Atlanta-based casino game developer ASF Software Inc. recently encountered some unneeded turbulence when a software security group exposed a flaw in the company's multi-player poker software. The bug was fixed quickly, although not before CNN.com caught wind of the story.
"The problem was corrected in a routine security update two days before the CNN report," ASF President Tommy Forbes told Interactive Gaming News. "CNN was told, confirmed that fact and decided to do the story anyway."
The bug was discovered and reported by a security group at Reliable Software Technologies (RST), which emphasized to CNN that it didn't use its knowledge of the bug to take advantage of the game's operators. The group figured out the algorithm used to create a random shuffle for ASF's multi-player Texas Hold'em game. This enabled the "privileged" player to view opponents' cards before they were dealt.
A spokesperson for Planet Poker (www.planetpoker.com), an ASF licensee which operates online Hold'em games, told IGN that his staff had been working on a fix as well. He also said that players were immediately contacted and those who played during periods when security was breached have been reimbursed. And since the CNN report, believe it or not, business at Planet Poker has picked up. Players are reportedly satisfied that the glitch has been repaired, thanks in part to an endorsement by Mike Caro, a highly respected authority on poker strategy and simulations.
Writes Caro:
Dear Planet Poker Management,
I'm impressed that your programmers were able to respond so quickly in regard to warnings I made on the rec.gambling.poker newsgroup about potential problems with Planet Poker's randomly generating cards. I have looked over the logic in your new routines and they should be significantly more secure and reliable than the previous ones.
While ANY pseudo-random sequence has the potential of being unmasked, you have made this extremely unlikely, and I personally feel very comfortable with your new computerized dealing methods. In fact, these methods are more likely to provide a fair, random distribution of cards than a typical shuffle in a traditional cardroom. Good work.
Straight Flushes,
Mike Caro
CNN reported that ASF declined to comment on the story, however, Planet Poker posts that following letter from Forbes to CNN:
September 2, 1999
ASF Games
2800 Simpson Circle
Norcross, GA 30071
Jen Caltwider
CNN News
Dear Jen,
This is a response to the publicity release made by Reliable Software Technologies on September 1, 1999 titled "INTERNET GAMBLING SOFTWARE FLAW DISCOVERED BY RELIABLE SOFTWARE TECHNOLOGIES SOFTWARE SECURITY GROUP".
A Virginia Company, Reliable Software Technologies (RST), announced yesterday they had "discovered a serious flaw in the implementation of Texas Hold 'em Poker Game, one of several software programs that is distributed by ASF Software, Inc. The flaw was reported to exist in the "card shuffling algorithm used to generate each deck". This algorithm was displayed at an Internet Poker Site showing an example of the type of algorithm used depicting the game's fairness. In this particular case, the algorithm was inadvertently published on a web page before being replaced by a new one.
Having a copy of the source code gave RST and other programmers the opportunity to hack the algorithm. RST demonstrated their findings in the publicity release yesterday using the Company Game Demo Site. We appreciate RST identifying this error to us which our customer had already identified and replaced.
This and other algorithms used by the company are changed on a periodic basis as a standard security procedure.
Thank you for your time.
Tommy Forbes
ASF software's Texas Hold'em games are also offered at PurePoker.com and DeltaCasino.com.