Tripcodes are not very secure. Someone who was not Q apparently guessed the first 8 characters of the password and apparently used Q’s tripcode to post the “quarantine”/Q flag and a pastebin on /qresearch/.
I say “apparently” because it’s not clear whether the attacker reproduced the tripcode exactly, or whether the attacker put an extra whitespace at the front of the tripcode. If there was no whitespace, then the attacker probably had at least eight characters of the password. If there was a whitespace, then the attacker didn’t have the eight characters.
The intruder posted a pastebin.
The pastebin argued that if Q were not a stupid kid without a real security clearance, he would not have made such stupid mistakes as trusting an eight-character password. To my mind, that is not a convincing argument. In the past, some remarkably stupid people have been given security clearances. Q could be a guy with a real clearance – e.g. Jeff Sessions’ personal bodyguard – who is simply not technical enough to come up with a better strategy. Q should be called a LARP only if Q has no high security clearance. However, even if Q does have a genuine security clearance, that does not imply that Q is perfectly honest. Politicians get security clearances all the time, and they are famously dishonest.
Thus Q could be a hard-right-wing psy-op intended to drum up support for Jeff Sessions. Q has advised anons to “TRUST SESSIONS.”
Someone else helpfully decoded the flag:
Another anon gave a more fitting interpretation of the flag as meaning the letter “Q” and “open for inspection.”
Another anon used a specific term of art, namely “FAKE AND GAY.”
Technical digression: was the old tripcode truly hacked, or did the attacker just figure out how to reproduce the tripcode with an extra space at the beginning? I can’t tell just by looking. If I had access to the strings I could count whitespace characters.
An anon who knows more than I do claimed that the trip was well and truly hacked, not just faked with a whitespace character:
Someone used the old tripcode to announce that the old tripcode had been compromised, apparently half an hour after the hack happened.
Q has been in the habit of changing tripcodes periodically. Thus when a new tripcode showed up on /patriotsfight/ one can presume it was the original Q who runs /patriotsfight/ and thus vouches for the new tripcode.
This numbering has been relayed to various Q followers who index the posts they believe to be from Q.
Thus, to Q followers, original post 131 was genuine; post 132 was apparently written at the same time that the intruder was posting his pastebin.
I do not necessarily argue that the pastebin is factually wrong. As noted above, I take exception to the alleged arguments of the pastebin. The pastebin was as follows:
An Appeal to Patriots
I’m scared for my country, and I am especially scared for you good people who look to this space for guidance. I have seen how my folks are suffering. No one has money. Half of my family is suffering from issues relating to drug abuse. Honest work is getting hard to find for the ill-connected. I see the accomplishments of my parents and grandparents and wonder how so many of my generation are barely holding on, fighting hard to stay in the middle class.
Ways of life that have existed for a century are vanishing, often because of decisions made via algorithms whose inner workings cannot be comprehended by any single living human being. The world is shifting away under our feet, largely due to inscrutable forces with no historical parallel. Change is everywhere and can be sourced to nowhere. Sneering elites in government and the media look down on us and assure us that this is all our fault. It is difficult to know who to trust.
In times like these, we reach out for any comfort we can find. We want to help, we want to put our meager power together with others and fix it all. There are people out there in the world who will take advantage of this powerful need. Politicians, business leaders, religions…and others.
I firmly believe that all of you love the United States of America, and revere the work of our Founding Fathers, mighty men who led the world in skill and learning. Men like Jefferson and Madison, Washington and Hamilton. Men who revered reason and the exploration of natural law. Over and over again in their writings, they expound the world view of the Enlightenment, among whose core values is that there is a singular, true natural order established by our Creator, and that all things must obey that law, and that this natural law is fundamentally knowable by human kind. That from that order flows the equality of men, and the rights to life, liberty, and the pursuit of happiness.
On this basis our Fathers forged our great nation. They did not always agree on what should be built upon that firm foundation, but through conflict and struggle with one another they built the great compromise that is embodied by our Constitution, whose fruit has been unparalleled freedom.
It is my belief that anyone who betrays those founding values by asking us to suspend trust in well-constructed arguments and the knowable is betraying the foundation of our law, our history, and our civilization. I believe that exhortations to abandon friends and family in favor of numerology and cryptic messages are the products of charlatans, not patriots.
It is my belief that Q is a charlatan.
It is my belief that Q is a young, untrained American man who is playing games with your faith, your hope, and your love of country, mostly because he finds it amusing. I believe he may call you to violence, not to save our home, but merely for entertainment.
There are many arguments for this, but I will name a few that Q has been gleefully rubbing our noses in since the beginning.
Firstly, his name itself. “Q”, after the Department of Energy’s Q clearance. I have had the opportunity to work in our country’s national labs, and have worked with some of those clever, hard-working folks that hold Q clearance. A Q clearance grants access to carefully compartmentalized nuclear weapons information. One who holds a Q clearance is a scientist, engineer, or manager who is deemed trustworthy by classifying authorities. Q clearance holders are people who employ our nation’s most dangerous technical secrets to manufacture and maintain weaponry than can end the world in a flash of baleful fire.
They are not experts in spycraft and combat operations.
If, for some curious reason, our President put a Q clearance individual in charge of such an operation, it is not believable that anyone would issue commands and share national security information with strangers via a cobbled-together web site of uncertain security…particularly if said website’s claim to fame was a loud public argument about about video games.
If that catastrophic chain of events were to take place somehow, this nuclear/black ops guru would not stoop so low as to secure this essential line of communication with a DES/crypt(3) based tripcode hash, with the excuse that it is necessary in order to maintain portability between 4chan-style image boards. This is not a concern of a serious man. Plus, DES has been considered extremely insecure for a quarter-century and can be cracked in hours on commodity hardware, as has been demonstrated here. That presumptive hero would, under no circumstances, embed an insult and a lie into that very cryptographic signature (see technical discussion that follows for details).
The person who would do that is not a patriot, not an operator, and not a hero. This person is a vain child.
It is hard as hell for me to admit when I’ve been fooled. I have been in that place. It is humiliating.
I beg you not to turn away from this message, and to absorb the short-term suffering that recognition and repentance entails. I don’t think that you will find it impossible, because you are tough. If you have trusted Q, you have lived a hard existence these last months. The world is hard enough as it is without shouldering the responsibility of fighting a hyper-competent, irredeemably evil enemy on your own. It is a terribly isolating thing.
To escape and survive, you’ve likely made friends with others who believe, and you’ve endured this difficult world-view together. Embrace that friendship and camaraderie, because it is a rare thing in our lonely age! Take that energy, together, and go out and use it as our Founders intended. Register each other to vote, canvas, run for office, persuade your fellows, read everything, and trust only that which is worth your heart, your effort, your blood and treasure. Most of all, do not be discouraged for long, because your country still needs you. Our foes are merely human, and can be overcome by you and me and others with true faith and sincere human effort.
I am not a infosec expert, so please feel view this analysis with a skeptical eye, and as always, do your own research!
Q verifies his identity via a cryptographic signature, or “tripcodes.” These tripcode hashes (e.g. CbboFOtcZs ) are based on the DES/crypt(3) encryption algorithm. DES (Digital Encryption Standard) was standardized in 1977 and has been largely deprecated due to widely-known weaknesses. A good primer on these weaknesses from way back in 1997 can be found here: http://personal.stevens.edu/~khockenb/crypt3.html . Tripcodes are created via the algorithm described here: http://www.thefullwiki.org/Tripcode. I suspect that if such an operation were carried out, the coordinator would at least sign messages using an algorithm from the NSA Suite B, such as the Advanced Encryption Standard (AES) — or even a PGP signature — so that an opponent couldn’t hijack his identity as easily as has been done here. He may upgrade his standards after reading this, but frankly, it is a far too late to matter.
Using an open source password cracker (hashcat), publicly available information, and a little guess work about Q’s favored key space, a user can successfully recover all of the passwords that correspond to Q tripcodes. These are posted below in chronological order of use:
Tripcode: ITPb.qbhqo -> Password: Matlock
Tripcode: UW.yye1fxo -> Password: M@tlock!
Tripcode: xowAT4Z3VQ -> Password: Freed@m-
Tripcode: 2jsTvXXmXs -> Password: F!ghtF!g
Tripcode: 4pRcUA0lBE -> Password: NowC@mes
Tripcode: CbboFOtcZs -> Password: StoRMkiL
Tripcode: A6yxsPKia. -> Password: WeAReQ@Q
Note that Q seems to be unaware that the algorithm only takes the first 8 characters of the password and ignores the rest. In the past, Q has claimed to have baked meaning and foreknowledge of future events into these passwords, in particular, the 4pRcUA0lBE:NowC@mes tripcode-password pair. If I understand correctly, Q claims that the full password was “NowC@mesTHEP@in—23,” with 23 signifying the date of an important event, but anything beginning with “NowC@mes” would yield the same tripcode signature. This weakness severely undercuts any claimed predictive power and indicates a possible intent to mislead. For example, all of the following passwords should yield the same tripcode, 4pRcUA0lBE:
NowC@mesTheKing — Q is Snoop Dogg
NowC@mesTheSun — Q is Ringo Starr
NowC@mesTheAnswer-42 — Q is Douglas Adams
These can all be tested at at minichan’s tripcode test page. https://minichan.org/triptest?name=A%23NowC%40mesTheAnswer-42 .
To directly test all of these examples with a DES cypher, go to https://www.functions-online.com/crypt.html , paste the password in, and use the second and third characters of the password as the salt. The tripcode will be the final ten characters of the resulting DES hash.
Most concerning to me is the penultimate password, which contains the word “StoRM,” which is Q’s prophesied calamity which will sweep away those Q calls out as enemies and may involve mass arrests, executions, and institution of martial law in the worst case. The second part, “kiL”, is self-explanatory. Both of these are especially concerning since Q has been ramping of his rhetoric of late. I urge everyone to be VERY careful before taking action which could injure anyone, especially yourself, your family, and your fellow patriots, at Q’s direction. I do not believe he has our values or best interests at heart.
Finally, many of you know someone who has handled highly classified information, worked in SCIFs, and communicated securely in a professional context. I urge you to seek their wisdom in this matter, to evaluate to feasibility of Q’s claims. I also urge you to study the National Industrial Security Program Operating Manual (NISPOM), which covers handling and protection of national security information in exhaustive detail, then contrast its instructions with what “Q” is doing.
It is my hope that I am blowing this all out of proportion, and I apologize if I am making mountains out of molehills. However, I feel that it is my duty to pass this on to you all, just in case. God bless you, and thank you again for your time and all your hard work.