| Author |
Message |
|
Posted: Fri, 04 Apr 2008, 2:22pm Post subject: Hacker tells me how he hacks PS |
|
|
4-of-a-Kind
Joined: 13 Oct 2005
Posts: 1717
WPP: 74
Location: Soon to be TDot
|
|
First of all, I'm the furthest thing from the 'techy computer' type... so I don't really know or remember how he does it.
Basically I went to a live cash game held at a nearby seniors centre, and I met this older gentleman who works for a software company (of which they are trying to sell patents to Nortel). Anyways, halfway through the session, he overhears me talking about PokerStars and he pipes up about him and his co-workers are working on software that can hack the website.
A few interesting points:
1) He worked for the military at one point or another
2) He says he's trying to hack the software to help understand and prevent hacking in the future
3) This is a not for gambling profit project
4) He at one point pulls out his blackberry and it all of the information of a tournament that had just been played by one of his bots. It had all of the essential information you'd expect from a PS SNG congratulatory e-mail. The e-mail had the time on it and it said 2:47am on it, and he had been in that room playing live for the last 8 hours.
5) The bot only plays cheap microstakes games
6) They are working on bots that can see opponents cards but are having difficulty with face cards
7) Notable bots: Mr. T & Triple H (I'm not sure of correct spelling or look of either name)
8) This guy is legit
At the beginning of the conversation, it was very worry some. At the end, it was kind of reassuring. Only because he seemed very honest about this being an act of protection for the players. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 2:27pm Post subject: |
|
|
Royal Flush
Joined: 12 Dec 2003
Posts: 17164
WPP: 83
Location: Walk the Walk, Flop the Flop.
|
|
| LoL, this is bullshit on so many levels. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 2:34pm Post subject: |
|
|
Full House
Joined: 06 Jun 2007
Posts: 838
WPP: 60
Location: NS, Canada
|
|
i'm more worried about my account being hacked than this. 
If possible, why not email PokerStars and ask for further investigations? |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 2:34pm Post subject: |
|
|
4-of-a-Kind
Joined: 13 Oct 2005
Posts: 1717
WPP: 74
Location: Soon to be TDot
|
|
| you make a great point.... |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 2:35pm Post subject: Re: Hacker tells me how he hacks PS |
|
|
Royal Flush
Joined: 12 Dec 2003
Posts: 17164
WPP: 83
Location: Walk the Walk, Flop the Flop.
|
|
| BankItDrew wrote: | | 1) He worked for the military at one point or another |
So what? Kinda reeks of bullshit though.
| BankItDrew wrote: | | 2) He says he's trying to hack the software to help understand and prevent hacking in the future |
No, he's either in it for money or the challenge to see if he could pull it off. Standard bullshit answer he thinks will justify his joy riding to others. Or he's just full of shit.
| BankItDrew wrote: | | 3) This is a not for gambling profit project |
See above.
| BankItDrew wrote: | | 4) He at one point pulls out his blackberry and it all of the information of a tournament that had just been played by one of his bots. It had all of the essential information you'd expect from a PS SNG congratulatory e-mail. The e-mail had the time on it and it said 2:47am on it, and he had been in that room playing live for the last 8 hours. |
Either staged, someone else was on the account or he does have a bot screwing around at the micro-stakes.
| BankItDrew wrote: | | 5) The bot only plays cheap microstakes games |
Because anything beyond the most mechanical of detection methods would probably pwn him.
| BankItDrew wrote: | | 6) They are working on bots that can see opponents cards but are having difficulty with face cards |
LOL! How can you keep a straight face when he says this?
| BankItDrew wrote: | 7) Notable bots: Mr. T & Triple H (I'm not sure of correct spelling or look of either name)
8) This guy is legit |
See above.
He's FoS or he got a bot running at penny stakes. Whatever. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 2:50pm Post subject: |
|
|
4-of-a-Kind
Joined: 13 Oct 2005
Posts: 1717
WPP: 74
Location: Soon to be TDot
|
|
| Don't take it too personally Fnord. I'm just passing on information I received. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 3:00pm Post subject: |
|
|
4-of-a-Kind
Joined: 06 Feb 2007
Posts: 2163
WPP: 66
Location: Spewing
|
|
| think about how can they worry about recognising face cards. They either have data or they don't, and they can't be remotely viewing everyones pc with a fuzzy display. It makes no sense. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 3:03pm Post subject: |
|
|
Full House
Joined: 24 Jul 2007
Posts: 1213
WPP: 88
|
|
I'm a software nerd for a living, and the 'having trouble with face cards' makes absolutely no sense.
The 'hack' would have to have a way to retrieve data about other player's hands from the server (unlikely to begin with), and if it could do that, it could do that for any card -- It's not like face cards are special in any other way than how they're physically printed, but in electronic form, the cards would be most likely represented as numbers, 10 = T, 11 = J , ...
I'd love to have a more detailed technical conversation with the ol' dude.
How was the night drew? Games soft enough to be worthwhile? I may join you some other week if you liked it enough to go back. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 3:07pm Post subject: |
|
|
4-of-a-Kind
Joined: 13 Oct 2005
Posts: 1717
WPP: 74
Location: Soon to be TDot
|
|
| Softer than any casino you've every been to. 100max left with 600. |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 5:08pm Post subject: |
|
|
Full House
Joined: 24 Jul 2007
Posts: 1213
WPP: 88
|
|
PISS!
.5/1 games, eh?
I'm comin' next time you're goin'  |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 7:34pm Post subject: |
|
|
4-of-a-Kind
Joined: 13 Oct 2005
Posts: 1717
WPP: 74
Location: Soon to be TDot
|
|
| d0zer wrote: | PISS!
.5/1 games, eh?
I'm comin' next time you're goin' |
no it's 1/2 100 max
no rake
$15 per person starting fee, pays for the hall, pizza, drinks, munchies
there were two tables last night
one or two decent players per table
it's located just down the street from the beer store on the south side of broadway |
|
|
|
|
|
|
|
|
|
Posted: Fri, 04 Apr 2008, 8:10pm Post subject: |
|
|
4-of-a-Kind
Joined: 15 Sep 2005
Posts: 2906
WPP: 109
Location: searching for something...
|
|
| d0zer wrote: | I'm a software nerd for a living, and the 'having trouble with face cards' makes absolutely no sense.
The 'hack' would have to have a way to retrieve data about other player's hands from the server (unlikely to begin with), and if it could do that, it could do that for any card -- It's not like face cards are special in any other way than how they're physically printed, but in electronic form, the cards would be most likely represented as numbers, 10 = T, 11 = J , ...
I'd love to have a more detailed technical conversation with the ol' dude.
How was the night drew? Games soft enough to be worthwhile? I may join you some other week if you liked it enough to go back. | well, you're not getting into the server. I think a more realistic approach (although still far fetched) would be to access the video feed. If you somehow got a worm on their puter you could analyze the image and determine their hand. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 7:47am Post subject: |
|
|
Full House
Joined: 24 Jul 2007
Posts: 1213
WPP: 88
|
|
| swiggidy wrote: | | d0zer wrote: | I'm a software nerd for a living, and the 'having trouble with face cards' makes absolutely no sense.
The 'hack' would have to have a way to retrieve data about other player's hands from the server (unlikely to begin with), and if it could do that, it could do that for any card -- It's not like face cards are special in any other way than how they're physically printed, but in electronic form, the cards would be most likely represented as numbers, 10 = T, 11 = J , ...
I'd love to have a more detailed technical conversation with the ol' dude.
How was the night drew? Games soft enough to be worthwhile? I may join you some other week if you liked it enough to go back. | well, you're not getting into the server. I think a more realistic approach (although still far fetched) would be to access the video feed. If you somehow got a worm on their puter you could analyze the image and determine their hand. |
A worm on all your opponent's computers?
That'd have to be one hell of a versatile worm, AND you'd have to be able to easily get access to the IP of everyone at the table with you, which I highly doubt the server advertises. If it did, players could easily DDOS other players into not being able to play late tourney.
The trojan'd be most feasible if it came directly from the PS servers, but if you're on there, you could do anything so there'd be no point in going through all the trouble. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 8:30am Post subject: |
|
|
4-of-a-Kind
Joined: 15 Sep 2005
Posts: 2906
WPP: 109
Location: searching for something...
|
|
It wouldn't be every computer obv. wouldn't it be trivial to have your worm search their puter for Stars, then report back? Then you would go track the person down and sit at their table and super user them.
Was just my thought, cuz like you said: having a hard time with face cards, doesn't really make sense. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 9:07am Post subject: |
|
|
3-of-a-Kind
Joined: 04 Apr 2008
Posts: 96
WPP: 112
|
|
| mebbe hes tryin to back door the screen grab for the security part of the software that tries to detect bot action or processes. however ud expect this stuff to be locked down tighter than a pilgrims pocket. even so the "picture card" line sounds like rubbish its either data or its not theres no half way. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 9:20am Post subject: |
|
|
Full House
Joined: 24 Jul 2007
Posts: 1213
WPP: 88
|
|
| swiggidy wrote: | It wouldn't be every computer obv. wouldn't it be trivial to have your worm search their puter for Stars, then report back? Then you would go track the person down and sit at their table and super user them.
Was just my thought, cuz like you said: having a hard time with face cards, doesn't really make sense. |
...I'm more inclined to assume that some dude in a small town poker hall is just fuckin' with drew  |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 12:30pm Post subject: |
|
|
Flush
Joined: 04 Sep 2007
Posts: 260
WPP: 139
|
|
Another geek's opinion...full of shit. Like everyone else, I think it's the "hard time with face cards" line that really makes the story fail.
But don't feel bad. All bots are bad at detecting lies. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 4:59pm Post subject: |
|
|
Almost as bad as that idiot redgrape
Joined: 29 Oct 2004
Posts: 5933
WPP: 73
|
|
| lol bring on the bots to high stakes cash games. |
|
|
|
|
|
|
|
|
|
Posted: Sat, 05 Apr 2008, 9:24pm Post subject: |
|
|
Royal Flush
Joined: 12 Dec 2003
Posts: 17164
WPP: 83
Location: Walk the Walk, Flop the Flop.
|
|
| IowaSkinsFan wrote: | | lol bring on the bots to high stakes cash games. |
You really really don't want this. |
|
|
|
|
|
|
|
|
|
Posted: Wed, 09 Apr 2008, 2:16pm Post subject: Re: Hacker tells me how he hacks PS |
|
|
Full House
Joined: 20 Jul 2005
Posts: 1111
WPP: 92
Location: KC, MO
|
|
| BankItDrew wrote: |
1) He worked for the military at one point or another |
You are from Canada, amirite? lolz |
|
|
|
|
|
|
|
|
|
Posted: Wed, 09 Apr 2008, 3:43pm Post subject: |
|
|
Flush
Joined: 29 Mar 2007
Posts: 584
WPP: 57
Location: In S-mart Swallowing Your Soul!
|
|
| I'm sure PokerStars pays many top notch security companies big bucks to try and hack in all the time. Can you imagine how many millions of dollars they would lose if their site was hackable and it leaked out? They take preventative measures like they should and protect their assets. |
|
|
|
|
|
|
|
|
|
Posted: Wed, 09 Apr 2008, 4:14pm Post subject: |
|
|
Royal Flush
Joined: 12 Dec 2003
Posts: 17164
WPP: 83
Location: Walk the Walk, Flop the Flop.
|
|
| Pythonic wrote: | | I'm sure PokerStars pays many top notch security companies big bucks to try and hack in all the time. |
I seriously doubt they spend millions to get others to break in. Already have lots of people who try for free.
I'm pretty sure they spend millions on research staff and security engineers. |
|
|
|
|
|
|
|
|
|
Posted: Sun, 13 Apr 2008, 10:04am Post subject: |
|
|
High Card
Joined: 25 Feb 2008
Posts: 10
WPP: 145
Location: Pittsburgh, Pa
|
|
<------------- Senior Electrical Engineering student
As with most any large online system, my first thought is how could it be exploited. Not for my own personal gain, it's just an interesting hypothetical. So yeah....I've thought about it before.
Conclusion: It's not possible to hack PS so that you can see other people's cards. To put it in the easiest terms possible: Your computer doesn't know the other players cards until showdown.
It's not a matter of security where the cards are covered by a layer of encryption until showdown and then finally uncovered. They're literally not there. Each table has a server space and the players actions are stored in one database table while the cards are stored in another. Then upon showdown the cards are retrieved by a database retrieval command which is then sent to your computer. The only ways your cards are in jeopardy is if a fake retrieval command was made (utterly useless because it would only be allowed at showdown) or if the entire PS network as a whole is cracked. In which case i might rather extract about $100 million than you card faces. So rest easy, rounders.
I dunno. I thought someone might be interested as to why this is impossible. And i was excited to finally have a useful thing to say on this forum. |
|
| |
