In September last year, a scandal blew up the world of high-stakes, livestreamed poker: In a hand at Las Vegas’ Hustler Live Casino, which broadcast its games on YouTube, a relative novice holding nothing but a jack of clubs and a four of hearts successfully called the bluff of a veteran player. No one could possibly think that poor hand might be good enough to call a bluff, thousands of outraged poker players argued, unless the person holding it had some extra knowledge that her opponent’s hand was even worse—in other words, she must have been cheating.
Three months later, Hustler Live Casino published a postmortem of its investigation into the incident, finding “no credible evidence” of foul play. It also noted that if there were cheating, it was most likely some sort of secret communication between the player and a staff member in the production booth who could see the players’ hands in real time. But when Joseph Tartaro, a researcher and consultant with security firm IOActive, read that report, he zeroed in on one claim in particular—a statement ruling out any possibility that the automated card-shuffling machine used at the table, a device known as the Deckmate, could have been hacked. “The Deckmate shuffling machine is secure and cannot be compromised,” the report read.
To Tartaro, regardless of what happened in the Hustler Live hand, that assertion of the shuffler’s perfect security was an irresistible invitation to prove otherwise. “At that point, it’s a challenge,” Tartaro says. “Let’s look at one of these things and see how realistic it really is to cheat.”
Today, at the Black Hat security conference in Las Vegas, Tartaro and two IOActive colleagues, Enrique Nissim and Ethan Shackelford, will present the results of their ensuing months-long investigation into the Deckmate, the most widely used automated shuffling machine in casinos today. They ultimately found that if someone can plug a small device into a USB port on the most modern version of the Deckmate—known as the Deckmate 2, which they say often sits under a table next to players’ knees, with its USB port exposed—that hacking device could alter the shuffler’s code to fully hijack the machine and invisibly tamper with its shuffling. They found that the Deckmate 2 also has an internal camera designed to ensure that every card is present in the deck, and that they could gain access to that camera to learn the entire order of the deck in real time, sending the results from their small hacking device via Bluetooth to a nearby phone, potentially held by a partner who then could then send coded signals to the cheating player.
In sum, their shuffler hacking technique gives a cheater “100 percent full control,” says Tartaro, who demonstrates IOActive’s findings in the video below. “Basically, it allows us to do more or less whatever we want … We can, for example, just read the constant data from the camera so we can know the deck order, and when that deck goes out into play, we know exactly the hand that everyone is going to have.”
For now, the IOActive researchers say they haven’t yet had time to engineer a technique that would cause the Deckmate to put the deck in the exact order of their choosing—although they’re certain that too would be possible. Regardless, they argue, merely knowing the full card order, rather than changing it, offers an even more practical cheating strategy, one that’s far harder to detect.
Tartaro says the technique could be used to cheat in any number of card games, but that it would be particularly powerful in Texas Hold’em, the popular version of poker played in most casinos, including in the notorious Hustler Live Casino hand. That’s because in Texas Hold’em, knowing the order of a deck would allow someone to predict the exact makeup of everyone’s hand, independent of any decisions they make in the game. Even if a dealer cuts the deck before dealing, as most do in high-stakes casino games, Tartaro says the cheating player would still be able to immediately figure out the order of the cards on the top of the deck and in every player’s hands as soon as the three “flop” cards are exposed—the public-facing, shared cards dealt out at the beginning of a Hold’em hand.
The IOActive team also looked at the earlier model of the Deckmate, known as the Deckmate 1, which has no external USB port and no internal camera. The researchers say that the earlier model, which was the one actually used in the Hustler Live Casino game, could nonetheless still be hacked to cheat in a game if a rogue casino staffer or maintenance person had an opportunity to open the shuffler’s case and access a particular chip that stores its code. In that case, despite the lack of an internal camera, the cheater could still hack the shuffler to reorder cards—or they could simply prevent the Deckmate from shuffling the deck when a dealer picks up everyone’s cards after a hand, giving the cheater information about the location of those previously played cards. “A skilled player with that little bit of an edge would 100 percent clean up,” says Tartaro.