Solution to Cia’s Kryptos Sculpture Is Found in Smithsonian Vault
Posted3 months agoActive2 months ago
nytimes.comResearchstoryHigh profile
calmmixed
Debate
70/100
CryptographyPuzzle-SolvingIntelligence Gathering
Key topics
Cryptography
Puzzle-Solving
Intelligence Gathering
The solution to the CIA's Kryptos sculpture was found in a Smithsonian vault by two investigative journalists, sparking debate about the method of solution and the ethics of sharing it publicly.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
33m
Peak period
55
60-72h
Avg / period
9.7
Comment distribution97 data points
Loading chart...
Based on 97 loaded comments
Key moments
- 01Story posted
Oct 16, 2025 at 6:56 AM EDT
3 months ago
Step 01 - 02First comment
Oct 16, 2025 at 7:30 AM EDT
33m after posting
Step 02 - 03Peak activity
55 comments in 60-72h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 24, 2025 at 2:32 AM EDT
2 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45603876Type: storyLast synced: 11/20/2025, 4:56:36 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
Victor Wong writes,
“If they don’t have the method,” she said, “it’s not solved,” she said.
That does raise a philosophical point to the craft of intelligence gathering. Speaking as a professional librarian, I do applaud the use of ATI (access to information) to find the appropriate data -- it's akin to a WW2 unit capturing an Enigma codebook.
Kobek may actually have pulled that off once before, by the way. I'm pretty sure that his Zodiac killer candidate, Paul A. Doerr, will turn out to have been correct.
Sanborn wants the money for medical reasons so he needs to maintain a high sale price.
The two fans want to share the solution with the world.
Presumably the winner of the auction will be buying a severely depreciating asset: the right to know but not disclose the solution. There are at least four people who have the solution and as soon as one of them shares it, its value goes to zero.
Maybe the “solution” to this meta problem is simple: auction it off to the public with a go fund me. As soon as it reaches $500k, publish the solution. That way everyone wins.
The whole thing got more complicated with the addition of lawyers, not less. I don’t see how the two fans violated any contracts with the artist or auction house since they never signed one. But of course lawyers will charge a ton for you to find out.
Doesn't seem like that would fit here.
This seems like more of an ethical dilemma than a legal one.
Your (1) is false. You can damage a business relationship that doesn’t involve a signed contract.
“Tortious interference with business relationships occurs where the tortfeasor intentionally acts to prevent someone from successfully establishing or maintaining business relationships with others.” https://en.wikipedia.org/wiki/Tortious_interference
You can't claim tortious interference just because someone throws a wrench in your business plans. Sanborn has about as much of a case as Microsoft has against Linus Torvalds for creating Linux and hurting their sales of Windows. (I'll give you this one for free: none.)
That’s arguable. They sent him an email concerned about the harm of disclosure with the upcoming auction. They then apparently got offended by the offer of money to sign an NDA which calls their future motives into question as they now had a beef with the guy.
Saying the actions themselves were not improper is also a defense, and could be perfectly viable even if they had beef with the guy.
They don't need a defense: nobody has yet stated a claim!
It actually being copyright infringement is questionable, but if so it would be improper behavior.
This cryptography solution is more akin to mathematics. And mathematics isn’t covered by the copyright law.
Criminal investigation and penalties occur with wide scale commercial distribution of copyrighted works.
They copped the actual message in its entirety not just a cryptographic formula. Further, his hand written notes may have creative expression even if the process itself isn’t protected by copyright. Similar to how software code is protected.
However that’s not strictly required: “Wrongful interference in a business relationship occurs when there is no contract. The defendant attempts to disrupt the relationship, causing economic harm. If the defendant defames the business owner’s product, resulting in loss of business, that is tortious interference in the business.”
https://www.findlaw.com/smallbusiness/liability-and-insuranc...
I'm not a socialist and am broadly pro-capitalism, but for decades I've held a firm belief that healthcare should have a public option and people should have the ability to get high-quality medical care for $0, no matter how realistic that would be.
Access to advanced medical care can either by gated by one person's wealth or by the average wealth of many people.
At the end of the day though, someone is paying and the only way to actually cost reduce is too have worse treatment.
Most medical care does not need to be advanced. It needs to be effective, but it doesn’t need to be expensive. It needs to be expensive to generate a hefty profit, though, especially when you have a serious condition - you then become a forced buyer and the market does what the market does with forced buyers without special regulations.
So tell me, why is random blood work billed for over 400$? Just to analyze the sample?
Part of the problem is definitely inflated pricing and no real transparency.
Unless you need that rockstar surgeon for that super specialty treatment that only the US can offer, the US healthcare system is just overpriced, broken and a money grab
If you cut out profit motive, you can _definitely_ make it cheaper. Your statement is incorrect.
but also the cost of treatments generally decreases with time, while the efficacy increases as techniques are refined, disseminated, etc.
Medicare+Medicaid in the US costs about the same person taxpayer as NHS costs per UK taxpayer. The NHS could be better, but we get universal care for a similar price than what leaves most Americans still needing private care to have any cover at all.
That strongly suggests that the US could at a minimum do far better at providing cost effective care - both public and private.
This is absolutely incorrect in the American system. Insurance companies introduce massive amounts of overhead for little benefit. Every study comparing them to Medicare finds that Medicare is way more efficient.
advocate for whatever but use honest terms. you're advocating for a single payer system and there's no evading that.
Not everybody realizes that and they often fall for the single room in the hospital.
Shorter waiting times is definitely a thing though, especially for non life threatening conditions.
In Italy doctors also have public and private roles but can practice privately in public hospitals, which is weird but was an attempt to avoid losing them to private clinics, for the same reason. You also have private clinics administering public healthcare with a minor markup paid by the patient, and the base rate paid by the state, which isn't a thing in Hungary for example.
It is in general for non-life threatening conditions that there's such competition tho, I agree.
Because that's the public option in retirement and you can have private options like 401k on top
There's probably a decent point nearby about subsidized (or tarriffed) work messing with the benefits of free market pressure but it isn't this silly overstatement.
Every wealthy country besides Canada that provides public care is a counterpoint to this.
Most universal healthcare systems coexist with private options paid separately. Some are provided by private healthcare providers, and then too tend to coexist with privately paid services.
What bills? He’s 79 so he’d have been on Medicare for the past 14 years. Sure there’s the Medicare premiums, but that’s peanuts.
He pays like 140 a month extra for it though. But he had all his cancer treatments covered
That’s a lot of money for most retirees.
Around a third of Americans have less than $1000.
https://www.forbes.com/advisor/banking/savings/average-ameri...
It's about 25% of the median annual full-time salary (but only ~70-75% of those employed in any given year are employed full-time for the whole year.)
More to the point, since salary doesn't tell you what people have lying around for emergencies, its more than double the median household total savings.
Even more to the point, population medians or avergaes for things like salary are not really applicable to subsets of the population like “retirees”.
I don’t think he has any such bills. From the article:
> He has said he intends to use the proceeds to help manage medical expenses for possible health crises, and to fund programs for people with disabilities.
He doesn’t need the money to pay for some treatments for himself. He wants the money to give it away to others.
In European history, a lot of welfare reforms subsequently came down to Christian democrats (typically centre right to right by European standards) or cooperation between them and socialists and social democrats.
This just makes the US situation weirder - by the time socialists and trade unions gained much real power in Europe, universal healthcare was mostly already uncontroversial and settled or close to it as a result of the support of Christian groups on the right, with a couple of exceptions such as the UK, where the right wing rhetoric leading up to the NHS got pretty extreme.
I do agree with you that a lot of his motivation was to counter the socialists and unions though.
Though I'll note that already before Bismarck, the socialists largely didn't oppose state involvement - Marx famously lambasted the Gotha program of what became the SPD in part for their willingness to trust the state.
just isn't realistic
Actual decryption effort group didn't get to decrypt (a small but faithful community), the creator needed the money for medical procedures that he really believed was coming in. The solution feels like we all go cheated out of something. Lawyers are now involved and the value of the solution is rapidly plummeting.
No one's winning because of a small mistake.
Like, here - here's a code that no one will ever solve: ITIWKSMNDIWKD WJSIKWMWMSONQ
Turn that into a sculpture and put it outside the CIA.
B-E-S-U-R-E-T-O-D-R-I-N-K Y-O-U-R-O-V-A-L-T-I-N-E
1. That is technically normal espionage practices, the CIA wouldn't be the CIA if they were only reliant on cryptography... (they'd be the NSA)
2. The solution to this puzzle would bring closure to at this point generations of curious people.
3. On the more technical side, it's been discussed that the potential method for decrypting K4 is more or less insolvable through normal patterns because Jim not being a cryptographer decided to use a multi stage encryption method which relies on knowing both (or multiple) keys with accuracy. The risk here with him not being a cryptographer is not realizing the how hard/impossible he might have made it.
4. I also like to believe as we culturally move through time the potential Keywords or transposition shift keys may dissolve away. For all we know he may have chosen a word that was colloquial to the 80's, CIA, Espionage...ect that has just dissolved with time.
I want to see the solution, I want to reiterate Jim was not a cryptographer and may have gone buck wild with his encryption.
Just throwing out some solution banter. I believe one layer of K4 is null cipher, but I think its screwed by a transposition of which I think the key is based off K0, or something to do with the lat-long coordinates.
Also when he says Berlin clock I think he means Kalendarplatz, this would make more sense as he is a sculpture artist who works with forces of nature.
My only other call out is he may have tied Kryptos into the north east area of the CIA, potentially linking it to the memorial gardens or the wall of the fallen officers.
And as someone else said, this is exactly the sort of solution the CIA would come up with. So it should be considered in bounds.
https://imgur.com/gallery/fbi-cia-kgb-5koAv3H
https://en.wikipedia.org/wiki/Mengenlehreuhr
This essay is relevant to this situation because the threat model in James’ essay is almost the same way this cipher was decrypted.
> Upon being notified, the Smithsonian immediately sealed Sanborn's archives for 50 years to protect Sanborn's intellectual property rights.
Sanborn actually showed off some of his worksheets during a PBS interview years ago, which I assume are the same documents later given to the Smithsonian. At one point I looked into buying the B-roll footage to take a closer look at them, but I discovered enterprising Kryptos sleuths had already done so years before.
https://zonamotel.substack.com/p/interview-kryptos-k4-uncove...
Shameful behavior.
The secret code behind the CIA's Kryptos puzzle is up for sale - https://news.ycombinator.com/item?id=44907366 - Aug 2025 (53 comments)
Gift link https://www.nytimes.com/2025/10/16/science/kryptos-cia-solut...
36 more comments available on Hacker News