Thursday, June 11, 2020

Post #27 - Quiztime Write-Up: Wednesday, June 10th, 2020

Hello, everyone! Time for a new post and not just a migrated post from other hosting locations! To make things even more interesting, this week I am doing an OSINT challenge! I'll get more into why I am doing OSINT stuff these days in another post. For now, let's jump into this.

This challenge was posted by the Quiztime account on Twitter (or, rather, by one of the members):

Our goal is seemingly simple: starting with just this image, name the two ferries that run on this body of water. So, where do we start?

There are three things I noticed right away: the German flag, some potential information on the boat's sail, and a tower of some sort:

So, it's safe to say that this image is somewhere in Germany. So, how do we narrow it down from there?

The first thing I did was drop the tower into a reverse Google Image search (for those who don't know, if you go to Google Images and drag-and-drop or upload an image file, Google will search for other instances of that exact file or visually similar images.) This, sadly, did not render anything useful. In fact, Google noticed the trees more than the tower itself.

The next thing I did was look into the boat. I found the meaning of the symbol fairly quickly. It is the symbol for a Yngling, or " agreeable cross between a planing dinghy and a keelboat." Combining this with the GER25, I found the boat's owner... or so I thought. My new friend Zewensec pointed out a thread that indicated boat registration numbers are not unique. So, my plans to find out where the owner's hometown might be were not realistic.

I next tried to identify the other two flags near the German flag. This went nowhere.

At this point, Zewensec let me know that they had solved the challenge by using Google Lens. And here's where things are going to get a bit hairy.

Zewensec and I did a lot of comparisons using Google Lens. For them, a very specific crop netted them the results that pushed them forward:

Two other users on Twitter had also found the results via Lens, and one confirmed that they had found it using the exact same blog post Zewensec had found, which contained this image, where you can see the tower I mentioned at the beginning of this post:

I began experimenting with different crops of the original image in Lens, and I noticed that only with Zewensec's and other's precise crop does the blog post show in the results. My other observations were as follows:

• Too much sky, and I got results for the United States.

• Too much water/not enough dock, and I ended up with Polish results.

• A crop approximating but not matching the "ideal" crop produced results for Edersee which, while in Germany and being a dam, is a whopping 301.8 km away from the target location of Rurtalsperre Schwammenauel.

• The tip of the boat must be in the crop, but not the sail. If the sail is in the crop, the results are all sail/boat-related.

So, at this point we've got the answer to the question because Zewensec has already gone the same direction as the other Twitter users. However, we wanted to go further, and thus posed two more questions to ourselves:

1. Was there another result in Lens that could have, be it directly or indirectly, led us to the answer?

2. Could we find the tower on Google Earth?

I answered the first question fairly quickly. With the below Lens crop, I found another result that led down a path to the names of the ferries:

Now, slight disclaimer before I proceed. I'm not sure how valid it is to say this was an alternative path, because at this point I already knew Rurtalsperre Schwammenauel was the location that held our answer, and in looking that up I saw that Woffelsbach was literally right around the bend:

Nevertheless, I started Googling things like "woffelsbach ferry tower", which led me to Google "rur dam ferry tower", which led me to Google "rursee ferry tower". It was with this last query that I found a final page that did, in fact, lead me to the answer:

Yep, those are the boats (the site is a gallery, and if you flip through you'll see a boat name on the side of one vessel.)

So, we have somewhat arrived at the answer to our first question. There may have been an alternative way to find these ferries without the one lucky crop that leads to the image containing the tower. However, it may or may not presuppose that we knew that Woffelsbach was close to Rurtalsperre Schwammenauel, and this crop itself was also somewhat lucky. It was definitely far easier to get incorrect crops than it was to get correct crops.

That leaves us with the second question: can we find the tower on Google Earth? To answer that, we need to work with what we know. I submit the following two points:

First, we know at least one place where the boats dock, so let's visit it on Google Earth and see if we can't find the same image I found in that gallery.

Here is a wide shot of the entire area:

The location that is tagged is Rursee, which is right next to the dam (Rurtalsperre Schwammenauel):

Fairly quickly I spot what appears to be a dock for two boats near the dam:

I drop myself into a photo sphere near the dock, and what I see definitely looks like the same dock from the site with the image gallery. I compare the dock, the boat, the backdrop, and the stairs/bricks, and I'm convinced enough to use this as a starting point for my next step.

My next point has to do with what we know about the location of the tower. The image we were given for the challenge suffers from a lack of depth, or at least an illusion of flatness. However, it definitely feels like there isn't much going on with the shore nearest to the camera. In the second shot from the infamous blog, though, we can see a little alcove of water with quite a few objects. I believe that tells us exactly from what angles we are viewing the tower and the shape of the landmass where it is located:

This appears to be a peninsula of sorts. Now, let's put that together and make our move.

We know that the tower appears to be on a peninsula that is flanked on one side by an alcove full of objects, but scarce on the other side. We know where our two ferries dock in at least one location. We know the layout of the area. So, using the dock we confirmed in the first Google Earth shot, we can "sail" along the river looking for topography that matches where we believe the tower to be, ignoring any dead ends or areas that don't match our criteria:

I think I've found something that looks promising enough:

Peninsula? Check. Scarce on one side but populated on the other side? Also check. Let's zoom in:

That shadow looks extremely promising, and indeed if we drop into a few photo spheres on that peninsula, we'll be rewarded with our tower:

And let's just clarify that lack of depth in the original photo:

Yeah, it was just the way the peninsula was parallel to the area with the trees, and the fact that the camera was at a lower elevation. Definitely the same trees, but from the other side of the tower while facing the same direction as the original camera.

And that's it. We found the tower, thus answering our second self-posed bonus question.

This was my first ever Quiztime challenge, and while I'm disappointed I didn't get the answer myself, I'm happy to have worked with Zewensec and to have tackled the bonus questions. Lens was an interesting vector for discovery. It's a bit disappointing that the answer relied on such a fickle tool, but in a case where the answer must be obtained at all costs, I suppose you have to use the tools available at your disposal (though Zewensec and I are both hoping someone else comes forward with an alternative means of solving this challenge.)

That's it from me for now! Expect more of these in the future as I continue to hone my OSINT skills.

Thanks for reading! Take care, and stay safe out there!

No comments:

Post a Comment