Absolute Poker bestätigt offiziell: Betrug durch Sicherheitslücke!!!

    • mcashraf
      mcashraf
      Bronze
      Dabei seit: 18.08.2006 Beiträge: 12.384
      Ich denke, das ist einen neuen Thread wert:

      October 21, 2007

      Dear AP Player:

      I am the former Grand Chief of the Mohawk Territory of Kahnawake and the owner of Tokwiro Enterprises ENRG, which holds a 100% interest in Absolute Poker.

      As many of our players are aware, there has been a security breach in our system that allowed unlawful access to player information that resulted in unfair play. I am writing to you today to let you know what we know so far in order to set the record straight, and to assure you of AP’s commitment to player security. I am sure that this letter will not address all of the questions and concerns you may have, nor will it extinguish the heated discussion surrounding this issue. At this point, our intention is to let you know all we can disclose and to assure you of our continued efforts to keep you informed as best we can as the investigations continue.

      We deeply regret this situation has occurred. A breach in security in online poker is serious and of great concern to players and the industry worldwide, and this particular situation has been the subject of debate within the poker player community and in the media, giving rise to the creation of several websites and hundreds and hundreds of comments, opinions, and theories of what occurred – some of which are accurate, and some that are not.

      Like you, I have not been happy that during the initial stage of our investigation, AP has not been more forthcoming in providing a timely or comprehensive explanation on this matter, giving rise to anger, suspicion, and concern on the part of our valued customers. I hope that our customers can appreciate that this remains an incredibly complex and sensitive issue, and I want to give you my strongest possible assurance that we will be as forthcoming as possible on how this breach occurred and what we are doing to remedy the situation.

      What We Know and Actions We Have Taken

      AP was notified by a customer that a possible cheating incident occurred during a recent tournament, and in response forwarded players’ hand logs. This disclosure of the hand logs prompted our customers to determine that a more serious security breach had occurred. We immediately launched an internal investigation and also requested a formal audit by Gaming Associates, an acknowledged world-wide expert in audits, interactive gaming tests, and information security.

      Based upon our preliminary findings, it appears that the integrity of our poker system was compromised by a high-ranking trusted consultant employed by AP whose position gave him extraordinary access to certain security systems. As has been speculated in several online forums, this consultant devised a sophisticated scheme to manipulate internal systems to access third-party computers and accounts to view hole cards of other customers during play without their knowledge. As this consultant was aware of the details of our fraud detection process, the likelihood that the scheme would be uncovered through our normal procedures was minimized. We consider this security breach to be a horrendous and inexcusable offense.

      We will pay for all losses suffered by the affected players as soon as our audit is finished and the amounts are determined. Although we are in the process of attempting to recover all the winnings of this consultant, any unrecovered losses of affected players will be paid by Absolute Poker so that all affected persons will be made whole.

      Next Steps

      We are still investigating whether the consultant was acting alone or in concert with others, and it appears at this time that all account holders are innocent of collusion and were unaware of any wrong-doing by the consultant, who was immediately terminated. We continue to investigate this matter aggressively, and all of these preliminary findings are subject to the audits currently underway. We have recently uncovered additional accounts used by the consultant that have not been publicly reported. So as to not compromise the investigation, we are not releasing the names of these additional accounts at this time, and will contact these affected customers individually.

      The specific allegations of unlawful activity are being investigated both by AP and by the authorized authorities, including the Kahnawake Gaming Commission. We will continue to actively cooperate with these authorities in full compliance with the Regulations Concerning Interactive Gaming. In addition to our own investigation and the audit by Gaming Associates, we have also submitted to an audit by the Kahnawake Gaming Commission.

      Please be assured that we have corrected the problem that allowed the system to be unfairly manipulated. We are working furiously to increase the safeguards within our systems. While we are satisfied that our systems are secured, we realize that our security systems must be continuously monitored and enhanced.

      Without question, this incident has been unfortunate for all concerned, and we will emerge as a stronger company. I realize it will take some time and much more information for AP to re-earn the trust and confidence of our customers who are in doubt of our commitment to the highest levels of security, privacy and integrity. As we move to address and correct this situation, our valued customers have played a vital role in uncovering this scheme through various online forums and have become an active part of the solution.

      With my full sincerity, I thank you, and I promise to keep you updated as we bring this situation to a close.

      Sincerely,

      Joe Norton
  • 68 Antworten
    • Merlinius
      Merlinius
      Silber
      Dabei seit: 30.06.2006 Beiträge: 3.520
      Klingt wie das, was jeder schreiben würde, nachdem die Strategie des Totschweigens dieser Angelegenheit gescheitert ist.
    • Behre
      Behre
      Bronze
      Dabei seit: 21.01.2005 Beiträge: 1.463
      Original von mcashraf
      AP was notified by a customer that a possible cheating incident occurred during a recent tournament, and in response forwarded players’ hand logs. This disclosure of the hand logs prompted our customers to determine that a more serious security breach had occurred. We immediately launched an internal investigation...
      lol
    • dbelling
      dbelling
      Bronze
      Dabei seit: 16.02.2006 Beiträge: 311
      absolute poker ist wohl total verzweifelt und haut mittlerweile auch free unrestricted money boni raus.

      müsste man jetzt ganz gut whoren können.
      allerdings bei absolute natürlich in zukunft höchste skepsis angebracht!
    • GRAZ1
      GRAZ1
      Bronze
      Dabei seit: 04.01.2007 Beiträge: 57
      richtig
      habe in denn letzten 3 wochen 2x 10$ Gratis boni bekommen
    • Faustfan
      Faustfan
      Bronze
      Dabei seit: 19.04.2005 Beiträge: 9.491
      Original von Merlinius
      Klingt wie das, was jeder schreiben würde, nachdem die Strategie des Totschweigens dieser Angelegenheit gescheitert ist.
      sie schweigen es immer noch tot. in dem text steht im endeffekt gar nichts.
    • CorPOK
      CorPOK
      Bronze
      Dabei seit: 24.03.2007 Beiträge: 501
      Original von Faustfan
      Original von Merlinius
      Klingt wie das, was jeder schreiben würde, nachdem die Strategie des Totschweigens dieser Angelegenheit gescheitert ist.
      sie schweigen es immer noch tot. in dem text steht im endeffekt gar nichts.
      also ich sehe das als einen riesigen fortschritt. sie nehmen in diesem text tatsächlich die schuld auf sich u bestätigen eine sicherheitslücke. natürlich ist es für den kunden nach wie vor schwer verzeihlich, dass dies erst nach längerer zeit, etlichen leugnungen u massivem druck der online-community geschehen ist. nicht desto trotz haben sie nun den richtigen weg gewählt u zumindest bei mir etwas vertrauen zurück gewonnen....
    • MrFister
      MrFister
      Bronze
      Dabei seit: 10.10.2006 Beiträge: 4.683
      Original von CorPOK
      also ich sehe das als einen riesigen fortschritt. sie nehmen in diesem text tatsächlich die schuld auf sich u bestätigen eine sicherheitslücke. natürlich ist es für den kunden nach wie vor schwer verzeihlich, dass dies erst nach längerer zeit, etlichen leugnungen u massivem druck der online-community geschehen ist. nicht desto trotz haben sie nun den richtigen weg gewählt u zumindest bei mir etwas vertrauen zurück gewonnen....
      sedhe ich ähnlich! ich verstehe die unbegründeten aussagen der anderen auch wirklich nicht... wenn die sofort nach erhalt der ersten anzeichen ein großes trara veranstaltet hätten, wäre der betrüger mit höchster wahrscheinlichkeit davon gekommen!
      das ist eine völlig normaler taktik von denen, so wie sie in politik, polizeilichen ermittlungen ect... ganz genauso angewendet wird
    • GanjaFarmer
      GanjaFarmer
      Bronze
      Dabei seit: 10.02.2006 Beiträge: 395
      Super und ich hab gestern wieder eingezahlt!
    • dhw86
      dhw86
      Bronze
      Dabei seit: 07.12.2006 Beiträge: 12.263
      tl;dr
    • Faustfan
      Faustfan
      Bronze
      Dabei seit: 19.04.2005 Beiträge: 9.491
      lest euch den text mal genau durch. sie schreiben, daß ein angestellter dritte computer "gehacked" hat und so zugriff auf die karten bekommen hat. sie bestreiten den super-user account und daß das managent von AP davon gewußt hat und es versucht hat zu vertuschen.

      sie geben nur zu, was längst jeder weiß und beweisen kann. alles andere verschweigen sie immer noch.
    • Bliss86
      Bliss86
      Bronze
      Dabei seit: 03.08.2006 Beiträge: 5.562
      Dan Druff @ 2+2

      Oh, and don't believe this BS about third-party software. This is a carefully crafted lie to make it appear that their normally-secure system was cracked by a techincally gifted insider with knowledge on how to do it.

      That's not what happened.

      A superuser account (most likely #363, perhaps others) was created a long time ago -- before AP even opened -- for testing purposes. Instead of disabling it like any responsible company would do, Scott Tom the meglomaniac decided he wanted it to remain open so he could have access to it. This account was eventually used during the scandal, and perhaps at other times beforehand. This was obviously the most blatant and high-profile usage of it, which led to the public discovering it.

      This is the simplest explanation, and it's the one that both makes the most sense and corresponds properly with the evidence we have.

      AJ Green is not a programmer. Scott Tom is not a programmer. I guarantee you that none of these frat boys are technically competent enough to compromise the system on their own -- even with insider knowledge. This was definitely done through the use of a simple interface that was designed a long time ago.

      The reason AP is lying about this is because their current story rests the blame on the shoulders of one "consultant", rather than the entire management of AP for letting a superuser account exist on the system for over 3 years. It also allows them to continue to stand by their earlier repeated denials of a superuser account existing. This tall tale allows them to claim they never knew this sort of thing was possible.
    • Pokerhondas
      Pokerhondas
      Bronze
      Dabei seit: 20.07.2007 Beiträge: 3.439
      Original von Bliss86
      Dan Druff @ 2+2

      Oh, and don't believe this BS about third-party software. This is a carefully crafted lie to make it appear that their normally-secure system was cracked by a techincally gifted insider with knowledge on how to do it.

      That's not what happened.

      A superuser account (most likely #363, perhaps others) was created a long time ago -- before AP even opened -- for testing purposes. Instead of disabling it like any responsible company would do, Scott Tom the meglomaniac decided he wanted it to remain open so he could have access to it. This account was eventually used during the scandal, and perhaps at other times beforehand. This was obviously the most blatant and high-profile usage of it, which led to the public discovering it.

      This is the simplest explanation, and it's the one that both makes the most sense and corresponds properly with the evidence we have.

      AJ Green is not a programmer. Scott Tom is not a programmer. I guarantee you that none of these frat boys are technically competent enough to compromise the system on their own -- even with insider knowledge. This was definitely done through the use of a simple interface that was designed a long time ago.

      The reason AP is lying about this is because their current story rests the blame on the shoulders of one "consultant", rather than the entire management of AP for letting a superuser account exist on the system for over 3 years. It also allows them to continue to stand by their earlier repeated denials of a superuser account existing. This tall tale allows them to claim they never knew this sort of thing was possible.

      QFT, hört sich zumindest wahrscheinlicher und glaubwürdiger an, als die Story von AP
    • MrFister
      MrFister
      Bronze
      Dabei seit: 10.10.2006 Beiträge: 4.683
      irgendetwas vorhanden was diese behauptung von dan druff untermauert?
    • Burnover
      Burnover
      Bronze
      Dabei seit: 25.09.2007 Beiträge: 12
      Die Entscheidene Frage hierbei ist für mich:
      Werden die vom Betrug betroffenen entschädigt oder nicht?
      Es erfordert natürlich Mühe, alle Spiele die rigged sind,in den logs nachzuforschen,wäre aber das mindeste, was ich von Absolute Poker
      erwarte!
      Kurz gesagt.Spieler werden unaufgefordert entschädigt,die Sicherheitslücke dicht gemacht,nur so wird dieser Pokerraum für mich wieder akzeptabel!

      Gruss
      Burnover
    • Thomas6409
      Thomas6409
      Black
      Dabei seit: 12.07.2006 Beiträge: 6.102
      Original von MrFister
      irgendetwas vorhanden was diese behauptung von dan druff untermauert?
      jede Menge, das ist nur die logische Schlussfolgerung aus allen Fakten, die über den Fall bekannt sind.
    • MalagaNt
      MalagaNt
      Bronze
      Dabei seit: 10.04.2006 Beiträge: 3.275
      Quelle?
    • DasWiesel
      DasWiesel
      Bronze
      Dabei seit: 30.06.2005 Beiträge: 1.185
      the consultant, who was immediately terminated
      Das sind ja Methoden oO
    • KornsOmi
      KornsOmi
      Global
      Dabei seit: 03.08.2007 Beiträge: 583
      Auf dem Papier wird ein kleiner Fisch geschlachtet.
      Wen interessiert schon die "Kahnawake Gaming Commission", was ist mit Strafverfolgung wegen Betrugs durch die Behörden?
      Schwache Leistung von AP. X(
    • Faustfan
      Faustfan
      Bronze
      Dabei seit: 19.04.2005 Beiträge: 9.491
      Original von MalagaNt
      Quelle?
      ungefähr 500 seiten auf 2+2