Chapter 2

WOOPS...

This time, we’ve got something completely alien to the first picture!
There’s a gross mistake in the first word, the text is placed carelessly, almost overlapping with the background image. The picture is rectangular, with a width of exactly 500, and a height of 375, and these are prime numbers. No secret messages in the text.
Nothing in common.

So we missed something in the first picture, and the link was just a distraction.

Let's look at the first message again. The empty spot in the lower right corner looks suspicious. Maybe there is another hint hidden within it?

If you adjust the brightness, contrast or saturation filters — no new information will appear.

Just strange noise scattered all over the image. This noise is a slightly different color from the background. Not black, but almost black.
How Photos Were Faked Before Computers And Editing Software
I have shown in previous videos how to expose fake photos with the help of such anomalies, remember?
But there should be no noise in this picture — the black background should have remained black.

The image was edited in a special way — someone really added another layer of data to the image. This is similar to the work of advanced steganographic programs. They didn’t just add plain text to the end of the file but they used a complex algorithm to change the points on the image itself.
Now there is a new problem – how can you find the program on which this was done. There are quite a few steganographic applications, but they can only open their own files. Inspired by the news, users began to sort through these programs.

Through trial and error, they managed to find out that the author of the image used a little-known program of Niels Provos, a mathematics student from Hamburg.
The program was called OutGuess.
Just so you know — it turns out that its name had been in front of our eyes the whole time. The words Guess and Out are written in plain text.

The program suddenly became popular — information about the strange contest was already being discussed way beyond 4chan. Tens of thousands of people tried to solve the message 3301, so OutGuess broke download records.

Therefore, the new suspect was Niels Provos himself.

Version 2. Cui prodest
Is fecit cui prodest – from Latin translates to "done by the one who profits from it.".

A popular expression from Ancient Rome accurately describes the logic of modern investigators. Always the first suspect is the one who benefits from the crime.
Only in the case of Niels Provos, the OutGuess story becomes a defense witness.
Look at the archive of the program’s page on the WayBack Machine. This is how she looked in January 2012.

You see, Niels Provos released the latest version of the program in 2004, eleven years before the appearance of the riddle 3301 and he never returned to it.
Security by Niels Provos
NEXT 2016 Keynote
This is easily explained — in 2003, Niels completed his degree at the University of Michigan and got a job at Google as a Distinguished Engineer on security for their Cloud Platform. I very much doubt that he had time to engage in such hoaxes.

In addition, the image of a young German mathematician is very different from the person who wrote the first message. Remember the double spaces? I'm sure Provos would never use them.

Niels did not receive any financial benefits from the famous program. It was distributed for free and was developed primarily for OpenBSD. And this is an extremely interesting point.
The fact is that OpenBSD is a free operating system that was created by hackers for hackers. Technically, special attention is paid to the security and stability of the system — it does not use questionable programs or individual modules. Even small errors cause a complete revision of the code. In addition, the system is protected from legal disputes — it uses only open and license-free code. Any use of patent-protected technologies is completely excluded.
OpenBSD was created by professionals and for professionals — therefore, it is often used in network security systems. This system is not designed for office computers or laptops — but it is extremely effective in complex network equipment, on secure servers and internetwork interfaces.

It seems that by choosing OutGuess, the author of the riddle 3301 hinted as to which specialists he is looking for.
Fortunately, there are now versions of OutGuess that run easily on macOS, so I can show you which message was hidden in the first picture.

This message is already much longer than the previous ones — 83 lines. However, we can only read the first one so far.
Here is a book code.  To find the book, and more information, go to https://www.reddit.com/r/a2e7j6ic78h0j/
1:20 2:3 3:5 4:20 5:5 6:53 7:1 8:8 9:2 10:4 11:8 12:4 13:13 14:4 15:8 16:4 17:5 18:14 19:7 20:31
21:12 22:36 23:2 24:3 25:5 26:65 27:5 28:1 29:2 30:18 31:32 32:10 33:3 34:25 35:10 36:7 37:20 38:10 39:32 40:4 41:40 42:11 43:9 44:13 45:6 46:3 47:5 48:43 49:17 50:13 51:4 52:2 53:18 54:4 55:6 56:4 57:24 58:64 59:5 60:37 61:60 62:12 63:6 64:8 65:5 66:18 67:45 68:10 69:2 70:17 71:9 72:20 73:2 74:34 75:13 76:21

Good luck.
3301
Here is a book code. To find the book, and more information, go to Reddit…
in this line, I see three important things at once:

  • First, the author of the riddle again indicates which algorithm one should use to decrypt the message.

  • Secondly, he or she indicates where to get the information necessary for decryption. And again, this is an extremely popular site where users can post their news and participate in discussions.

  • Thirdly — there is still the same double space between the sentences. You can see that the format of the message has changed, and the typographic handwriting is still recognizable.
So, we click on the link and…
It seems we haven’t solved the problem just yet.