On Mon, 20 Apr 1998, Jeffrey B. Siegal wrote: > Stephen H. Landrum wrote: > > > There is no way that the game can be guaranteed to be honest > > This statement is not true There is a good essay detailing how to assure the integrity of an internet casino using digital signatures/public-key cryptography on the www.counterpane.com page. It can be done. However, there is no way to guarantee the integrity of a poker game because you can never guarantee that your opponents aren't colluding. Just like RL as a matter of fact. Just in RL it's easier to spot.
Bearing in mind I know nothing about PP's software, On Sun, 28 Feb 1999, Heldar wrote: > example, maybe it takes more bits to draw a face card? If you could get an > edge at higher limit poker, it might be profitable and therefore tempting to > unscrupulous people. I very much doubt that this is the way the information is sent. In unencrypted form, it probably reads something like this: 00000001 = 0x01 = As 00000010 = 0x02 = Ks 00000011 = 0x03 = Qs ... 00110100 = 0x34 = 2c Once the client gets the information, it uses this to draw the cards you see. It would be pretty poorish programming to send a picture of your cards on every transmission, tho if this were so, your premise about face cards may be correct iff they are more difficult to compress due to their more complicated nature. But I'd bet my life this isn't how they do it. Even then, if they had any moderate level of security, upon encrypting the transmissions, there would be padding so that all card packets appear the same size. As always, the reward:work ratio posited my technical hacks here is infinitesimal compared to the simple method of colluding with partners or multiple identities controlled by one man. It seems like such an obvious drawback that I ALMOST consider doing so myself. If you're playing in a game that everyone knows could be fixed, is it so wrong to be one of the fixers????? It would be an interesting but not impossible programming task to do this from multiple clients in an automated fashion. If you knew, say, Maverick, Abdul and I had put some time into this and now have partnerships at every table at PP, would you play there? Now, how do you know someone else hasn't?
Now I'm really speculating, On Sun, 28 Feb 1999, Jack Diamond wrote: > a) since PP wrote both client and server applictions, and no doubt > feel secure about their internal codes, it is logically possible that > all players hands (and the board) are determined at the beginning of a > round and transmitted together in one spit. Indeed, programmer parsimony > would push that solution to design. There is probably a separate client thread to handle incoming messages from each player. Based on that, there is no reason not to distribute the hands' messages on an individualized basis. > b) If your entire language has but 52 symbols, and you can correlate > the ground truth of pairs of symbols simply by watching showdowns, it is > an elementary exercise to break encryptions that are not dynamic between > hands. Hands transmitted via encryption will have much > than 52 possibilities. You still haven't gotten to the other guy's transmission but even if you did, the transmission of cards can be easily salted with initialization vectors from the client's machine. This could still be defeated by a man-in-the-middle attack between client and server on the initial connection, but once again, I think you're not maximizing your reward:work ratio. And, as always, the dismissal of technical hacks in no way dismisses the primary weakness of playing on PP, collusion.
After having read the whole article at: http://www.rstcorp.com/news/gambling.html , a light went off. All the people crying on this newsgroup about statistically unlikely suckouts who were dismissed by all of us saying, "bad beats happen," may have in fact been on the wrong side of someone who had figured this bug out. I'm sure the guys at rst are smart, but in all honesty, if pp had posted their source code and I'd seen it, I would have thought of this instantly. Not just me, but probably hundreds of rgp'ers would recognize that a bad rng is the first step to look for when beating this kind of thing. The thing is, I didn't go look at the source code and do this, but I bet many people did. I'm sure some of you are reading this right now. Good job. This is the kind of holy grail smart gamblers aspire to find. Anyone who has read Eudaemonic Pie or Getting the Best of It probably secretly covets finding this kind of situation. Is this cheating? I don't really know. Is frontloading cheating? Is shuffle tracking cheating? In any event, I feel no sorrow for the "victims," as I along with many others have warned in these pages about the dangers of playing virtual poker. The funny thing is I along with others dismissed this side channel attack as a "solved problem." It still is a solved problem; they just didn't do it right. (Hmm, maybe if a smart poker/computer guy wanted to make money off this angle but at the same time wanted to protect his co-rgp'ers, he'd denounce playing on PP, while simultaneously misdirecting the debate away from side-channel attacks, naaaah, that'd never happen.) Anyway, after reading that article, I believe that there is a nonzero chance that some of the whiners had just cause.
Last Modified 10/8/00
Back to Poker Letters Page.
Back to Jim's Poker Page
Back to Jim's Main Page