| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Dec 2007 18:50:01 -0800 From: coderman <coderman@...il.com> To: "Matteo G." <rebonzo@...ero.it> Cc: full-disclosure <full-disclosure@...ts.grok.org.uk> Subject: Re: Security of online casinos On Dec 20, 2007 6:32 PM, Matteo G. <rebonzo@...ero.it> wrote: > ... I ask here: > > - Has any online casinos' software ever been cracked? > - Who tests casinos' software for security purposes? > - Are their random number generators really random? - yes - pen testers and imitators and sometimes a red team worthy of the name... - almost always (these days) "How We Learned to Cheat at Online Poker: A Study in Software Security" http://itmanagement.earthweb.com/entdev/article.php/616221 ''' The system clock seed gave us an idea that reduced the number of possible shuffles even further. By synchronizing our program with the system clock on the server generating the pseudo-random number, we are able to reduce the number of possible combinations down to a number on the order of 200,000 possibilities. After that move, the system is ours, since searching through this tiny set of shuffles is trivial and can be done on a PC in real time. ''' _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists