List of recent changes and additions to these pages: the new stuff
NEWS: May 7: Message received from +ORC himself... look here
COMMENT: May 10: +ORC == Petr Horak?? see below
+ORC's age: May 31: +ORC was using DOS in 1981... see below
There are probably some people out there who have not heard of +ORC. I would say to them that +ORC, "the Old Red Cracker", is a near-legendary programmer/philosopher and Web-denizen who has taken cracking protected software to a high artform. Indeed he could be said to have invented the art of meta-cracking -- the art-beyond-the-art.
His greatest fame is from his "How-to-Crack" lessons. If you have not found them yet, traveller, keep searching. They are (at time of writing, April 1997) available in at least five places on the Web.
+ORC has developed a loyal, dedicated group of acolytes who implement his philosophies and extend his teaching methods. Some of these are famous in their own right - fravia+, +gthorne, and many other skilled programmers and crackers.
But +ORC himself is an enigma. Who is he? Where is he? Where does he come from? Does he have a Web presence of his own? What is his email address (now that anon.penet.fi has closed)? Why hasn't he posted to newsgroups (under his .penet address) since July 1996? The questions are legion, the answers scarce as the teeth of the Cockatrice.
I believe that some answers can be found from his writings -- particularly the How-to-Crack series, and the one or two newsgroup postings that Dejanews turns up. In consultation with several other searchers, I have put together a profile on +ORC that might cast light on the many questions. I've tried to adopt +ORC's own Zen approach to the search for information about him. Not so much to tell the reader the answers, but help them to find them for themselves.
At the same time, I have no intention of disclosing secret information to his enemies -- let them find the information themselves. In any case, I don't have the answers -- I am still searching. If you have insights on any of these questions, and more important, any evidence, please let me know. I shall add it to this compendium if it contributes to the answers, with, of course, due acknowledgment.
So, back to the chase, what can we tell about +ORC?
Before I start, let me state what assumptions I am making. If you do not examine your assumptions, you will make mistakes. Maxim: Assumptions lead to errors. Corollary: Every error results from an assumption.
I am assuming that he exists, that he has a Web presence and that we can find it by observation, thought and inspiration.
My search has led me in two directions. Where (if anywhere) can his web-presence be found? and Who is he?
The first of these questions is the subject of a riddle, which I shall explore below. The second involves detective work.
Who is he? An analysis of his written material tells us a number of interesting things:
He is very fluent in English, but his usage patterns are not those of a native speaker (.us, .uk., .au, .ca, .nz etc). Examples: word ordering in some sentences. Use of unusual neologisms. Occasional Germanic noun concatenations.
For me, his spellings indicate German as his native tongue [or, at least, his first European language - this doesn't rule out him being Chinese, though this is unlikely, as most Chinese learn UK or US English as a first foreign language] Examples: ciffer instead of cipher (Ziffer in German). Hunderts (German) instead of hundreds. Tuskany (German) instead of Tuscany. Wodka instead of Vodka. Burocrat (German: Bürocrat) instead of Bureaucrat. Februar (German) instead of February. [Comment: when typing quickly, one tends to drop back into one's original tongue on sound-alike words.] Some have suggested he might be Dutch, but the spellings are German, not Dutch, nor Swedish for that matter.
Now I'm not a Dutch or German speaker (beyond being able to understand railway station announcements!), so I am unable to distinguish between Dutch and German syntax. Others are more expert here. I had an interesting email from Haye who is Dutch. He is convinced that +ORC is Dutch, not German, because of his idiosyncratic language patterns. In other words, there are different language-use patterns in Dutch and German, and +ORC uses Dutch ones, not German. I can't disagree here as I don't know.
So why the German (not Dutch) spellings? Well, one idea that occurred to me was that he might be Dutch, living in a German-speaking location. Combine that with writing in English, and it's quite possible that you might drop the odd German spelling into what you write. I'd appreciate more opinions on this. I'm inclined to accept Haye's view for the moment. Haye also thinks +ORC might deliberately salt his prose with Germanisms to throw searchers off the track. You must make up your own mind.
Odd use of word: basilar instead of basic: does he have medical knowledge?
He is most certainly not Polish or Finnish, or he would not claim Russian vodka is the best. ;-)
His generally sound use of "the" and "a" suggests he is not of Slavic descent.
He shows a more than usual knowledge of cryptography research in Switzerland, not an obvious choice of target. Why? Switzerland is not the centre of the cryptography world. He is also familiar with academic research in cryptography, going on the references he quotes. The references are not those of a dabbler. He speaks here with authority.
He writes numbers in the Continental European style, using periods as separators, not commas (ie 2 million as 2.000.000, not in the American/British manner, 2,000,000).
He refers to his early cracking experience on a PC "in his youth". The meaning of "youth" can vary depending on your perspective. If you are less than 30, your "youth" is when you were a teenager. If over 50, it could refer to late teenagerhood, or early twenties. I assume the former, and that it means he was around 15 years old in 1987 (the copyright year of the program "UMS" - see How to Crack, Lesson 3.1). That makes him about 25 now.
That sounds OK? Pity. Haye also reminded me that at the end of Lesson 9.2, +ORC said the following:
"A good idea in order to re-establish somehow our "humanity" "contact" balance is to seek physical contact not only with your loved one (which is always very good) but also with many other human beings: I have for instance three massage sessions every week with my masseuse, which is half my age but strong enough to cure my rheumatisms... just to make another example, I enjoy very much all restaurants which have the so called "tables d'hote" i.e. where everybody sits together at a couple of long tables, me, my wife and my kids exchanging views and opinions with other people, people you never saw before and will probably never see again, drinking excellent wines, instead of sitting grimly on the petty, bourgeois, "4 chairs" little tables for stupid greedy families that abound inside "normal" restaurants..."
Now I don't know too many 25 year olds who take their kids to restaurants to exchange views and opinions, and I don't know too many 12 year old massueses!! -- as Haye pointed out, much to my embarrassment :-(
Another observation about +ORC's age: Redstar pointed out that in lesson 8.2, where +ORC refers Windows 95, he says:
"...but I must warn you... I thought exactly the same things about DOS in 1981 "
Well, that about puts down the "young +ORC" theory.
So where does that lead us? If these are not all subterfuges to throw us off the scent -- which seems unlikely -- it means he must be in his forties or, perhaps, early fifties (rheumatism).
I think Haye and Redstar are right. The quotes indicate he is older than 25. In some ways I'm pleased by this, being well on the wrong side of 45 myself - I first programmed in FORTRAN II on an IBM 1620 (which was the size of two small automobiles and had, I think, a whopping 8K of RAM, all made of discrete transistors!!)
And what of the reference to "my youth" when talking about a 1987 program? Well, that could be a figure of speech, or perhaps a reference to his "cracking" youth. Or another subterfuge? If not, then he has chosen the epithet "old" red cracker with reason!
I've had further comments on +ORC from an anonymous emailer that are very interesting, too. They look at him from more of a sociological perspective. Look here.
Back to the analysis.
He has a good Classics education, with the ability to quote Cicero and other Latin.
His use of the phrase "If and Only If" suggests he is trained in mathematics, probably Pure Mathematics at university level. Alternatively, it could mean training at university level in formal reasoning -- perhaps philosophy?
He also refers in one of the lessons to "those Swiss" being good at cracking -- an indicator he is not Swiss, perhaps? [***This appears correct -- see the +ORC message***]
These hypotheses are open to you to support or refute with further observation. I would value your contributions.
So where is he? Does he have a permanent Web presence, however hidden from the 'bots? Can we deduce where it is? Perhaps the Riddle will tell us.
Fravia+ provides us with the text of the Riddle. I quote from his Web page:
"I copied this strainer from another "gate" to +ORC in february 1996: it should permit to open the gate below, but I could not crack it (and I tried hard)... good luck
"Gold, with six bars, or with the visor raised (in full face) for royalty"
"Silver, with five bars, (in full face) for a duke or marquis"
"Silver, with four bars, with visor raised (in profile) for an earl, viscount or baron"
"Steel, without bars, and with visor open (in full face) for a knight or a baronet"
"Steel, with visor closed (in profile) for a squire or a gentleman"
And now try to correct this link http://131.92.15.128/+ORC to reach +ORC (?)"
Again, my assumptions:
Well, what can we make of the Riddle?
After an hour of Hotbot, Excite, Infoseek, Altavista, Dejanews searching I am satisfied that it is a simple heraldic reference to the manner of indicating how the Helm may be displayed on the heraldic Crest of an individual or family, depending on the status of that person or family. To satisfy yourself: do a Hotbot exact phrase search on "six bars" with word "argent".
Further investigating shows that the hierarchy was formalised in the early 17th Century, and the riddle quote was therefore written post-1600 AD. What turns up on the Web is similar in wording, but not exactly the same as, the Riddle.
This suggests two possibilities:
I have now added a page comparing the texts here. I have also added additional Heraldic information from Michael here. See also the Shonsu "lost JPEG" saga.
In the absence of finding the written (hardcopy) version of the original Riddle text, I cannot rule out the latter possibility, but I will assume the former because it appears the most sensible course.
So why quote an heraldic crest hierarchy? The contents themselves must be the clue. So we must analyse the Riddle in detail. But first, a step back and a Zen look at the text.
Again two questions arise:
A third, irreverent question also: is this not a bunch of nonsense, a great practical joke, with no possible route to the real +ORC URL? I am assuming this is not the case, else we are defeated.
Comment: Some have suggested that +ORC might be an American. Who else would criticise the Americans as much? A fair question. Also, the target +ORC URL, 131.92.15.128, is a US Military site, although the exact number within that domain is not allocated. Have a look at the US Military "Whois" server at: http://nic.ddn.mil/cgi-bin/whois? to look up the domain 131.92.0.0
You will find a range of sites at the Army Information Systems Command, Aberdeen MD, the APGEA-NET1 site. 31 individual 131.92.-.- addresses are listed. None match the +ORC site beyond the second digit group. Most sites appear to be in the US, one in Europe, one in .au , one in "Asia", one in "Africa", if the listing is to be taken at face value.
On balance, I think the domain number is merely accidental, perhaps a joke by +ORC. I suspect that modifying the given URL digits via the Riddle will change the eventual domain drastically.
Of course, I could be wrong. Would anybody like to try adding "/+ORC" to the list of sites in APGEA-NET1 to see if he's in there?? Could stir up a hornet's nest, so I haven't done it. Also not very Zen.
Back to the Riddle. How can it be interpreted?
Let us examine the "taken all together" approach first, then the "Merchant of Venice" approach second.
(a) In toto
My thinking has followed this path: There are five categories of item listed (mostly) in five sentences. These categories are: metal, number of bars, visor position, face, and "user". The following table shows the options.
| ---Metal--- | ---Bars--- | ---Visor--- | ---Face--- | ---------Users--------- |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In summary:
My immediate thought is that the Riddle is intended to provide a matrix of numbers to be applied to the URL sequence. I assume that the columns and rows of the matrix are the same as those in the Riddle (items in columns, sentences in rows). For the moment I'll avoid the question of applying a 5x5 matrix to a four element URL vector. (I'm afraid that you'll have to bear with this terminology if you are not familiar with matrix algebra. Sorry.)
That means we need to work out what goes in the cells of the matrix. What numbers does the Riddle suggest ?
Looking at the metals, we can rank them as gold (1), silver (2) and steel (3) after the fashion of the Olympic gold/silver/bronze sequence. Both steel and bronze are alloys, after all.
Or one can take their atomic numbers: Au 79, Ag 47, Fe 26. This is not satisfying, as steel is an alloy not a pure element (Iron) as this requires.
Or one can take the first letter of their periodic table symbol, A, A, F, which are all hexadecimal numbers.
Finally, one can take the number of letters in the words gold, silver, steel - perhaps a bit artificial, but still a possibility.
This gives us four different possible first columns in the matrix: [1,2,2,3,3] or [79, 47, 47, 26, 26] or [10, 10, 10, 15, 15] or [4,6,6,5,5] (decimal).
The second column is the number of bars. This gives the column as [6,5,4,0,?] -- I don't like the "?" neutral option. At best this is a "do nothing" NOP indicator. Hex 90 perhaps?! Not elegant.
There's also another way of looking at "bars". They could be binary digits. Assuming the number is the lowest possible, 6 bars = 0011 1111 or 63 decimal. 5 bars = 0001 1111 or 31 decimal. And 4 bars = 0000 1111, or 15 decimal. This gives us an alternative second column of [63,31,15,0,?].
The third column is the visor position. I assume here that "open" and "raised" mean the same thing. If "open" is "zero" and "closed" means "one", we have the column [0,?,0,0,1] -- Again I have a problem with the "?" entry. If, alternatively, "open" means "one", we have [1,?,1,1,0] .
The fourth column is the "face" position. Here at least we have a full column, with entries full or profile. If "full" means "one" and "profile" means "zero", we have the column as [1,1,0,1,0] . The alternative is [0,0,1,0,1] .
The final column, the "users" gives [1,2,3,2,2] if you use the listed user numbers as digits.
So this gives us a series of possible 5x5 matrices (with some missing elements), that have, somehow, to be applied to the four digit groups of the "URL".
Quite how one does this is an even more confusing puzzle. Any number of questions arise:
The possibilities are legion. I'm not happy with this approach. It's too messy.
So this leads us to the "Merchant of Venice" approach. Pick the right box or be banished. But which one? Does the Bard have something to tell us? Does +ORC? I think so. Both favour the low profile, over the famous, rich and powerful. The squire or gentleman is the democratic man. Forget the upper-class-twits. Forget the mighty and powerful. If +ORC is saying anything, it's that. As did the Bard. So: one row: Steel, visor closed, in profile, squire or gentleman. The bars don't get mentioned, so let's not worry about them. This gives us sixteen four-element row options: [3 or 26 or 15 or 5], [1 or 0], [0 or 1], [2] . It reduces the bewildering array of possibilities (pun intended), but not to the "eureka!" point. And we still have to work out how to apply the "clue" digits to the URL: do we add, subtract, AND, OR, or XOR them?
Looks like this approach too leads us to a lot of options to test with "/+ORC" added. Perhaps a bit of Ping-ing is called for? Again, not elegant.
A further approach is to look at what the likely ranges of possible numerical solutions to the Riddle might be. There are an awful lot of possible IP addresses out there - potentially 4.2+ billion. The vast bulk of these have not been allocated (give 'em time!), but even those that do exist are multitudinous. It would be useful if we could get some feel for what are likely addresses. And this isn't too difficult, because there are only a limited set of possible numbers coming out of the Riddle, and there are only a limited number of things you can do with these numbers. I've put a preliminary discussion on this here. Again, all comments appreciated...
And that, my friends, is as far as I have reached. Up a Gumtree, as we say in this part of the world. Who can add to the analysis? Let us correspond, and I shall add your insights to this discussion.
A most intriguing puzzle. My own, intuitive thinking is that a complex, brute-force approach is not the right way. If you have to invoke complex analyses or unlikely thought connections to propose a solution, it is probably not the right one. The right answer, as with all Zen-thought, will appear elegantly simple in hindsight. We should use this as a measure of the solutions we propose. The right one will come with a sudden "Aha!"
So sit back, prepare the +ORC standard Moskovskaya Martini -- or dare I suggest, heretically, a dram of 1956 Macallan single malt whisky if you can find any -- and feel the answer.
So, does he have a Web site? He says he does, but that it is a "dead" site... But it doesn't really matter, at the end of the day, if +ORC has no active Web site. Doing what he is doing would make anyone paranoid, and very careful. An active Web site is not a good way to hide your tracks!
The justification for all this exercise is the puzzle itself. And if all we find is another puzzle, so much the better!
All and any inspiration you may have on this subject -- either the identity of +ORC or his Web site -- would be most welcome. Please email me. If anything I've written here leads you to him, please let me know !
Here's a link to some ideas others have already sent me on the +ORC Riddle. They've taken different approaches.
You might find their ideas give you the clue we've all been looking for...
I'll be adding more new stuff as people send it. Stay tuned.
And enjoy the puzzle. That's its purpose!
Some final thoughts to ponder....
Why does he call himself "the Old Red
Cracker"?
Is "ORC" just an acronym? Or is it a Tolkien reference?
Is it merely to contrast with others such as the "White Cracker"?
Or does "Red" refer to Communism in some way? Some of +ORC's
writings suggest he has leanings this way.
Is he of east-European origin? Probably not: he'd be unlikely to see good
points in Communism.
Who knows?
Final Comment: It's been suggested that +ORC might be Petr Horak of KGB.COM fame. There's an interesting phonetic link, particularly if you take the initial "p" of "+". Nothing seems to have been heard of Horak since around 1992, when he was in Prague. I'm not so sure about this. Looking at the language used by Horak in the intro document to KGM.COM (available in ORCPak2 from +gthorne), it's not the same as in +ORC's lessons. +ORC also referred to Petr Horak in a news post to de.org.ccc in April 1996, in a way that suggested to me they were not the same person. But in the absence of knowledge, rumours abound!
--------------------------
the Basilisk
31 May 1997
Copyright stuff: This document is copyright (c) 1997 by
the author, but it may be freely reproduced provided it credits the original
author and includes the above email address.