Part 4 - the rest of the storyI had expected to tell the rest of this story long before now. Due to the insistence of several friends, (and to the exasperation of many, for which I apologise) I have finally got the job finished. This final tale will be in two parts. The first is to complete the train of events that led to the LoLander page and how it arose from the riddle. The second is to look at the candidate "ORC page" and see what can be deduced about it. As you will have noticed from the download time, there's a lot to tell. I should start by saying that the solution to the riddle is not clear cut. Following ORC's maxim of feeling the solution to problems, Hackmore did just that. Any of you who are scientists will know that that's how virtually all scientific discoveries are made, too. You get a hunch, push it through to the Eureka! point, then go back and prove you were right using linear logic. The same process applies to cracking any problem. Nobody knows how the brain makes the vital link. There's a lot of playing around with the problem, and suddenly the connection is made. Enough waffle. Here's the story. When the last part ended, we had found an unexpected and rather odd site on Geocities, LoLander's page The IP address of Geocities has no obvious connection to the riddle. What was the connection? This is the sequence of events. Several months ago, Hackmore had found a site by playing around with the riddle numbers. I did too, but not the same site - only a children's clinic in Munich! Hackmore had found Georgia State U's site, http://www.gsu.edu . The IP address is interestingly close to the riddle: riddle: 131.92.15.128/+ORC There is a fork point here. How did Hackmore find GSU from the riddle, and what is the significance of GSU in the first place? And what about the "+ORC" bit? First, the riddle link. There had been a flurry of email between Hackmore, Fravia and me for about 24 hours prior to Hackmore explaining how he made the riddle connection. The best I can do is to quote Hackmore's explanation from November 9th. David and Fravia;
As you know, it was a year ago last August that I first surfed the
net, and Fravia's web-page was the first web-page I've ever seen. Which,
of course, set me on the great +ORC hunt.
Another site I found, probably within a month of joining the web, was
a site called "The Strange World of Tapu", which interested me because
it had a link to the elusive +ORC. Having visited Fravia's site, AND
finding this link, I checked the IP address of BOTH Tapu sites, AND the
dead site the link pointed to.
Tapu's site had a VERY similar IP address, but, being very naive
about these things at the time, I didn't make the connection. I DID
bookmark the site though, and visit it often. And it's always bothered
me that, although other links came and went, +ORC's remained. Somewhere
I even heard that +ORC and Tapu were friends.
This all took place long before Basilisk ever took over the elusive
hunt for ORC, and I've kept the information about Tapu's site a secret,
since anyone into anything pertaining to hacking or cracking SHOULD be
aware of this site.
So now, to solve the riddle:
"Gold, with six bars, or with the visor raised (in full face)
Read "full face" as if looking straight at something - you don't
know what, if anything, lies behind it.
Read "visor raised" as something else showing, perhaps behind
the "full face."
"Silver, with five bars, (in full face)
Only a full "face here", nothing behind it
"Silver, with four bars, with visor raised (in profile)
Read "in profile" as seeing the whole thing from the side, which
would include the markings, and visor raised means there's something
else, so we add to what we already have.
131 - The main server, not much you could do with this
92 - look at it sideways, you see 92, plus the emblem (4 bars) = 96
15 - look at it straight on, (= 1), cant see what's behind it (=5)
because it's "full face".
128 - look at it straight on, (= 1), visor raised, something else is
showing, (= 2), which equals 12, divisible by 6, which equals 2, which
is the number of other changes you've made. We loose the "8" character.
So we end up with 131.96.1.12... the EXACT IP address of Tapu's
web-page, which links to Geocities, so we must assume our elusive
web-site is located here, even though the link doesn't get us where
we're going.
From here, it's just a simple search for "orc", which brings up 145
web-sites, all dealing with warcraft games, except one.
http://www.geocities.com/SiliconValley/Lakes/6310
End of quote. There's quite a lot to digest in that. I'm ambivalent about it as a solution, but it makes as much sense as anything I've tried, with the notable exception that it actually points to a real site. As I'll mention later, there are other pieces of evidence that suggest it's right. The tricky bit is that it points to GSU in general, not to the Tapu sites as such. What Tapu sites, you ask. Well, there were two Tapu sites on the GSU site. I say "were" because there's been so much traffic to the pages as a result of this saga that they've changed the file addresses and have password protected them!! (I wonder why?) But you may take my word for it that there were two identical Tapu mirrors, both long out of date - I think they dated from April 1997, judging from the expired sites and the link to Fravia's long departed Geocities site. For reference, the old URLs for the dead Tapu sites were: http://www.gsu.edu/webfs01/eng/engjcp/public_html/ref.html Don't bother trying them as they've been renamed and password protected, as I said. You can see there's an element of luck here. That doesn't worry me. Penzias and Wilson won the Nobel Prize for Physics for having the luck to discover the dim echoes of the Big Bang, while trying to track down the source of a faint but annoying "hiss" in a microwave horn antenna. Don't discount the value of luck. It leads to discoveries. Curiously, though, I could only find the second of the Tapu sites using the GSU search engine. Hackmore had mentioned two sites. He found the other much earlier. The interesting point about this is that ORC, when he replied to Hackmore (see previous page), mentioned "two remaining gates". He did this before Hackmore had mentioned the Tapu sites, so it's an independent fact. Not a proof, not quite a smoking gun, but very very curious. Now to the next part, the link to the LoLander site. Hackmore explains that in his message. This again requires a lateral jump. The Tapu sites don't point to LoLander, they just include a reference to ORC and point to the dead Fravia site on Geocities. Why would there be two fossil Tapu sites? It's not that hard to get an up to date mirror of Tapu. Indeed, why are they still there, albeit password protected. I have no idea. Anyway, there's a subtle pointer to Geocities. A quick search using the Geocities internal search engine finds quite a number of references to ORC. As Hackmore says, all are to games sites, except one that one points to the LoLander site. It's worth noting that very few of the Geocities sites are indexed by the 'bots. Maybe it's a no-go zone for external robots? (This is true of a few other sites, so _mammon has kindly provided a search site link page for these sites.) Next, what about the "+ORC" suffix to the URL in the riddle? My only thought is that it is a hint to look for the name "+ORC" on the site you find from the numbers. I'll leave you to decide whether that's convincing or not. The "page" itselfWhich brings us to the next question, what of the LoLander site? On the surface, it looks and sounds nothing like an "ORC site". But that begs the vital question, what would an "ORC site" look like? We know only one thing about it from what ORC's said: it has another riddle on it (remember the "matrioshka" reference). The LoLander site meets that requirement. But it doesn't "sound" like ORC. That worried Fravia at the time, and others since then. It's a legitimate concern. But if I were ORC and setting up a site, I'd not head it with the title "Welcome to +ORC's secret web site"! It would be discovered soon enough by accident. The Web is full of curious people burrowing around its darker recesses! No, if I were ORC, I'd create a page that looked "mostly harmless", a cracker related site that looked a bit amateurish, with things on it that would only make sense to someone who'd come there knowing what to look for. I think the LoLander site meets that requirement well. The "gremlin" GIF (yes, it's The Brain from the Spielberg cartoon series Pinky and the Brain - another self reference?) is pretty meaningless, and any home page maker who wanted to put the image there because he liked The Brain would surely at least mention the character's name? The BlakAdder reference and the IPOL numbers also serve no apparent purpose and have no meaning on an innocent home page. But if this is a subtle ORC page, they have a lot of meaning. They constitute a very nice second riddle. Mind you, it may be one that points nowhere, just says something about ORC. It doesn't have to point anywhere - though it may do so. It's worth making a few observations about the page, not in any order of importance. Some of these have been sent to me over the past few months, most are my own.
My thoughts after looking at the site for a while is that it is put together rather crudely, assembled quickly from readily available bits and pieces. Maybe I'm just being unkind to LoLander. Or is that ORC I hear laughing? ConclusionsIf the LoLander page is the ORC site, then it's a very clever one. It could not have been designed better to keep people guessing. If it's just a coincidence, then it's a very strange one. Well, that's it. I don't doubt there's more to be said. I've had some very clever riddle solutions suggested recently, different from Hackmore's, but none that point to an actual web page. So for the moment my money's on LoLander. But only +ORC can tell us for sure. And if I were ORC (I'm not!) I'd say nothing and keep people guessing. I might even sow a few red herring clues around the place to have even more fun...
DN
|