Isn't the important caveats here:

a) That your exploit pertained only to snooping the local network traffic of a specific player? As I understood it from that blog post (but correct me if i'm wrong!), you could not see _all_ player hole card information; rather, hole card info sent to each player across the network unencrypted. Thus, it was not a potential "superuser" situation you found, rather a potential local exploit on insecure wifi against a specific player?

b) that GG responded and said they had implemented SSL encryption to fix the hole?

These are genuine, good faith questions, not rhetorical. Just trying to understand.

> I have sent GG networking a proof of concept where i can view cards about 5 seconds after the hand is over / this includes hole cards of all players (even the people who mucked) I also told them that I suspect that given a little time and research I may gain the ability to beat the 5 seconds and see the hole cards in real time.

It would be insane if their systems made if even _feasible_ for PokerCraft network traffic to send holecard information _while the hand is in play_. I know you say you're confident you can beat the 5 seconds... but there's a world of difference between "see hole card information immedately after hand is over" and "before hand is over". I'd like to think that "before hand is over" was basically impossible i.e. never exposed through their API at a very low level. Does your research indicate that this is indeed possible?

For now I will only share a part of my email to them on 28/7/2023:
I would like to stress that the hack itself is a big issue but not the real issue here.
Hacks can happen due to many reasons some are not always in the control of GG ...
I think the bigger issue here is that they had to wait for the community to come up with this while they had the data and could very easily monitor for such incidents and take action against those.

I had a few zoom meetings with them , they were not interested in my ideas on monitoring systems - only about fishing sites , i decided they are not worthy of my time and just gave up.

LOL , MY CREDIBILITY ?

Do you think i will post technical details of a back-door still valid on their systems ?
I never wanted to harm GG-Networking nor do I want to harm them now.

If you worry about my credibility you should read my articles about poker security and GG networking security and decide
for yourself about my technical capabilities.

Good work dude. Articles are great too.

It’s a sad state of affairs. A friend of mine sent proposals to all major sites on ways to efficiently detect RTA cheating. All of the sites dismissed him.

This is not the only shady thing GG does. Also thread about this guy was created almost a week ago in the other section of this forum, barely anyone seemed to care. Should i also repost my thread about pokerok (russian gg skin) support lying to their client about a hack? Maybe it will get some traction.
Any website that does not have a gambling license outside of Curacao is a joke.

Ignore the troll, NVG and forums in general are full of people who don't know what they are talking about

Thank you for sharing, Eddie, and understand why you cannot and should not share all the details.

One of the more worrying online poker stories in recent memories and this wrong'un jumps in for some publicity, despite knowing literally 0.

I honestly give up on the poker community at this point

1. You are right. In the article i just discussed the encryption problem. I tried to be very easy on them because behind the scenes there were attempts to burry the article, I know there was a great deal of effort by GG networking to shush this article up. BTW - its not as hard as one can think, as if you sit on an ISP junction you can monitor many different players and target them - i know for sure it was done in several countries.

2. After the article I showed them how I can see the hole cards. We had some emails and also I think 3 zoom meetings,
They dismissed it and claimed they are more interested in shutting down fishing sites. I told them I have names of 22 cheating accounts and I would like their permission to get data and build detection algorithms on it.
I think they told me that they are not interested in such solution and that they already have monitoring systems that detect bots. I knew this is BULLSHIT since i know about a few groups that are cheating there in high cash games. (USING RTA and possibly exposing hole cards).

3. If you reverse engineer the Java Scripts you can also reverse engineer their API. I can tell you that the hole cards of every player are inside the data (EVEN THE ONE WHO MUCKED) also their full names and what skin they are using to play on the site. Their encryption on that data is a joke and they had a back-door if request comes from 127.0.0.1 the answer will not be encrypted. (HTTP HEADER X-FORWARDED-FOR). I told them all about it , but their managers just dismissed it and said it is highly unlikely that someone will do that....

https://ggpoker.com/blog/news-headli...oker-security/

LOL

So seems like the dude exploited exactly what Eddie specified and they dismissed?

What time was this posted? Was it reactive to the thread?

Their post start with: "GGPoker recently spotted unusual game patterns
the thing is - GGPoker never spotted anything ... the community brought it to their knowladge.

As a security expert I can say that their approach to security is not serious. They do not monitor for cheaters at all and this is one case that came up and they caught it , we should all wonder how many cases we did not catch.

is the thumbs up-hack taken into account in malmuths secret statistical anomaly model or will it be updated for the printed version?

This isn't related to GG only unfortunately, as you know. For a security expert or a data analysis expert this is glaring.

Do you do expert analysis and testimony in court proceedings, Eddie?

22 minutes ago, yes I assume reactive to this blowing up on twitter and 2p2

He’s posting in a thread about superusing cheats as though it’s relevant to some leak GGPoker has in their hand history database. The two aren’t remotely relatable in terms of how it affects the main site security. Sure, he may have found that leak but posting it here just sidetracks the issue.

The sad thing is that only these dumbass cheaters who win at ridiculous rates and make those J-high calls will ever get caught. Smart cheaters print year after year.

lol gg poker.


good thing for the forums as its still a place to put this out into the poker world when someone doesn't have long reach on twitter

and lol at MM saying he has a method to scrape for this as a way to hawk more books.

So they were able to see the allin equity but presumably had no access to hole cards.

Still it's a shame this was discovered by players and not their security team.

"We are open to comments and suggestions". Hypocrites.

Not exactly - there are several attack vectors here to gain hold of the hole cards.
I would not be surprised if this guy read my article before playing with the client.

In my article I wrote that i did not reverse engineered the client and doing so will surely gain more knowledge about the hole cards and other data.

the sad thing is that everyone will go back to playing there like nothing happened.

How do we check players history? Couple of similar suspicious accounts I've seen lately, very similar hand histories to shown in this thread. Final tabling tournaments with 70% vpip in a tournament with absurd hands, now their sharkscope says 0 tournaments played on GG.

"Milk26" was one of the accounts. Do we report to GG via email?

This is on par with the ultimate bet scandal. They just dismissed it like it was nothing.

Hope poker players wake up and withdraw all their money from GG.