 One of mankind's most beloved vices is gambling. There's no greater high in life than taking your entire month's paycheck, betting it all on your lucky number in roulette, and then hitting that jackpot. In a matter of seconds, you just became 35 times richer, or in the same number of seconds, you blew it all, and now you've got to try to blow your landlord to avoid becoming homeless. Now, one of the things that makes gambling especially predatory, besides the massive dopamine rush that people get when hitting the jackpot, is the fact that most forms of gambling are rigged in some way. Roulette is one of the more obvious examples because of the zero and double zero roulette slots, which, depending on the rules, might give the house or casino a 5% edge over the participants. As the night goes on, and as nights turn into fortnights, the house will statistically win more often than not, and that is how casinos profit massively in the long run. But there's some people out there that try to find ways to cheat or hack, if you will, various casino games and aspects of the casino environment to try and get an advantage. Card counting is probably the hack that most people know about. Counting cards is really just keeping track of what cards have been dealt to the whole table, and then in your head assign some kind of value to the cards, like aces and face cards might be minus one and two through six or plus one, and then you keep track of that value, and you start betting more and more as the value increases because that value correlates to how likely you are to get dealt some good cards. It's honestly hard to even call card counting cheating because it's really just the natural combination of basic blackjack strategy, probability, and someone having a decent memory. But there's also some more blatant cheats that people have done, like cashing in fake chips or conspiring with a dealer to shuffle the cards in a certain way so that you get dealt some better cards. But technology has been employed in almost every major casino to thwart these kinds of cheating. Casino chips these days have RFID tags embedded in them that acts like a serial number, so the casinos are able to track each and every individual chips, so you can't just take a low value chip and then paint it a different color to look like a high value chip to cash it in anymore. And most casino dealers don't actually shuffle the cards themselves anymore. There's machines that do that. Machines that can be hacked. Whoops! Looks like the casinos went and patched one bug that they had and introduced another. So the most popular automated shuffling machines that are used in Vegas and in most other casinos are called the Deckmate Automated Shuffler. The original unit came out in 2002 but there's a newer model called the Deckmate 2 which is the official shuffler of the World Series of Poker. And you might have seen them in some hiring casinos because a new unit cost over $20,000 and even secondhand refurbished units like this one are going to set you back about 13 grand. Now you're probably thinking what improvements could have possibly been made in Deck Shuffling Technology in the past 20 years to even justify a second iteration of this product? Well in addition to making the new Deckmates shuffle slightly faster than the older models the Deckmate 2 has onboard card recognition that can identify if there's any duplicate cards within the deck and it can even shuffle the cards back into their suited order that they come in when you get a fresh deck of cards from the factory. So the main difference between those two units is that the newer one has some kind of camera inside the machine that tells it what card is what which is really fucking crazy. I mean you could tell that nobody with a true hackers mindset was consulted before the design or even before the manufacturing of this thing. I mean this is even crazier to meme than just letting a human dealer shuffle the cards face up because at least with a human shuffler you can pay them or you can intimidate them enough to keep them from cheating you know to keep them from at least cheating and screwing over the casino. But with a robot you've got no loyalty you can't put any trust in the thing beyond whatever level of trust that you're putting into the hardware and the software that makes up this robot and of course you know the software that is running on these things is absolutely proprietary. There's probably only a handful of deckmate employees in the world who actually understand the internal code that is running on these machines. So your deckmate's software security relies on obscurity. It's pretty much the same logic as a toddler covering their face during a game of peek-a-boo. So we've got onboard cameras that can let us see the cards in real time running software with a security model of trust me bro but maybe maybe the part where you actually get your malware to run on this thing is really hard to pull off. It's probably some kind of embedded system that requires some type of special tools to even open it up and get to it. That's mostly true with the exception of a USB port on the back of the unit next to the power switch. Stick a Raspberry Pi or some other single board computer with a USB interface into that bad boy and you've got yourself an infinite money glitch. You know I'm honestly shocked that this year's Black Hat Security Conference is the first one to have a demonstration of hacking a casino shuffling machine. Finding ways to knock off casinos has been the plot of so many different movies and even real-life crime conspiracies. You know I wouldn't be surprised if someone has actually pulled off a more sophisticated version of this hack in real life because a determined hacker could probably use something like a rubber ducky USB Wi-Fi adapter combo. You know something that's really really small that you probably wouldn't notice being plugged into the back of that USB port instead of a big old Raspberry Pi and you could have that preloaded with malware that is going to compromise the machine and then wirelessly communicate card data back to the hacker in some really stealthy way. Maybe the hacker's going to use the old Frank Reynolds chess master technique to encode that data in binary and then send the card data to a butt plug that's inserted inside of your poker player and actually now that I think about it you could encode the data in octal or even hexadecimal depending on the number of vibration settings on the butt plug and then you could even use free software that's written in rust to power this butt plug so that there's no worries of dangling pointers hanging out of your poker player shorts and nobody is going to hear their butt plug buzzing on a loud casino floor because it's Vegas baby! Half of the people here have their lucky butt plugs in right now. Something like this could let someone clean house at any casino that they can successfully pull off the hack on and as long as you're smart enough to not go too far and get too greedy you know get yourself backed off a bunch of times or just ban from the casino you'll probably be able to get away with it and keep doing it because many of these so-called games officials put absurd levels of trust into these machines. Last September a lot of people suspected that a deckmate hack was responsible for somebody pulling off a very unlikely successful play against a poker pro but after the casino did their investigation they stated that no foul play was done and that the deckmate shuffling machine is secure and cannot be compromised. Now I don't know if the deckmate was hacked in that particular case back in September but I think to say that no deckmate anywhere has ever been hacked or ever could be hacked is absolutely insane especially when compromising a deckmate to basically gives you god mode over the casino it gives you an all-seeing eye over what cards you're being dealt and the hack can be done through a standard USB port and I also learned during my research into these deckmates that some of them get rented out from companies and those ones oftentimes have on-board cellular modems that allow the manufacturer the owner of those machines to track where they are and monitor their usage so with one of those it might actually be possible to remotely compromise the machine without ever laying a hand on it but what I think is even more likely than hackers messing with these machines to line their pockets is the owners of the machines and the owners of these casinos messing with them to line their pockets even further because if a deckmate too can put the cards in their suited order I'm pretty sure it can put them in any order so why wouldn't the casinos rig physical poker or blackjack they already rig the video game versions of those if you play video poker or you know any other machines slot machines and stuff like that it's well known that they're rigged and that they pay out at certain intervals so yeah I think I'm going to put blackjack and poker games when these deckmate machines are involved in the same category as slot machines you'll win when the casino wants you to win sure you can try to count cards you can go with different strategies but at the end of the day you must first make that leap of faith that the casinos who go so far as to remove the clocks from their walls in order to obscure your sense of time and get those gambling addicts to stay there all day long and spend their paychecks you gotta trust that those guys are not actively using their technology to rip you off