I see a lot of complains why this is illegal. It is illegal, as anything that it is illegal, because the law says so.<p>As, for example, in Nevada:<p>"NRS 465.075 Use of device for calculating probabilities.<p>It is unlawful for any person at a licensed gaming establishment to use, or possess with the intent to use, any device to assist:<p><pre><code> 1. In projecting the outcome of the game;
2. In keeping track of the cards played;
3. In analyzing the probability of the occurrence of an event relating to the game; or
4. In analyzing the strategy for playing or betting to be used in the game,
</code></pre>
except as permitted by the commission."<p><a href="http://www.gambling-law-us.com/State-Laws/Nevada/" rel="nofollow">http://www.gambling-law-us.com/State-Laws/Nevada/</a>
I would like to know what is morally wrong in defeating a system designed to beat you. Designed to (almost) always win. The Casino is the one that cheats because the odds are not completely random, as they should.
At what point does a scheme like this go from just being a way to outsmart the slot machine to felony fraud? I know you are allowed to use those blackjack cheat cards at the tables in Las Vegas but what if I started using a calculator and my own crazy algorithm? Is that fraud? What if I had an ear piece and hidden camera glasses to stream video to some blackjack guru outside in a van? I'm guessing that would be fraud. Is it the fact that he's using an outside source to determine his actions?
For the german speaking; here's a documentary about a guy who did this in the late 70ies in Germany - without an iPhone, just by developing a feeling for the (back then) mechanical machines.<p><a href="https://vimeo.com/169617086" rel="nofollow">https://vimeo.com/169617086</a><p>Fun fact: §263a StGB (German penal code) was in part created to combat this kind of externally assisted prediction for slot machines. It is now punishable with up to five years in prison, if you just create or distribute the software up to three years.
Funny (and sad) how something that could be praised as an ingenious trick a hundred years ago is now considered a crime that state spends serious effort to pursue.<p>Cannot resist to reference an older perspective (from Smoke Bellew):<p><a href="http://www.online-literature.com/london/smoke-bellew/4/" rel="nofollow">http://www.online-literature.com/london/smoke-bellew/4/</a>
A quick search of the inestimable comp.risks archives revealed this:<p><a href="http://catless.ncl.ac.uk/Risks/15/80#subj2" rel="nofollow">http://catless.ncl.ac.uk/Risks/15/80#subj2</a><p><i>Montreal -- Daniel Corriveau said he hopes that his 'victory over the
system will give hope to others.' The computer analyst and his family received more than $620,000 [1C$ =
U$0.75], including interest, from the Montreal casino yesterday, weeks after they overcame odds of one in six billion and beat an electronic keno game three times in a row."</i><p>The author explains the following key points:<p>o Corriveau used an "antique 286" computer to analyse 7,000 combinations from
the keno game, [which uses an electronic pseudo-random number generator].<p>o Corriveau noticed that the electronic game was repeating numbers in a
predictable pattern.<p>o Corriveau and several family members bet on what they predicted would be due
to come up; they won three times in succession.<p>I had originally seen an article speculating someone power cycled a keno machine after recording the winning numbers, with the assumption or knowledge that the random number generator reseeded with a 0 on cold boot. I'm not sure if that's just me mis-remembering the details of this case, or another one altogether. If anyone has a link to the second case please let me know.
Figuring out the pattern of a pseudorandom device used for gambling reminds me of Michael Larson, who learned the patterns used on a TV game show in order to win a lot of money. See <a href="https://en.m.wikipedia.org/wiki/Michael_Larson" rel="nofollow">https://en.m.wikipedia.org/wiki/Michael_Larson</a>
> Allison notes that those operatives try to keep their winnings on each machine to less than $1,000, to avoid arousing suspicion.<p>This is likely to be because they're trying to avoid the automatic W-2G that's generated for slot winnings over $1200. Basically if you're playing anonymously on a slot machine, any payout of $1200 or over on a single spin will generate a human interaction. Unless you're playing at fairly high stakes (say, over $100/spin), this is normally rare enough that hitting several $1200+ results in a short time span would be very suspicious. Keeping every win under $1200 allows a person to play as anonymously as you reasonably can in a casino.
The "And Casinos Have No Fix" part of the title seems exaggerated; if nothing else, it appears that only a small subset of 5+ year old machines are affected.
Don't know what PRNG they use, but for the Mersenne Twister (MT19937, which was considered state of the art the beginning of this millennium) for example you can deduce the state after 600 or so observations (of 32 bit words), and then predict what it'll deliver after that. See [1] for details and some good background on PRNG, if possibly a bit biased (she's promoting her PCG family).<p>For gambling purposes, probably makes sense to use cryptographically secure PRNG :-)<p>[1] <a href="http://www.pcg-random.org/predictability.html" rel="nofollow">http://www.pcg-random.org/predictability.html</a>
That is a very interesting article.<p>I disagree with the characterization of the crews as "cheaters". They didn't cheat. They turned a game of chance into a game of skill, then excelled at that skill. Of course this has happened to other games as well, such as with card counting in blackjack, which is also inaccurately described as cheating when it's actually mastery of the game.
Change to roulette, chaos theory, and physicists -- using 8bit hardware in shoes -- and you get the fascinating book "The Eudaemonic Pie" by Thomas Bass. Highly recommended.
By "<i>Can't</i> fix", they mean "<i>could</i> fix by putting in new slot machines whose PRNGs aren't crackable, but <i>choose not to</i> because it wouldn't be cost effective".<p>Why don't slot machines use true random numbers? They could still skew the results however they like.
The true fix is just to replace the machines. As they said the newer machines have encryption to hide the PRNG. Obviously some places can't do that, and the company is not doing it for free. So technically the casinos cannot fix the compromised machines themselves, but they could just replace them.
Somebody play a tune on the world's smallest violin. People kill themselves because of casino normalizes self destructive behavior. So a bunch of impoverished engineers figure out a way to beat an outfit that profit's off from ripping people off. More power to them. I hope they take out all the fucking casino's ripping people off. Not that I condone hacking but casino really doesn't even register on my empathy list. Fuck them.<p>It should be legal to burn money also because people love doing it at a swanky place like casinos. At least you won't see people get addicted to dousing your cash with gasoline and throwing a cigarette at it.<p>I just thought of it and it seems quite exhilarating at the prospect....but it is safer and less addictive than gambling in casinos.
> As Hoke notes, Aristocrat, Novomatic, and any other manufacturers whose PRNGs have been cracked “would have to pull all the machines out of service and put something else in, and they’re not going to do that.”<p>This just goes to show that despite the money the casinos are losing to this Russian group, they are still making so much money off the people <i>they</i> are cheating that it's not worth fixing the problem.<p>Why our governments protect the jerks who steal money from the less intelligent members of our society is beyond me. That there are laws that support casinos is no justification. Casinos are themselves a scam and should not be protected against scammers at the expense of tax payers.
"Casino is entertainment for which you pay a probabilistic fee proportionate to your spend". Ok, a bit of a stretch, I personally think. I honestly think that people gamble on things like slots because they don't have an educated sense of probability. I'm not sure the transaction is quite as clean as buying a cinema ticket and trading cash for entertainment.<p>"These guys were right to do it". I think the edge exists because it's ultimately illegal. I think it's tantamount to an illegal distribution of cash from a casino to a mob. Would it be any different if they hacked their bank account?
I wonder if there's enough variation in how people pull the handles and push the buttons that they could be used to partially re-seed the PRNG frequently enough that it the seed can't be determined by a video?
Since the title says "Can't Fix": Isn't it fixable by injecting some entropy into the PRNG for every roll like button press durations in nanoseconds, temperature, hardware quantum based, ...?
Reminds me of the first chapter of Kevin Mitnick's 'The Art of Intrusion' [0]. The first chapter tells the story of (I believe) American programmers who reverse engineer the PRNG on a poker machine, so they could predict when the machine would deal the next royal flush.<p>[0] <a href="https://www.amazon.com/Art-Intrusion-Exploits-Intruders-Deceivers/dp/0471782661" rel="nofollow">https://www.amazon.com/Art-Intrusion-Exploits-Intruders-Dece...</a>
> A finger that lingers too long above a spin button may be a guard’s only clue that hackers in St. Petersburg are about to make another score.<p>Seems like this is easy for the scammers to work around. They could calculate the average time it takes for the scammer to lift his hand from his lap and press the button, and then use that time instead of .25 seconds. Would be less successful, but would seem to be almost impossible to detect.
Kevin Mitnick wrote about a similar hack over a decade ago: <a href="https://www.ethicalhacker.net/features/book-reviews/mitnick-the-art-of-intrusion-ch-1-hacking-the-casinos-for-a-million-bucks" rel="nofollow">https://www.ethicalhacker.net/features/book-reviews/mitnick-...</a><p>I knew some of the people involved and actually saw some of the code if anyone's interested.
Similar idea...<p><a href="https://en.wikipedia.org/wiki/Michael_Larson" rel="nofollow">https://en.wikipedia.org/wiki/Michael_Larson</a>
There is a fix and it is not crazy. The gist is they were able to brute force the PRNG of the machines and predict their future state. Hardware RNG is thr answer. In crypto it is obviously bad if someone can predict anything about your random values (keys / IVs). A hardware RNG, "cryptographically strong" RNG algorithms, and resetting the RNG very often make this problem go away.
Curious how they screwed this one up - did they just have no proper random source? Nothing like modern operating systems use, like disk latency? If you're in the business of doing random numbers, you'd think you'd embed a cheap hardware based random number generator, even if it was extremely limited, just to seed a CSPRNG.
The title is a bit misleading (clickbait?) - the problem can certainly be fixed, and the article even goes into some of the ways. It just isn't cost-effective. Retiring the problematic machines would do it.<p>I wonder if they can change the amount of money you play for in those machines, so that it's no longer worth it to try to cheat them?
It looks to me like a PRNG is fed once and never reseeded. That's the only way that simply observing the spin would tell about the outcome. In fact I'm surprised it doesn't just "produce" the outcome every time the button is hit simply from a few bytes of the prng.
Why is it so difficult to create randomness? Input from microphone or even variations in electricity input should be more than enough, no? Why is it such a huge struggle, I don't understand, especially in machines that depend on the randomness.
Really funny piece. It really feels like one of those Order vs Chaos battles, with Russians on the Order side. Guys found the order in randomness, I'd like to see the math behind their operational methodology. Also, why iPhone?
After reading a bit about it, it seems very difficult (impossible?) to get a true random set of numbers. Anyboyd here on HN that has some insight? Are there interesting hardware or random-number-as-a-service things going on?
It's still unclear how the organization broke the PRNG in the first place. Were they somehow able to get their hands on a machine for hardware analysis? Or did they just have their "operatives" play slots and capture video which they then manually analysed for patterns?<p>Offloading the computation to a remote server is a smart idea though. There is a lot of cool stuff happening in the game cheating space.
I would think that having 2 PRNGs and then switching between them would ruin this strategy.<p>Obviously this would cost money for retrofitting, but all new slots could employ a new design, getting rid of this problem over a few years.<p>Not a perfect solution, but at least it's a medium to long-term fix.
Abusing humans desire to pattern find and take risks for profit is bad. Casinos are bad. If you could weaponize gambling and spread it in an enemy nation, you'd do much to hurt it's GDP. I made a video about why gambling sucks.
Anyone interested in how the gambling industry makes their billions mainly from slot machines, and how they engineer them to hijack people's dopamine systems should read Addiction by Design (MIT Press, 2012).
I get that creating a genuine random number generator isn't easy, but surely this points out that it's something the slot machines should have rather than a PRNG?
How does that encryption work? Is like those sha-256 circuits used in Bitcoin mining? Is it possible to modify the affected machines to allow encryption?
<i>Slot machine outcomes are controlled by programs called pseudorandom number generators that produce baffling results by design.</i><p>goddamnit wired. You're as bad as IT World. I don't know why I keep reading your trash.