Jan 17, 2008

Mystery Comments Lead to New Clues

**UPDATED 1/17 7:15PST** New Email from Tracey Provides Sam with Bali Holiday Fun Site. I believe there has to be something hidden on the BHF Site. Lets find it...!! :)

Email can be found at the new post here: Tracey Sends Sam BHF Site in Email

Update: 12:10 PST In my tired state of posting this late last night I forgot to thank a couple of key people. First, major thanks to OMF42 for the lead and links to the clues and Spooky (DarkUFO Team Member) for providing me with a recap of events that helped me organize this post.

Update: 19:50 GMT I can confirm that this site and the information is valid and part of the game. (DarkUFO)

Hey All,
Well it seems like over the last couple of days a game with in the Find815 game has been taking place. Strange comments by a user going by the name "OurMutualFriend42" began posting comments on the forum with an external link.

Majority of us overlooked this poster for quite some time, but eventually some of the readers became curious enough to follow the lead. The link lead to an image of 22 Skulls that ended up being a code and eventually the code was cracked and more information was revealed. It took some time and a solid team effort, but the information links back to the official Find815 site.

So it seems that this user is a part of the Find815 crew or a clever Lostie and decided to lead us to some potential clues.

It is very possible the images and information uncovered will be in a future part of the game, so if you do not like spoilers, then stop reading now.

Thanks to all the people who worked on this especially, Will, Bluefrog4, Persagax, Felix, Marth, and Feddawg.

Well here is a step-by-step breakdown of what has occurred so far:

1) OurMutualFriend42 Posts the following link to 22 Skulls

http://farm3.static.flickr.com/2319/2184246397_bcb4a12b01_o.jpg



2) Using the following "Skull Bearer" Font from DaFont.com:

(Click to Enlarge)


3) You will be able to figure out that the Skulls corresponding letters are actually a website: www.baliholidayfun.com



4) After looking at the source code for Bali site you find out that it is actually being hosted on the Find815.com site via the following link:

http://www.find815.com/bhf/bali_site_real.jpg
http://www.find815.com/bhf/index.html

Plus, the site has the following email address: baliholidayfun@gmail.com

5) An auto reply email from baliholidayfun@gmail.com sends you an email from a "Mr. Ole" with gibberish like the original Maxwell Group Email. The subject of the email is:

"Amuses Mr Ole" which is an anagram for: Samuel Morse



6) Hidden in the email is the following website:

http://www.find815.com/steg/stegosaurus.png


That leads to this image of a Stegosaurus dinosaur:



7) The image of the Stegosaurus can be found at wiki here:

http://en.wikipedia.org/wiki/Stegosaurus

So far that is all we have, but before you have any doubts, Dark has confirmed that this is indeed a part of the game.

Once again a special thanks to the team that found all of this information and staying persistent after many of us thought that it was spam or a hoax. Finally, I hope this proves to all of the people that question LOST fans from over-analyzing.

Source: Find815

111 comments:

DarkUFO said...

Superb work to everyone involved in pulling all this together. Very impressive.

I wonder if we will get any more clues from OurMutualFriend?

Tv Spoiler said...

great work everyone....lets hope it leads somewhere!

notlost said...

nice work everyone..just proves darkufo is the place to be....

Unknown said...

that's the coolest thing ever seen!!

Anonymous said...

And I think at what i saw on the Kailua Ranch in October 2007! LOL

Congested said...

Excellent. Thanks to all who cracked this.

Anonymous said...

perhpas it was a spoiler for the game?!

Anonymous said...

nice but this isn't to do with someone over analysing the game somebody posted this

no need to get upset

andrea said...

does anyone know where those skulls were? Did OurMutualFriend42 tell from where he took the image? ..I can't explain myself how the best part of this game (in my opinion) has been "cracked" in this way..

Tv Spoiler said...

our mutual friend logs into the chat room at various times. He can be logged on for hours, and only says a couple of things. He usually talks in riddles and his info usually has to be cracked

andrea said...

so... do you think that is involved in the game? and he isn't just someone who is trying to "spoil" parts of the game itself?

Anonymous said...

Maybe I'm just over-thinking this, but my gut feeling is that this picture of a stegosaurus quit possibly could be an image containing some sort of steganography.

I played around with a couple of tools from the internet and got strange results. One gave me the following as hidden output:

O�

It doesn't really make any sense, but considering the fact that the Wiki version is a jpg, there has to be a reason that this version is a png file.

Anonymous said...

I'm guessing the next step is steganography. A hidden message within the image.

The question is, how do we extract it.

Tv Spoiler said...

Andrea, the site is legit, we have checked it out and it is hosted on a find 815 server. Interesting thoughts about the hidden pic...anyone any good with that?

Anonymous said...

yea nice work evry1.

but im wondering as well, where ourmutualfriend got the image with the skulls from?
if he's from the team, why publish it in the chat??

Anonymous said...

i got an idea.

wat if this image of the stegosaurus is just a hint. we think that it contains steganography. bus as the two words are pretty similar, maybe its a hint for us to use decode steganography in another image we already have??
i dont know which one though.
wat do you think?

Wesh said...

yeah defintily looks like seganography will come in to play. Either on this dino or on that bali website pic.

Another thought, anyone did something with that morse code clue?
I tried taking all dots and dashes out of the text from the bali website, but didnt come up with something yet. maybe if someone else tries too. Cause there are quite a few dashes in that text.
here's the code with no spaces (so it could be everything (if anything):

....--.. -..
(that's without the dot in the title)

andrea said...

This site says: "turn spam back into the original message"

http://www.spammimic.com/

klarax said...

Samuel Morse was a telegraph designer that is world famous. He had spent three years trying to develop a telegraph based on electromagnetism. Sounds like a link to LOST island to me.

http://www.connected-earth.com/Galleries/Telecommunicationsage/Thetelegraph/Thetelegraphicagedawns/index.htm

andrea said...
This comment has been removed by the author.
andrea said...

croucher1986, I'm not asking if the site is legit or not, but how we had the skulls image. Ok, OurMutualFriend42 gave us.. But were he found the image? was this a sort of "spoiler" for a future event or OMF42 is a part of the game?

Now, I think that it was a clue, and they are telling us to use stenography.. I've used some softwares (for Mac and Windows), but it seems that for the png files you need a password, and a lot of softwares need a file created by the same software.
I think that we have to use stenography for the emails. But are we supposed to convert every "image" email in a text email? ...wow....
Or is there a way to decompile the site and find the text of the emails?

DarkUFO said...

I think OurMutualFriend42 is an insider and is dropping clues to the large Find815 sites.

Hopefully he'll be back with more information.

Anonymous said...

The skull image is easymade using the "Sull Bearer" Font! how he got? He probably work for the game producers.

andrea said...

ok, thank you Dark..
so, I've read about a "Carpe diem" on chat, by OurMutualFriend42..
Is that the password? I've tryed with some decryption software but didn't worked..

Let's try again!!!

Anonymous said...

WOW, im loving this.


does anyone think that dinosaur is a nod towards the skeletal remains shown in the series four teaser? ill post pictures later when i get home from college.

Thomasriekki said...

Did anyone else notice that the skull picture was posted on this blog for a while? Who did that? I tried to find it again last night but couldn't...
I also noticed ourmutualfriend42's lostpedia post (the only one left)
he/she said:

What have you go to loose mr. writer? whoever i am, i have something for you, something you have to work for.

I can get a screencap if anyone would like it?

Unknown said...

I ran the stegosaurus picture through a steganography decoder here, but it came up with nothing.

Anonymous said...

i was just looking thru this email, trying to find the link to stego myself, but can't.
where is it?

amozza said...

I did a little file size test and found some interesting results.

The PNG version from the find815 server is a PNG24 file at 511KB.

I then took the full resolution version from Wikipedia, resized it to the PNG size, and saved it as a PNG24 image. The resulting image is only 425KB. That's 86KB smaller!

Since there are no compression options available for the PNG24 format, the difference in size probably means there's something hidden in there.

I doubt it's hidden visually in the image, as this wouldn't affect the file size. I suspect we need a pasword to extract a file or something, but what is it?

I don't know...

gezzer1982 said...

Samuel Morse= morse code

Hero Fan said...

Can someone help me find the link to the stegasaurus pic in the email?
I keep looking at it but can't find anything.
Thanks

Steff said...

@hero fan: it is in parts.. first it says "http" and then ... ... ..... and then "com" .... ... "steg/" .... something like this.... i found these, but the others already found the whole link :D hope this helps

Steff said...

maybe the password for extracting is Carpe diem

Simon Bourne said...

There are two pics actually: stegosaurus.jpg and stegosaurus.png on the server. They both are PNG files and are visually identical.

Hero Fan said...

Thank you steff!
Somebody has very good eyes.
XD

Simon Bourne said...

@amozza
You can compress PNG files (it's lossless).

Steff said...

i forgot to say:
GREAT WORK to everyone who found this... i saw the skulls in a comment few days ago, but thought it was not from an official source... GREAT WORK again

Wesh said...

hero fan: you can press ctrl+F, so that you'll can look through the email and then look for reversed question marks (like the one before the http that you allready found), when you do that and press next everytime, it'll take you to the parts that'll make up the website (it will also show some useless parts though, just press next)
i hope that's clear.

SpOOky (Mark) said...
This comment has been removed by the author.
SpOOky (Mark) said...

Kyle aka TheBookPolice said...
I ran the stegosaurus picture through a steganography decoder here, but it came up with nothing.

---

I went to that site and did the same thing (with the picutre I saved last night from the site)

Result was "O?"

SpOOky (Mark) said...

Thanks for making the post ODI

I was up all night looking into this, sending emails back and forth checking the sites and so on,
By the time I got all the information as to how events unfolded I was in no fit shape to post :)

amozza said...

@cobines
Right, PNG24 uses lossles compression, but in both Photoshop and Fireworks, there are no options available for quality (as there are for jpg, gif). So the difference in file size must mean there's something different about the files.

I found something else interesting after reading there's a jpg version on the find815 server also. Windows opens it fine, but Photoshop gives an the following error: Invalid JPEG marker. Fireworks gives an unknown file format error.

Could there be something embedded in this file... a password perhaps?

Simon Bourne said...

The .jpg file is actually in PNG format, so it has a wrong extension. Maybe those programs look at extension not at the file header when opening files, thus giving an error. So, while different extensions, both are PNG files, but they differ. I couldn't see the difference visually but bitwise comparison says they are very different. Maybe it's just a leftover from when someone was creating the PNG file.

Also several software (IrfanView for example) allow setting compression level. I could make a 430kB PNG file with it.

shellma said...

You know, Dark, these sort of fakes were prevalent in TLE. It IS possible to change a file's URL so that it appears to be hosted on a server that it isn't actually hosted on. It just doesn't seem to fit with the simplicity of this game. You would think someone would have found some of those images when finding all the rest on that server. But I'm always happy to be proven wrong.

Smullie said...

Well, it could be just me, but I see some blurs on the image.
Right next to the animal.
A bit further right from previous.
Below the tail.

It could just be zooming (from the used camera) or conversion issues , but I don't know.

DarkUFO said...

Shellma, unless someone has hacked the game server then no, it's real.

http://www.find815.com/bhf/index.html

Matt the Pale said...

I ran the dinosaur picture through a program called StegSpy 2.1 and got this:


Steganography found at marker position 414663
Hiderman program detected!

Dave said...

I may be way off here, but does anyone know the point of that latest 815 video? (The one where it's at night, and Sam is standing on the deck of the ship, and hears some strange static noises, then goes down below, and the lights flicker.) Did I just miss the point of that clip? Didn't seem like it made much sense, unless they're just trying to show us that the electromagnetism is starting to mess with the ship's machinery. I'm particularly wondering if the "Morse code" clue fits in with it somewhere, maybe in the static noises or the flickering lights. Does anyone know? Again, could be either way off or totally missing something...

Unknown said...

has anyone checked for anagrams in the title 'baliholidayfun' ? or

Bolivar Baez said...

I get "Sorry no Steg found." on the StegSpy program

ivan said...

it is real i can asure you of that.

http://www.geo.uw.edu.pl/BALTOW/park07.htm

its a park in Poland. have fun running all of your test. i do not know how to.

Matt the Pale said...

Right-click and download the picture from this particular link, and then use StegSpy:

Link

andrea said...

Matt, I used the Hiderman software, but it can't find any hidden file in the stegosaurus.png file..

Matt the Pale said...

Yes, I know it can't. I don't know how to decode it, either.

Unknown said...

stegosaurus is an anagram of sgt rousseau.

Jason Frost said...

Where is that Mystery Comments?
A link?

johnlocke said...

yeah, it works! you just have to change file extension from .png to .jpg

Using StegSpy you get then the message
"Steganography found at marker position 414663
Hiderman program detected!"

Bolivar Baez said...

I think that the image of the stegosaurus is only there to indicate that we have to use steganography. So I tried to find something on the JPG of the bali site and found this: http://bolivar.baez.googlepages.com/bali.JPG

andrea said...

so, is there an mp3 inside the jpg?

Mike said...

How was the url found in the email?

Bolivar Baez said...

Tried to extract it, but asks for a password.

http://bolivar.baez.googlepages.com/pass.JPG

andrea said...

Bolivar, which software do you use?
I think that the password isn't too far away..

Unknown said...

Not all that relevant but something kind of cool:

if you take all of the numbers from the Bali Holiday Fun ad and multiply them together, then divide by 4 (the number of numbers in the ad) you get 108.

4 x 3 x 3 x 12 = 432 / 4 = 108

Bolivar Baez said...

I use STEGHIDE to try to extract it, used TRID to get the info about the mp3

andrea said...

Ok.. I've tried with an hexadecimal "decoder" (or something like that), and I've found that the bali.jpg was made with an Adobe software.. Isn't too much, but in 2004 there was a quiz (I don't know what!!) in which the solution was found in this way.. I'm trying to know more from that, maybe will be helpful..

Unknown said...

try this password:
36-15-28

Unknown said...

Sgt. Rousseau? Oooooooh! I like that!

Unknown said...

bolivar, have you tried Carpe Diem as the pass phrase?

Bolivar Baez said...

ive tried them all....but anyways, it seems like it was a false lead. we better wait for some new pics

Mike said...

I've been trying to find patterns of dots and dashes in the email - hoping to find Morse Code. No luck making any sense of it - but I feel like it's worth looking into.

Anonymous said...

If this is genuine, it is an awfully stupid way to introduce content into the game...

shellma said...

Thanks for letting us know over at the OC Dark!!

Anonymous said...

I have a feeling that we are going to find out that this has something to do with the Blast Door Map.

Bolivar Baez said...

I think this is a present to us real players. Like we get to access the maxwell site faster than anyone else if we solve this. This was only posted on lostpedia and here.

Black Swan said...

I usually post over at the OC (Hi Shellma) and I'm not very computer savvy, but the dots and dashes from the baliholidayfun site gives me "5mimi". When I input the code into this translater (http://inter.scoutnet.org/morse/morseform.html) it gave me just plain mimi. You could try this as a password?

SpOOky (Mark) said...

other suggestions for passwords

"OurMutualFriend42"
"OMF42"
"Stegosaurus"
"steg"

Hell ..try my youtube name
"C22SpOOky" summats gotta work lol :))

helohe said...

stegosaurus may be a hint that the image uses some Steganography in it.

I'm gonna check this.

Mandazoid said...

Kind of an obvious suggestion, but has anyone tried the infamous numbers as the password?

lost2010 said...

Sieze the day - - What about the date from the Tunisian newspaper that was the Season 4 clue? Already been tried I'm sure.

CW said...

I think it makes sense that this might be a "bonus" hint for people more involved in the game. Maybe it will link back into something more mainstream, or it could be completely separate but not essential to the normal game.

Simon Bourne said...

In the first two lines of both images most of the pixels differ by one bit each (if you look at each RGB or BGR color value). It sure could have something to do with steganography (before and after), but we have to find a program that made it and it could also be encrypted...

thebruce0 said...

Ok, the PNG is definitely stegged, and here's why:

Not finding a program that would for certain indicate a steg, I decided to try finding it myself.

I took the PNG and JPG in Corel, and compared their differences, thinking one would be the original, and one edited. Sure enough, the differences followed with standard steg procedure - from the first pixel sequentially, the differences between the two were that the Red/Geen/Blue bits were odd or even, indicating the final bit of each colour value was altered.

524 pixels total showed different, so I saved the PNG as a TIF (to easily get the binary pixel data), grabbed rightmost bit of each byte (RGB is 3 bytes per pixel) and arrived with:

00100011001001000100111101110000011001010110111001010011011101000110010101100111011011110010010000100011101010000000000000000000000000000000000100001010000000010000000101010010010001010100000101000100010011010100010100101110011101000111100001110100111011011111010101011001100011110000010001001010001110100110101110101011001001001101110110000110111100000011010010000010101000001111000000101010100010011000110011100101010001011101100101011101011110010101101011001010110001111111000101100100110011101000101111010101010000001110000011000010010111101100010111111010000000100110000000110010110100100001111000000000100000111100101110101111001010100001001101111000011000101010001011001100000000011000101001001110100000110101110010000000111001011001100011000011010000010110100111010101010001111011101000101101001110001101100110111100110010101000011111011110110011110011100110000111001010100001010100111110010010011101000111111111011011010010011100010010101100100110001110101000110011000000111010010001110000100101101010110110100000101001110111111010101110001000111111110001011100011001010001100101011001110101000100101010011111010011101010010000111011000110111011110000010010110111010110000110000110111100010010101111000011001110011100101010000000101101010010010110011001000111011001000011000001011010011111100011111111101100110111001111000100110110101000100111101010101110010011011000010110011000110011011111101000111010101100101111110100110011001011110110000101000110100011011101010111111010001110101110010000010110111011101011000100011101101101111101000010011110111100001110000000

This binary is actually ascii code for:

#$OpenStego$#¨
README.txtíõYJ:k«$݆ð4‚ ð*‰ŒåEÙ]yZÊÇñd΋Õ@àÂ^Åú`2҃˯*xb¢ÌŠNƒ\€å˜ÃAiÕGº-8ټʇÞÏ9‡*>IÑÿm'²c¨Ì‘ÂZ¶‚ú¸ñq”egQ*}:ìnðKu†į ç*Ô–dvC§ãþÍÏj'ªäØYŒß£«/Ó2öhÝ_£®AnëÛ} ï

Immediately I hunted down OpenStego, trying each version, but not knowing the password, I've been unable to extract the encrypted data. OpenStego is giving me "Invalid password" for everything (and only the PNG allows password entry since it reports no stegged data for the JPG) - except for "README.txt". Trying that as a password, OpenStego reports a java error "java.io.IOException: Not in GZIP format"

That's as far as I got. I haven't checked to see if the data after "README.txt" is already unencrypted, but I'd assume it is. And I don't know how OpenStego stores the password. I tested encrypting a text message in another PNG and extracting, and it worked fine. So I don't know why it's reporting a java error in this specific case.

I'm now going home, so maybe someone else can run with this...

Simon Bourne said...

I decrypted the file, but like OpenStego says - it's not GZIP stream and attaching simple header did not help. I have tried many passwords to see if the file maybe was wrongly decrypted, but each time i got "Invalid password". So we could assume the 'README.txt' pass is valid. Just the decrypted file is still gibberish.

Simon Bourne said...

I found that both images have embedded files. .jpg is injected by OpenStego 3.0 and .png by one of the more recent versions, because of different headers. Files that can be extracted from both are identical (167 bytes long). Still, either the images contain only headers embedded or someone changed the OpenStego software. The default is first gzip then encrypt. The decryption went fine, but the output is not gzip. Maybe just 'README.txt' is the clue here.

ivan said...

try Denpasar its in the email but you probably done this.

helohe said...

I decoded the text in the png using crypt tool, with the same key from opensteg.., but got a slightly different text:

BD 58 EB E6 C3 0A 31 01 .... from here on the same.

Felipe Milano said...

Has anybody thought of the possibility that the message inside the picture is morse code?

Check the Steg's tail:

I see this: . -. -.. ...

Which reads ENDS.

I think there's more there, but I can't see it.

helohe said...

README.txt may just be the wrong password. May be somone could try a brute force. It is known that the encryption used is DES(CBC), PKCS #5(MD5). The salt and the iterations are known:

Salt: 28 5f 71 c9 1e 35 0a 62
Iterations: 7

BTW. When interceping the data before the gzip decompression takes part, both the jpg and png produce the same output. (But for the jpg version 0.3.0 is used and for the png 0.3.2).

helohe said...

Thats the file when decripting with "README.txt", but it looks nonsence:

31 7C C9 1E 94 7A F1 4D 46 27 D1 E8 42 29 6B 4C FE 84 A2
9B 31 B3 1A 07 69 5D DC 95 6D 9C F9 DA EE 70 B0 F6 A1 2B
FD CB 91 65 12 08 9E BC 35 48 A7 12 2B 1E CD 67 8E 8A 10
50 92 9F 95 AF 72 E4 33 FC 01 84 B8 C5 DE 75 B8 A6 C2 16
A9 EE 1D FF 8C 26 7F 25 B3 88 66 90 42 8F F0 C5 C9 B4 4C
E5 8C BD 95 00 23 69 C0 BF DD 77 CF 5F FC 3B C2 32 3B 11
C5 22 5C 26 42 4B 7A 14 1C C7 42 11 6B 80 DA 59 66 42 8F
E7 0F 86 A3 DB 78 97 AC E5 4B 03 7B 85 75 FE 3A 06 5D 79
05 32 8D F9 D8 F2 88 CF 2D 46 88 5F 31 2D 1A

Mary said...

has anyone tried AABBCFC as the password? (from the gibberish email of chapter 3)

lost2010 said...

What will the password look like? Is it likely to be a word or a file name or what? Just in case I accidentally happen across it.

helohe said...

The source of the OpenStego software changed just a few minutes ago and now includes a check if the password is wrong -> will no longer produce a gzip exception.

http://openstego.svn.sourceforge.net/viewvc/openstego/java/trunk/src/net/sourceforge/openstego/

Anonymous said...

the morse code from the voice mail is openstego. it ties in with what you guys have found, but we still need that password. I think it's hidden in either tracey's email or in the BHF site. I'll keep looking.

Matt the Pale said...

I think the password is README.txt, but I can't open the steg because of the following error: "java.io.IOException: Not in GZIP format"

Anonymous said...

I'll try this again. it denied my comment last time.

Is it possible to convert it into GZIP format? and what is gzip format?

And I tried playing around with the red levels on the steg picture, but I need number values to input. Without them, I'm hitting a brick wall. I tried 36-15-28 but it didn't work because the middle value has to be between 0 and 7.99. I'm using PSP7 if that makes a difference.

lexxas said...

Great work :)

Here you can find one of the comments from MutualFriend:
http://find815.blogspot.com/2008/01/clue-in-maxwell-group-logo.html

About half way down, it says:
"Figure this out and you will be rewarded http://farm3.static.flickr.com/2319/2184246397_bcb4a12b01_o.jpg"


And did anyone check the pic with the "new" OpenSteg software? Sounds like it could work if it's not extracted into gZip anymore?

Unknown said...

"README.txt" is not the password. The GZIP error has something to do with the output directory you select.

blandestk said...

wow, i step away from the game for under a day and i miss all this. the recap in this post is lacking to a reader who missed it all. is there a contributor who could make a concise, but inclusive post explaining every step that has gotten us to this point? i would greatly appreciate it.

Maqrkk said...

Well, with Tracey sending the baliholiday site to Sam, it's clear it's legit now. We were just one step ahead.
About the dinosaur. It's obvious something is hidden. And imo, README.txt IS the password, but I think we're missing some clues maybe?

@ blandestk: The recap is pretty much all there is to recap.

Anonymous said...

did you actually realise that both "README.txt" and "txt" work as a pw??
this still bothers me do, and i dont know what to do with this gzip error.

Maqrkk said...

Hmm in that case it doesn't have to be the password, but why does it give that GZIP exception?

andrea said...

.....or is it saying: "open the README.txt in the OpenStego folder"?

andrea said...

Samir Vaidya, the creator of OpenStego (AND I WOULD LIKE TO THANK HIM VERY VERY MUCH.. I think that he will have some "troubles" in these days, eheh), send me an e-mail. He said that if we get the GZIP problem is because the password is wrong. It's just a coincidence if README.txt is accepted as password. And that's because "there might be huge number of such strings which would get accepted as password, but actually are not" (as he wrote me).

andrea said...
This comment has been removed by the author.
SpOOky (Mark) said...

I dont know anything about steganography, so forgive my Ingorance about it.

Is it possible that "README.txt" is whats hidden in the picture.
As some kind of cryptic message to the fans.

I mean they have 2 pictures that look the same but when you look "closely" you can find they are not
(In this case the extensions and file sizes)

And "Readme.txt" is a way of telling the Fans
We should be looking for changes that acure to things like sams manifest and laptop website.
And "reading" something into them rarther than dismissing them as mistakes being corrected.

Just a thought. :)

thebruce0 said...

README.txt as the file in the steg came to mind when I first saw it, but it was just so unbelievably odd that only that string and nothing else I tried would gve the GZIP error *shrug*. At least we know now for sure that that IS in fact the filename encrypted and NOT the password. Keep looking!

L. Nikulicz said...

DUDE!! CHECKOUT THE SOURCE CODE FROM THE STEG PIC...!!!!


its too long to post here. this isnt normal.

Tom said...

Any chance the decoded jibberish is a key to other jibberish like in the e-mails?

Adam said...

Felipe said he thought he saw morse code for "ENDS" in the picture, at the end of the stegosaur's tail. If you look at the jibberish source code of the pic (http://find815stegosaurus.blogspot.com) then you also see the word "END." Then again, I know nothing about picture encoding. This could be the case looking at the text code from any photo. Are we supposed to be computer experts?

Birty2k said...

Haha the best I seemed to get is when you invert the image of the steg it gives you what looks like a map printed on it's body. But that's as far as my brain could stretch for tonight I'm afraid!

Unknown said...

hi all.
can someone guide me through all this?i was out of internet access for a few days.
i got the auto-reply mail but i can't find the link to the dino-image in it...and once i will,where do ya enter the password?