Cheating in on-line poker

Sander

Sander

This ghoul has seen it all
Staff member
Admin
Orderite
As some of you may know, I've been playing on-line poker for quite a while (too bad I tilt too much). I've also been reading some poker forums, and at the infamous 2+2 forums it has now come up that Absolute Poker has cheaters active at their site.
What this means, is that apparently there's someone who can see other people's hole cards and acts upon it in the most ridiculous manner.

Here's one thread that samples a lot of evidence, including a high-stakes limit player with a winrate that is impossibly high for the way he's playing and makes some really bizarre *winning* plays (he raises the maximum pre-flop, and then check-folds the flop when his opponent hits a full-house). A no-limit player that plays one tournament, ever, and makes a really bizarre call *correctly*with 10-high, no draws for the first place in one of the toughest weekly tournaments around.

More hand histories can be found in that thread, as well as this one.

Now the most hilarious thing about this, is that now that this came out, they appear to have entered moronic damage control mode. If you read the thread from here, you'll see hand histories of this damage control. What this amounts to is simply dumping money to players with the most retarded calls that not even the biggest moron, ever, would make. A river all-in call with 4-high, a flop all-in call with 3-high no draws. He hasn't called once while being ahead. It's ridiculously funny.

So, everyone who ever plays poker, go read this and then never, ever, ever, ever play over at Absolute Poker.
 
very badly programmed application if the other players can cheat to see your cards...
 
SuAside said:
very badly programmed application if the other players can cheat to see your cards...
Click to expand...
Which it isn't. It's most probably an 'inside job', someone with access to the servers. There's no way you could do this without cracking every computer that's playing there, or having access to the servers.
Note how he can't see what cards are going to come.
 
Sander said:
Note how he can't see what cards are going to come.
Click to expand...
which he should be able to tell if he has server access ;)
(it should be a simple array/stack to readout)

what you're describing sounds more like a sniffer. (though at this point that's a very wild guess)
 
SuAside said:
which he should be able to tell if he has server access ;)
(it should be a simple array/stack to readout)
Click to expand...
No, it isn't. Not if it's properly coded. These sites use pretty sophisticated random number generators(usually using site-global mouse-movement, amongst other things, as input), and what cards are going to come are only generated as they are dealt, not ahead of time. Which is why it's impossible to look ahead to see what cards are going to be dealt.

SuAside said:
what you're describing sounds more like a sniffer. (though at this point that's a very wild guess)
Click to expand...
No, because as said, he needs to either have server access, or access to everyone else's PC to do that. The only data transmitted to your own PC is your own hole cards, and community cards as they are dealt, not anyone else's hole cards at any time (except after showdown).
 
Sander said:
No, it isn't. Not if it's properly coded. These sites use pretty sophisticated random number generators(usually using site-global mouse-movement, amongst other things, as input), and what cards are going to come are only generated as they are dealt, not ahead of time. Which is why it's impossible to look ahead to see what cards are going to be dealt.
Click to expand...
i seriously doubt they'd bother with that.
it's more work to make such a random thingy (and preventing doubles) against just generating a list or array which would do the exact same thing. sure, security suffers, but if you want to secure your server, you dont do it by hiding cards on the server until they're drawn... :roll:

(do also note that computer generated random isnt really random at all)
No, because as said, he needs to either have server access, or access to everyone else's PC to do that.
Click to expand...
no, he doesnt.

a sniffer in the DMZ or along the backbone is more than enough.
 
SuAside said:
i seriously doubt they'd bother with that.
it's more work to make such a random thingy (and preventing doubles) against just generating a list or array which would do the exact same thing. sure, security suffers, but if you want to secure your server, you dont do it by hiding cards on the server until they're drawn... :roll:
Click to expand...
Yes, they do. In fact, they don't *hide* cards until they are drawn, they simply don't generate them until all action for that betting round is done, making it literally impossible to predict which cards are going to come. They do not generate a simple stack or array for every hand that is dealt, because that is relatively insecure.

Millions of dollars go around on these sites every day. You can be damned sure they bother with these kinds of things.

SuAside said:
(do also note that computer generated random isnt really random at all)
Click to expand...
As I said, they generally use random human input, which, you know, is random.

SuAside said:
no, he doesnt.

a sniffer in the DMZ or along the backbone is more than enough.
Click to expand...
Unless you can decode 'secure' data transfer in real-time, it isn't enough (unless they use a middle man strategy).
 
Sander said:
You can be damned sure they bother with these kinds of things.
Click to expand...
but appearantly not enough, huh ;)
Sander said:
As I said, they generally use random human input, which, you know, is random.
Click to expand...
that's been subject to debate ;)
Sander said:
Unless you can decode 'secure' data transfer in real-time, it isn't enough (unless they use a middle man strategy).
Click to expand...
in general decoding something if you have a general idea of the protocol is easier than hacking straight into the server (if it is as well protected as you claim it to be)
 
SuAside said:
but appearantly not enough, huh ;)
Click to expand...
Hehe.
SuAside said:
that's been subject to debate ;)
Click to expand...
Throwing a ton of human mouse-input through the big RNG will generally generate random data. At least random enough so that no one can detect a pattern, ever.
SuAside said:
in general decoding something if you have a general idea of the protocol is easier than hacking straight into the server (if it is as well protected as you claim it to be)
Click to expand...
Which is why I noted server access, not server cracking.
 
What limits are you playing sander and where?

I have been playing online for a few years now and i play shorthanded NL 0,5/1, 1/2 and 2/4 most of the time. Atm i play at RedBet, before that BetOnBet and paradisepoker.

I have heard rumours about this before but never really bothered to look in to it cus i don't play there, but man i was thinking about bonus whoring the 500$ bonus on Absolute, but after i read this i think il pass :)
 
If programmers can make maphack programs that display the whole map without unexplored areas or fog of war in great multiplayer games like Starcraft and Warcraft 3 then I'm not surprised at all this would happen especially since there's money to be made cheating there.

Even if it was an inside job this time eventually someone else will find a way to make a hacking add-on for those online gambling programs.

Sincerely,
The Vault Dwelelr
 
The Vault Dweller said:
If programmers can make maphack programs that display the whole map without unexplored areas or fog of war in great multiplayer games like Starcraft and Warcraft 3 then I'm not surprised at all this would happen especially since there's money to be made cheating there.
Click to expand...
Maphacks exploit knowledge that is already present on the PC, but simply hidden by the software. This is *not* the case here.

The vault Dweller said:
Even if it was an inside job this time eventually someone else will find a way to make a hacking add-on for those online gambling programs.
Click to expand...
No they won't, because those 'online gambling programs' don't carry the information you want to exploit. That data is only sent when it is already irrelevant to the actions you can take.

Also, these programs have been around for years upon years upon years. If it had only been a question of time, there would have been hacks around for years now.

EDIT: I play at the low stakes over at Partypoker and Pokerstars.
 
any way that those players can get the IPs of the other players, and are viewing them that way?
 
pretty much only two ways to do it:

- infect the players computer with some form of malware that provides a back door to there computer

- hack the servers to gain access to the information (cheat codes ;) )
 
Ah-Teen said:
any way that those players can get the IPs of the other players, and are viewing them that way?
Click to expand...
No, not unless they get the IPs from other sources.
 
Sander said:
No they won't, because those 'online gambling programs' don't carry the information you want to exploit. That data is only sent when it is already irrelevant to the actions you can take.
Click to expand...

I should have realised the info would be sent to you by them and not actually placed on your PC. :roll:

Sincerely,
The Vault Dweller
 
SuAside said:
you're missing quite a few options there ;)
Click to expand...

yea I know, but I was being generic, in that you either exploit the client end or the server end. Sure you could try and set up a packet sniffer but that would be a bit hard over the net.
 
How does the system work? on a website?
if so, that means you have logins, yeah?

Do your accounts log personal info?
Can the data being sent to your pc be mirrored and sent to another pc?

has anyone ruled out packet sniffing?

90% of professional hacking is typically social engineering.

also, 80% of statistics are made up on the spot.
 
You must log in or register to reply here.
Back
Top