sorry up front if this is inappropriate for your forum. To make this short, you may be aware that there is a budding scandal at Cake poker regarding their weak encryption a la the Cereus network.

There is a great deal of discussion of this in the Cake thread with a lot of smoke but not a lot of facts as to what is really entailed in solving this problem. I wondered if there was someone here who could look at this problem ( check out the Cake poker thread in the Zoo for the last 2 days) and then give a professional opinion as to what will be needed to fix this problem and a time frame as to how long it will take Cake to do so.

Thanks for your time.

I've not read the thread, but just skimmed over the PTR page about this and the solution is just a case of using some proper/industry-standard encryption (such as SSL) for their client-sever communication (as opposed to some weak/homebrew XOR encryption like they've been using).

As for a time-frame I would guess they could roll it out in few days (prolly about a week to test it properly, etc).

Juk

I've read the threads, but never worked with implementing OpenSSL or similar myself. I'd guess timeframe should be much shorter, maybe even measured in hours for a competent programmer familiar with Cake's client (note: such a programmer may not currently exist / be under contract, or it would be unlikely this situation would have arisen).

I mean, this doesn't need much past the point of "ok, seems to be working". their current "encryption" is toast, exploits / howto out in the open. If they aren't gonna shut down the network while they fix this, imo they should rush out something better to at least have a chance of protecting login credentials / holecards while working on making sure.