Programmers, help fight the UIGEA from the bottom up.

[hallo!]

are you the real tuff fish (sorry to bother) ?

If so, thank you very much for untilting me a lot of times

[freecard4all]

[ QUOTE ]
If so, thank you very much for untilting me a lot of times

[/ QUOTE ]
I also love his video!

Basically when it's running in the background I play like a god. It should be banned as an unfair advantage [img]/images/graemlins/grin.gif[/img] [img]/images/graemlins/grin.gif[/img] [img]/images/graemlins/grin.gif[/img]



(sorry Tuff Fish but that video really rocks! [img]/images/graemlins/wink.gif[/img])

[Tuff_Fish]

Glad I can brighten your days.

Sometimes when I hear myself, I simply cannot believe I actually did all that.

[img]/images/graemlins/tongue.gif[/img]

Tuff

[Tuff_Fish]

After going back and forth a couple of times with one of the ace programmers here at work, (who's hobby is computer security [img]/images/graemlins/wink.gif[/img] ) I now have complete confidence that we can solve the individual server security question. There is a methodology to ensure that the code running any of our individual servers has not been tampered with.

Therefore, if a homegame is running "my" implementation of the open source poker software, the players will know it is safe and that someone has not gotten into it and is now looking at your hole cards. So, if you trust "me" then you will know whatever home game is running "my" software is honest. At least as far as the poker site program is concerned.

"My" software will be running play money games. (your choice of play money rake or not) If and how you handle turning play money games into real money games is left to the individual homegame operators.

Schemes to turn play money into real money is another thing keeping my mind busy. The thing is not to fool the DOJ, it is to do so in a way that they can't do anything about it.

Tuff

[freecard4all]

[ QUOTE ]
if a homegame is running "my" implementation of the open source poker software, the players will know it is safe and that someone has not gotten into it and is now looking at your hole cards.

[/ QUOTE ]
100% wrong.

Post this in the Software Forum I bet there are people capable of reading "your" hole cards if the server is running on their computer (and it does NOT have to be open-source).
Ask them cause they are way better about computers but I assure you you are wrong on this.

[Tuff_Fish]

This IS the software forum...

Tuff

And you are wrong. You won't be able to decompile or modify the software at all, or run a debugger in parallel etc. If you try it, the server won't deal. Plus, your buddies get a message about what you are trying. Next comes the knee breaking.

[Nortonesque]

Turns out someone's already thought about shuffling and dealing without a trusted third party using various encryption schemes:
http://www.nongnu.org/libtmcg/
http://en.wikipedia.org/wiki/Mental_poker

No need to worry about people decompiling the software!

[_dave_]

[ QUOTE ]
Turns out someone's already thought about shuffling and dealing without a trusted third party using various encryption schemes:
http://www.nongnu.org/libtmcg/
http://en.wikipedia.org/wiki/Mental_poker

No need to worry about people decompiling the software!

[/ QUOTE ]

Oh my, FANTASTIC post Nortonesque [img]/images/graemlins/smile.gif[/img]

Going to have to spend some time reading over these!

Tuff:

[ QUOTE ]

You won't be able to decompile or modify the software at all, or run a debugger in parallel etc. If you try it, the server won't deal. Plus, your buddies get a message about what you are trying. Next comes the knee breaking.


[/ QUOTE ]

No.

Nonononononono!

Attempting to prevent people using decompilers etc. is futile, and misguided.

The software must be robust enough that use of a debugger is of no advantage to the user. Security by obscurity =/= security, to trot out an old (but very true) cliche.

[ QUOTE ]

(and it does NOT have to be open-source)


[/ QUOTE ]

But it *should* be, otherwise how would anyone be able to trust it?

[jukofyork]

[ QUOTE ]
[ QUOTE ]
Turns out someone's already thought about shuffling and dealing without a trusted third party using various encryption schemes:
http://www.nongnu.org/libtmcg/
http://en.wikipedia.org/wiki/Mental_poker

No need to worry about people decompiling the software!

[/ QUOTE ]

Oh my, FANTASTIC post Nortonesque [img]/images/graemlins/smile.gif[/img]

[/ QUOTE ]
Great find! [img]/images/graemlins/laugh.gif[/img]

[ QUOTE ]
[ QUOTE ]

You won't be able to decompile or modify the software at all, or run a debugger in parallel etc. If you try it, the server won't deal. Plus, your buddies get a message about what you are trying. Next comes the knee breaking.


[/ QUOTE ]

No.

Nonononononono!

Attempting to prevent people using decompilers etc. is futile, and misguided.

[/ QUOTE ]
Yep, this is a hopeless method of trying to protect stuff. If your friend at work thinks that software can be protected from snoopers, then I'm afraid he's wrong. [img]/images/graemlins/smile.gif[/img]

If he were correct, then he could make himself a billionaire overnight because the same method could be used to protect software from crackers and to this date no such "uncrackable" software exists.

Juk [img]/images/graemlins/smile.gif[/img]

[Phil153]

Tuff,

The software does have to be open source. Unless you're going to pay them out of your non existent poker winnings, the only way this thing will ever get built, improved and maintained is with community collaboration.

Great find on the secure shuffling algorithm. However, there was a list of patents that this code may violate:

[ QUOTE ]
Here we list known patents which are related to used techniques or provided
functionalities of this software. We stress that in some countries the usage
of LibTMCG may violate the claims of these patents and thus is prohibited
by law. However, I am not a lawyer ...

* EP0384475 (1990-08-29, SCHNORR CLAUS PETER)
Method for subscriber identification and for the generation and verification
of electronic signatures in a data exchange system

* US4995082 (1991-02-19, SCHNORR CLAUS P)
Method for subscriber identification and for the generation and verification
of electronic signatures in a data exchange system

* JP3001629 (1991-01-08, KURAUSU PEETAA SHIYUNORU)
METHOD FOR GENERATING AND CONFIRMING MUTUAL IDENTIFICATION AND SIGNATURE
OF SUBSCRIBER IN DATA EXCHANGE SYSTEM

* US6077161 (2000-06-20, WISLER JAMES M)
Multiplayer card games having card plays to foundations

* WO0173694 (2001-10-04, NEFF C ANDREW, VOTEHERE INC)
VERIFIABLE, SECRET SHUFFLES OF ENCRYPTED DATA, SUCH AS ELGAMAL ENCRYPTED
DATA FOR SECURE MULTI-AUTHORITY ELECTIONS

* US2002007457 (2002-01-17, NEFF C ANDREW)
Verifiable, secret shuffles of encrypted data, such as elgamal encrypted
data for secure multi-authority elections

* WO02056230 (2002-07-18, NEFF C ANDREW et al., VOTEHERE INC)
ELECTRONIC VOTING SYSTEM

* US2002078358 (2002-06-20, NEFF C ANDREW et al.)
Electronic voting system

* US2002103029 (2002-08-01, FINLAYSON SCOTT; MULCAHY STEPHEN; LOW MICHAEL)
Multiplayer gaming

* EP1259024 (2002-11-20, FURUKAWA JUN, NIPPON ELECTRIC CO)
Certified shuffle-decrypting system, certified shuffle-decrypting method
and certified shuffle-decryption verifying method

* JP2002344445 (2002-11-29, FURUKAWA JUN, NIPPON ELECTRIC CO)
SHUFFLE-DECODING SYSTEM WITH CERTIFICATION AND METHOD THEREFOR, AND
SHUFFLE DECODING VERIFICATION METHOD

* US2002181702 (2002-12-05, FURUKAWA JUN, NIPPON ELECTRIC CO)
Certified shuffle-decrypting system, certified shuffle-decrypting method
and certified shuffle-decryption verifying method

* BE1014397 (2003-10-07, LAUREYSSENS DIRK)
Online card game, played using physical or virtual cards via e.g.
computer, hand held device or television

* US2005028009 (2005-02-03, NEFF C ANDREW, VOTEHERE INC)
Verifiable secret shuffles and their application to electronic voting

* WO2005093671 (2005-10-06, SALOMONSEN GORM, GROTH JENS, CRYPTOMATHIC AS)
ELECTRONIC VOTING SYSTEMS

? Electronic Card Games in general:
http://v3.espacenet.com/results?sf=a&amp...p;=&=&=

? Secret Electronic Voting in general:
http://v3.espacenet.com/results?sf=a&amp...p;=&=&=

Finally, I want to say I am disappointed but I have not lost either hope.

[/ QUOTE ]