charliepatrick
charliepatrick
Joined: Jun 17, 2011
  • Threads: 34
  • Posts: 2495
September 5th, 2013 at 1:49:33 PM permalink
Quote: 4ofaKind

Nevada and New Jersey...require this type of testing.

The UK requires the same for Fruit Machines (which is where I read about the machines needing to keep selecting random numbers in the background) (ref http://www.gamblingcommission.gov.uk/test_houses.aspx ). However it's on the basis of the tester being authorised, so I don't know how closely things are monitored. At the end of the day the casino has to report it's take and payout and meet the stated percentage (which has to be displayed) - one casino I know always adds a couple of percent to the stated value.

My only concern would be, as a player, if you were somehow denied a payout while someone else subsequently received a higher prize - I know with some earlier machines there were people who could tell when a machine would play, something to do with wins with nudges - but now all the casino machines (except a very small number of £500 ones) are spin, lose, win or predetermined feature payout.
Sonny44
Sonny44
Joined: May 13, 2013
  • Threads: 13
  • Posts: 217
September 5th, 2013 at 5:01:23 PM permalink
It would be interesting if the Wizard weighed in on this since he endorses the Bovada online casino.
4ofaKind
4ofaKind
Joined: Sep 28, 2010
  • Threads: 11
  • Posts: 221
September 6th, 2013 at 3:36:28 AM permalink
Quote: Sonny44

It would be interesting if the Wizard weighed in on this since he endorses the Bovada online casino.


Online regulation enforcement is non-existent. Always was and still is. Without monthly audits by regulator enforcement reviewing all gaming data in and out there could be no debate about online regulation enforcement. This argument is closed. Gambling and trust based on hear say is no different then flipping a coin for a wager without being able to check the coin before or after the flip.

Regardless who endorses any online casino in todayís present unregulated environment, that endorsement should be meaningless to an educated gambler. Obviously, endorsements under present online conditions and coming from a professional gaming expert must have other motivations involved.

I'm not trashing the host here, just expressing my personal opinion after considering the actual facts.
teliot
teliot
Joined: Oct 19, 2009
  • Threads: 41
  • Posts: 2269
September 6th, 2013 at 6:57:15 AM permalink
4ofaKind --

In 6 years of investigating software, the RNG has never been the problem. It would be incredibly difficult to reprogram the RNG to make it behave one way for one game, another way for another game. There is no need to do that. It is quite trivial to use a high-quality RNG to weight the outcomes using appropriate scaling. Use any standard RNG you want, the code that generates a weighting of 52/48 on a coin flip is trivial.
Poetry website: www.totallydisconnected.com
4ofaKind
4ofaKind
Joined: Sep 28, 2010
  • Threads: 11
  • Posts: 221
September 6th, 2013 at 7:05:21 AM permalink
Quote: teliot

4ofaKind --

In 6 years of investigating software, the RNG has never been the problem. It would be incredibly difficult to reprogram the RNG to make it behave one way for one game, another way for another game. There is no need to do that. It is quite trivial to use a high-quality RNG to weight the outcomes using appropriate scaling. Use any standard RNG you want, the code that generates a weighting of 52/48 on a coin flip is trivial.



I totally understand the reliability of RNG's, it's the software's programming codes I'm concerned with. The RNG's can only make a decision based on what choices are there for it choose from.
binary128
binary128
Joined: Nov 5, 2011
  • Threads: 5
  • Posts: 82
September 6th, 2013 at 8:28:55 PM permalink
Quote: RaleighCraps

Great explanation Chris.

I will never trust any electronic gambling for this very reason. It is too easy to manipulate the supposed randomness with code.


I don't want us to go off the deep end here. The question to which I responded referenced BLR Tech., and I offered a plausible explanation on how that fiasco might have played out.

I'd like to remind, or inform, the audience that I'm the President of Galewind Software Corp. We make these products. The fact that I am aware of these cheats does not, or certainly should not, mean that we use them. Besides, the cheat that I detailed would easily be caught by any competent, and honest, game auditor.

I realize that Galewind Software is a really small fish in a really big pond. But I like to think that over the years we have built up a reputation for integrity that protects us from being painted with the same brush as other, less reliable, software providers. The Gods know that we've worked very hard to achieve that objective.

Chris
beachbumbabs
Administrator
beachbumbabs
Joined: May 21, 2013
  • Threads: 99
  • Posts: 14232
September 7th, 2013 at 6:43:17 AM permalink
This is a terrific discussion, thanks all! There is a lot of really good information here and answers several questions I've had as well.
If the House lost every hand, they wouldn't deal the game.
4ofaKind
4ofaKind
Joined: Sep 28, 2010
  • Threads: 11
  • Posts: 221
September 7th, 2013 at 7:36:15 AM permalink
Quote: binary128



I realize that Galewind Software is a really small fish in a really big pond. But I like to think that over the years we have built up a reputation for integrity that protects us from being painted with the same brush as other, less reliable, software providers. The Gods know that we've worked very hard to achieve that objective.

Chris



@Chris

Your reputation and integrity speaks for itself. Over the years and reading your posts/threads youíve proved to be a warrior trying to right the wrongs with the underground non-transparent online gaming industry.

I also recall your software being used by a rogue operator who was wrongfully keeping a players winnings. A substantial amount I should add. Unable to persuade the operator to pay the winner, you stepped up to the plate and paid the winner directly out of pocket and tossed the operator. I canít name a single whale software provider that ever did this.

With regards to this incident could you tell us what the regulators position was on this case?

Correct me if Iím wrong, but arenít the regulators supposed to make certain that the casino operator maintains a minimum separate escrow account for player safety?

Did the regulators make certain this operator couldnít own or operate another online casino in the future?

Did the regulators take any form of action legal or otherwise against the operator?

Iím certain your software had to pass some form of testing before the regulators accepted it in their jurisdiction. Was this testing done by them, or did you just pay to have it tested and provide a seal of satisfaction?

Once the software was approved by the regulator and being used by an operator, was there ever any future software testing requirement; if so, how often? If there was additional testing, was it done by them or did you just have to pay for and provide proof of a current test?

Once you sold your software to an operator, who actually had access to the software and programming codes?

If an operator wanted too could he or she alter code without you knowing about it?

How, as a software provider do you know with certainty that no one could tamper with the software after itís in place?

With the confirmed rigged software that was being used by BLR, was that rigged programming done by the operator or the software provider?

Iíll end it here but still many more questions. If your not comfortable answering I understand.
Sonny44
Sonny44
Joined: May 13, 2013
  • Threads: 13
  • Posts: 217
September 7th, 2013 at 7:56:51 AM permalink
Quote: 4ofaKind

@Chris
Once you sold your software to an operator, who actually had access to the software and programming codes?
If an operator wanted too could he or she alter code without you knowing about it?
How, as a software provider do you know with certainty that no one could tamper with the software after itís in place?


These are questions I'm also interested in the answer to. IOW, once the software is in the hands of the operator, to what extent is there security that the software will not be tampered with? And, if it is tampered with, how will that be found out?
binary128
binary128
Joined: Nov 5, 2011
  • Threads: 5
  • Posts: 82
September 7th, 2013 at 7:05:50 PM permalink
Quote: 4ofaKind

With regards to this incident:

1. Could you tell us what the regulators position was on this case?

2. Arenít the regulators supposed to make certain that the casino operator maintains a minimum separate escrow account for player safety?

3. Did the regulators make certain this operator couldnít own or operate another online casino in the future?

4. Did the regulators take any form of action legal or otherwise against the operator?

5. Iím certain your software had to pass some form of testing before the regulators accepted it in their jurisdiction. Was this testing done by them, or did you just pay to have it tested and provide a seal of satisfaction?


These questions deal with the relationship between the licensing jurisdiction and the operator. As with Gibraltar, Curacao does not have a licensing or approval system for software providers. For this jurisdiction Galewind Software responds to the contract requirements of the operator.

Therefore (and this is not a cop out, but a precise description), Galewind's answer to all 5 of the above questions is "Not Applicable".

Quote: 4ofaKind

Once the software was approved by the regulator and being used by an operator, was there ever any future software testing requirement; if so, how often? If there was additional testing, was it done by them or did you just have to pay for and provide proof of a current test?


For software that is unchanged, there is no contract requirement specifying what tests need to be performed, and how. Obviously, the monthly CFG analysis of the game results and the RTP report do represent additional testing.

For our iTech Labs RNG certification there is a re-certification requirement if there are any changes made to the software. For example, we made a change to the Cycle process, which is what prompted the current iTech Labs certification, dated 2011 Oct 03, to replace the previous, dated 2010 Jul 06.

And finally, Galewind Software is licensed and regulated by the AGCC (License # 57 A, first issued on 2012 Jun 01 and renewed on 2013 Jun 01). I am not aware of any testing requirements that apply to non-modified code. However, any new or modified code has to be submitted to the AGCC for their testing and approval prior to production release. (We're just getting ready to do that for 3 new and 2 modified slots.)

Quote: 4ofaKind

1. Once you sold your software to an operator, who actually had access to the software and programming codes?

2. If an operator wanted too could he or she alter code without you knowing about it?

3. How, as a software provider do you know with certainty that no one could tamper with the software after itís in place?


Although the servers on which our software runs are owned , racked and administered by the operator, we define and configure server access accounts, and also what is called NTFS security settings. Only accounts with Administrator membership can "Remote Desktop" into the server, and only accounts with Administrator membership can edit files.

There are 4 Administrator accounts defined - 3 for Galewind Software and 1 for the operator. (We're pretty thorough in defining access credentials. No user names like "paul" or "tom" or "chris" and so forth. All passwords have to be 15-character pass phrases.)

I'm going to guess that 95% of our total code is contained in compiled components. I won't speak to the tremendous difficulties of working with "de-compiled code". The remaining 5% of the code is "script" code, which can be easily edited in Notepad.

So, if the access credentials for the single Operator Administrator account were stolen by, or given to, a nefarious character, then this character would be able to gain access to the web servers, and have "Edit" permissions for the web servers "script" code.

Obviously, figuring out what to do at that point would represent a significant challenge. I mean, you are looking at thousands and thousands of lines of script code contained within hundreds of separate files. What do you want to do, and just how do you go about doing it?

Still, they could make changes. Galewind would not be aware of these changes until something unexpected or inappropriate happened within the system as a result. It would then be a relatively simple matter to find the altered file, the altered code, the account that made the changes, and when.

Quote: 4ofaKind

With the confirmed rigged software being used by BLR, was that rigged programming done by the operator or the software provider?


I would expect that the "If ... Do ... Loop While" example that I provided in a previous post would have to be written by the software provider, and then used by the software provider and/or the operator.

I would also expect that the code which defines the value of that "adjustment factor" would be script code, so it could be quickly and easily modified by anyone that had edit privileges to that file.

Chris

  • Jump to: