Don't have the courage to go into it right now, but this has been proven to be wrong by many posters knowledgeable about network security issues.
Unless you are a computer engineer, I'm gonna go ahead and say you're posting completely out of your ass.

All the "constraints" you mentioned are really nothing to bypass for someone who is motivated to hack you.
They would just be unlikely to take place together by chance, which is all that you have illustrated by listing them in that way.
I think you confused yourself there....and mistook quantity for quality.

If you would be so kind as to not do that and mislead other players, it would be great.
Unless you're just a shill for Cake. In which case, please proceed.

Also, Cake is not nearly the size UB/AB were at the time, and a decent part of their profit comes from 2+2 multitabling grinders who go there for the level of play and the benefits of anonimity.

Also, from a purely logical standpoint, for a company that doesn't fear anything from losing their 2+2 customer base, their rep is acting a little strangely desperate to do some damage control any way possible.

Lastly, 2+2 is the biggest, but certainly not the only poker forum on the internet.

So yes, these stickies and threads do have a huge impact, I believe, which is why it's crucial to have them in the first place.

Awesome response....

Hey einstein, in case you missed the last 5 pages of this thread....the issue is that the cake programmers knew about this security exploit and in fact for some reason deliberately chose to put it in there (by forgoing using industry standard encryption). They also lied to Lee Jones when asked about their encryption. So I think it is alot less likely than 1/10000000 that someone took advantage of this. In fact I can't understand why this vulnerability was even left in other than for someone to take advantage of it.

Obviously the 1/1000000000 thing was an exaggeration. All i'm stating is that Its highly unlikely for this to have happened to many people if any at all. If someone was going so far out of their way to hack you, to get around all of those things there is probably easier ways to do it. Actually I have talked to programmer/networking friends of mine and they came up with that conclusion. Please don't talk to me about the poker industry, I know many profitable poker rooms who have never advertised or been frequently mentioned on 2p2 so its not going to kill the company.

Im not here to argue, I think its important people hear different perspectives.

I'll take you up on that for my, albeit small, net worth.

Seriously that's one the most stupid things I've ever read on 2+2. Do you really believe that in 2010 that when a security hole is made public and the site does nothing for a few days to weeks to fix it, where there are tens of thousands of dollars, or more, up for grabs that no one is going to take advantage of it? Especially when others have outlined exactly how you could do it, and it seems as though with some technical knowledge it wouldn't be impossible at all

Even if no one involved with the site was exploiting this, what about individual hackers or the likes of the Russian cyber crime groups?

Perspective is not code. If you didn't read the other threads, the problems with - inside job, Your ISP, contractors for your ISP, etc. - especially after the news was published, is what was dangerous to Cake Players.

And the Russian Hackers (whom probably had a field day) - this wasn't restricted to wireless networks - because of the PLAIN TEXT (i.e no MB5 hash) login details sent to computers.

You didn't talk with anyone knowledgeable. Its the CODE that gets you, and all your feel good vibes doesn't make anyone on the network safe.

There is a reason Mason called Lee out, and its not because he was waiting to hear your perspective.

As the owner of an affiliate myself first and foremost I want to say you certainly overestimate how difficult it is to get one started. It's not a brag, nor an accomplishment in the poker world and certainly not one that lends any credibility (as you seem to be implying by mentioning it). Additionally, I sincerely, sincerely doubt you have ever met anybody from Cake.

As for the bolded part - The employees are on the Cake network. They can take full advantage of the poor encryption and it's a likely explanation for why something non-standard was implemented in the first place (and additionally why an employee allegedly lied to Lee Jones about it).

You can/should contribute to the thread but your credibility at this point, your implied experience in computer security and knowledge of the poker world in general seem incredibly low.

Ive just had an update. Is it a fix?

Cake sucks, the table layout makes me vomit
Lee jones is a classy man though this could turn into another ub/ap..

I have PM'd Mason. I will post here as soon as I can.

Best regards,
Lee Jones

Cake Poker Cardroom Manager

um... no.

what you need to do is just stop talking/typing/posting. you are clearly out of your league here and it's not only embarassing to yourself but detrimental to the average reader/user for having to read and take your nonsensical bull**** in here with any grain of credibility.

i've been following this thing silently since it was first uncovered and this is just ridiculous, in some ways it's surprising but in other ways it's totally not. the basic fact is that there's really only two possibilities, 1)cake hires a team of half assed C++ dropouts in order to save money and their complete, all-encompassing incompetence (and subsequent embarassment of this being made public) is the source of the lack of any real encryption and the lies to lee...or 2)the programmers left this enormous flaw on purpose, with malicious intent, in combination with knowledge of the UB/AP scandal and cake's lack of any real HH and sn recognition to superuse people under the radar. what glouptanouk speculates about lee's involvement in this whole thing, protecting his investment so to speak, seems pretty much spot on imo.

anyway as far as the two possible scenarios for this massive security lapse, i tend to lean more towards one of the options listed above than the other, and i'm very interested to see if lee returns after mason's most appropriate sonning of him with a different attitude, although i can't say i expect it. after all, he's just an errand boy whose job is nothing more than PR and damage control, like a puppet to the higher ups, he only relays whatever info in the manner they approve for him.

either way, it's a complete joke at best and all out scam at worst. i put a couple $k on cake earlier this year and did not have any indication that i was being superused, although i ran godawful from the very start and the basic programming of the interface/tables as well as game selection (big bet o8) was so terrible that i swapped what was left of my balance back to my regular site and never went back. now this thing is so lol that i really have no intentions of ever returning to cake either.

mason malmuth GOAT

Hate to quote it again, but...as Sam Rothstein once said:

"Listen, if you didn't know you're bein' scammed, you're too ****in' dumb to keep this job. If you did know, you were in on it.
Either way, you're out. Get out! Go on. Let's go"

this

VERY interested in this! Love to hear Lee's answers.

He called you out in public, you should have responded in public.

It sucks to be you these days. Every time you write something you look worse and worse.

It seems you have a problem with straighforwardness.

will you idiots stop this ****, this thread is important and will be extremely long as it is without the help of your brain dead comments

They didn't respond in public because, it would appear, Cake has a ****ing ton to hide and is stalling for time at this stage.

If I had money on Cake right now I'd be requesting a withdrawal immediately. Super super sketchy.

Personally, I think this is starting to smell like it could be an abandon ship in progress. The owners (those "higher priorities" Lee talked about before) are the ones jumping ship. Bye bye bankrolls, everyone! I can see money being transfered through many accounts in preparation for Cake going down with the players having no recourse for getting their money out. Lee is buying them time right now by stonewalling.

The bad thing is that all sorts of stupid conspiracy theories like this one can start flying around now because of the silence from Cake.

SUPER DUPER extremely interested in this!

Nevermind, you obviously dont get it.

You always have a choice, you can always choose not to incorporate encryption, is it a good one? No of course not, but you can choose to not to.

It's not like there's a checkbox that says "Use SSL," right?

It takes less than an hour to set up SSL, and requires no programming of any kind.
http://support.microsoft.com/kb/299875

We clearly have few good options. On the other thread, I proposed making a site about and everyone linking to it so that it so that it comes up 2nd in google in a search for cake poker. Sadly, I think this is the best tactical response that 2p2 has available to a stonewalling defense.

It is also important that Lee Jones' reputation is affected by this, unless he changes his stance.