I am writing this because sites (esp. FTP) say that they cannot tell people they ban why they banned them, because that would result in botters knowing their detection methods. That's nonsense, intelligent botters probably already know this, and an innocent person has a right to defend himself. By making this information public, their argument should no longer hold

A little introduction first: I have a programming background, and in the last few days I have done some research into the poker clients and their security systems, because they know way more about their users than they tell you. The things I will mention are features of Stars and/or FTP, but also of many more poker sites.

Client side security

• File scanning, random files that you have open, or not have open.
• Process scanning, they periodically request a list of all programs that you have open, can take screenshots of them
• Debugger detection, by checking if the debug bit is set. Could also be by checking how long certain instructions take (to find break-points when the debug-bit is overridden), but they probably don't do that
• Virtual PC detection, "am I running inside an emulator?"
• DLL injection checking, basically looks if another program is reading data from the poker client
• Mouse and keyboard input monitoring, they record where you click on the buttons (a (very simple) bot would always click on the same spot)
• Mouse and keyboard input checking, to see if it comes from a real keyboard or is artificial
• Monitor specific win32 API calls
• Changing random pixels/things on the poker table, to make automated reading of the poker table harder
• FTP specific: ieSnare, which is spyware that tags your computer with a unique ID (which other programs can see too). "A database matching system, links devices and accounts allowing merchants to identify and flag fraudsters." (between different organizations)
• CAPTCHA, stars/party and now even FTP have these, which are the somewhat unreadable characters you have to type in from time to time to verify you are human. (Only done when you're suspected)

Server side security

• Session start & finish times, session lengths
• Compare stats & actions with those of other players (heuristics)
• Compare decisions to those of known bots (mostly known the HULHE ones)
• Look at IP-address, if you are related to others
• Look at your action frequency in similar spots, if you always do exactly the same you're suspicious
• Look at how often two users sit together, for collusion
• Look at actual hands you played, one by one

"But why would I be concerned?"
Well obviously because sites (esp FTP) ban people without telling them why, but also because pokersites read your files and open programs, and send information about them back. They can upload your entire documents folder if they find it "suspicious".

I am sure I have forgotten a few, feel free to add.

Why i cant see your nickname , avatar and location ?

I am afraid to get killed by the sites for posting this highly secret information, hence I posted anonymously.

he is a 2+2 undercover operative

so since we know that, why no detailed explanations from ftp. i mean i wouldnt be that hard to just say "you are using program x, you are banned for such" rather than saying "you are banned and no longer welcome, *****". when it comes to taking pplz monies i think an explanation of the crime is warranted.

it is easier to ban without recourse, nothing to deal with lols

All of the OP's stuff was talked about on codingthewheel.com months ago but in more technical terms.

I think the OP forgot ftp's ouiga board.

Does it make any difference whether you run on a PC or a Mac?

Okay so simple but obvious question i guess... but how do you know they do all of these things?

Do you have evidence for this claim? Without evidence, I find it a little dubious (no offence).

so whats the best way to protect our privacy?

who does full tilt or pokerstars hire to write their code and all that?

fbi agents... wooooow

no one should doubt FTP can do these things, but if you just play by the rules then you should be ok. i am done using tableratings until i find out if this will seriously put my roll at risk or not. something tells me alot of people use this and im just now realizing how potentially bad the consequences of using it are.

the only problem i see here are the complaints from people who say they just use PT3 and nothing else yet getting banned and funds gone.

Is this a list of things they do, or things they could do?

If you're claiming it's the former: evidence, please. Your method of detection with examples. Otherwise this looks like a bunch of half-assed speculation.

That damm chatcha or what ever its called bugged the heck out of me yesterday.
All my tables froze up, while they did it (I had to do it once before).
They know I'm not bot........ the superduperdoomer switch thats been on to long has led me to up my beer intake. Anyone could see when I'm in "sip & ship" mode.
On a serious note, I'm pretty sure the don't want to make public that when their client is open they can /do search whatever they want thats on your machine.

look at all the people that used the shark scope, anyone that opened that site after the ban while they were on got a warning E-mail on the spot.

I do think its needed because bots could be an end to the game. I don't care if some english dude knows I spend too much time looking at NVG and porn.

How, exactly, did you come to these conclusions?

Specifically, what does this mean:

What was the nature of your research?

He probably used a debugger that dumped code in combination with a packet sniffer.

EDIT: For the record, I support these types of initiatives. Freedom of information is important; the best bot networks and colluders already have this knowledge, I promise you.

+1

This is a list ripped more or less directly from a site that describes step by step how to build a poker bot. Ocham's razor would have me believe █████ was busted or associated with somebody who was busted and is exposing this in an attempt to start an outcry from the poker community to try to pressure the sites to remove or restructure their detection methods [as happened with PokerStars and the SharkScope deal], making botting easier.

Interestingly enough, that site (and subsequently this list) left off two of the most obvious and effective means of detection.

That site was indeed part of my research, many things were mentioned there indeed (but 2+2 understandably doesn't want that site mentioned on 2+2). But I was not busted or associated with anyone who was I just don't like the way sites say "You're doing it wrong, you're banned." without explanation, as I have substantial funds on poker sites myself too.

Please elaborate for the ignorant (speaking for myself).

BTW, this list somehow makes me feel more safe simply because I have nothing to hide.

Irony?

Do poker sites frown upon this?

I was thinking about using VPN or Remote Desktop to try some Euro Poker sites.

I think it's just another factor that by itself means nothing, but it sure is detected.