“Cryptic Codes” on whitehouse.gov – Is Joe Biden recruiting via HTML?

A blog post written by Tony Proctor, Principal Lecturer, Consultant and Information Security Researcher, and his daughter Emily Proctor a postgraduate student in international security at the University of Groningen. They look at the White House trying to recruit tech-savvy people with "cryptic code" on its website.

Last week, the White House hit the headlines for something that didn’t involve a certain “Donald” for the first time in a while. Curiously, the subject of discussion was instead focused on the inclusion of “secret codes hidden in Joe Biden’s White House transition website that were aimed at recruiting techies”.

Hidden within the code of one of the pages the website, tech-savvy snoopers can find the words “If you’re reading this, we need your help building back better” (a nod to Biden’s presidential tagline for the next election). This was followed by a link to the US Digital Service’s career page: a concealed attempt to recruit talented digital specialists.

It may seem that the White House has employed a novel approach to addressing the demand for skilled IT developers. But it is by no means unique in hiding “secrets” in source code. So-called “Easter eggs”, are hidden messages and jokes left intentionally in computer programs and web code by developers and they have been in existence for many years. Both ethical and malicious hackers have hidden messages in their code, not only to execute standard commands, but also to deliver messages, display graphics or even to leave their trademark signature in cyber-attacks. 

Indeed, throughout history, secret information and hidden messages have been frequently delivered using a variety of methods to provide obfuscation. Such methods have included: ancient armies shaving the hair of a messenger to reveal secret information written on their head, the use of a shifted alphabet (Caesar Cypher) and even the highly complex codes used for communication by Nazi Germany and cracked by the heroes of Bletchley Park. Secretive techniques such as these have enabled the development of the encryption that is now used every day on the internet to protect our personal data. 

In the future, these techniques are only going to grow in importance. The development of quantum computing will mean that the results of poor encryption will become even more destructive. Our data is already stored in huge, encrypted databases on behalf of governments, firms, schools, healthcare providers and many other institutions with which we entrust our privacy every day. It therefore seems that the United States Digital Service is going to need all the help that it can get to defend the country’s privacy from malicious cyber-attack. So, can you really blame them for hiring via HTML?