Network News

X My Profile
View More Activity

Can you crack the Cyber Command code?

By Ed O'Keefe


What does 9ec4c12949a4f31474f299058ce2b22a mean?

The 32-character code appears in the new logo for U.S. Cyber Command and even agency officials aren't sure what it means.

"It's definitely the mission statement," a spokesman tells Yahoo. "What part of the mission statement: That's what I'm waiting to find out on from the people who designed it."

Wannabe code solvers can participate in a Wired.com contest. The winner might get tickets to the International Spy Museum.

You can leave your best guesses in the comments section below. (The Eye's guess: "The Russians are coming!")

By Ed O'Keefe  | July 8, 2010; 8:44 AM ET
Categories:  Military  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: 2nd annual SAVE Award starts Thursday
Next: Gay rights group warns service members not to take 'don't ask, don't tell' survey

Comments

LOL.

"Caution: Geeks At Work"

If you get it, you get it.

Posted by: trident420 | July 8, 2010 9:59 AM | Report abuse

the MD5 Hash "9ec4c12949a4f31474f299058ce2b22a" decodes to: USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

Posted by: AshburnVA | July 8, 2010 10:05 AM | Report abuse

The code is what's know as the "MD5 hash" of the mission statement.

The irony of this is pretty huge: the Department of Homeland Security's Computer Emergency Response Team said in 2008 that MD5 hashes should be considered "cryptographically broken and unsuitable for future use."

In any case, for those with access to a Unix system's command line, here's how to get this result for yourself.

echo -n "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries." | md5

9ec4c12949a4f31474f299058ce2b22a

Posted by: viennava22181 | July 8, 2010 10:18 AM | Report abuse

It's a random hexadecimal (base 16) number, where 0-9 have their normal base 10 meanings, and a-f are 10-15.
You can figure out what the number is in normal base 10 by taking from the right

10+(2x16)+(2x16x16)+ . . .

It gets pretty big

Posted by: keng | July 8, 2010 10:45 AM | Report abuse

The danger of writing an article, that merely references another article, is that the original article might have been poor. In this case, anyone who Googles that hash will come up with the answer. The original author failed to do this. Mr. O'Keefe also failed to do this.

A more interesting story would have been, why did they use a hash algorithm that is prohibited for use within the U.S. federal government and that the U.S. CERT says is "cryptographically broken" as part of their logo?

Posted by: member8 | July 8, 2010 11:31 AM | Report abuse

md5 hash 9ec4c12949a4f31474f299058ce2b22a = USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace opeoperations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries

You can use this to solve it: http://isc.sans.edu/tools/reversehash.html

Posted by: NSA_007 | July 8, 2010 11:42 AM | Report abuse

It horrifies me that our "leaders" have chosen this juvenile, obsolete mechanism to communicate their intentions.

The MD5 hash algorithm has been deprecated for a long time. It has many known weaknesses, and our very own government has published several hash algorithms that are much more secure. It is beyond belief that they did not choose one of these.

The code was not "broken". The answer has been available from Google the entire time if one had bothered to google the hash string.

So in other words, all of the cleverness of our "cybersecurity" researchers can be overcome with a google search. Is the message they want to send?

And the message itself is incredibly lame! The word "cyberspace" was coined in a science-fiction novel, it has no real meaning, just like the word "terror".

And even the logo itself looks like something any child could whip up in 10 minutes in Photoshop.

How incredibly lame.

Posted by: frantaylor | July 8, 2010 12:18 PM | Report abuse

The Codes means Vote for Sarah Palin 2012

Posted by: nyx567 | July 8, 2010 12:33 PM | Report abuse

Ashburn VA has it correct. It is indeed an MD5 hash cyber that translates as follows: "USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."

Posted by: Chitchco | July 8, 2010 1:12 PM | Report abuse

"send lawyers,guns, and money"

Posted by: newagent99 | July 8, 2010 1:54 PM | Report abuse

Of greater concern to me than the use of an outdated algorithm (did it occur to anybody that they want you to be able to read their mission statement?) is that the statement is one of the worst examples of corporate writing I've ever seen, and shows no understanding of basic rules of punctuation. If this is the most articulate they can be about what they do, how will they ever convince other branches of government that their analyses are valid?

Posted by: cardcarryingmemberoftheACLU | July 8, 2010 2:02 PM | Report abuse

MD5 hashes are NOT used for encrypting data. Rather, they are used for authentication of data (i.e. ensuring what was received is what was sent) Given an MD5 hash alone, one cannot ascertain what the original text is. Given that they are not used for cryptography, it doesn't make sense to "cryptographically break them".

Posted by: BurtReynolds1 | July 8, 2010 2:54 PM | Report abuse

Seems to me it's wiser to use a deprecated cipher than to provide a window into a system currently in use, no?

Posted by: Christopher Dean Hopkins | July 8, 2010 2:57 PM | Report abuse

Actual translation:

"We have nothing better to do than waste taxpayer dollars in creating a new logo, with corresponding new seals, stationery, envelopes, post-it notes, signs, business cards, door name plates, id badges, binders, notepads, mailing labels, etc. PLUS we will waste your money even more by including some really cool BS out-of-date encrypted message in our new seal and logo. Our mission is to waste your money, and possibly your grandchildren's in terms of the federal debt. We are the government. The taxpayers work for us. Our role is not to work for the taxpayers. Ha Ha!"

Posted by: LAWPOOL | July 8, 2010 3:02 PM | Report abuse

So if they change their mission statement, they need to change their logo, too?

Posted by: ElJocko | July 8, 2010 3:27 PM | Report abuse


Does anyone remember the movie "Mercury Rising" with Bruce Willis?

Maybe some things are better left unsolved!

Posted by: helloisanyoneoutthere | July 8, 2010 3:28 PM | Report abuse


I didn't even know a Cyber Command existed. Are they affiliated with the Power Rangers?

Posted by: edbyronadams | July 8, 2010 3:30 PM | Report abuse

Lighten up, Francis, err, Frantaylor.

Posted by: wookpook | July 8, 2010 3:36 PM | Report abuse

It means: "I see you on Facebook, I see you on Myspace. You mess around too much? We'll be at your place."

Posted by: cbmuzik | July 8, 2010 3:46 PM | Report abuse

For you cyber-dingbats that are complaining about how this MD5 hash is obsolete: what would you prefer? that the federal government publish an actual current example of a code or cypher that is in actual use for sensitive information? This proves that computer-geeks are clueless about everything except their idiot-boxes.

Posted by: carpiodiem | July 8, 2010 3:49 PM | Report abuse

It says: DUMP OBAMA. CLINTON IN 2012!

Posted by: georges2 | July 8, 2010 3:56 PM | Report abuse

It's actually unicode all you google wanna-bes.

Posted by: wagner_cory | July 8, 2010 4:00 PM | Report abuse

I believe it corresponds to "SETEC ASTRONOMY".

Posted by: random-adam | July 8, 2010 4:04 PM | Report abuse

"Don't Trust Government"

Posted by: mibrooks27 | July 8, 2010 4:26 PM | Report abuse

I do not believe that it is that simple, by looking at the code, it might be a 2 way deciphering code, which one simple camouflage
is the MD5 hash~. Indeed it has a more complicated meaning to it and ^^ I'm sorry but the logo does suck...~~~~~a lot......looks like some rough work unless it also has some meaning which i do not see

Posted by: rodbhldm | July 8, 2010 4:36 PM | Report abuse


It's like a cartoon I saw about Putin and the FSB.

"People talk, we listen"

Posted by: NormReisig | July 8, 2010 4:51 PM | Report abuse

+100 random-adam. Genius.

Posted by: kaymarie27 | July 8, 2010 4:53 PM | Report abuse

Agreed. random-adam wins three internets for that comment.

Posted by: btd_ | July 8, 2010 5:05 PM | Report abuse

Looks like a software registration number....or USPS or UPS delivery tracking number to me.

Posted by: callosumlink | July 8, 2010 5:24 PM | Report abuse

you sure its not the wifi password? Beats having to tape up a piece of paper on the wall for each time someone new comes to the office....

Posted by: stantonpark | July 8, 2010 5:28 PM | Report abuse

http://tinypic.com/r/2yzitmv/3

Posted by: richardishere | July 8, 2010 5:33 PM | Report abuse

Honestly, this is an embarrassment to WaPo. The code was cracked almost six hours ago, and no update.

Posted by: gbooksdc | July 8, 2010 6:04 PM | Report abuse

"Please don't snack at your desk."

Posted by: moderate2010 | July 8, 2010 6:34 PM | Report abuse

Do ya think that US CyberComm perhaps wanted just this amount publicity of their mission statement?

Posted by: spf_zero | July 8, 2010 6:35 PM | Report abuse

USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."


this is what it says if you use the MD5 hash thing, but if you put this answer into the encryption machine you get a different code back then 9ec4c12949a4f31474f299058ce2b22a.


One time I was getting chiefed in South Africa and watching Mercury Rising on VHS. When it had that first code I saw on the screen for at least 3 seconds the answer of "good boy." Then it went back to the mathimatical formula and the next thing Bruce Willis says is, "Good Boy Simon." Quite sure this is the answer.

The only thing I see when I stare at this code like a stereogram is Sept. Maybe it has to do with Sept. 11, 2001? Either way, I ensure you it in Mercury Rising is says 'good boy."

So when exactly am I going to get to go to the afterlife here. You morons put a spell on me so I see my private part missing a piece (the foreskin), not to mention that my private part bends up like a bannana. That's not normal and I don't think my other half (wife) is to down with this.

Posted by: RobertCurleyJacobs | July 8, 2010 6:37 PM | Report abuse

md5 sucks or in a new logo we put:

http://tinypic.com/r/2yzitmv/3

Posted by: richardishere | July 8, 2010 10:46 PM | Report abuse

@BurtReynolds1 - you're correct that MD5 (or any cryptographic hash) is used for authentication and not directly for encryption. But secure hashes are the basis for digital signatures, and a lot of encryption handshake schemes rely on them. If you can cause a "hash collision" (i.e. come up with some other text that hashes to a known value), then you can successfully impersonate one party in an encrypted communication. That's not a good thing--think, for example, about someone being able to impersonate your bank, even for https:// URLs!

Posted by: viennava22181 | July 9, 2010 6:27 AM | Report abuse

@carpiodiem - We "computer-geeks" aren't the clueless ones here. Computer security professionals do prefer, as you say, "that the federal government publish an actual current example of a code or cypher that is in actual use for sensitive information". And the Federal Government does publish them! The Secure Hash Algorithm (SHA) and the Advanced Encryption Standard (AES) are a couple of examples. AES, in particular, is approved use with classified information up to and including Top Secret.

Publication helps ensure security, because the good guys (academic researchers and other experts) are trying to find weaknesses as well as the bad guys.

The idea behind this is pretty simple: if the mechanism behind an encryption scheme has to be kept secret, it's really not very secure.

Think back to WW2 and the German Enigma crypto machines. The US and UK were able to use the design of the machines themselves to crack German communications. Modern cryptographic schemes, by contrast, rely ONLY on the secrecy of the secret "key" that is used to encrypt the data.

It's sort of like a well-designed combination lock: everyone can understand exactly how the encryption algorithm (or lock) works inside, but without the correct crypto key (or combination), it shouldn't be possible to decrypt the message (or open the lock). A crypto algorithm (or lock) that can be cracked because you understand the mechanism is weak and should be replaced.

Regarding the seal: we're snickering about the use of an MD5 hash because it suggests that "Cyber Command" isn't up to date on the very technology about which they're supposed to be experts.

Posted by: viennava22181 | July 9, 2010 6:53 AM | Report abuse

Mission statements are not secrets. Every other command freely publishes them. Wouldn't they look far worse to place a truly encrypted statement on their logo only to have you nerds crack it?

It's a nice day, get out of your grandmother's basement and cut her lawn. She'd appreciate it.

Posted by: GeneFrenkel | July 9, 2010 10:22 AM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company