Attribution. You must give the original author credit.
Noncommercial. You may not use this work for commercial purposes without prior written approval.
Share Alike. If you alter, transform, or build upon this work, you may distribute the resulting work only under a license identical to this one.
For any reuse or distribution, you must make clear to others the license terms of this work.
Any of these conditions can be waived if you get permission from the author.
Your fair use and other rights are in no way affected by the above.
This is a human-readable summary of the Legal Code (the full license).
Introduction
This is my attempt at creating a guide for Project Syzygy. According to a
number of auto response emails, it will begin in late 2004--but there was a
brief, but exciting, pregame in March 2004 that gathered interest. Project
Syzygy is an Alternate Reality
Game, or ARG. We really do not know much more about it than that.
At present, they are looking to hire people to help out:
Remember the Cloudmakers? That aggregation of thousands of people playing an incredibly immersive game? If you played, you'll remember. It's likely that you'll never be able to forget. Since then, the scene's been, well, not exactly quiet, but not setting the world on fire, either. I got depressed for a while at the state of massively multiplayer immersive gaming. That amazing new genre was starting to look as if it had prematurely died. Now, though, I'm excited and for good reason: Project Syzygy is launching, and we're hiring. Dan Hon (ref)
ARG BackgroundARG Terminology
The Alternate Reality Gaming world has invented a number of new terms as well
as given new meaning to existing words and phrases. Some of them may seem
a little odd or technical at first, but most people pick up on them fairly
quickly.
Alternate Reality Gaming
ARG
A form of interactive fiction that immerses the player in the story. Typically
the plot and characters unfold through viewing or interacting with a variety
of media including, but not limited to: websites, email, online chat, text
messaging, phone calls, faxes, "snail mail," newspapers, and real life (for
instance, a CD hidden in a library book).
ARGBehind the Curtain
Anything that is not technically part of the game, that you should not
be allowed to see. For instance, in an ARG with unknown Puppet Masters,
discovering the identity of the PMs is considered peeking behind the
curtain--and rather inappropriate. Taken from The Wizard of Oz: "pay
no attention to the man behind the curtain."
Brute Force
Applying massive amounts of computing power to solve something.
For instance: using a computer program to try every possible combination of
letters and numbers to discover a password. Generally, any solution involving
brute force is inelegant and frowned upon, unless brute forcing can be done
in such a way as to cause no adverse side effects for players or Puppet
Masters. ...and even then, it is debatable whether brute forcing is permitted.
Internet Relay Chat
IRC
A system of online, live, text chatting (similar to an AOL chat room
or Yahoo group chat) often employed as a communications tool while
solving puzzles. It is also used as an online "hangout" and place
to waste time when there are no immediate puzzles. More information,
as well as a web-browser based Java client is available
at Unfiction.
IRCPM
Either Puppet Master or Private Message, depending on the context.
Private Message
PM
A way of communicating privately to another player. This often implies
using the private message functionality of a phpBB message board (such as
can be found on the
Unforums), but could also be extended to mean email.
Puppet Master
PM
The people running the game. They may or may not be known ahead of time.
Steganography
Taken from a SecurityFocus article: (ref)
While we are discussing it in terms of computer security, steganography is really nothing new, as it has been around since the times of ancient Rome. For example, in ancient Rome and Greece, text was traditionally written on wax that was poured on top of stone tablets. If the sender of the information wanted to obscure the message - for purposes of military intelligence, for instance - they would use steganography: the wax would be scraped off and the message would be inscribed or written directly on the tablet, wax would then be poured on top of the message, thereby obscuring not just its meaning but its very existence.
According to Dictionary.com, steganography (also known as "steg" or "stego") is "the art of writing in cipher, or in characters, which are not intelligible except to persons who have the key; cryptography." In computer terms, steganography has evolved into the practice of hiding a message within a larger one in such a way that others cannot discern the presence or contents of the hidden message. In contemporary terms, steganography has evolved into a digital strategy of hiding a file in some form of multimedia, such as an image, an audio file (like a .wav or mp3) or even a video file.
Basically, it lets you hide a message inside of another file--a picture file, a sound file, a text file, etc. Programs to extract these secret messages include Stegdetect and MP3stego.
Rabbit Hole
The site, sites, or other communication mechanism that starts a given ARG. In
the case of Project Syzygy, this would be the project website as well as the
newspaper and magazine advertisements.
The Do's and Don'ts of ARGdom
There are very strict rules governing ARG playing. Okay, so...no--the rules
are not terribly strict. That is sort of the point. Participating in an ARG
is not like playing chess, with strict bounds defining the move of each piece
and steadfast logic for determining who won and who lost. The rules for ARGs
are only barely written down and codified. They are more like "unwritten
laws" or a gentlemen's agreement. Think of the following list as a set of guidelines.
ARGs are designed to change the way you think--and who knows? Maybe one time,
that might involve bending a rule.
Brute Forcing
Brute forcing an online resource, such as a web server, eats up bandwidth
and CPU cycles. This can leave the people running the server (in our case,
the Puppet Masters) with excessive bandwidth charges. It also means that
other players trying to access the machine are getting a slow response
because of the CPU utilization. This is a bad situation for everyone involved
and should be avoided at all
costs. There is always a more elegant and less intrusive way of solving
something than this kind of brute force.
On the other hand, brute forcing an offline resource, such as the
MD5 hashes found in Marketing Week,
may be the only way to solve a puzzle. In this case, you will need to
use your own judgement. If you think of a puzzle as a lock, you
will earn much more praise and respect for discovering a cunning and
ingenious method of picking the lock, than you would for smashing it with a
sledgehammer.
Common Sense
Always use your common sense. If you are unsure whether an action is
potentially good or bad, stop and think. How is it going to effect the
game? The other players? The PMs? If you are still struggling with
it, try dropping a note in the forums (make it anonymous, if you need
to). There are plenty of friendly people online who are looking for
something to discuss between puzzles. ::grin::
Decompiling
Often times, sites include embedded Flash or Java applets. Quite a
few tools exist out there to decompile these mini-programs, so you can
see the original source code. The security community finds this useful,
as it can show flaws in an application. The ARG community might also
find this useful, as sometimes there is data hidden in the Flash files
that leads to more game knowledge.
The question arises: is this a proper thing to do in an ARG? Often
times, poorly designed sites leave things in the flash that the original
designers did not want you to know. There are many people who are
unaware of the fact that this data can be reversed out of Flash. The
old-school ARG players will say that it is the same as cheating, and is
therefore off-limits. Others say that if it runs on their computer, they
should be able to see what it is doing--either by decompiling a program
or watching network packets as they flow into and out of the computer.
ARG player Diandra notes: "The general etiquette regarding Flash file
decompiling has been that the PMs can't stop you from doing it. However,
it's considered bad form to post solutions derived purely by decompilation
of Flash files to any ARG forum."
Currently, there is no solid answer to this question. It is still
being debated. Be warned, though, that in the US it is technically
illegal to decompile a program, except under very specific
circumstances, because of the DMCA. Other countries have DMCA-like
legislation. My personal opinion is that the web follows standard
client/server architecture. If secret data needs to be calculated, it
should be done server-side, where the client cannot see it. If Flash and
Java are utilized to do something like check a password, it should be
sent to the server (possibly hashed to protect from eavesdropping) and
tested server-side, instead of a "IF $password = "secret" THEN GOTO 100"
sort of scheme. Be advised, the previous statement is this author's
opinion. The jury is still out as to whether this
stuff is acceptable ARG practice and generally gets decided upon by
the community on a case-by-case basis.
Fake Sites
Do not put up a fake website that claims to be part of the game.
Similarly, do not pretend to be an in-game character in chat, on
Blog posts, by
forging email headers, or by any other mechanism. Unraveling the
plot and puzzle solutions can be difficult as it is, without
mean-spirited people inserting a bunch of intentional red herrings.
A fan site, on the other hand, may just add to the flavor and
immersive quality of the game. If you want to start up a fan site,
please try to be a responsible person and think about its impact on
the in-game sites.
Hacking
If some aspect of the ARG requires hacking to solve, it will be
obvious. Don't hack a server just because you can. Breaking
in to an ARG's computer system just to see what is there can be
similar to skipping to the last page of a murder mystery. Sure,
you have all the answers, but you end up losing the story and
the interactive experience.
Again, if hacking is required, it will be obvious from the clues
and plot. Also, nearly every ARG puzzle instance that has
required hacking has been a "custom web page" system and not
an "off the shelf" piece of software. In general, SquirrelMail,
telnet, FTP, secure shell, and a number of other services come
pre-installed on servers and allow the Puppet Masters and hosting
administrators to update the websites and monitor system status.
These are rarely, if ever, the intended target of hacking.
Usually, ARG hacking is simply guessing passwords on a custom web
login form.
See: Legality
Information Gathering
A great many informational tools are available on the internet that
will tell you about a domain name. Generally, a simple DNS lookup
is considered acceptable. Usually, it will just give some useless
information about who registered the domain name. Occasionally, it
a clue will exist in the DNS data. On the other hand, using a
reverse-DNS tool to enumerate all of the domain names attached to
a specific webserver is frowned upon. Often, this will show domain
names that were registered for the game, but are not yet available
for plot reasons. This is akin to peeking ahead a few chapters in
a mystery novel. It does not necessarily tell you whodunnit, but
it might prematurely reveal a piece of the plot that would have been
more fun to discover through an engaging story.
Legality
Are you considering taking some action? Is it illegal
in your jurisdiction or that of the ARG or its servers? Then don't
do it. Period. ARGs are not here to get you in trouble or make
you break the law. If you feel you have to do something illegal,
I would suggest finding another pastime.
See: Hacking
Privacy
Keep private information private. If the Puppet Masters of a
particular ARG do not wish to be known, but you happen to accidentally
discover their identity, keep that information "behind the curtain."
Do not blab about it to anyone and everyone. If you really must
tell someone, perhaps you should send a little note to the PMs
explaining how you obtained this supposedly private knowledge. At the
very least, it will help them plug the security or information leak so
that more people do not find out. Do not simply think about yourself
and how "cool" you will look announcing the identity of the PMs.
Think about the other players and how knowing that information may
just break the reality of their ARG experience. Besides, they think
you are to blame for messing up that experience, they are less likely
to think of you as "cool" and more likely to think of you as "that
lamer who ruined the game."
Technology
This guide originally exists as a collection of XML files. These files
conform to the DocBook
specification, and allow dynamic generation of a variety of output
formats, including: a single monolithic web page, a collection of smaller
web pages, PDF files, etc. If you are at all interested in the XML source
of this guide, feel free to check out the following files:
The "wrapper" XML documentThis introductionReferencePregameNotesFine PrintThe specific transform used for the monolithic web page is the
Docbook-XSL
package, with the specific transformation "heavy-lifting" via the
xsltproc command (part of the libxslt
package).
The specific transform used for the multiple web pages is the same as
above, only using the html/chunk.xsl template. Previously,
it was DSSSL and OpenJade, but that ended up being too problematic for certain
XML elements.
The specific transform used for the PDF document was the above-mentioned
XSL translator combined with the Apache
FOP project.
Update History2004-04-01
Re-released under the Creative Commons license. Fixup of decompilation
section (thanks, Diandra!). Added "padding" text to add a little more
space between the "Background" header and the "Glossary" header.
2004-03-31
Added ARG background information. Fixed outdated XSL/DSSL information in the
Technology section.
2004-03-16
Marketing Week solve and minor spelling/grammar issues.
2004-03-15
Scan of Guardian ad, scan of Marketing Week ad, update to Guardian and
Marketing Week information.
2004-03-14
Added Pareidolia section, fixed line wrapping issues, added unique IDs to
heading nodes.
2004-03-13
Updated styles, added IRC conversation, changed image filenames to include
date.
previous to 2004-03-13
Too many little things to mention, going back to the inception of this
document.
Questions, Comments, Corrections, Updates?
Please send questions, comments, corrections, and updates to
enigma@netninja.com. If you found this guide offline or
mirrored elsewhere, you can always find the latest
version at http://syzygy.netninja.com.