Well here's how it is - If Lee Jones walks now Cake is ruined. But Lee Jones reputation is worth alot to him. The way I see it, Cake have opened up the chequebook and he has been made an offer he can't refuse not to walk. Everybody has a price. I can't see why else he wouldn't be out the door at this stage, he is in an impossible situation and his reputation is going further downhill every single day.

FTP also have a much better HR/employment model too

Indeed. I alluded to this in the other thread stickied at the top a minute ago.

It's quite plausible that he's either been given said offer, or when he joined Cake he was handed a **** ton of shares in the network and is protecting his investment by trying to maintain the status quo. If he walks, bye bye cake and presumably bye bye share-value/investment-value.

When it comes to encryption SSL is the default (and highly regarded industry standard) option. You have to have reason for not picking the default option. What reason did Cake have???

yeah its pretty awesome, its a shame the support of FTP is so shyte because the rest of it is the greatest I've ever heard of by a coutry mile! Anywyas, enough of the derail.

I'd wager a good sum that he was offered equity in the company to go there. He had it in stars I'm pretty sure , so he would want a more substantial replication going to another company. I still dont believe in my heart that this would be enough for him to let a scam like this go on if he was aware of it, but money does strange things to people. Hope thats not the case here.

It sure does. If he's got, say, a million tied up in Cake or has been offered that kind of cash to stay and weather this storm he will not be walking away too hastily.

The last few posts from him have been disgraceful, exactly the kind of auto-replies you would expect from a site like AP. He'd better off not posting at all than insulting the community's intelligence with drivel like that.

That was my thought when he told us Cake Poker was secure (after the UB flaw was exposed).

Now I'm really not so sure. I think they have Lee on strings down in that basement.

Money destroy most of us.

What??? When building a piece of software there isn't a default option for the type of encryption, you have to build it into the code. Its not like its a check box that says "Use SSL" or "Other" its not just turned on by default, the default would be to use no encryption because you didn't code it into the program

LOL

You should interpret his "default" as "industry-standard".

so when you are prebuild you will say

shall we build SSL into the encryption

so the Q is, if the answer is NO, then why is that answer NO

Afaik Lee did or still does have a large share in Pokerstars. I recall reading an article about Stars' owner recently that said the owner and his family controlled 75% of Pokerstars, the rest was given out to staff and others and in particular Lee Jones.

well I'm starting to think the industry stardard is to not use SSL lol

UB, AP, Cake... who's next?

IMO thats the million dollar question why would you just decide that you wouldn't use strong encryption when dealing with large amounts of money over the internet unless there was a shady ass reason behind it.

Same goes for UB / AP and look how that one turned out.

A few points:
1. At least when I played on Cake, notes you took on players stayed with them they changed names. This means that a single super-user account would have remained identifiable and noticeable to its opponents. Of course, it doesn't mean anything for multiple accounts possible owned by a team of cheaters.

2. I think that the next step in addressing this issue should be to see if any hand history evidence exists anywhere. Unfortunately, if there were superusers on Cake, and they were very careful, they will almost certainly get away with it. If they were less careful, then there should be suspicious hand histories, some of which have almost certainly been seen by people who post on or lurk twoplustwo.

3. I personally do not think that this vulnerability was ever exploited. This does not mean that I feel comfortable with Cake, or that I will ever play there again. The way they have handled this is very unprofessional, and a very bad sign for the Cake network. When this same vulnerability was discovered on the Cereus network, somebody specifically asked Lee about it, and he specifically stated that it was not an issue on Cake. Either a programmer lied to him, or he lied to us, or there was a gross misunderstanding, or some combination of the three. Whatever the cause was, this is a huge blow to his reputation and to Cake's. Ultimately, I just don't see myself ever trusting the Cake network enough to play there again.

Default - 'an option that is selected automatically unless an alternative is specified'

The default option for every single application that needs secure connections between a browser and a server is SSL. The default option is not to 'use no encryption', that is a ******ed statement.

unless you build it in there would be no encryption, is that not correct

The only time Lee mentioned something specific about encryption was in the first official Cake statement on the issue:

When asked since when is this "placeholder" algorithm in place he refused to talk in detail about it saying is not our bussines to expect that kind of info.

dont u think the tech guys could possibly make it so no notes would carry over to whatever new name they chose? i would think it couldnt be that hard.

You don't have a choice of not using encryption when you are dealing with a site that caters for real money transactions. Let alone a site that will be processing millions of dollars. It is a must. So as it is a necessity the only question is what form of encryption to use, and SSL is the default option.

To be clear, Lee also mentioned that when the Cereus SSL scandal broke, he asked his tech team if they had the same problem (which they had), and they assured him that they didn't.

Does Adanathar still own 1% of Cake? Might he be able or inclined to audit things? At the very least, he might be able to nudge Cake to start taking this seriously and being respectful of players and the security of poker?

The stonewalling here makes Lee and Cake look like they have something to sweep under the rug.

I think you're just arguing semantics to win the e-argument, but just in case you don't know, "building it in there" basically amounts to linking against a third party library (probably openssl) and dropping a public key somewhere in the repo. There's not a whole lot of building going on, it's middleware.

The reason you shouldn't play on Cake or UB anymore is because they were cheating you at worst and negligent/incompetent (putting you at risk) at best.

A) Cake techies are imcompentant

B) Cake techies are superusers

Seems like the only 2 posibilities to me, which is more likely?