Last year, I had a great time trying to solve the Fidelis Security Systems' Decode This! puzzle at Black Hat. But I wasn’t fast enough to win. This year, I resolved to not make the same mistakes. And in the end, it paid off!

Much like last year’s puzzle, this one involved a block of Unicode text (filled with all kinds of unpronouncable glyphs), and several hints posted on Twitter. I played with the puzzle off and on before I left for the con, but didn’t really attack it full-bore until I got onto the plane for Vegas.

Near the end of my five hour flight, I had the breakthrough that I should have had three weeks prior, and knew that I was almost done. But just then, they announced that we were beginning our descent and I had to put away my laptop.

Shortly after landing, a new hint was posted, which I immediately recognized as giving me the key. I found a table in the terminal, sat down, and completed the puzzle.

A few Twitter messages back-and-forth with the puzzle creator, and we’d decided that not only do I have it right (or close enough – I was having issues with the last character), if I can be the first one to the booth with the answer then I’ve won. So we rushed over, grabbed an expo pass from our friends at PhishMe, and ran over to the FidSecSys booth. Next thing I know, I’m posing with a giant novelty check for $1000!

Big Check

You can read the complete story of how the puzzle worked, and some of the silly mistakes I’d made along the way, on my personal blog.