From the Editor's Chair - v20

16 November 2004

The alternative-lifestyle capital of Europe transformed into I-gaming Central for three days last week when the 3rd annual European I-gaming Congress came to town. More than 400 industry professionals flocked to Sitges, Spain for Europe's biggest I-gaming event, a tradeshow and conference produced by River City Group and ATE. The resort town is a 30-minute shot down the coast from Barcelona, where the first two EIG conferences were held.

It was a productive week on the expo side, as always, and the conference program provided some excellent insight into the industry as it stands in the European markets.

If there's one complaint to be made about the venue, it's that the seats in the main theater were way too comfortable. That, coupled with the unwritten law mandating that sleeping before 2 a.m. anywhere on the Spanish Mediterranean coast is strictly forbidden, made staying awake a challenge, but thankfully the discussions were lively enough to do the trick. (Coffee didn't hurt either.)

Following are some highlights and thoughts about the program and the event as a whole. . .

British Policy

The most talked about topic both inside and outside the theater was the U.K. Gambling Bill. I thought this was a bit odd because none of the I-gaming provisions are points of contention, but the fate of the bill as a whole is nevertheless very important to the those in the interactive space. The worry, of course, is that concerns about mega-casinos turning England into a nation of gambling addicts will derail the bill, which among many things, provides a framework for regulating online casinos. But despite opposition to the bill within the House of Commons, the prevailing thought among those close to the legislative process is that the bill will go through next year. MP John Greenway, who chaired Parliament's joint scrutiny committee assigned to assess the Gambling Bill, spoke to that in Sitges during Tuesday's morning session. Greenway acknowledged, "The bill is in some trouble and is threatened unless this can be resolved," but added that he expects Parliament to iron out the wrinkles. His forecast is for the bill to be out of the Commons by Christmas, through the Lords by Easter and slotted for Royal Assent by the election, which will probably come in May. He cautioned that the opportunity to pass the bill could be lost for a few years if there's an early election, but an election before May 5, he said, is very unlikely. "You have nothing to fear and much to gain about what the future holds," he concluded.

Greenway also provided a glimpse into the coming evolution of I-gaming policy in the United Kingdom, specifically how some of the technical issues will be tackled. Gaming software, he said, will be subject to regulations, but other technical aspects of delivering I-gaming services--such as age verification and customer identification--will be handled in codes of practice rather than statuary requirements.

Greenway was coupled on a panel with gaming attorney Tony Coles, who echoed Greenway's sentiments on the outlook for the bill "There will be a Gambling Act of 2005," Coles said. He added, however, that many details need to be worked out, one of which is the absence of language referring to poker.

Getting back to the "problem" at hand for a moment, is all the fuss about England becoming Las Vegas East much ado about nothing? I talked to a number of people throughout the week who are very familiar with the U.K. casino industry, and they all seem to be scratching their heads over why there's been such a panic. None of them see a demand for Las Vegas-style casinos in England outside of major cities, so the concept of mega-casinos poisoning small towns appears to be a bit far-fetched. It looks like the "Field of Dreams" scenario just isn't happening.

An Apparent Denial of Denial of Denial of Service Attacks

Has the DDOS "tax" become a way of life for I-gaming operators? The final session of the conference addressed this question, and you don't want to know the answer. The session, a roundtable discussion among security experts, was quite informative and equally--if not more--disturbing. The bottom line is that DDOS attacks are here to stay and the biggest problem is that it costs less to pay off the hackers than it does to secure a site from attacks. The panelists explained that zombie networks are available to anyone who wants to use them, meaning that aspiring extortionists can do their dirty work with very little effort. It also means that competition is driving the going rate for "protection" down, making defense mechanisms less sensible economically. Proliferation has led to new trends, such as spam threats and protection from other attackers. Most disturbing is the notion, as confirmed by the panelists, that operators are beginning to pay hackers to bombard their competitors.

The problem is spreading too. Other industry sectors are beginning to come under attack as well, with recent efforts focusing on the payment sector. Marino Zini, a panelist from Globix UK, believes that retail sites could be next.

And what about solutions? One might expect government cooperation to go a long way in curbing DDOS attacks, but as Zini pointed out, "Don't expect much." While the recent bust orchestrated by British and Russian authorities was a big plus for the industry, governments, Zini said, simply aren't equipped to handle the problem on an ongoing basis. A viable alternative, suggested fellow panelist Siegfried Stepke of Green Gate Labs, would be to hire private security people to investigate attacks (which was ultimately how the UK/Russia bust was made possible).

So all this grim DDOS talk got me thinking. . . Why not go on the offensive? Can these zombie networks giving DDOS capabilities to any hack looking to make a few easy bucks be infiltrated? We've heard stories about record companies finding ways to wreak havoc within file-sharing networks. Can I-gaming not take this same approach? And are sting operations set up to snare would-be attackers out of the question? Following the session I approached a few people who are much more technically "aware" than me with these ideas and they all seem certain that the perpetrators have protected themselves well from such strategies. . . But still I wonder. . .

That's all for now.

See also:

"From the Editor's Chair - v20.1"

"From the Editor's Chair - v20.2"

Mark Balestra

Mark Balestra is the Managing Director at BolaVerde Media Group. He previously worked at Clarion Gaming and the River City Group where he was the publisher of iGamingNews. He lives in St. Louis, Missouri.