W/ARE event summary

Archive Waking Titan
1

The last couple of days have been a bit hectic and although the below topic contains pretty much all the info on events, I figured to summarise how we found the new W/ARE website and following puzzle in this topic, for those who are just now trying to catch up, so here goes …

A very well done, extensive recap video was made by @kyle-culver, which you can find here:

The WT STATUS command updated several times to eventually show the following:

STATUS%20-%20Update%2001
STATUS%20-%20Update%2001932×290 128 KB

Users were searching for clues using the info shown for CLIENT 3597B.
The NAT IP address 52.2.248.* proved to be our best bet, but was incomplete.
The :80\\ Indicated it would be a port 80, which is generally used for web browsing.
Checking any possible last digits (0-255) to complete the NAT IP address and using that as an address in the web browser, resulted in quite a few web pages with one of them standing out, 52.2.248.6.

6_
6_2472×1720 277 KB

As this was just a single page, using a 404 image, we checked the source for this page to hopefully find more clues. The following bit of HTML yielded results:

<meta property="og:description" content="W/ARE 是市场上功能最强大、技术最先进的头显。">

Doing a web search (Google) with the full Chinese string within quotation marks, showed only one result:

Google%20search%20result

We then checked this found website, which is almost completely in simplified Chinese, but translates amazingly well to English. The full content of the website seems to be about some very interesting but likely fictional technology, which matches the lore of Waking Titan very well.

Searching for additional external sources for this company, using the website logo for an image search, resulted in a variety of Twitter accounts :

(changed background color for visibility)
big-logo%20-%20dark%20background


The actual Twitter account was found easily:

W/ARE @warecloud (Twitter)


Various additional Twitter accounts were found, who had been sending out the following tweets for W/ARE, each containing an image with a Hex code:

Some duplicate images were found with other Twitter accounts. By combining these results, we got the following shortened url:

62 69 74 2E (Hex) <> bit. (Ascii)
6C 79 2F 77 (Hex) <> ly/w (Ascii)
61 72 65 32 (Hex) <> are2 (Ascii)
30 31 38 (Hex) <> 018 (Ascii) <— Also received after signing up for W/ARE (Email registration)

bit.ly/ware2018 (combined)

When following this url, you are being invited to a Discord channel for W/ARE.

Some users remembered having been contacted on Twitter by the following strange Twitter account, showing some interesting Tweets:
https://www.reddit.com/r/NoMansSkyTheGame/comments/87lg4f/waking_titan_possibly_connected_to_the_twitter/

Harima%20PS%20Reddit
Harima%20PS%20Reddit855×415 12.1 KB

w9rPQ45E @w9rPQ45E (Twitter)

Tweets%20w9rPQ45E
Tweets%20w9rPQ45E588×831 41.1 KB

Combining these strings from the Tweets, resulted in the following from Hex to Ascii:

When familiar with crypto currency, you will recognise the above result as a ‘Txhash’ address:

Txhash%20result
Txhash%20result1143×640 7.57 KB

When looking at the ‘Input Data’ it shows the following:
0x484e714b45557053 (0xHex), which converts to HNqKEUpS (Ascii)

This was then used on Pastebin and gave us a string of 31 digits:

b67fbb5e90ddcda8a921656d0b30a20

We then realised that the Twitter account name could be used the same way, resulting in another string of 33 digits:

edb044c81d40a196c4672a2bd6f17f1f6

Combining both strings, turned out to be the private key to the wallet, which makes it possible to transfer any funds available, making someone happy with close to $50:
edb044c81d40a196c4672a2bd6f17f1f6b67fbb5e90ddcda8a921656d0b30a20

This solved the first W/ARE event/puzzle. Job well done everyone !!!

Relation to WT (unofficially) confirmed?

  • The W/ARE website was found due to updates for the STATUS command on the WT console.
  • Very familiar look/feel/story.
  • Use of Dreams (Dreamscape), matching WT lore.
  • Use of REM and NREM sleep cycles, where REM SLEEP was the solution to our 10th glyph.
  • Location of W/ARE is Zhongguancun, Haidian District, Beijing, China. With Myriad-70’s status page now showing: Beijing: 29.1Tb/s.
    Using the WT console string as a map search also leads to Beijing.
  • Use of <CORRUPTED> on some of the pages
  • Similarity between NMS Anomaly door and the W/ARE sensor.
    Anomaly%20Door%20vs%20WARE%20Sensor
    Anomaly%20Door%20vs%20WARE%20Sensor1280×498 114 KB
  • Possible reference to the abbreviations shown in the Secret Memo received during the Live Drop in NY (see here):
    MY (Myriad-70)
    AT (Atlas-65)
    WT (WakingTitan)
    WR (W/ARE?)
    CR (???)
  • Client W9 [ CORRUPTED ] from earlier Myriad-70 status could reference Twitter account w9rPQ45E.
  • WT console string (32 characters), alternating match with the private key found.
    String%20comparison
    String%20comparison1000×200 11.5 KB
  • When attempting to register the same email address twice on W/ARE, a security check from MailChimp shows the address for Alice & Smith.
    Register%20again%20security%20check

I may have missed a few things, but feel free to mention them in a reply.

37 Likes
2

Thank you! Very nicely summed up. :sunglasses:

4 Likes
3

Very nice @DevilinPixy.
Its nice to see the twitter info I was not aware of at the time .
Good stuff. :grin:

4 Likes
4

This is great

3 Likes
5

Fine work. Following avidly.

3 Likes
6

Thank you for this excellent summary. I find the realtime commentary whether here, reddit or discord, can get confusing and misleading with all the various weird and wonderful theories which of course could be totally valid given my limited expertise. I hope the ARG does include some aspects for us lesser mortals.

3 Likes
7

DevilinPixy, FTW! Well done! :clap:t4::clap:t4::clap:t4: Thank you!

4 Likes
8

@DevilinPixy I must say I am so in awe of your generous and tidy intellect. <3

I thank you for cutting through the speculative confusion for us. This summary is fantastic.

4 Likes
9

Excellent post. Another connection is the conversation at the live drop event about “getting enough sleep” and importance of being well-rested.

2 Likes
10

I am very uncomfortable with them dragging concurrency and a private wallet number into this(assuming A&S did this for WT)…if they wanted to have some kind of monetary reward that’s fine but this puts people in a very weird position of being able to take some money out of some account without knowing who the owner is or having obtained explicit permission…and sure this does look like it was a puzzle designed to lead us to it but still…we are still being led to what would be technically theft, if someone does take that money. I rather they kept this kind of stuff out of the ARG.

1 Like
11

most likely it is not an actual account, all make believe

1 Like
12

The wallet that held the money had to have been owned by A&S – the probability that they both transferred currency to a random wallet AND randomly generated the private key for that particular wallet is so small…

1 Like
13

Is there a list of the other URLs the IP address pointed to? Any loose ends there?

14

In the other topic someone did post a list of all the IPs returning a page of some sort. As far as I know, there were no loose ends though.

5 Likes
15

well done and thank you

3 Likes
16

thanks @DevilinPixy

1 Like
17

Thanks devilin, been on the road all week helping uncle with some work so been hard to keep up with all the shenanigans

3 Likes
18

Yes @DevilinPixy, I noticed that too.

A whole lof of pages that have nothing except an empty page.
Waiting for EMILY to show her “stuff” to the world.

1 Like
19

If one does not check all that they can … they generally are not hit from the blind side.

EMILY can do that if you are not ready.

The watch must continue …

The time is now …

2 Likes
20

Funny you should say, just spent my morning reading 2000 posts and replies :grin:

Doing all my citizen sciencing on mobile now, I’ve noticed the little blue circle isn’t there on posts you haven’t read, so I dunno if it’s tracking my activity anymore.

I’m worried what will happen to me if I fall from Emily’s grace (honestly, best to stay in the digital omniscient beings good books, just in case it goes all “I have no mouth and must scream” on us.)

It’s funny, I used to hypothesise, when will the free updates end?

Hello Games are a bunch of folk with lives, careers and families, and also a building with rent and bills etc etc. They will have to introduce paid content, at some point, that doesnt take away from the core/free updates, cosmetics or portals that introduce story missions, that bring you to key places from the lore, that sorta stuff. That’s what I used to think they’d do (I still think they will some day)

I can’t believe I never considered an xbox release as a viable option to maintain a steady income and continuing to support the community with free updates well into 2019.

I kinda forgot about the xbox after they flicked their unflickable switch ¯_(ツ)_/¯

But if uncle Bill and papa Spencer can help our universe be all it can possibly be on current gen hardware, I’m all for it. Ms are doing everything they can to make people forget about all the games they’ve been canceling or the absolute mess Don Mattrick made at the reveal, I can see them approaching HG like white knights after the launch fallout, or maybe after or during waking titan when they proved to the world they weren’t like those kickstarters that just take the money and run.

I’d say it was more a mutual meeting that was bound to happen when the console exclusivity ran out with Sony, but all those other factors definitely do apply too, its great news for everyone, until it launches on xbox one and another community of dude bros have a launch day hissy fit that jettisons sonic noise across a good three months of time and space. Oh glob, I hope that doesn’t happen :unamused:

8 Likes