defending against a back door

I know next to nothing about many things, in this case electronic game design, but that doesn't prevent my brain from formulating questions based upon my limited knowledge of a subject.

Casinos, if I understand it correctly, are as concerned OR MORE about employee / internal theft than they are about theft by patrons, and adopt procedures and countermeasures to address that fear.

My question: what defenses are there against a built in "back door" inserted by a clever game designer or repair tech?

By "back door" I mean the insertion of hidden, undisclosed code which will allow someone to exploit the machine at will.

Who polices the game designers and repair techs, and how do they do it?

Are the chips on all new games completely reverse engineered / examined by outside experts to verify no back door is present, and can such a thing ever be established with certainty?

sign me: Back Door Man

Speaking of back door entries, johno/egalite knows much about that. LOL. He is the go to guy for the Show N' Tell. Ha ha

Can't resist.

Okay back to our schedule programming. There is not much one can do until it does happen. I mean look at what LizardSquad did to Blizzard, Sony and just recently to Bungie. Not to forget the UltimateBet/PartyPoker fiasco some years ago during the online poker explosion.

Are you thinking of Ron Harris, MrV?

Yes, his exploits came to mind.

This would seem to be a field offering nearly limitless potential to a limited few, if managed correctly.

Not that I will do it: I haven't the skills, and lack the criminal fortitude required.

But others out there may not hesitate.

I have to assume that all new games are examined thoroughly by outside experts before hitting the casino floor, but whether today's techs and testing procedures can in fact prevent a back doored game from coming into use is unknown to me.

Too bad MathExtremist isn't around, because I think this was right in his wheelhouse.

Just about all states now require GLI (Gaming laboratories International) or BMM lab reports, who officially certify a game's design and mathematics.
A gaffed design would be spotted.

In table games, a risk would be inserting or allowing marked cards. In slots, it would be modified hardware/software. Ron Harris worked for gaming in gaffing slot software, and Tommy Carmichael was a former TV repairman who studied how to trick slot machines to dump.

Casino management considers both internal and external theft threats seriously, and trusts no one equally.

Those guys must be bad. They both have three names just like serial killers.

Quote: Paigowdan

Just about all states now require GLI (Gaming laboratories International) or BMM lab reports, who officially certify a game's design and mathematics.
A gaffed design would be spotted.

In table games, a risk would be inserting or allowing marked cards. In slots, it would be modified hardware/software. Ron Harris worked for gaming in gaffing slot software, and Tommy Carmichael was a former TV repairman who studied how to trick slot machines to dump.

Casino management considers both internal and external theft threats seriously, and trusts no one equally.

Even though these places "certify" the game doesn't mean they don't miss things. Look at how many table games have hundreds of eyes look at them and some still slip through with major flaws.

Quote: Paigowdan

Just about all states now require GLI (Gaming laboratories International) or BMM lab reports, who officially certify a game's design and mathematics.
A gaffed design would be spotted.

Does GLI white box or black box test the games?

I assume GLI take on some responsibility if a game is gaffed. But given the complexities of code these days, I wouldn't like to guarantee that your game doesn't have a back door.

Back door into the code would be hard since each line of code is supposedly examined, but what would that do: you would still have to show up with a tool kit and set to work. Even a dumb security guard will get suspicious seeing wires and keyboards.

Now a Side Channel Attack against an RNG that might be easier to do.

Quote: FleaStiff

Back door into the code would be hard since each line of code is supposedly examined, but what would that do: you would still have to show up with a tool kit and set to work. Even a dumb security guard will get suspicious seeing wires and keyboards.

Now a Side Channel Attack against an RNG that might be easier to do.

That's not necessarily true. I good programmer could set an event to happen or start by a combination of button pushes. 5 pushes of the max bet button followed by 2 of the change button followed by 9 more of the max bet button could initiate a medium size jackpot for example. No access to the inside of the machine needed



ZCore13

Quote: Zcore13

That's not necessarily true. I good programmer could set an event to happen or start by a combination of button pushes. 5 pushes of the max bet button followed by 2 of the change button followed by 9 more of the max bet button could initiate a medium size jackpot for example. No access to the inside of the machine needed

Yes, that is the kind of action I was wondering about: initiation via a pattern of button pushes.

If coded in such a complex way to trick the certification testing people....I'd imagine it'd have to be so overly complex and convoluted that the reader would think, "Why the f*** are there 10,000 lines of code for Function X when if can just as easily be written in 500 lines?"

ask frank Stanton, he should know about 'back door man' things.

Quote: RS

If coded in such a complex way to trick the certification testing people....I'd imagine it'd have to be so overly complex and convoluted that the reader would think, "Why the f*** are there 10,000 lines of code for Function X when if can just as easily be written in 500 lines?"

Which is why it depends if the cert guys are white box or black box testing. There's plenty of ways to put in obfsucation that wouldn't require a large section of added code at all. What would be hard is to disguise a call to the RNG that was triggered in a special mode, or a call that changed the operation of the translation between the RNG values and the result.

I'd -assume- GLI are good at that type of thing.

I'm going to exit this thread because I thought the title meant something else....

Quote: djatc

I'm going to exit this thread because I thought the title meant something else....

HAHAHAHAHAHA... LOL!!!

You mean you wanted it to mean something else....lol!

Anyway, I worked for a couple of years (2009-2010) as a SME on a software package a company built for FAA deployment. The company was ISO8000 certified (think it's now ISO9000; my info is a little stale), which is a software industry standard to sell your code to anybody. Part of the requirements were in-house review, LINE BY LINE (which is just as dreary as it sounds, but incredibly educational) of every bit of code that went into the project; in our case, several million lines. Every single character, including punctuation, was examined for its effect, every line was traced to its function, every sub-routine for its need of inclusion. They would read it out loud, including saying "bracket", "open quote", etc. and all have to agree (minimum of 2 people, usually more) that it was legit, before moving to the next line. These sessions were documented with meeting minutes and tracked for completeness of code review.

So, assuming the distributors are buying commercially viable code from honest companies, it's pretty hard to imagine a lone programmer even getting it out the door. At a minimum it would take the collusion of the entire engineering and programming department. And, since it's industry standard, I would think that minute level of review by GLI or whoever is certifying the product is also required.

Not saying it can't be done. But I think it's something to look for in choosing an on-line casino or b&m place, or even whose VP or slot you play in those places, re: Bally vs. some in-house game in a box. Like Ben F. said, "Three people can keep a secret, if two of them are dead." So the back door Easter Egg thing is unlikely these days at best.

Quote: GWAE

Even though these places "certify" the game doesn't mean they don't miss things. Look at how many table games have hundreds of eyes look at them and some still slip through with major flaws.

You're thinking of 20+ years ago, where no one even considered counting into the house edge, even though just about any shoe can be counted in some way.

GLI has come a long way, and routinely offers counting analysis on EVERY shoe-based game as routinely analyzing a shoe/multi-deck game. As for other games, (which would be single-deck games, usually poker-based), protection is defined by dealing procedures, which is analyzed by the NGCB.

In these situations, game protection is no longer a "fault of the game design" nor approval process, but instead house protection measures, which are the responsibility of the operators and their Internal Controls and surveillance abilities by this point.

Quote: thecesspit

What would be hard is to disguise a call to the RNG that was triggered in a special mode, or a call that changed the operation of the translation between the RNG values and the result..

Actually it is not *that* hard. All you would need is the memory address of the RNG state (i.e. the current "seed"). The state (or seed) you could alter in any obscure way at any given point in code. Then by magic (or better call side-effect) you know the result of the very next spin/shuffle/etc.

Quote: beachbumbabs

Every single character, including punctuation, was examined for its effect, every line was traced to its function, every sub-routine for its need of inclusion. They would read it out loud, including saying "bracket", "open quote", etc. and all have to agree (minimum of 2 people, usually more) that it was legit, before moving to the next line. These sessions were documented with meeting minutes and tracked for completeness of code review.

Do you think it this will be efficient to catch "traps" ? Those are not hidden in the code itself, those are hidden in the design.

With keno RNG's Ron Harris was able to use the numbers in the just compketed game to predict, with about 3% accuracy, the numbers in the next game. This has always made me wonder about statements by the manufacturers, Gaming, and everyone else, that the numbers are being continously shuffled between games.

Quote: mickeycrimm

With keno RNG's Ron Harris was able to use the numbers in the just compketed game to predict, with about 3% accuracy, the numbers in the next game. This has always made me wonder about statements by the manufacturers, Gaming, and everyone else, that the numbers are being continously shuffled between games.

Mickey, you are absolutely correct. The reason the regulations have changed to include constant random number generation is because of past incidents.

Quote: MangoJ

Do you think it this will be efficient to catch "traps" ? Those are not hidden in the code itself, those are hidden in the design.

It's supposed to, as those doing the code review are software engineers, and they are reviewing for effect as well as typos. That's what I was referring to as requiring collusion; I'm assuming the reviewers are competent to detect what the subroutines would do. Perfect? Unlikely, but I think the intent is to catch traps; I'm not qualified to judge the effectiveness. I was just there for content.

Quote: beachbumbabs

but I think the intent is to catch traps.

If this were true all software could be bug-free by simply reading their source code out loud. Clearly that is not the case.
And bugs do not even try to hide. Traps would definately do.