On October 9, 2020 Mark Steele put out a video claiming he had received leaked documentation from a whistleblower. This was claimed to be “engineering platforms commands for Huawei technology”. This documentation does appear to talk about power output powerful enough to be a weapon. Here is a screen shot from his video:

This is curious. However, there are many technical things that made no sense. Strangely, Mark didn’t notice these strange things. I also noticed something unusual:, the unusually long “passcode”. Here is the zoomed in passcode.

A 68 character passcode? I’m in favor of security, but this is longer than necessary. I wondered if it was encoded. It contains upper case, lower case, and numbers. This looks like Base 64 encoding. So I typed it in manually, here is the original data:

bWFyayBzdGVlbGUgaXMgYSB0d2F0IHdobyB3aWxsIGJlbGlldmUgYW55IG9sZCBzaGl0

Mark also posted this screenshot on Telegram. It also includes what appears to be base 64 encoded data:

Here it is zoomed in:

Here is the data: d2hhdCBhIHNpbGx5IGZ1Y2tlciBzdGVlbGUgaXM

It’s important at this point to remember that this data was from Mark Steele’s own video and screenshots.

I pasted the first one into a base 64 decoder. Here is what I got:

Here is the second one:

It became immediately apparent that someone had “leaked” a fake document to Mark. And he bought it. For future reference I tweeted this screen shot on my personal account along with the base 64 encoded data from Mark’s screenshot. Here is the link to my Tweet 2020-10-09: https://twitter.com/mctoon/status/1314619034197950465

Knowing this was faked I had to find out more. I asked a group of friends to help track down more information and we found it. The documentation is from an actual leak of Huawei documentation from 2010: https://www.finetopix.com/archive/index.php/t-11963.html

It is a CHM file. These are a collection of HTML files in a structured archive. They are common for help files and easy to edit. Here is the original, unmodified CHM file from Huawei:

And with a little more work we managed to find the document as it was leaked to Mark. This is a hand-edited version of the original that includes the hoax information:

Feel free to download both documents and compare the sections Mark looks at in the videos.

There is another message to Mark on this page:

The base 64 data:

V2lsbCBNYXJrIFN0ZWVsZSBiZWxpZXZlIHRoaXMgY3JhcD8gWWVhaCBJIGJldCBoZSB3aWxsLiBCdXQgbm93IHlvdSBjYW4gc2VlIHRoYXQgaGUgaXMgYSBsaWFyIGFuZCBhIGZyYXVkLg

Decoded:

Many of the pages in the “Local Attack Configuration Commands” section were modified. Some of the pages simply had all the documentation encoded in base 64. This section of the documentation gives instructions on hot to deal respond to malicious hacker attacks on the network. Look at the original version and compare to the one sent to Mark.

What is the lesson?

Don’t seek confirmation, see truth.

Mark received what he wanted: confirmation of all the garbage he has been saying for 2 years. He did not confirm the accuracy of the information. He judgement was disabled.