In August, EFF unveiled our ninth limited edition DEF CON exclusive member t-shirt. Like previous years, the design of this year’s shirt was inspired by the conference’s theme, 1983. That number isn’t just the year before 1984. It was also the year a brilliant artist named Keith Haring had his work featured in the Whitney Biennial and in the video for Madonna’s Like a Virgin. Haring is one of the most impactful visual artist of the 1980s — he defined the look and the politics of that period for many people. Our shirt design is an homage to Haring and his playful, yet sometimes sinister, view of human nature.
As thanks for supporting our work, we included a secret puzzle hidden within the shirt’s design for our members to solve during the conference. Read on for a walkthrough of the puzzle, or try your hand at solving it! (Warning: spoilers ahead!)
If one follows the white arrows throughout the design, an aspiring puzzle-solver can assemble this string:
This isn’t ciphertext as one might expect; it’s the address of a Tor onion service, as hinted at by the slightly out-of-place onion on the shirt. If you’re following along and don’t have Tor set up, our Surveillance Self-Defense project can help you with guides for macOS, Windows, and Linux.
Visiting a6qtybsy6kuhudkc.onion reveals the next part of the puzzle. There’s quite a bit of information on the page, though the only immediately apparent component is the iconic image from Wargames, the classic film released in 1983.
There are a few hidden hints on the page to assist members with extracting secret information from the image. We created two paths to arrive at the most critical hint.
First is the aria-label on the image: “if visual puzzles aren't your thing, check out imsai8080.wav”. Visiting a6qtybsy6kuhudkc.onion/imsai8080.wav allows you to download an audio file which plays back several DTMF tones. The file can be parsed to text using a number of online tools or by skilled listeners, giving the string
These are ASCII codepoints for text, but directly converting this string results in the corrupted “theA'Ǝ�isA��*�s”. Some familiarity with ASCII helps with cleaning up the string by adding additional zeroes: “116 104 101 032 103 097 109 101 032 105 115 032 114 101 100 032 108 101 097 115”, which converts to “the game is red leas”. This is still a bit garbled, but it’s not a huge jump to realize that the last word is “least”.
The second path to a slightly different version of this hint starts with a comment in the HTML of the site. The string “lbh'er oevtug. ybbx pybfryl” is a ROT13-encoded message which decodes to “you’re bright, look closely”. There are a number of ways to proceed from this hint; a simple one involves using image editing software. In GIMP, for example, setting the paint bucket tool to fill at a threshold of 0 and using it on the upper part of the image reveals the left image, and maximizing the brightness and contrast shows the right:
Left with this hint, the image on the page, and perhaps a question about the “random” black pixels at the top of the modified image, an avid puzzler turns to steganography, often referred to as simply “stego”. Steganography is the practice of hiding a piece of data inside another piece of data; say, a secret message within an innocent-looking file. It is not to be confused with encryption, which provides stronger guarantees of secrecy: encryption ensures that certain messages can only be read by certain parties. Stego only obfuscates information and can prevent onlookers from noticing secret information being passed around. The two can even be used in tandem-- stego can be used to hide the existence of an encrypted message!
“Red least significant bit” refers to the steganographic method used to hide the final flag in the image. Broadly, the method uses the last bit of the red value in an image to store some data. This data can be anything so long as the image it is stored in has enough pixels to contain the binary conversion; in the case of this puzzle, the least significant bits of the red values contain a string.
There are a number of ways to approach extracting this string, including manually converting the pixels in the “revealed” image to binary, but a less-straining method is writing a script to analyze the image itself. The Ruby script we used to encode and decode this message can be found here, if you want to try running it on the image yourself! The binary string stored in the image is:
Converting this string to ASCII reveals the solution:
REPORT ABLEARCHER83 TO BOOTH
... a reference to an infamous military-exercise-turned-war-scare in 1983, which included a simulation of a DEF CON 1 nuclear alert. The realism of the simulation led to a period of conflict escalation which almost culminated in nuclear war!
Shout out to the runner up team, pictured here with one of the puzzle creators, Ken Ricketts (left, @kenricketts) and Justin Collins (right, @presidentbeef). They solved just a couple of hours after the winning team!
Congratulations to the winning team: @aaronsteimle, @_pseudoku, @zevlag, and @0xCryptoK. Their members also won our 2013, 2015, and 2017 DEF CON shirt challenges, in addition to solving the DEF CON badge challenge for four years in a row.
We’d like to extend a special thank-you to everyone who tried their hand at the EFF puzzle, and to the hundreds of individuals who donated to EFF in Las Vegas this year. Seeing the fun that players have solving the puzzle is one of the highlights of our DEF CON experience. We’re looking forward to next year, and are glad you decided that the winning move was to play.
ENJOYED THE PUZZLE? SUPPORT EFF!