El Paso OTP1 CD
The El Paso CD (or Black OTP1) is a disc that was recovered from the El Paso drop site. A clue associated with the drop was "BL/HOLE", which refers to the disc and a inconsistent section of the contents. This disc is used numerous times in the Black OTP1 messages.
|CD: El Paso CD|
Contents of CD
On initial investigation, the disc appeared to be an Ubuntu distribution
The files on the disc were reviewed and compared to online versions and the disc was even mounted in attempts to uncover its secrets. It turned out be a disc for Ubuntu 12.04 (not 12.04.1).
After comparison, it was found that a large section of the data differed from the ISO that was available online, as described below:
<Ymgve> 0x12C00000 to 0x19000000 is different from the official ISO What this did is basically cut a big gash through the squashfs containing Ubuntu's filesystem, so it's a fair bet right now that the Ubuntu ISO is just a wrapper around this 100 MB block of mystery meat. (Ubuntu itself is unbootable and will crash in various ways if you try.)
Dump of the byte frequencies in that 100M block: http://pastebin.ca/2291896
Later messages referenced this section of data as a "standard 100mb hole".
Analysis of OTP section
http://ompldr.org/vaTlhaw/elpaso_analysis.zip (ZIP containing CSV with various file statistics; 4096-byte window was used.)
Use in messages
Refer to Black OTP CD for a generic description of the black OTP CD series.
Links to download CD contents:
- 100mb inconsistency isolated: https://dl.dropbox.com/u/1593421/otp22/weirdblock.bin