The Rat
-
Posts
419 -
Joined
-
Last visited
Posts posted by The Rat
-
-
Interesting. I don't get the password error on the two programs I tried with that date - which is really strange if it's not correct - but I instead get a compression error. I wonder if it has to do with what Venona said about the file being PKZIP 2 but the password using the old zip encryption? I didn't quite follow that.
I'd not heard of the Ted Hall cable before, but you may be right. The creation date for the file is on 11/12/04.
With upper/lower/mixed case and American/European date variations, and possibly dropping the '19' from 1944, that's a lot of combinations for any given date....
Even more interesting: I just downloaded pkunzip the original DOS shareware and tried your password, 27November44 and it created a file named stage2.txt, but it's a 0-byte file. All other passwords resulted in a program crash. So we seem to be onto the right password, but either the file is corrupted or there is something more we're supposed to do.
The only info I could get out of it is the edit date and time: Friday, November 12, 2004, 7:02:58 PM
-
I think that the Web sources you have found will work fine. From my recent discussions with Venona, I believe he aims to celebrate the anniversary of one particularly notorious missive.Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944.
Hmm.
(light bulb sputters over head) ... November 27, 1944 looks to be the first message involving the Rosenbergs, which certainly fits the bill for "one particularly notorious missive". I tried several password variations of dates and names and hit upon one that seemed promising: '27November44'.
The thing is that while it doesn't give me a wrong password error (hooray!) neither does it seem to extract the Stage2.txt file properly (doh!). I tried it with 2 different programs and saw similar results.
I'll keep tinkering with it.
(edit to correct the password to the correct date and fix and fix an ironic typo)
The Ted Hall cable is another notorious missive, and 11/12/44 is loser to the date this whole Venona thing began. I tried most of the logical variations: 12NOVEMBER1944, 1944NOVEMBER12, NOVEMBER121944, etc. I also couldn't get the same semi-positive results for 27NOVEMBER44 or any of its variants. Just the usual error message.
-
Anniversaries are most often celebrated in even-numbers-of 5 or 10 years. Thus, this would be the 58th anniversary of an event from 1946, but the 60th anniversary of an event from 1944.
OVERLORD DDAY OVERLORD1944 DDAY1944 D-DAY D-DAY1944
I couldn't find any major Soviet victories or events in November or December 1944, Mainly tbhey were relieved from pressure by the Allied invasion of the European mainland. I also looked for something in 1954. The CIA website for Venona only had one short letter from late 1944, which didn't have any good names or words.
-
It's not the word. Maybe it's part of a compound word or number(s) could be added or it's a synonym. Or it could be it was really a mistake.
Or maybe the No-L isn't for Noel but is a sign to drop the L from another word.
-
Is having Honey Do list today. Like any good (self-appointed) Counterintelligence squad supervisor I believe organization is the key, especially since it means I get to assign work to others. I suggest we split up the keyword approach. If anyone has the programming skills to make a brute force attack program, please check in. That's your assignment. I may give it a crack later. I think we need one person to read the web or book material to come up with likely passwords, and someone else to try clues from the message and Venona's forum postings. I tried a few guesses, which I will post here. Everyone who tries guesses by hand, please post them here so that others don't waste time on them. For the following I tried with solid caps, solid lower case, and for the proper nouns only, initial caps.
[based on cold place clue] SIBERIA REFRIGERATOR ALASKA
[based on "rambing"] RAMBING RAMBLING NOEL (get it - No L?) CHRISTMAS
The squad has received reliable source information that "Venona doesn't misspell." Thus, I think the RAMBING is highly significant. I tried anagramming it, but nothing very promising popped out. I repeat my request for someone else to check my work on the decryptiion to make sure I have that word (and all others) right. Here is my worksheet.
0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ.,?_ pt
WXYZ.,?_0123456789ABCDEFGHIJKLMNOPQRSTUV col 1
FGHIJKLMNOPQRSTUVWXYZ.,?_0123456789ABCDE col 2
OPQRSTUVWXYZ.,?_0123456789ABCDEFGHIJKLMN col 3
PQRSTUVWXYZ.,?_0123456789ABCDEFGHIJKLMNO col 4
OPQRSTUVWXYZ.,?_0123456789ABCDEFGHIJKLMN col 5
BCDEFGHIJKLMNOPQRSTUVWXYZ.,?_0123456789A col 6
-
Thanks Vinona for the encouragement.
IS SPELL "VENONA" MR. FARMER MAN.
Is bad Russki accent More Liver Man.
WELCOME. AS FIRST THING, IS CONGRATULATIONS FOR SOLVING CIPHER FOR GET TO NEXT STAGE OF ACTIVITIES. YOU HAVE SOLVED STAGE BY FINDING SIMPLE ADDITIVE CIPHER. PAT ALL SELVES ON BACKS. ONLY NEXT STAGE IS MORE DIFFICULT FOR YOU. IF WANT FOR SOLVING YOU WILL GO TO VENONA WEB SITE AND GET ZIP FILE STAGE2.ZIP WITH iNSTRUCTIONS FOR NEXT STAGE. NOTICE FILE INSIDE ZIP ENCRYPTED USING PKZIP 2.0 ENCRYPTION ALOGRITHM. THEN YOU CRACK PASSWORD FOR GET INSTRUCTIONS OF NEXT STAGE. IS LUCKY FOR YOU PASSWORD PROTECTION IN OLD ZIP FORMAT USE WEAK ENCRYPTION. DISCUSS STILL MANY QUESTIONS FOR ASKING IN SOLVING CIPHER. IS ALPHA ONLY OR ALPHANUMERIC. SHOULD DICTIONARY ATTACK, OR MAYBE SHOULD BRUTE FORCE. PERHAPS STUDY OF MESSAGE THIS MAY GIVE HINT FOR MAKING SOLUTION MORE EASIER, ALTHOUGH MAYBE NOT. SUPPOSE ONLY VENONA RAMBING TO ADD PLAINTEXT FOR LONG ENOUGH MESSAGE TO MAKE SOLUTION OF ADDITIVE CIPHER POSSIBLE. SOLTUION NOT SO HARD FOR FINDING PERHAPS. WE HOLD FTF TRAVEL BUG IN COLD PLACE UNTIL YOU FIND. ONLY WAY POSSIBLE IS SOLVING OF ALL STAGES OF ACTIVITIES. REMEMBER ALL THINGS FROM VENONA WE HAVE TOLD YOU. DO NOT GIVING UP.
The word RAMBING was spelled (or misspelled) that way in the decryption. Someone else should check my work. That misspelling may be a clue. OK, now I've done my part, will someone find the cache for me and sign my name? No, I'll send a junior squad member.
-
It begins
WELCOME. AS FIRST THING, IS CONGRATULATIONS FOR SOLVING CIPHER FOR GET TO NEXT STAGE OF ACTIVITIES. YOU HAVE SOLVED STAGE BY FINDING SIMPLE ADDITIVE CIPHER. PAT ALL SELVES ON BACKS. ONLY NEXT STAGE IS MORE D...
[ifficult...???]
My programs are not designed to work with 40-character alphabet sets, so there is some improvising going on. Also, I am using an old DOS QBASIC program that can't handle strings larger than 255 characters, so I have had to break the ciphertext into pieces. I started at the beginning. How novel. I'll get to work on the rest, but if anyone with better programming skills wants to finish the work for me, I won't mind. I may have some of the punctuation off, since my program only substitutes letters.
The key alphabet is in the order A-Z <period><comma><?><space>0-9. The key, VENONA is set so that those letters stand for the space in each of the six columns.
-
I went back and did IC analysis and Kasiski on the original text deleting the line breaks but without deleting the VENONA letters and there is a clear period at 6. For some reason my other program did not compute this correctly. All the long repeated segments repeat at multiples of 6 letters. Obviously the word VENONA has six letters. We may be looking at some variant of a Vigenere or Beaufort using an alphabet of 40 characters or so with VENONA as the key.
-
Unfortunately I won't have much time today to work on this, but I noticed a couple of things that might be useful. I tried eliminating all the letters in VENONA as nulls and then ran a Kasiski test on the remaining text and found that the repeated segments are in multiples of 5, e.g. 125, 130, 135, 145 , 215, 90. It is important to remove the line breaks as characters to do this accurately. This is strongly suggestive of a period of 5. This should result in an elevated Index of Coincidence at period 5, but my IC test didn't show that. I'm not sure why - maybe an error in my program or the nature of the ciphertext not fitting the parameters of my program. Or maybe the text was manipulated to disguise it. Still, there are too many of these to ignore. For example, one long repeating segment is T7,B5H4 at positions 206 and 411 (125 characters apart) and another, 386FTF, is 145 characters apart. The FTF seems suspiciously serendipitous, too. Someone might want to try writing out the text in blocks of five characters and see if anything jumps out as significant.
Oops, my mistake. I got this result with the line breaks in (treated as a character). This does not change the significance.
-
Unfortunately I won't have much time today to work on this, but I noticed a couple of things that might be useful. I tried eliminating all the letters in VENONA as nulls and then ran a Kasiski test on the remaining text and found that the repeated segments are in multiples of 5, e.g. 125, 130, 135, 145 , 215, 90. It is important to remove the line breaks as characters to do this accurately. This is strongly suggestive of a period of 5. This should result in an elevated Index of Coincidence at period 5, but my IC test didn't show that. I'm not sure why - maybe an error in my program or the nature of the ciphertext not fitting the parameters of my program. Or maybe the text was manipulated to disguise it. Still, there are too many of these to ignore. For example, one long repeating segment is T7,B5H4 at positions 206 and 411 (125 characters apart) and another, 386FTF, is 145 characters apart. The FTF seems suspiciously serendipitous, too. Someone might want to try writing out the text in blocks of five characters and see if anything jumps out as significant.
-
I think the key is to figure out why the letters of VENONA appear as the highest frequency, and why the N appears approximately twice as often as the others.
Isn't that just because Venona has two N's?
That's my point. I think there is some system of inserting the letters of the word VENONA in order V, then E, etc. into the ciphertext. This would explain the higher frequency of the N's. This would NOT be consistent with a system that, for example, just designated the letters V,E,N,O,A as nulls and inserted them randomly. I am using both the higher frequency of these letters, AND the fact that N has twice the frequency, as evidence of such a system. This is inconsistent with an ordinary simple substitution, although it could be simple substitution with nulls.
As for the doubled letters, I'm at work right now and don't have the numbers with me or time to work on it, but it is easy to tell if the doubled letters are significant or normal. Just take the number of different characters n, (40 I think it was, not counting the line break) and 1/n is the random chance that a character would be followed by itself. You would then expect approximately x/n doubles to appear, where x is the total character count of the message. This method is not strictly accurate where the letters are not randomly distributed, but the distribution here is fairly level, so that number should give you a decent approximation.
-
This can't be simple substitution in its current form., even including punctuation and spaces. In English spaces should take up about 23% of the characters, including punctuation. The most frequent character in this ciphertext, N, only represents about 8% of the total. Furthermore, it is a simple matter to try all the most frequent chanracters to see their distribution, and quickly see that there is no character that "breaks up" the strings into possible word lengths. Of course there could be a combination of characters that will work, but I believe it is some other system.
I think the key is to figure out why the letters of VENONA appear as the highest frequency, and why the N appears approximately twice as often as the others. If all the VENONA letters were nulls inserted regularly, presumably in order, then there should be exactly the same number of each of them (except the N double that), which there aren't. If they were randomly inserted as nulls, then there should be about as many N's as the others, which there aren't. It also seems non-coincidental that the frequency of the VENONA letters is also in approximately the same order those same letters in ordinary English, i.e. The E and N most common, the V least common. It suggests that some of the VENONA letters are nulls, while another set of them are unenciphered English, or at least appear in some key alphabet or cipher system where high-frequency letters tend to sustitute for other high feq ones, and low for low. This may be a random artifact, but it also may be a clue to the system used. The rest of the characters do NOT follow normal frequencies., e.g. URS, all high frequency letters, are among the lowest. I am not familiar with any system that uses some plaintext letters mixed in with some enciphered with a sustitution system. Hmmm ...
I think I need some help here.
-
The first two possibilities that come to mind are:
1) The letters of VENONA are dummies - possibly as spacers, or markers of some kind (e.g. signifying a new sentence or section), or possibly just randomly inserted repeatedly to disguise frequencies or patterns;
2) The letters of VENONA are part of the key, such as the substiitution scheme replaces the most common plaintext characters with the letters of VENONA, followed by the rest of the alphabet. This might explain the elevated frequency of those letters.
If 1) is right, then we should just remove all the VENONA letters and try to decrypt, or at least analyze. I tried this and the distribution looks more even, but still not completely even. If 2), then it strikes me as odd that the N would be much more frequent than the other letters. If the most frequent letters were replaced directly by VENONA, then the V would be most frequent, E next, etc., but that's not the way the frequency count comes out.
It seems more likely that the letters of VENONA are inserted in some regular fashion, probably in order. This would result in the letter N being inserted twice as often as the others, and match the frequency count. It is possible that there are "legitimate" V's, E's etc., and null ("camouflage") VENONA letters. I tried looking for them at evenly spaced intervals, e.g. every 13th letter, etc., a V, then and E, but I couldn't find a pattern.
In either case, I doubt this is a simple substsitution, even with spaces and punctuation put in.
I also checked the IC, and it is very even - no periodicity shown for periods 4 - 15.
-
The posted frequency count doesn't suggest too much to me.
Hold on. Of course it does. The letters of VENONA are the most frequent. This must be significant, but not sure how just yet.
-
Federal authorities are not working today. Respect Veteran's Day. Fly your flag. Spies and criminals can go uncaught on federal holidays.
I haven't had a chance to look at the ciphertext yet, other than skimming it on the web page. The posted frequency count doesn't suggest too much to me. I'll check for periodicity. His last cipher was XOR'ed with a repeated keyword or phrase, as I recall, which resulted in an elevated Index of Coincidence (IC) at 10 or whatever the length was. My tools aren't set up for analyzing ct with spaces and punctuation included. I'll have to improvise something.
-
I recommending getting book of us. Is publication by your CIA. Called "Venona: Soviet Espionage and the American Response." Will help full for activities.
Other investigative resources quickly come to mind:
However, our squad experience has been that this nefarious malefactor is very specific in his means of communications. It is likely that the original key material will be required. Any squad member who has managed to acquire one of these referenced CIA books should report in as soon as it is available.
-
Venona-
I know you are reading this. It looks like the new generation is interested, and there are still some among us who deciphered your puzzles in 2002... let's hear what you would have us do.
Venona - The Counterintelligence Squad does not reward extortion. Your threats do not intimidate us. If necessary, we can call up the Word Police for auxiliary assistance. Uncle Sam wants You!
-
I've been having a lot of problems opening Pocket Queries lately. Either the GPX file has lots of glitches, or the ZIP file is corrupted and won't open. Is anyone else having this problem? If not, I guess it must be something related to my e-mail.
I was having trouble with my GPX files opening in EasyGPS but only showing a small percentage of the caches, and once in awhile bombing out altogether. I discovered the problem was the cache named "?Bridge The To Happened What" The initial ? was not parsing correctly, and the program treated it as an end of file or just crashed. Now I edit every gpx file to delete the ? (WordPad works for this) and they all open fine now. That one cache is a pain, though, and I wish I would either go find it or the owner would archive it so that it doesn't appear in the queries any more. That doesn't sound like your problem, but you might at least try editing the file with WordPad or other editor of choice (assuming you can save it as a GPX file in the first place). I haven't had any problem with the zip files, but then I don't zip mine. You might also try modifying a Pocket Query to transmit as a regular gpx, unzipped, and see if that makes a difference. Ifworse comes to worse you could try what I did: open the gpx file in a word processor or text editor and try deleting each individual waypoint one by one, saving and reopening, then restoring and trying the next one until you find the problem. If there is just one oddball cache or log that does something weird, this should eventually find it. Of course, that depends on how big your gpx file is. You might try running a small query first and working on that.
-
Anybody looking for a caching partner, or is there any caching events open to everyone coming up? New to the fun and looking to meet fellow cachers.
Be careful what you wish for, wazootyman, for your wish may just be granted. Most of us are bizarre, depraved, geeky misfits.
-
My Magellan SporTrak Pro went out a couple of months ago and I went back to my old yellow eTrex. It about killed me. I agree that the Magellan holds a lock much better in trees. The averaging feature is also a vast improvement on Garmin. After you've been in an area for awhile, the accuracy gets better and better with the SporTrak. I can't read the Garmin screen - it's just too small for these old eyes without my reading glasses, whereas the SporTrak has a nice big screen with big fonts and big arrows. I can also customize the screens on the SporTrak Pro - not so on the yellow Garmin. Another major factor is the buttons. The big concave rocker button in the middle of the SporTrak is super. All those hard round buttons on the Garmin have my fingers aching after entering a few waypoints in - and I hate those drop down menus with the numbers in reverse order. My Magellan was fixed without having to send it in - I just cleared the memory and downloaded the new firmware straight from the website. Oh yes, the fact that I can see my current coords with the Magellan but not the Garmin is antoher big selling point. You have to mark the spot with the Gramin then switch screens to see the waypoint.
The biggest pain on it is the battery compartment. It is really hard to get open. The little screw that holds it on had become loose and I had to spend many fretful minutes looking for it on the ground when I dropped it. The flange that the screw moves through became bent so that I couldn't close the battery compartment until I got home and used an awl to reopen the screwhole and bend the flange down again. The little plastic chassis that holds the batteries tends to stick when you try to slide it out, so you end up having to unscrew the screw a distance that you THINK is far enough to disengage from the threads (but don't go too far or it'll fall on the ground) then you tug at the battery chassis. If it doesn't come out you don't know if you haven't unscrewed far enough or it's just sticking, so you keep unscrewing a little more then yanking a little harder until the screw falls in the leaves or the whole compartment finally comes flying out. Cavil, cavil. I'm hoping the Magellan engineers will read this. Really, though, that's the only flaw, and it's a very minor one.
-
I'm calipidder, and I'm in awe of all these 4000+ cachers. ... I find myself secretly working on The Rat puzzles at work and stealthily sneaking around playgrounds in the middle of the night. But I'm not addicted. Nooooo.
I live in Los Altos and work in Palo Alto. Hubby is on the home stretch of his PhD at Stanford so we may not be in the area much longer. I'd love to make it to the BADGES dinner but it looks like we may be heading out backpacking. I'll try to make one in the future!
Calipidder,
It's good to have you aboard. You shouldn't feel awed by the 4000+ crowd. I know them all, and they're the ones who are odd. (Groan - bad pun -
). As a Los Altan you are in the neighborhood of PhilippeGPS, Truckeegal, and me - although we're all in the southern part (South Central L.A. as we are referred to by the posh northern half). If you need a hint on one my puzzles, just e-mail. The only one I'm not giving hints out on right now is the new one - Slobinovich.Rat
-
There are exceptions to this though, if you are finding any of Lamneth's caches... He has a nack of making the hide fit in with the puzzle theme, and does such a good job on the camo and containers. His puzzle caches are a complete experience.
--Marky
I second the sentiment. I did Counterparts last weekend and it was an incredible display of craftmanship from the first puzzle to the final cache stage. Now if I could just figure out Entre Nous.
-
I have very mixed feelings about my leaderboard. I've gotten more feedback on it than any of the other tools I've created so far. Almost all have been positive. What I was afraid of when I created this was that people would turn geocaching into a competition. I tried to post a note at the top of the page to dispel this, but I'm sure most people don't read that.
While I feel proud of the number of experiences I've had caching, I don't look down on someone who has fewer than me or wish ill on those who have close to the number I have.
To me geocaching is about new experiences, fun and companionship. If people are trying to get one up on their neighbor, those goals are in conflict.
I'd appreciate other feedback on how we can keep an environment of non-competitiveness. Maybe I'll just sort the list alphabetically.
Wow, once again I seemed to have sparked some lively discussion. First of all, thanks, boulter, for all your tools and general service to geocaching. The one I use the most is the Quick Search tool. Second, I don't look down on anybody who doesn't do the same type of caches I do, any more than I think people with thousands of finds look down on me for not going that route. I agree with everybody who says that geocaching is for whatever fun you get out of it, not to please others. Third, eliminate the competiveness? You've got to be kidding! That's what motivates at least half the cachers out there. I gave up trying for FTF's within a few months of starting because I just didn't have that competitive drive. Back in those days if I saw a new cache come up on my list and went right out for it, I'd be more likely to get run over by [names redacted for personal safety] than find the cache. Maybe it still happens, I don't know 'cause I'm not there except maybe for a puzzle cache that has been out and unfound for awhile. But anybody who logs finds on GC.com is by definition competitive. If it was just the fun of the hunt, there would be no reason to log it, or even sign the sheet. People do so in order to be recognized - to get credit for having achieved something, modest or otherwise. It is only when competition gets personal that it is ugly. I'm thinking of a couple of major players (not in the Bay Area) who weren't on speaking terms - that sort of thing. I look at it sort of like a great big softball game: some people are good hitters, others good fielders, some make the pennants, some bring the refreshments, some are not particularly good at anything related but just enjoy watching the game, and everybody can have fun from someone else's big play and congratulate him or her with sincerity, but none of that stops the natural human instinct to want to win. boulter, if you didn't want competition, you shouldn't create a list. aaaNostrada's comment demonstrates the fallacy of changing it - if you create any form of recognition, someone will strive to be first at whatever it is. It's human - go with it! And we can still all be friends.
-
PhilippeGPS and I were talking about Boulter's Bay Area Leaders board and I commented that I would be dropped off the bottom soon since I don't go for numbers any more. I like puzzles and sometimes a good hike or multi, but those 1/1's bore me. He said if they computed the average difficulty rating instead of just total number, we'd be up at the top. Hmm, so I just computed the average difficulty for my last 100 finds. 2.907 / 1.495 for difficulty / terrain according to the numbers shown on my found list first 5 pages. Combined difficulty is 4.402. Does anybody want to challenge me? I'm too lazy to compute all those other leaders' averages, so for now I'll claim the #1 spot.
No fair counting just your last 5 or 10 - anyone can manipulate his average up that way. Last 100 finds.
). As a Los Altan you are in the neighborhood of PhilippeGPS, Truckeegal, and me - although we're all in the southern part (South Central L.A. as we are referred to by the posh northern half). If you need a hint on one my puzzles, just e-mail. The only one I'm not giving hints out on right now is the new one - Slobinovich.
No fair counting just your last 5 or 10 - anyone can manipulate his average up that way. Last 100 finds.
The Return Of Venona
in West and Southwest
Posted
This sort of reminds me of a couple of puzzle caches where the coordinates were hidden in graphic or audio files.
I suspect there is some application out there that modifies zip files (or regular files made to look like zip files) to hide a short message. Has anyone looked at this file with a byte editor or other application?