[alexey-salmin]

UPDATE. I think I should also address this:

> if someone was clever enough to synch clocks and narrow to 200k permutations, then I'm not convinced there was actually any harm.

I don't think you understand the situation at all. In Hold'em in the end you see 7 cards: 2 in your hand and 5 on the table. That's 52x51x...x46 = 674B different sequences of open cards.

This means that by the time you see these cards you can know exactly which of the 200k permutations the engine had chosen for this hand. There's only one that precisely matches one of the 674 billions possible open cards combination that you observe.

In fact, by the time you see the flop (2+3 open cards, 311M variants), you know everyone else's cards.

[caminante]

I assume English is your second language.

Nobody's arguing that having a synched clock would NOT make them an advantage player.

You left out the part where I asked for proof anyone had exploited it (harm) and to what significance (how much harm). This actually matters in commercial and practical terms. Otherwise, you're really pressed to claim any real damages.

Meanwhile, and for hopefully the last time, it appears you're holding them to this idealist standard -- similar to an Italian reacting to someone snapping spaghetti noodles in half before throwing them into boiling water.

[alexey-salmin]

You still don't get it.

No need to synchronize the clock. The date alone is enough to guess hands of everyone at the table and turn and river, right after you see the flop.

That's as big of a hole as it can possibly get. That's enough to establish incompetence and/or gross negligence of the authors. Whether the hole was exploited is immaterial to the question.

[caminante]

"the date alone"

?

You're apparently hallucinating articles outside HN.

FTA:

>Simply syncing up their own program to the system clock reduced the possibilities to a mere 200,000 potential decks that the algorithm could generate.

[alexey-salmin]

> For another, the system ties its number generation to the number of seconds that have passed since midnight, resetting once each day, which further limits the possible random values. Only about 86 million arrangements could be generated this way, the Reliable Software Technologies team discovered.

86 million is much less than 300 million possible combinations you can see after flop. This means after the flop you know which exact shuffle was used (with a few statistically unlikely collisions where you may have 2 or 3 options).

[caminante]

Dude, this is so weird, and you continue to act in bad faith.

You need to specify UNIX 'date' as your intent as that phrasing wasn't used in the article.

It's also splitting hairs to say going from 300 million to 80 million is "much less" when that's not even the point of contention. Further to why you're splitting hairs, here's an actual research article [0] where the researchers point out that you needed the synched clock (not just the sysdate) to exploit it with hardware readily available at the time of the exploit, using Pentium 400s.

> That's enough to establish incompetence and/or gross negligence of the authors.

Going back to this claim, I really don't think you know what this term of art means. Ask a legal colleague/friend what they think is the criteria for "gross."

[0] https://web.archive.org/web/20140104095330/http:/www.cigital...

[alexey-salmin]

> You need to specify UNIX 'date' as your intent as that phrasing wasn't used in the article.

No, I didn't mean unix date, I mean literally date.

I can see two interpretations of the phrasing in the article. Either you have 86M shuffles per day (in this case knowing the date would benefit you) or you have 86M shuffles period (in this case even the date isn't necessary, you already have the totality of information). In both cases we can consider the problem of solving the game with 86M shuffles.

Syncing clocks is needed to enumerate all possible shuffles in real time on a 1999 PC, which is what the paper demonstrates. Doing this in realtime for 86M combinations wouldn't have been possible back then. However building a 1 Gb index file and making a HDD lookup in realtime was absolutely possible on very modest 1999 hardware, you can write such a program in a couple of hours.

Knowing the shuffle with three more rounds of betting to go represents a completely broken poker game, not just some minor biases in outcomes.

I have absolutely no idea what hairsplitting you are talking about, let alone bad faith discussions. 86M combinations is such a little number that you can analyse all of them and solve the game even on 1999 hardware. It's a fact, not a matter of opinion or idealistic standards. If you can just kindly acknowledge this fact, no further discussion will be necessary.