USS Clueless Stardate 20010911.0454

  USS Clueless

             Voyages of a restless mind

Main:
normal
long
no graphics

Contact
Log archives
Best log entries
Other articles

Site Search

Stardate 20010911.0454 (On Screen): I like Las Vegas. I enjoy gambling. I don't gamble to win, because I know better; I gamble because I enjoy gambling. I like the feel of chips in my hands; I like watching the dealers; I like being served by the cocktail waitresses. I like the carpet. I like how a casino smells. I like looking at the ceiling and seeing the security cameras. I like looking at the crowd and knowing that some of them are plain-clothes security guards.

After fifty years of running gambling in Las Vegas, the folks there have seen every kind of scam and cheat there is. They are constantly on the alert, and they've adopted the highest of high tech to protect themselves. With millions of dollars passing through the casinos every day, no degree of security is too high. The expenses involved are simple prudence. There was a time when people would stage fights in order to tip a gaming table over, to give others opportunities to grab chips -- now the tables are anchored to the floor with bolts. They change decks at the tables once per hour to make sure that cards don't get marked inadvertently (or deliberately). Whenever a dealer is relieved and walks away from the table, they always clap their hands and then spread them in front of us -- it's a nice flourish but it also makes it impossible for them to palm a chip and steal it. They're not doing it for us, they're doing it for the security cameras.

Well, the online casinos haven't been around very long and they're still learning about scams the hard way. The casinos in Vegas have the advantage of physical presence; people have to walk in and sit down. Anyone in the world with a net connection can visit an online casino, though, from the comfort of their own home country. It's hardly surprising in this day of hackery that they've been getting swindled, is it? From crude extortion (Pay us or we're going to bring you down with a DDOS) to the sophisticated, they're losing a bundle to cheats. The most clever mentioned here was someone who actually broke into a casino's computer and reprogrammed it so that everyone playing slots or craps won every time. It took the casino a couple of hours to notice -- wasn't someone paying attention? And how did their computers get broken into, anyway? When you have a computer where illicit access by the public can cost you millions of dollars, no degree of security is enough. (And you'd think that even if they didn't know that, their insurance companies would.)

In particular, the computer which serves the web site should be different from the computer which actually runs the game. The former is exposed and vulnerable, so all it should do is to serve text and graphics. It, then, should communicate requests for bets and plays to a second computer by a secure link through a firewall to a much more carefully guarded computer whcih actually contains the money. This isn't rocket science; this is something banks and other institutions have been doing for years. (discuss)

Captured by MemoWeb from http://denbeste.nu/entries/00000685.shtml on 9/16/2004