Anonymous ID: daaaf6 we been professionally LARPED Aug. 10, 2018, 5:04 p.m. No.2546511   πŸ—„οΈ.is πŸ”—kun   >>6520 >>6549 >>6576 >>7036

Q verifies his identity via a cryptographic signature, or "tripcodes." These tripcode hashes (e.g. CbboFOtcZs ) are based on the DES/crypt(3) encryption algorithm. DES (Digital Encryption Standard) was standardized in 1977 and has been largely deprecated due to widely-known weaknesses. A good primer on these weaknesses from way back in 1997 can be found here: [link to personal.stevens.edu] . Tripcodes are created via the algorithm described here: [link to www.thefullwiki.org] I suspect that if such an operation were carried out, the coordinator would at least sign messages using an algorithm from the NSA Suite B, such as the Advanced Encryption Standard (AES) – or even a PGP signature – so that an opponent couldn't hijack his identity as easily as has been done here. He may upgrade his standards after reading this, but frankly, it is a far too late to matter.

 

Using an open source password cracker (hashcat), publicly available information, and a little guess work about Q's favored key space, a user can successfully recover all of the passwords that correspond to Q tripcodes. These are posted below in chronological order of use:

 

Tripcode: ITPb.qbhqo -Password: Matlock

Tripcode: UW.yye1fxo -Password: M@tlock!

Tripcode: xowAT4Z3VQ -Password: Freed@m-

Tripcode: 2jsTvXXmXs -Password: F!ghtF!g

Tripcode: 4pRcUA0lBE -Password: NowC@mes

Tripcode: CbboFOtcZs -Password: StoRMkiL

Tripcode: A6yxsPKia. -Password: WeAReQ@Q

 

Note that Q seems to be unaware that the algorithm only takes the first 8 characters of the password and ignores the rest. In the past, Q has claimed to have baked meaning and foreknowledge of future events into these passwords, in particular, the 4pRcUA0lBE:NowC@mes tripcode-password pair. If I understand correctly, Q claims that the full password was "NowC@mesTHEP@inβ€”23," with 23 signifying the date of an important event, but anything beginning with "NowC@mes" would yield the same tripcode signature. This weakness severely undercuts any claimed predictive power and indicates a possible intent to mislead. For example, all of the following passwords should yield the same tripcode, 4pRcUA0lBE:

 

NowC@mesTheKing – Q is Snoop Dogg

NowC@mesTheSun – Q is Ringo Starr

NowC@mesTheAnswer-42 – Q is Douglas Adams

 

These can all be tested at at minichan's tripcode test page. [link to minichan.org (secure)] .

Anonymous ID: daaaf6 Aug. 10, 2018, 5:13 p.m. No.2546623   πŸ—„οΈ.is πŸ”—kun   >>6663 >>6673

>>2546549

 

Q verifies his identity via a cryptographic signature, or "tripcodes." These tripcode hashes (e.g. CbboFOtcZs ) are based on the DES/crypt(3) encryption algorithm. DES (Digital Encryption Standard) was standardized in 1977 and has been largely deprecated due to widely-known weaknesses. A good primer on these weaknesses from way back in 1997 can be found here: [link to personal.stevens.edu] . Tripcodes are created via the algorithm described here: [link to www.thefullwiki.org] I suspect that if such an operation were carried out, the coordinator would at least sign messages using an algorithm from the NSA Suite B, such as the Advanced Encryption Standard (AES) – or even a PGP signature – so that an opponent couldn't hijack his identity as easily as has been done here. He may upgrade his standards after reading this, but frankly, it is a far too late to matter.

 

Using an open source password cracker (hashcat), publicly available information, and a little guess work about Q's favored key space, a user can successfully recover all of the passwords that correspond to Q tripcodes. These are posted below in chronological order of use:

 

Tripcode: ITPb.qbhqo -Password: Matlock

Tripcode: UW.yye1fxo -Password: M@tlock!

Tripcode: xowAT4Z3VQ -Password: Freed@m-

Tripcode: 2jsTvXXmXs -Password: F!ghtF!g

Tripcode: 4pRcUA0lBE -Password: NowC@mes

Tripcode: CbboFOtcZs -Password: StoRMkiL

Tripcode: A6yxsPKia. -Password: WeAReQ@Q

 

Note that Q seems to be unaware that the algorithm only takes the first 8 characters of the password and ignores the rest. In the past, Q has claimed to have baked meaning and foreknowledge of future events into these passwords, in particular, the 4pRcUA0lBE:NowC@mes tripcode-password pair. If I understand correctly, Q claims that the full password was "NowC@mesTHEP@inβ€”23," with 23 signifying the date of an important event, but anything beginning with "NowC@mes" would yield the same tripcode signature. This weakness severely undercuts any claimed predictive power and indicates a possible intent to mislead. For example, all of the following passwords should yield the same tripcode, 4pRcUA0lBE:

 

NowC@mesTheKing – Q is Snoop Dogg

NowC@mesTheSun – Q is Ringo Starr

NowC@mesTheAnswer-42 – Q is Douglas Adams

 

These can all be tested at at minichan's tripcode test page. [link to minichan.org (secure)] .