By Stephen A. Murphy
May 10, 2010
Cereus Network, which is the home of the popular poker sites UB and
Absolute Poker, was in the middle of a security controversy late last
week when it was discovered that its two major poker sites used weak
encryption methods. A poker tracking site announced on Thursday that it
had hacked Cereus. encryption method and showed how it was possible for
someone to hijack a player's account and see holecards in real time if
that person was also able to hack the user.s Internet connection.
Paul Leggett, the chief operating officer of Tokwiro Enterprises (which
owns both UB and Absolute Poker), issued a statement on Friday morning
acknowledging the security breach and promising to do everything in his
power to fix the problem.
"PTR (Poker Table Ratings) was able to crack our local encryption method
... I would also like to say that I am very embarrassed and upset that
this issue was not caught by our internal staff or through the countless
audits we've been through this year and last year," said Leggett. "We've
invested a great deal of money into all types of security and I am very
shocked that this was not identified by us or the many third party
auditors we've employed. Needless to say we plan to find new security
resources and third parties to help us test this solution and make sure
we provide you with the absolute best security that money can buy."
For someone to have had actually seen another person.s holecards and
utilized that information to cheat, that person would have had to hack
both the site's encryption, as well as the person's individual Internet
access. Both PTR and Cereus Network say that scenario is very unlikely.
Best Selling Security Books and More!
Shop InfoSec News