Bitcoin Forum

http://canyoucrackit.co.uk/

A novel way for a cybersecurity company to find qualified applicants.  If you live in the UK, and need a job, give it a go.

CyberSecurity company ?

I think you mean GCHQ...the intelligence service of the government of the United Kingdom.

http://www.gchq.gov.uk/AboutUs/Pages/index.aspx

=]

I don't know how you reached that conclusion but the domain was registered by an advertising company called TMP (UK) Limited http://investing.businessweek.com/research/stocks/private/snapshot.asp?privcapId=5532895

Google.

http://abcnews.go.com/blogs/technology/2011/12/can-you-crack-it-uk-agencys-website-seeks-new-spies/

"Britain’s GCHQ (short for Government Communications Headquarters; it’s been around since 1918) says it usually recruits bright young people right out of university, but in the digital age, it says, there may be a lot of bright young hackers out there who are worth talking to."

Thanks.

I got as far as determining that this was a block of executable code.  Poking at it, I decided this, because it contains lots of patterns that start with the same byte, that are two- and three- bytes long, very much like what you'd expect to see in an executable binary.  (I have written assembly code in the past, perhaps this is the programmer audience they are targeting)

I started googling, and found comments consistent with that interpretation.  I didn't bother to go past trying to execute the code, but I notice somebody had written a C program that poked the bytes into memory and then called them as though it were a function, and then scraped whatever it left behind in the memory.  The program seemed to suggest that this is x86 code (must be run in a 32-bit process).

Dang this is a short program.

Been looking at this today. There are too many patterns between the left and right halves to be coincidence, IMHO.

Interesting challenge, anyway. Better than the usual "solve some boring transposition" challenges.

I clicked the linked and stared at it for about a minute and believe that I would try the HTML Hexadecimal Color approach. I did not Google anything, so I don't have a clue if others are approaching it from that angle.

Almost wonder if the correct answer is "brute force it." Don't see any captchas, might be worth trying a dictionary attack.

Gosh golly, This code (http://img220.imageshack.us/img220/166/testtpi.jpg) is hard!

Is my HTML Hexadecimal Color approach a dead end? I think I have the hexadecimal part right. I though of this when I saw 00 00 00 and FF FF FF, and it seemed black and white to me.

It's not colors. It is definitely x86 code.

I ran it. It is incomplete. There is a second half apparently buried in the metadata of the image, according to a posting I found. I wonder if I would have come to the "there's more to this, somethings missing" conclusion had I disassembled and analyzed it in detail.

When you run the code it gives you a URL

At the URL is a second problem to solve. The second problem is you must implement a simplistic virtual machine according to a spec they made up, and then run a program written for it. I did not bother, but am certain it is something I could do.

I used Google for help along the way, but was able to independently determine that the bytes were likely to be executable code without any help, just by staring at them and looking at the patterns. I feel I could implement the VM as well - sounds like a typical comp sci homework assignment - I just don't feel it's worth the time.

They say they want code crackers.  Working with assembly language isn't a skill I would associate with cracking codes. It would make more sense if they were after programmers for doing device drivers or embedded programming. Unless they mean "cracking" in the "removing copy protection" sense, this is also assembly intensive.

I figured the image itself had something to do with it -- I also pulled apart the HTML just to see if there was something in that. Anyway, kind of a cool hiring process.

I couldn't stand it anymore, so I fired up my old friend--Google--and found this: http://www.theinquirer.net/inquirer/news/2129172/crack-online-code-job-spy

Try to refer this thing to a Cracker.
 ;)

"Solution" here:  http://www.canyoucrackit.co.uk/soyoudidit.asp

The password is Swordfish. It is always Swordfish.

I'll try! I would start by axing the TSA, then use all that money to help combat terrorism.

Then, I would start an open forum that would have everyone in the world offering up their ideas on how to combat terrorism--for free. Have one real smart guy--you're Atlas equivalent--pull out all the good ideas, daily. Now, implement the best ideas. Profit!