|
|
|
|
#1
05-07-10, 11:01 PM
|
||||
|
||||
GTDawg - I think we are all saying the same thing. He's just showing how he can grab hole cards as an example. And stop thinking of it as his own hole cards... this of the person playing (just happens to be him) as the target and the other computer (also happens to be him) as the attacker. The fact that he was attacking himself is meaningless.
But yeah, I think if you play any poker on a public network (Vegas, etc, etc) OR if someone decides to target you and can get into your network, this is a pretty huge issue. No, I wouldn't be too worried about someone seeing my hole cards if I played on UB tonight. While scary, that's not the point and was just an example. But the fact that someone at PCA could compromise the login info of every poker player there because Cereus is too stupid to use SSL... that's just absurd. |
|
#2
05-07-10, 11:14 PM
|
|||
|
|||
|
I understand most of what you are saying...but
And stop thinking of it as his own hole cards... this of the person playing (just happens to be him) as the target and the other computer (also happens to be him) as the attacker. The fact that he was attacking himself is meaningless. I'm not writing it off because it is "his" hole cards. Yes, it is obvious that it would be the target's hole cards. But, that is still one set of hole cards. That isn't the whole table. And, to grab that ONE set, you'd need to be physically near that person's network which means you aren't going to be grabbing multiple sets of hole cards and you'd have to sit and play that person constantly to use that advantage. Grabbing one set of hole cards isn't as scary or as big an issue as somehow getting ALL of the hole cards OR the account info (which he mentions). ------ The logistics of getting one set of hole cards (the person you are targeting) doesn't seem to be as much of a benefit as the account info. You'd have to be physically near the person (or the network), you'd have to sit there and play the same person for quite a bit of time to take advantage of knowing their hole cards and, for all that work, you still aren't going to be getting information about the other people at the table. If you could somehow target someone in a heads up match for an extended period of time...cash money. However, that is an exceedingly rare circumstance. If you could somehow play against a group of people that were all playing the same table while on the same network...cash money. However, that is an exceedingly rare circumstance. He is able to grab ONE set of hole cards. He isn't getting hole cards for the entire table (which would be the jackpot hack). And, to use that advantage, he has to be close to the person, playing the same table, and playing for quite a while to ensure you got some hands against them. ***** Your second paragraph seems to be more in line with my point. Grabbing the hole cards of one singular person isn't really that BIG of a thing. Yes, it is huge. But, it pales in comparison to the idea of being able to grab the account information of someone playing Absolute on an unsecured wireless network. And, the ability to do that removes the entire work involved in actually using the knowledge of someone's hole cards to beat them in poker. In that video, he glosses over it and instead discusses the hole card thing and how his program gets them before the computer program can draw the cards on the screen.
__________________
"And that's how you play aces." Yeah, you make kings run in to them. Last edited by GTDawg; 05-07-10 at 11:25 PM. |
|
#3
05-09-10, 03:46 AM
|
|||
|
|||
|
Seeing as this is what I am studying, maybe I can shed some light on what is going on here. When on a wireless, or even wired network, data is sent over whichever medium (radio waves/copper Ethernet). Data being sent over wireless is much more vulnerable because when it is in the air, anyone can grab it.
THEY DO NOT HAVE TO BE ON YOUR NETWORK!!!! Simply in range of it. When in range of a wireless network one can grab the BSSID (Network name, Linksys or Dynex by default. If you are not retarded you have probably already changed this name along with the password. If not, you have bigger problems. The linux box is running what is known as a packet sniffer. A packet is a chunk of information that is sent over the network. Since the object as a whole is too big to send it is cut up into these smaller packets and transferred easily over the medium. The packets are then rearranged into the original form and put to use. This packet sniffer collects the packets and reads them. There are many programs out there that will "sniff" packets on both windows and linux, I don't know about Mac as I don't have any personal experience, but I am sure there are. Packets are encrypted by default but this does not mean that the decryption cannot be broken. Obviously some "security expert" thought that his ingenious encryption was better than the industry standard (it isn't). The packet tracer this man was using is obviously custom written since all it displays are the hole cards. This means that he(they, whomever they may be) has/have written a program that looks for specific packets (say pattern xyzxyz for example) decrypts the packet to display the hole card information. Thus the hole cards are shown. The amazing part is I am sure packets can be sniffed like this from FTP and Pokerstars too, it is just a matter of cracking the encryption, and since Stars and FTP use what is probably the industry standard(or better) I don't think there is too much of a worry there. As he said this is an issue with wired networks as well, but the problem is wireless, because as I said teh hacker/script kiddie doesn't even need access to your net, just to be able to read your SSID. With wired network they will have to breach the physical security that is your front door, and hopefully we don't let that happen. This doesn't mean it can't, just that it is more unlikely. Hope this helps. Cheers 
__________________
Real knowledge is to know the extent of one's ignorance. - Confucius |
 |
|
|
Hybrid Mode
