What is A858DE45F56D9BC9?


73 Responses to “What is A858DE45F56D9BC9?”

  1. jnordb says:

    …and I can only hope it’s an updated numbers station type thing. I always was fascinated with listening to them when I was a kiddo….

  2. Anonymous says:

    Be sure to drink your ovaltine.

  3. Anonymous says:

    It looks like a password for a router or cable modem

  4. Anonymous says:

    The fact that there are no letters past E suggests hexadecimal language (which consists of 0-9 and A-F), but it doesn’t translate to any meaningful text. My guess is it’s either encrypted, or a prank on redditors.

  5. Raffy says:

    God, that’s classic reddit to think a string of alphanumerics in a subreddit *just might* be an government intelligence agency using their board. Um no, your college humor echo chamber chat room isn’t a dead drop for one-time pads. Just a hunch though.

  6. Eris Siva says:

    As a number of people have pointed out, this was probably a Botnet control center – the bots would check the subreddit every once and a while. That way, if someone had checked their logs, it wouldn’t really trigger suspicion as it would look like their computer had just accessed Reddit…and most tech savvy people would have been there at some point.

    User JnvSor has quite a bit of interesting data on it. But it looks like the subreddit AND account were baleeted.

  7. obscuromancer says:

    testing the api with lots of random text? odd how all letters upper-case tho

  8. earthmann says:

    Well, if you convert the hexadecimal to text, and get back about six feet, it resembles a portrait of Alfred E. Neuman.

  9. Anonymous says:

    There was a drop to the security lists too:


    • dragonfrog says:

      The post on Full Disclosure is very likely a proof-of-work – they’re posting MD5 or SHA1 sums of messages that will be posted in full later.

      The point of posting the proof-of-work now two-fold:
      - to claim credit – you have proof that you had created the message as of a certain date. If someone posts a duplicate finding, you can then post your own, and point back to the earlier post containing its hash, to prove you’re not just copying someone else’s work.
      - to fend off claims by software vendors – some of those hashes may be of correspondence with the vendors of affected software. Then, if the vendor doesn’t give credit when they post their patch, or drag its feet on the fix and then claims that they didn’t receive proper notification, you can post the original messages, and point back to the earlier post, again proving that the vendor did know about the vulnerability when you claim they did (this is a bit shakier, unless your exchange with the vendor was encrypted and signed using PGP or something).

      That also seems like another possibility as to what these posts might be – cryptographic hashes being posted as proof that some result (to be revealed later) had been achieved as of a certain date and time.

  10. Anonymous says:

    There’s a similar thing here: http://bartkeppel.blogspot.com/

    • travtastic says:

      That one’s different. The spacing in-between is there to make it readable, for people.

      If I had to guess, I’d say that’s generally the formatting used for OTP decryption matrices, although I couldn’t imagine why it would be on a publicly-accessible webpage.


    • diginferno says:

      Those could be Unicode character codes. I searched some of the 4-character sequences at decodeunicode.org and I found out that they are codes for some pictographic writing.

      Those blog posts are old, so I am going to assume that the technical changes Blogger went through since then broke the content somehow.

  11. Micah says:

    Maybe it’s encrypted instruction for bots, using reddit as a botnet command and control center.

  12. nosehat says:

    It’s an 8-byte number in hex. As such, it could be a lot of different things, including a strong crypto key. I’m not aware that this particular number is anything special. In decimal, it’s 12130689988374141897.

    While it’s fun to think the thread might have been a dead drop, my guess would be a game of tag. Or, more likely, an impromptu game of tag. Bored person A posts a random number; bored person B thinks that’s mildly amusing, and replies with another random number; bored person C does the same, wondering how long they can keep it going before someone replies with “WTF?”

  13. Anonymous says:


  14. Anonymous says:

    Apparently the subreddit has been unbanned!

    There’s a new post now: http://www.reddit.com/r/A858DE45F56D9BC9/comments/igmjv/201107041325/

  15. Anonymous says:

    These kinds of things are all over twitter. Google “twitter numbers stations.”

    Here’s one of the stranger ones I’ve seen. I just stumbled upon it today by accident. It definitely looks like some kind of information. Almost reminds me of raw METAR data. And there’s a Japanese katakana ネ thrown in there for good measure.

  16. Anonymous says:

    guys where are we?

  17. Anonymous says:

    Pattern Recognition

  18. Stooge says:

    That C9 ending rather leaps out at me. Has anyone considered that this might be a program in Z80 assembler?

    Unfortunately the bit of my brain that used to deal with translating hex to Z80 opcodes got re-purposed some years back, but maybe someone else still remembers this stuff and can save me the hassle of looking it up.

  19. Palomino says:

    A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F)……….?

  20. Cowicide says:


  21. Ripcord says:

    Wow, you’ll typically never hear me say something like this, but this is a thread that desperately needs more nerds.

  22. desprez says:

    Minecraft seeds.

  23. Eris Siva says:

    Yeah – says the Reddit has been banned, which leads me to believe it was spam/botnet/malicious.

  24. Anonymous says:

    Encryped message board: http://www.pgpboard.com

  25. LegendofPedro says:

    The titles of posts are all timestamps.

    Converting the name from hex [to binary] to ASCII gives “¨XÞEõm›É”, which is a valid string with HTML entities in it.

    Converting them gives the string “¨XÞEõm݃”. It doesn’t mean anything to me, though.

  26. sfarmer76 says:

    They may be using Reddit to pass SSNs… take out the letters and you have a potential SSN… 858-45-5699 (or backwards: 996-55-4858)… or a potential phone number 858-455-699(0)… (or backwards: 996-554-858(0) if you tack a zero onto the end…

  27. Anonymous says:

    Pfft, you people have no imagination. Let’s turn this into an ARG ourselves…

  28. weeld says:

    Am I the ony one thinking-

  29. tamar says:

    Boing Boing must have found this out from this AMA (the I am a…ask me anything subreddit) but the guy hasn’t come forward. The reddit members have also been trying to decipher his code with no luck.

  30. Anonymous says:

    They’re all timestamps

    Could be a redditor creating a subreddit specifically to record exactly when they get lucky, in which case they’re not doing too badly.

  31. Anonymous says:

    Half an md5sum?

  32. Planet Strike says:

    it’s a date time stamp: year, month, day, hour minutes all concatenated together with no delimiters. here’s the latest one: 201107041325. it’s 7/4/2011 @ 1:25PM.

  33. Anonymous says:

    It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.

    If it’s a chunk of timestamped hex code sitting there and it isn’t a bunch of hashes or social security numbers, what could it be? IP addresses? Whatever it is, it’s not human-language being passed; we talk too much and use way more words.

    Maybe a bunch of computers (in a botnet? Or not) were working on a list they all had a copy of, but the owner didn’t want them duplicating efforts so they were instructed to post whatever they’d completed someplace they could all get to; that way they could check the list and self-assign their next task without talking to each other. The trouble then becomes the motivation for making that website reddit. Reddit is a very public place. There are far less public places to run a list like this.

    Reddit has good badnwidth due to the number of people who use it, but so does google documents, where you could stick these in a spreadsheet anyone could access and nobody would ever bother looking. Reddit is very, very public. So, either the choice was automatic, a dumb machine picking whatever it could post to; or it was based upon what the person knew, a person sticking with what’s easiest and most familiar; or it was a deliberate choice made to put this in plain sight, as a taunt or a joke.

  34. edthehippie says:

    somehow , this reminds me of cosmac vip op code , the ( very ) old 1802 cpu from , was it rca ??? heheheheh , but , prolly not really , i suppose ( prolly any random string of hex reminds me of the 1802 when i am in the correct mood , a grand little processor , almost totally orthogonal , not even a dedicated subroutine stack , just use any register for anything )

  35. Anonymous says:

    hhmm..thats true

  36. owza says:

    Karma 01110111 01101000 01101111 01110010 01100101

  37. Anonymous says:

    Web spammers do this sort of thing all the time. They’re just testing.

    The numbers are not meaningful, they are just unique tokens. They keep a database of which tokens were posted where. Later they scrape pages or search results to see which ones got through, and which are still there after a given period.

    So: reddit auto poster test. No message to decipher other than “ping”.

  38. Anonymous says:

    small-fry numbers passing/dead drop. obvious and open because either it’s not a big deal to LEA’s, or someone just wanted to look spooky and cool.

    the real spooks passing in public are using forums like video sharing sites, or community-art portals like ytmnd where you can encode & modulate your data in both audio and video, plus plenty of noise (to the point where nobody except a receiver with the proper tuner AND cipher pad would even realize there’s illicit information-passing occurring, much less successfully intercept it)

  39. Ghost of a flea says:

    These are dates and times, most likely the time when the link was created.

    201107031215 = 2011 07 02 12:15

  40. meehawl says:


  41. Anonymous says:

    and now it’s gone again. Boo.

  42. Anonymous says:

    yep, it’s likely address lookups for a large OTP
    could seriously be used for something as nefarious as international terrorism

    and it’s not the pad that’s sent (except on contact), it’s an encrypted message. the pad is now huge, and used repeatedly, it contains volumes of information and an even larger noise halo. if it’s coordinated well enough, the message is just little more than a coded lookup key for a particular address in the OTP. And in the same vein as steganography, the uncrackable transmission of an encoded message can be as simple as an audio file with (seemingly) random pcm levels substituted. it would sound about as good as any other copy, but the unique file hashes could make them stand out a bit on music sharing/tracking networks

  43. Anonymous says:

    That’s numberwang!

  44. Anonymous says:

    in the bart keppel one, C2 and C3 are twenty times as likely to occur as any other byte. all bytes above those appear at most once. odd distribution, maybe a weak cipher of their own creation

  45. freshacconci says:

    Wow, this is the dorkiest thread I’ve read in a long time. And that’s saying something for BB.

    • travtastic says:

      We’ve got to hack into the mainframe and reverse the polarity on the ion interpolators!

    • Anonymous says:

      you don’t know how frightening this thread is for those who have no f’ing idea what you are talking about. and we’re supposed to worry about privacy? ha. we the tech-illiterate are f’d in your sci-fi future.

  46. Anonymous says:

    Obviously a terrorist plot. The NSC, NSA, FBI, CIA et al. should get on the case immediately and devoted hundreds of billions of dollars. The very integrity of our nation depends on it.

    Incidentally, none of the abbreviations above are acronyms.

  47. CountZero says:

    “It’s the internet. It’s begun talking to itself. Sadly for us all, the singularity has begun on reddit.”
    Worse than that, it’s initiated SkyNet.

  48. Anonymous says:


  49. Anonymous says:

    I only noticed this the other day, so can’t say if it has much to do with it.


  50. Anonymous says:

    “The Mind String And How To Pull It” by Bart Keppel.

  51. Anonymous says:

    It’s simply date strings.

    201107041325 is 2011-07-04-13:25, meaning July 4th, 2011 at 1:25 pm.

    The other numbers are formatted in the same way.

  52. jjsaul says:

    I’m no expert – if I had to use linux to get a banana I’d starve.

    But I thought the main way botnets were controlled was via a “phone home” dead drop like this, relying on Google to find one of a few thousand control keys.

    Maybe it’s on Reddit because it’s a “white-hat” project trying to wrestle control of a botnet away from the source, and don’t have to worry about tracking so can leapfrog the source by using more frequently spidered sites so they get the google hit before the source does.

  53. Anonymous says:

    Can someone explain posts like:




    to me?

    I live in a different circle but will come back to see what you say.

  54. Anonymous says:

    Obviously the message is:”HELP I’M STUCK IN THE REDDIT SERVER ROOM”

  55. jnordb says:

    …..and, the link is gone. :(

Leave a Reply