TA-ANALYSIS: 'Code' Found in Latest bin Laden Video Could be Hoax

No kidding; wow, who'd a thunk it....... stands back in utter amazement.

Just someone keeping the pot boiling, huh?

[edit on 26-7-2004 by sminkeypinkey]

Just to finally add, having checked out Andreas Wacker's Blog, and his art installation.. I retract my statement about him possibly creating the code to promote his site. Actually what he has done is pretty cool, even if I don't fully understand it. I hope you stick around Andreas.

The fraud it seems, was perpetrated by those who claimed to "find" the code. Certainly they have lied on record regarding the circumstances of the "find", both on this site, and on FP. EDIT : I mean FR!




[edit on 24-7-2004 by muppet]

Well they certainly seem to be reaping what they have sown.

If they didn't "find" the code and it was presented to them, and then they claimed it as their "find" they have now but themselves in the position of becoming the hoaxer.

What is still unclear to me, is who the original claiment of the find is. Both JSC & LM are claiming it was their find, at least from what I can understand from the FR thread that was referenced.

I am actually more inclined to believe that someone else presented the "find" to them. Since they claimed it as their own, they are probably both somewhat embarssed that they were mislead.

This may sound kind of stupid, but my small brain would think that if an Arabic terrorist organization, which presumably speaks and writes aramaic would hide messages using the same type of language. I don't know, that's just how I think.

To me, I would assume such a thing was a scam unless it was in aramaic.

[edit on 7/23/04 by slickwilly95991]

I was just wondering, the video that you downloaded to check for the "hidden code", was it the original video that was broadcast in 2003, or was it the video what was re-broadcast which supposedly contains the added hidden message?

ranger.

I have no idea. EDIT correction, yes, it is the video, provided to me by someone who downloaded it this week from Jill's site.. so yes, it's the one that was supposed to contain the code.

However if you mean broadcast in the traditional sense, as in via a television network (cable/satellite or UHF radio), then no, that code could not have been broadcast. All these methods would have substantially degraded the image.. most likely leaving the code practically unreadable.




[edit on 24-7-2004 by muppet]

This video was one released on the internet only... As best we can figure, it was posted on the 20th of July? It was a re-tooled release of a previous audio statement by bin Laden. Basically they added bin Laden's audio to some graphics and posted it.

Originally posted by phreak_of_nature
This video was one released on the internet only... As best we can figure, it was posted on the 20th of July? It was a re-tooled release of a previous audio statement by bin Laden. Basically they added bin Laden's audio to some graphics and posted it.

I gotcha, just wanted to make sure, I guessed it was probably a hoax anyway.

Oh yeah, one other thing, did anyone email NEIN or put a message on their guestbook telling them that this isn't true, and know it isn't true?

Ranger... they've been over here. They've seen the good work done by muppet.

Originally posted by phreak_of_nature
Ranger... they've been over here. They've seen the good work done by muppet.

Ah okay, thanks a bunch! I was just browsing through the thread. Well at least thats all sorted out now. Well done guys!

There is another thread here about a Nuclear threat to US City that I have been following. A particular post from JackatMtn got my wheels turning. He found something on the Guest Book of www.homelandsecurityus.net... that made me look a little closer at the code used on the video from NEIN.

The post Jack found included at the end of it a PGP signature. Soo, I did a little research, which I am happy to say didn't bear fruit.

My thought was that perhaps the code from the video was a PGP key. But what I found was that the code in the video was 8 chars too short to be a PGP key. At least for the version of PGP I downloaded.

SO we can rule out PGP as the value/application of the key. Again were looking at twexus and Andreas Wacker.

The Freerepublic thread containing Jill St Claire and Laura Mansfield's posts regarding the the "codes" appears to have been taken down.

I have them
3 in bitmap form

post 1084 / 1085
post 1133 / 1136
post 1536 / 1539
from the Threat Matrix.


[edit on 24-7-2004 by Sauron]

I've got thread 14 posts 1051-1100, 1551-1600. I also have the replies to 1133, 1559, and 1930.

Anybody else holding?

[edit on 7/24/2004 by phreak_of_nature]

So do I, and others..

I archived Jills, Laura's and the Doug's posts on that thread. I'll be compiling and posting them later, as a matter of public interest.

EXCELLENT!
Hang'em with their own rope.

Originally posted by muppet
I'm interested in this too to be honest. It could be nothing at all, but then again why let all that code solving practice from "hunt the rings" go to waste? Go PurdueNuc!

Hi...good work on exposing yet another attempt at misinformation.

I was wondering if anyone looked into the "coincidence", revealed by El Teniente, that the translation of the "code's" binary equivalent, when converted to Base 10, is 4 separate IP addresses, the first of which is the IP for the Department of Defense.

Is it possible that the "hidden code" is, in truth, an attempt by our DOD to "prep" Americans so that when the next attack happens, blame will fall on the intended shoulders, and not so much on them?

Another thought I had was that it could be a "Manchurian Candidate" type signal, like the Queen of Hearts was in the original movie, and the people they seek to "awaken" are paying members of NEIN or whatever site it was that made the original declaration of the "hidden code".

I know these ideas probably seem pretty "out there" (as they may well be) but I do find the presence of the DOD's IP in the "code" to be very interesting.

Have any of you looked into this further?

As per El Teniente, this is the binary code broken down into base 10 IP addresses:
00011010.10110000.00101101.00011000 = 26.176.45.24
10001011.11000011.01010111.00100011 = 139.195.87.35
01100010.00001110.00100100.00000110 = 98.14.36.6
10110111.00100011.01000101.00000100 = 183.35.69.4

This is the info from ARIN WhoIs on the first IP address:

Search results for: 26.176.45.24


OrgName: DoD Network Information Center
OrgID: DNIC
Address: 7990 Science Applications Ct
Address: M/S CV 50
City: Vienna
StateProv: VA
PostalCode: 22183-7000
Country: US

NetRange: 26.0.0.0 - 26.255.255.255
CIDR: 26.0.0.0/8
NetName: MILNET
NetHandle: NET-26-0-0-0-1
Parent:
NetType: Direct Allocation
Comment: Defense Information Systems Agency
Comment: DISA /D343
Comment: 11440 Isaac Newton Square
Comment: Reston, VA 22090-5087 US
RegDate:
Updated: 1998-11-11

TechHandle: DE564-ARIN
TechName: Engebretson, Douglas
TechPhone: +1-703-735-8065
TechEmail: [email protected]

OrgTechHandle: MIL-HSTMST-ARIN
OrgTechName: Network DoD
OrgTechPhone: +1-703-676-1051
OrgTechEmail: [email protected]

The code is NOT "americanpitbulls" encoded in ISO-8859-1 or any other type of text encoding. I believe it is encrypted using TEA (Tiny Encryption Algorithm). Here's my logic:

1. If you change any character in the code string in the search URL, only half of the plain text will be messed up. TEA is a block cipher which operates on 64 bits at a time, and "americanpitbulls" is 128 bits (16 characters, 8 bits per character).

2. If you add or delete a couple characters from the code string, you'll get an error that includes the following:

javax.servlet.ServletException: TEA: Length of String s is not a multiple of 8.

Why on earth AOL would be using encrypted search strings for some things, I don't know. I thought about doing some reverse-engineering to figure out the key, but that would just be a waste of time. Now, the question remains, what is the connection between the code planted in the video screenshots, twexus, and aol? It could be entirely coincidental, but since a 32 character hex string has 16^32 permutations, the odds are slim.

From what I gathered from Andreas' post and his weblog, twexus gets its dictionary from words people have added and, apparently, from referring URLs. In this case, someone did the encrypted search for "americanpitbulls" at AOL (my guess this is from a banner ad or somesuch). Twexus had "americanpitbulls" as a cloaked search term, so AOL returned it as a result. The person clicked on the link to twexus, which took note of the referring URL and extracted the code from it. One connection down.

The big jump is from twexus to the OBL screenshot. Andreas' theory that someone "found" the code on twexus and thought it would be cool is weak at best. If they wanted a code, they could have just made up something random (maybe they did?!?). The hoaxer must have picked that code for a reason, which likely is the cleartext "americanpitbulls." Sounds like something that a person upset over American aggression would use as a code word. That means that the code came from the AOL search.

Basically, we end up at a dead end here. The screenshot needs to be traced to figure out the perpetrator of this hoax.

[edit on 7/25/2004 by PurdueNuc]

Originally posted by PurdueNuc
Basically, we end up at a dead end here. The screenshot needs to be traced to figure out the perpetrator of this hoax.
[edit on 7/25/2004 by PurdueNuc]

Interesting...as you say the odds of the code being randomly chosen are pretty slim. Based on Jill's, Laura's and Doug's time stamped statements, and the hard evidence from the video and retouched stills, they are certainly implicated in the deception. As for actually chose and added the code itself, and why, I suppose that is the question.

jezabel : the IP address theory is interesting. Far out, as you say, but still, worth keeping an eye on I guess, given the implications.