"Spy" возможности покер-клиента и системы безопасности рума

bestpokerpro · 29.12.2008, 07:14 TS

Навеяно этими
http://forum.cgm.ru/msg?th=43480&start=0
http://forum.cgm.ru/msg?th=43235&start=0
и другими подобными темами,на 2+2 есть неплохой пост о "шпионских" возможностях покер-клиентов и их системы безопасности,считаю тема будет полезной для всех,так как обычно румы не дают никакой подробной информации о причина блокировки,бана ака,нередко ошибочно закрытых:

"
I am writing this because sites (esp. FTP) say that they cannot tell people they ban why they banned them, because that would result in botters knowing their detection methods. That's nonsense, intelligent botters probably already know this, and an innocent person has a right to defend himself. By making this information public, their argument should no longer hold

A little introduction first: I have a programming background, and in the last few days I have done some research into the poker clients and their security systems, because they know way more about their users than they tell you. The things I will mention are features of Stars and/or FTP, but also of many more poker sites.
———————————————-
———————————————-

Client side security
File scanning, random files that you have open, or not have open.
Process scanning, they periodically request a list of all programs that you have open, can take screenshots of them
Debugger detection, by checking if the debug bit is set. Could also be by checking how long certain instructions take (to find break-points when the debug-bit is overridden), but they probably don't do that
Virtual PC detection, "am I running inside an emulator?"
DLL injection checking, basically looks if another program is reading data from the poker client
Mouse and keyboard input monitoring, they record where you click on the buttons (a (very simple) bot would always click on the same spot)
Mouse and keyboard input checking, to see if it comes from a real keyboard or is artificial
Monitor specific win32 API calls
Changing random pixels/things on the poker table, to make automated reading of the poker table harder
FTP specific: ieSnare, which is spyware that tags your computer with a unique ID (which other programs can see too). "A database matching system, links devices and accounts allowing merchants to identify and flag fraudsters." (between different organizations)
CAPTCHA, stars/party and now even FTP have these, which are the somewhat unreadable characters you have to type in from time to time to verify you are human. (Only done when you're suspected)
————————————————-
————————————————-
Server side security
Session start & finish times, session lengths
Compare stats & actions with those of other players (heuristics)
Compare decisions to those of known bots (mostly known the HULHE ones)
Look at IP-address, if you are related to others
Look at your action frequency in similar spots, if you always do exactly the same you're suspicious
Look at how often two users sit together, for collusion
Look at actual hands you played, one by one
"But why would I be concerned?"
Well obviously because sites (esp FTP) ban people without telling them why, but also because pokersites read your files and open programs, and send information about them back. They can upload your entire documents folder if they find it "suspicious"."

Более подробную информацию для интересующихся можно найти здесь [Зарегистрироваться?] ker-client-1

MagicGog · 29.12.2008, 07:47

Цитата:

Сообщение от bestpokerpro писал пн, 29 декабрь 2008 07:14

Well obviously because sites (esp FTP) ban people without telling them why, but also because pokersites read your files and open programs, and send information about them back. They can upload your entire documents folder if they find it "suspicious".[/b]"

Это как понимать. Могут скопировать себе какие-то файлы с компа ? А если там что-то секретное.

CBR600 · 29.12.2008, 07:51

Цитата:

Сообщение от bestpokerpro писал пн, 29 декабрь 2008 07:14

CAPTCHA, stars/party and now even FTP have these, which are the somewhat unreadable characters you have to type in from time to time to verify you are human. (Only done when you're suspected)

Ага, помню пати присылало такую фигну когда играл по 10 длинных столов

Дикий · 29.12.2008, 10:43

Мне пати такую чушь выслало когда я один турнир играл. Я тогда помню еще охренел нешуточно.

29.12.2008, 07:14 TS	#1 (permalink)
bestpokerpro Энтузиаст Регистрация: 17.10.2006 Сообщений: 348	Навеяно этими http://forum.cgm.ru/msg?th=43480&start=0 http://forum.cgm.ru/msg?th=43235&start=0 и другими подобными темами,на 2+2 есть неплохой пост о "шпионских" возможностях покер-клиентов и их системы безопасности,считаю тема будет полезной для всех,так как обычно румы не дают никакой подробной информации о причина блокировки,бана ака,нередко ошибочно закрытых: " I am writing this because sites (esp. FTP) say that they cannot tell people they ban why they banned them, because that would result in botters knowing their detection methods. That's nonsense, intelligent botters probably already know this, and an innocent person has a right to defend himself. By making this information public, their argument should no longer hold A little introduction first: I have a programming background, and in the last few days I have done some research into the poker clients and their security systems, because they know way more about their users than they tell you. The things I will mention are features of Stars and/or FTP, but also of many more poker sites. ———————————————- ———————————————- Client side security File scanning, random files that you have open, or not have open. Process scanning, they periodically request a list of all programs that you have open, can take screenshots of them Debugger detection, by checking if the debug bit is set. Could also be by checking how long certain instructions take (to find break-points when the debug-bit is overridden), but they probably don't do that Virtual PC detection, "am I running inside an emulator?" DLL injection checking, basically looks if another program is reading data from the poker client Mouse and keyboard input monitoring, they record where you click on the buttons (a (very simple) bot would always click on the same spot) Mouse and keyboard input checking, to see if it comes from a real keyboard or is artificial Monitor specific win32 API calls Changing random pixels/things on the poker table, to make automated reading of the poker table harder FTP specific: ieSnare, which is spyware that tags your computer with a unique ID (which other programs can see too). "A database matching system, links devices and accounts allowing merchants to identify and flag fraudsters." (between different organizations) CAPTCHA, stars/party and now even FTP have these, which are the somewhat unreadable characters you have to type in from time to time to verify you are human. (Only done when you're suspected) ————————————————- ————————————————- Server side security Session start & finish times, session lengths Compare stats & actions with those of other players (heuristics) Compare decisions to those of known bots (mostly known the HULHE ones) Look at IP-address, if you are related to others Look at your action frequency in similar spots, if you always do exactly the same you're suspicious Look at how often two users sit together, for collusion Look at actual hands you played, one by one "But why would I be concerned?" Well obviously because sites (esp FTP) ban people without telling them why, but also because pokersites read your files and open programs, and send information about them back. They can upload your entire documents folder if they find it "suspicious"." Более подробную информацию для интересующихся можно найти здесь [Зарегистрироваться?] ker-client-1
	Facebook Twitter vKontakte Ответить 0

29.12.2008, 10:43	#4 (permalink)
Дикий Увлечённый Регистрация: 23.10.2007 Адрес: Белгород Сообщений: 651	Мне пати такую чушь выслало когда я один турнир играл. Я тогда помню еще охренел нешуточно. __________________ У системы нет сердца, некуда всадить нож.
	Ответить 0

Похожие темы
Тема	Автор	Раздел	Ответов	Последнее сообщение
Путешествия во времени и "маркер безопасности устарел"	Lure	Техническая поддержка форума	7	29.06.2009 22:13
Скотти Нгуен - "лицо" покер-рума Expekt	oksaxa	Новости, статьи, репортажи..	6	26.05.2009 21:13
Как заставить клиента PokerStars не "всплывать"	Stiffberger	Около покерного стола	0	25.10.2006 10:20