【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

  • A+
所属分类:扑克新闻
摘要

Report — Bovada.lv 2015 — Online Poker In DangerReport — Bovada.lv 2015 — Online Poker In Danger

PokerStars亚洲版(6UPDH.COM)全球最大德州扑克平台。发牌公正,与世界玩家同台竞技

大发扑克|dafapoker|大发在线德州扑克|大发德州扑克策略网站——大发游戏导航(dfyxdh.com)

迈博myball最新网站|迈博体育官网|最好玩的体育直播观看平台——迈博体育导航(mbo388.com)

Report — Bovada.lv 2015 — Online Poker In Danger

今天看到了这篇文章,作者是Data Mine Poker,原文刊载于Medium上。

后文主要是我对于文章内容的分析,并夹杂着一些我的看法。


这篇文章对于时下在美国境内兴起的网络扑克室做了一个安全性分析。

乍一看是所谓的学术性报告,然而待我查看了具体内容之后,发现情况并非如此。因此,我这两天晚上细看了几遍,并试着翻译一些部分,给大家分享。

如果有翻译或者理解错误的地方,纯属译者水平问题。欢迎各位提出,我会积极改正。


Reasons For This Report

先说撰写这篇报告的原因(Reasons For This Report)。这个报告是投标用的私人合同的一部分*。他们(报告作者)从技术细节入手,想要了解清楚在线扑克的现状。

*剩余的部分在第二篇里会出现(Following this initial public circulation report, a secondary full length report will be released on a case by case basis for private use. The secondary report will include full software sources, data access, and image/video evidence collected throughout the testing phases.)

众所周知,判断技术细节的考察指标无非是安全性,合法性和公平性(security, legality, and fairness)。考察这些技术,其实也是为2016年第二季度的计划做准备。

赌博在全世界都有着广泛的市场,美国当然包括在内。因为有利可图,所以会有相关的利益集团,想方设法地采取各种各样的手段,使自身合法化,占有市场以谋取利益。其中,有两家大公司Draft Kings 和 FanDuel(估值已经超过$1 billion),他们当然也想分一杯羹。

【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

As Listed Byhttp://www.trustedpokersites.com/us/

美国现在三大扑克室有Bovada Poker,BetOnline Poker和Carbon Poker。其中的Bovada扑克室已经拿到了合法经营的资质,而且非常全。这一点在全美只有很少公司能够做到。然而,现在特拉华州和内华达州(Delaware and Nevada)要求博彩公司交税。税额巨大,Bovada当然不干,于是在这些地方的人们被限制使用了。而且,很有可能越来越多的州政府会要求博彩公司交税。

【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

Courtesy ofhttps://en.wikipedia.org/wiki/Bodog

博狗的背景大家可以自己看,不翻译了。Bovada是Bodog在北美的公司,关键点在于,Bovada Poker并没为设立在美国境内,而且使用的博彩软件没有经过内华达州博彩委员会或者相关的赌博管控机构的认证。

所以,测试团队就认为是有安全风险的。( Bovada’s poker room software may have potential security risks……)

于是,这个软件就被该团队拿来做测试了。

OK,说完原因,我们再看可能存在风险的地方在哪:

1.可能被流氓雇员*(rogue employee(s))或者黑客团体(hack group)利用(随机数生成器和洗牌算法)

*流氓雇员就是指盗取公司用户数据并出售的人(This should mean "an employee who betrays the service-provider company" by selling customer details.)

*绝对扑克(absolute poker)的那次作弊事件,据该公司声明就是因为一名公司职员侵入了内部系统,可以看到其他玩家手中的牌,才会有这个后果。

2.Bovada故意利用自己的软件漏洞来窃取大量用户的钱。

*在这一点上,可能会发生与绝对扑克和UB类似的情况(This could be related to a similar situation that happened to Absolute Poker and Ultimate Bet between 2005 and 2008),以上请参见 Absolute Poker和Ultimate Bet黑历史

于是,打伙牌 和 机器人 这两种作弊的方式被认为出现频率会很高。


首先是免责声明(Disclaimer)

All reasoning is based off of statistical models, Monte Carlo simulations, and basic data science principles. Due to this style of reasoning, it is possible that results may vary player to player to an unknown degree. However, based on the same reasoning, out of the ordinary occurrences can still be classified as statistical anomalies.

这一段说了和没说差不多。

在后文的背景(background)中,也提到

The team behind this research is comprised of:

1 data scientist (15+ years professional experience)

1 gambling software developer (helped build one of the largest online gambling software systems available)

1 software engineers (5+ years of professional experience each)

1 mathematician (PhD in Statistics)

这个团队有专业的数据科学家,赌博软件的程序开发者,软件工程师,数学统计学的博士。

总之就是着重强调他们有着深厚的学术背景和丰富的工作经验。


插一句,之所以要测试Bovada,是因为有很多人反映在博狗打牌经常被BB,特别是在有大量的赔率优势的情况下,被反超、河杀。这一点也不正常。

因此,Bovada被很多人怀疑是存在不公平行为(unfair)

在后面的分析中,测试团队也从安全性入手,希望能够暴露出Bovada的安全漏洞所在。


统计的数据着重于分析以下几个方面:

The different hand types analyzed include:

Bad Beat - described above.

Super Bad Beat — a player has over a 99% percent chance of winning a hand and loses to community turn cards. Usually the result of a player hitting 2 specific cards in a row.

Multi Big Hand - a hand when multiple players at the table end up having a very high ranking hand such as a straight, flush, full house, straight flush, or royal flush.

Oddball Win - a player over plays a low ranking starting hand and wins against a very high ranking starting hand.

BB,Super BB,Multi Big Hand,Oddball Win等等 这些是德扑的基本术语,不解释了。而且原文也有释义。

记录的具体数据信息为:

This data includes details that could define a single user such as:

Timing on actions — the average time it takes for a user to take an action when it becomes their turn.

Non uniform bet amounts — some users have a specific betting strategy during certain hand types. Sometimes, the amounts are awkward in comparison to the table blinds.

EV % — the percentage of hands that a player decides to place money in to the pot (calls, raises), not including being forced to place blinds.

Bluff % — the percentage of completed hands that the user attempts to bluff on.

Win % vs. Play % — the percentage of complete hands the user wins compared to the percentage of hands the user plays through completely.

Multiple smaller comparisons. Sit out times, changes in bet styles, tilt timing, etc.

动作行为的时间,非均匀的下注金额,EV值,Bluff百分比,胜数和局数的比较等等,也都是基础术语,不翻译了。


Data Collection — Development (开始想办法采集数据了)

想要进行数据分析,最开始的一部就是采集数据。经过分析得出,Bovada Poker的Mac端和Windows端还是比较安全的,想要从上面采集数据比较复杂。于是转向了移动网页版(Mobile Web (JavaScript) application),也就是手机端的研究。

通过对于Poker.js文件的分析,顺利地发现其运转机制。具体机制不提,总之最后找到了一种方法,使团队能够拿到完整的手牌数据。

然而这里,译者需要提醒大家注意一点,这里的数据并不包括每位玩家的手牌的数据,仅仅是游戏过程中产生的数据。(这意味着玩家的手牌只有show down时才能被记录下来)尽管博狗是匿名桌,测试团队使用的方法还是能给每位玩家对上号的。


Data Collection — Initial Results 初步结果

After almost a year of data collection, over 20 million hands were collected and stored in a central database.Within these hands, over 1.4 million separate intra table players were recorded (meaning if a person takes a seat at a table, they are counted as a single player, until they leave the table).

【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

Current Inspection MySQL Database of Recorded Handed

模拟的手牌数和玩家还真多,有大概140万玩家,2亿手牌,124.2百万手操作。真实数目会少些,不过就是想表现出数据量很大而已。

注意一点:

Once this development was complete, our team started setting up a stream on every poker table available, monitoring them for inaccuracies or problematic reporting and building analysis systems from the data collected.

团队想要以此说明这些数据都是“真实可信"的,是直接采集的元数据。

The system used for user behavior analysis was a time window, play style algorithm. Based on a set of multiple characteristics (aggression level, percentage of hands played, win percentage, etc), a user can be classified as a specific type of player over a statistically significant number of hands (a time window). By judging play style over every set number of hands (every window), it becomes easy to find large changes in play style that occur quickly (adjacent windows).

主要着重于分析用户的打牌风格,并根据它来分类。并采用了时下最流行的Machine Learning技术来预测该玩家是不是也在别的桌子上玩。

【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

List of common poker player styles, provided by our friends at iHoldem Indicator.http://www.iholdemindicator.com/features.html

分类标准参照如上。


Data Collection — Analysis 开始数据分析了

分析的结果是:

1.很难通过分析玩家打牌的风格辨别出可疑行为【和作弊者使用full hand data*的方法相似,请参阅Ultimate Bet/Absolute Poker的作弊丑闻】

*这里full hand data就是字面意思,所有玩家的手牌数据

【6upoker】从分析一篇报告说起(Report — Bovada.lv 2015 — Online Poker In Danger)【上】

Video from past Absolute Poker Cheating Scandal.https://www.youtube.com/watch?v=PbQyKgELDEA

2.设定了两个测量指标(metrics)判断你是否是super user(超级用户)

第一个是连续100手牌里,赢了多少个大盲。(The first metric is the number of Big Blinds won over 100 consecutive hands.) 一般来说,一个职业扑克手,平均水平是8到10个大盲每100手牌。

第二个是河牌侵略性。(The second metric used is the level of River Aggression.)这个也可参考下Absolute Poker作弊事件的细节。简单来说,就是作弊的玩家在河牌上打得很有侵略性,要么bet要么fold,从来不call。

测试结果表明Bovada并未出现AB Poker那种问题。

不过,测试团队随后又在极端情况下测试了一下(Edge casing),同样也是通过计算百手大盲数盈利来判断。

*Edge case是计算机术语,在软件工程领域中,在极端情况下测试也常常是发现/制造系统后门的手段(Edge casing is commonly used by exploiters and encryption developers to find/make back doors in to an encrypted system.)

这里要声明一个问题,Edge case是可以被人利用的。

The random number generator is one of the most crucial pieces of an online poker room, so it is guaranteed that a group of expert level programmers and mathematicians would scan the source code with a fine tuned comb to verify its fairness. Any individual with a substantial background in encryption and advanced mathematical algorithm theory would be capable of both creating an edge case scenario as well as finding hidden edge case algorithms.

文中举出了Ronald Harris的例子。这个人曾经在一个软件公司工作,为Atlantic City Casino Keno games编写和测试程序。他写了一个特殊的算法,能每隔几个星期,产生一个可以预测的比赛。这意味着,作为写这段程序的程序员而言,他早就知道了结果。于是他利用这点为他赢得了大奖。不过他最终在派他朋友领奖金时被逮住。

6UP-德扑第一平台&PokerStars亚洲唯一合作伙伴,新会员首存100送50元.

蜗牛扑克官方网址:www.allnew366.com

天龙扑克官方网址:www.tianlongqipai.com

神扑克(Shenpoker)导航:http://www.spkdh.com

6UP扑克之星官网发布页:www.6updh.com

以上文章来源于网络,由6up扑克之星中文网整理发布

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: