Hacking Video Poker Machines

An excerpt from Kevin Mitnick’s “The Art of Intrusion” about some hackers who reversed engineered video poker machines and figured out a flaw in the random number generators which enabled them to beat the house:

We open it up, we take out the ROM, we figure out what processor it is. I had made a decision to get this Japanese machine that looked like a knockoff of one of the big brands. I just figured the engineers might have been working under more pressure, they might have been a little lazy or a little sloppy.

It turned out I was right. They had used a 6809 [chip], similar to a 6502 that you saw in an Apple II or an Atari. It was an
8-bit chip with a 64K memory space. I was an assembly language programmer, so this was familiar.

The machine Alex had chosen was one that had been around for some 10 years. Whenever a casino wants to buy a machine of a new design, the Las Vegas Gaming Commission has to study the programming and make sure it’s designed so the payouts will be fair to the players. Getting a new design approved can be a lengthy process, so casinos tend to hold on to the older machines longer than you would expect. For the team, an older machine seemed likely to have outdated technology, which they hoped might be less sophisticated and easier to attack.

The computer code they downloaded from the chip was in binary form, the string of 1’s and 0’s that is the most basic level of computer instructions. To translate that into a form they could work with, they would first have to do some reverse engineering — a process an engineer or programmer uses to figure out how an existing product is designed; in this case it meant converting from machine language to a form that the guys could understand and work with.

Locked Your Keys In The Car? Get Out Your Cell Phone

Hmmmm, I’ll have to try this.

There has been a rumor going around in one of those dreadful e-mails that your friends and co-workers feel compelled to forward to you all the time. If you lock your keys in your car and you have a remote keyless entry system, you can get outside help to open the car if you have your cell phone with you. Just call someone that has a duplicate key fob that will open your car. Then, hold you cell phone near the door lock and have the person with the key fob call you back. The person with the key fob should then put the key near their phone and push the unlock button. The door should open.

I was skeptical, to say the least, about this rumor, and was about to dismiss it as one more Internet hoax. But I thought I better try it out first. Well, low and behold, it works. I tried it with both GSM and cdma cell phones, and it reliably opens (and relocks) the car.

(via del.icio.us/crankyuser)


Snopes has this as false.
(Thanks Gareth)