Welcome to the behind the scenes of our Christmas riddle. As many of you know the month of December is filled with traditions and the xorlab Christmas riddle is another such tradition. In the last years we have shared a number of different riddles with our customers and friends to celebrate the holidays. This year we want to share the process with you and invite you to read along….
We decided that the initial step was a season’s greetings email, using a snowy mountain range that would look strange enough to make you look again. Another couple of hints were hidden inside the poem in the email.
Embark on a quest through the digital domain,
Where mountains rise and fall like a cryptic refrain.
In this landscape of peaks and troughs, you must be bold,
Seeking the site where the stories are told.
This ciphered word, to the web’s end append,
At your journey’s conclusion, you'll find a friend.
So venture forth, let no detail escape your sight,
then let the hunger be your guiding light.
The word to look for in the mountain range could not be too long - 4 letters within 4 mountain ranges. We agreed on “xmas” relatively quickly. The corresponding binaries are 01111000; 01101101; 01100001, 01110011 which Niki used for the image. Maria added a webpage with the address www.xorlab.com/xmas
Here you find the video of Nicolas containing a number of QR codes - to make it more complex we hid the QR codes within AI generated pictures. Interesting fact: printed on paper the QR code is much more hidden whereas when seen in the video it is clearly identifiable. We had to test whether the codes were scannable when you paused the video. Check.
We hid a number of hints within the text that Nicolas reads in the video - as well as some red herrings and unintentionally misleading information:
Scanning the right code takes you to xorlab on Google maps. But what now?
In the second story in the video Want and Perspective were giving a hint to look around and find an option to satisfy hunger. “Change your view and follow your hunger inside” was a hint to switch to street view on Google Maps and enter NoerdKantine.
➡️ 
What would a good password be? As we work in security we thought it needs to contain small and capital letters, numbers and special characters. This hint was given both together with the first clue and in the video page.
Inside the restaurant NoerdKantine which is located on the roof terrace of our office building you can actually see the menu of the day on the wall - that’s where the Spezial came into play (the second ghost hinted "Out of all the choices you have, you’ll find something SPEZIAL”).
As an extra layer we added the idea that you need a cipher to figure out the password. One such cipher is an acrostic - where you use the first letter of a sentence, which we also spelled out in the poem that the 6-fingered woman recites. And thus the idea was born to make the password from the first letters of the Spezial menu, including the 1 from the price and the & sign (which we already told you in the P.S. of the initial email: “P.S. For the very final task capitalization, spezial characters and numbers are significant.”).
Always be security aware and curious,
Creative, so you won’t get furious.
Requesting passwords, stories, and facts,
Opening your mind to new ideas and acts.
Solving riddles by pausing time,
Trying out a different rhyme.
Inviting a look at the beginning,
Celebrating you for winning.
Finding the password was definitely the hard part…. and we were told that we kept some people awake later than intended or absorbed their lunch break... Spezial 1 Menu stated: Salat Walliser Gemüse-Kartoffel Gratin mit Tomate & Raclettekäse 16 (the symbol after 16 is not a conventional special character :)). The right password was 🥁: SWG-KGmT&R16
We hope you enjoyed the process! We have some lucky winners and are already busy planning new riddles for next year...
Discover how xorlab's email security solution helped CERN enhance their email defense system, detecting 4x more potential threats and stopping over...
Find out the results of our experiment testing xorlab's ability to detect and block ChatGPT-generated phishing and fraud emails.
Find out how Switzerland’s leading private banking group keeps its business communication and collaboration safe from compromise with xorlab...