posted where. Later they scrape pages or search results to see which ones got through, and which are still there after a given period.

    So: reddit auto poster test. No message to decipher other than “ping”.

  14. small-fry numbers passing/dead drop. obvious and open because either it’s not a big deal to LEA’s, or someone just wanted to look spooky and cool.

    the real spooks passing in public are using forums like video sharing sites, or community-art portals like ytmnd where you can encode & modulate your data in both audio and video, plus plenty of noise (to the point where nobody except a receiver with the proper tuner AND cipher pad would even realize there’s illicit information-passing occurring, much less successfully intercept it)

  15. yep, it’s likely address lookups for a large OTP
    could seriously be used for something as nefarious as international terrorism

    and it’s not the pad that’s sent (except on contact), it’s an encrypted message. the pad is now huge, and used repeatedly, it contains volumes of information and an even larger noise halo. if it’s coordinated well enough, the message is just little more than a coded lookup key for a particular address in the OTP. And in the same vein as steganography, the uncrackable transmission of an encoded message can be as simple as an audio file with (seemingly) random pcm levels substituted. it would sound about as good as any other copy, but the unique file hashes could make them stand out a bit on music sharing/tracking networks

  16. in the bart keppel one, C2 and C3 are twenty times as likely to occur as any other byte. all bytes above those appear at most once. odd distribution, maybe a weak cipher of their own creation

  17. Wow, this is the dorkiest thread I’ve read in a long time. And that’s saying something for BB.

    1. We’ve got to hack into the mainframe and reverse the polarity on the ion interpolators!

    2. you don’t know how frightening this thread is for those who have no f’ing idea what you are talking about. and we’re supposed to worry about privacy? ha. we the tech-illiterate are f’d in your sci-fi future.

  18. Obviously a terrorist plot. The NSC, NSA, FBI, CIA et al. should get on the case immediately and devoted hundreds of billions of dollars. The very integrity of our nation depends on it.

    Incidentally, none of the abbreviations above are acronyms.

  19. I’m no expert – if I had to use linux to get a banana I’d starve.

    But I thought the main way botnets were controlled was via a “phone home” dead drop like this, relying on Google to find one of a few thousand control keys.

    Maybe it’s on Reddit because it’s a “white-hat” project trying to wrestle control of a botnet away from the source, and don’t have to worry about tracking so can leapfrog the source by using more frequently spidered sites so they get the google hit before the source does.

  20. Can someone explain posts like:




    to me?

    I live in a different circle but will come back to see what you say.

  21. God, that’s classic reddit to think a string of alphanumerics in a subreddit *just might* be an government intelligence agency using their board. Um no, your college humor echo chamber chat room isn’t a dead drop for one-time pads. Just a hunch though.

  22. Well, if you convert the hexadecimal to text, and get back about six feet, it resembles a portrait of Alfred E. Neuman.

    1. The post on Full Disclosure is very likely a proof-of-work – they’re posting MD5 or SHA1 sums of messages that will be posted in full later.

      The point of posting the proof-of-work now two-fold:
      – to claim credit – you have proof that you had created the message as of a certain date. If someone posts a duplicate finding, you can then post your own, and point back to the earlier post containing its hash, to prove you’re not just copying someone else’s work.
      – to fend off claims by software vendors – some of those hashes may be of correspondence with the vendors of affected software. Then, if the vendor doesn’t give credit when they post their patch, or drag its feet on the fix and then claims that they didn’t receive proper notification, you can post the original messages, and point back to the earlier post, again proving that the vendor did know about the vulnerability when you claim they did (this is a bit shakier, unless your exchange with the vendor was encrypted and signed using PGP or something).

      That also seems like another possibility as to what these posts might be – cryptographic hashes being posted as proof that some result (to be revealed later) had been achieved as of a certain date and time.

  23. They’re all timestamps

    Could be a redditor creating a subreddit specifically to record exactly when they get lucky, in which case they’re not doing too badly.

  24. It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.

    If it’s a chunk of timestamped hex code sitting there and it isn’t a bunch of hashes or social security numbers, what could it be? IP addresses? Whatever it is, it’s not human-language being passed; we talk too much and use way more words.

    Maybe a bunch of computers (in a botnet? Or not) were working on a list they all had a copy of, but the owner didn’t want them duplicating efforts so they were instructed to post whatever they’d completed someplace they could all get to; that way they could check the list and self-assign their next task without talking to each other. The trouble then becomes the motivation for making that website reddit. Reddit is a very public place. There are far less public places to run a list like this.

    Reddit has good badnwidth due to the number of people who use it, but so does google documents, where you could stick these in a spreadsheet anyone could access and nobody would ever bother looking. Reddit is very, very public. So, either the choice was automatic, a dumb machine picking whatever it could post to; or it was based upon what the person knew, a person sticking with what’s easiest and most familiar; or it was a deliberate choice made to put this in plain sight, as a taunt or a joke.

  25. These are dates and times, most likely the time when the link was created.

    201107031215 = 2011 07 02 12:15

  26. “It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.”
    Worse than that, it’s initiated SkyNet.

  27. it’s a date time stamp: year, month, day, hour minutes all concatenated together with no delimiters. here’s the latest one: 201107041325. it’s 7/4/2011 @ 1:25PM.

  28.  ˜÷¬ù•ñÓÐ˲Òñêºõ¿Žâðö–¨êϣŠ

  29. It’s simply date strings.

    201107041325 is 2011-07-04-13:25, meaning July 4th, 2011 at 1:25 pm.

    The other numbers are formatted in the same way.

  30. Wow, you’ll typically never hear me say something like this, but this is a thread that desperately needs more nerds.

  31. These kinds of things are all over twitter. Google “twitter numbers stations.”

    Here’s one of the stranger ones I’ve seen. I just stumbled upon it today by accident. It definitely looks like some kind of information. Almost reminds me of raw METAR data. And there’s a Japanese katakana ネ thrown in there for good measure.

Comments are closed.