Predicting a Slot Machine's PRNG

Wired is reporting on a new slot machine hack. A Russian group has reverse-engineered a particular brand of slot machine -- from Austrian company Novomatic -- and can simulate and predict the pseudo-random number generator.

The cell phones from Pechanga, combined with intelligence from investigations in Missouri and Europe, revealed key details. According to Willy Allison, a Las Vegas­-based casino security consultant who has been tracking the Russian scam for years, the operatives use their phones to record about two dozen spins on a game they aim to cheat. They upload that footage to a technical staff in St. Petersburg, who analyze the video and calculate the machine's pattern based on what they know about the model's pseudorandom number generator. Finally, the St. Petersburg team transmits a list of timing markers to a custom app on the operative's phone; those markers cause the handset to vibrate roughly 0.25 seconds before the operative should press the spin button.

"The normal reaction time for a human is about a quarter of a second, which is why they do that," says Allison, who is also the founder of the annual World Game Protection Conference. The timed spins are not always successful, but they result in far more payouts than a machine normally awards: Individual scammers typically win more than $10,000 per day. (Allison notes that those operatives try to keep their winnings on each machine to less than $1,000, to avoid arousing suspicion.) A four-person team working multiple casinos can earn upwards of $250,000 in a single week.

The easy solution is to use a random-number generator that accepts local entropy, like Fortuna. But there's probably no way to easily reprogram those old machines.

Posted on February 8, 2017 at 6:48 AM • 28 Comments

Comments

WmFebruary 8, 2017 7:22 AM

Having lived in Las Vegas in the 80's for a few years, and hearing and reading about how the casinos have cheated people out of money for decades, this kind of story only gives me delightful thoughts of karma! They like to say in Las Vegas (concerning tips), 'what goes around, comes around'. It seems to apply to greedy casinos also.

Casinos are so greedy that they will suddenly increase the minimum bet on a crap or roulette table upon seeing that the players are having a long run of luck. This is done to run the players off the table because they know they will not be able to afford the higher bets.

They will also escort big winners to the cashier's window to involuntarily cash out and then escort them to the door, usually telling them to never return - also known as being 86ed.

Slime Mold with MustardFebruary 8, 2017 8:04 AM

I have only been in one casino in the last decade, but every machine had a plaque "Use of cell phones prohibited during play".

Phillip ReedFebruary 8, 2017 8:07 AM

...every machine had a plaque "Use of cell phones prohibited during play"...

Low-profile Google Glasses.

Clive RobinsonFebruary 8, 2017 8:28 AM

@ Moderator,

I suspect the first comment on this page from "Layla Davis" is unsolicited advertising for a thesis writting service.

Clive RobinsonFebruary 8, 2017 8:43 AM

@ Bruce,

The easy solution is to use a random-number generator that accepts local entropy, like Fortuna.

That may not be possible due to the way the legislation and gaming rules are written in various jurisdictions. In essence they require a determanistic process so that payout rates etc are met with.

So In a turn around of the usuall John von Neumann saying

    Anyone who attempts to generate random numbers by a non deterministic means is, of course, living in a state of sin.
:-)

BrianFebruary 8, 2017 9:46 AM

The case of John Kane and Andre Nestor successfully cheating makes for interesting reading. It's possible that the courts won't consider successfully predicting the RNG to be illegal.

M. WelinderFebruary 8, 2017 11:55 AM

What's the crime here? (To the law, that is. To the casinos it's winning, of course.)

Is it just the use of a device while playing?

TatütataFebruary 8, 2017 2:03 PM

Even if the authorities prescribe the PRNG, why couldn't it still be stepped with genuine physical randomness with a slow variation in time?

Lawrence D’OliveiroFebruary 8, 2017 2:31 PM

What kind of game is it where any attempt to improve the odds in your favour is considered “cheating”?

A mug’s game.

JeremyFebruary 8, 2017 2:35 PM

The article repeatedly describes this as a "scam." But the term "scam" normally refers to swindling someone through deception. Who is being deceived? The slot machine? This might be described as a "cheat", but I don't see how it's a "scam."


@M. Welinder

Presumably it's the use of a device, yes.


@Tatütata

My understanding is that you can't claim your machine pays out at certain odds unless you can PROVE it. If you are using an external input that you don't control as one of the factors in deciding whether to pay out, you generally can't PROVE (to a court's satisfaction) that your payouts will conform to any particular distribution.

I've been (tangentially) involved in a product that was essentially a slot machine but which gambled on horse races behind the scenes, and was told that it would be illegal for them to show (e.g.) a graph of typical payouts based on the average results of real horse races from the past 6 months--because past results are no guarantee of future behavior, you see, and so it would be deceptive to players.

I thought this was vaguely ridiculous, but I can kind of see how it might be easier to ban this than to try to distinguish between good-faith approximations and intentional deception.

albertFebruary 8, 2017 3:19 PM

Viva Las Vegas!
At least they don't take you to the alley and break your knuckles, like they did in the old days.

Yes, @Wm, it's karma at work.

Do you know the house advantage for a roulette table? In Vegas (US), it's the 'zero' and 'double zero' on the wheel; two out of 38 slots. (In the slightly less greedy EU, it's 'zero' out of 37)

I think it would be kool to capture the results of every spin of every table for random number generation, or at least, seeds. Something tells me there would be a problem with this.

Math-brains?

. .. . .. --- ....

Fred PFebruary 8, 2017 5:05 PM

@Clive Robinson

- are you aware of any jurisdictions that require determinism in slot or lottery machines? At least in the sub-industry I worked in (video lottery machines), non-determinism was considered a requirement in the U.S.A. and Canadian jurisdictions I was aware of. Perhaps you're conflating them with the pre-generated card scratch-off games (which are sometimes deterministic, at least in large numbers)?

I haven't worked in that industry (video lottery consoles - i.e. slot machines controlled by a State) since late 2000, and we were aware of and attempted to guard against this class of attacks at least back into the late 1990s. We did note a potential vulnerability somewhat similar to what's described in the article in our product, and part of our solution we did was the same Bruce states - more entropy.

rFebruary 8, 2017 5:43 PM

I think what Fred P says makes the most sense, it's definitely in the both the casino's and the manufacturer's interest to not fumble the ball when they're so close to the in-zone. I can't see any instance where a deployed machine wouldn't at least be upgradable the way old arcade systems were and even then it's daughterboards and maybe a small amount of soldering.

I'm not saying vulnerable deployment's don't exist, but I would expect the industry to readily weed out the immature products and companies quickly considering.

Peter GerdesFebruary 8, 2017 6:58 PM

Based on the description it seems the slot machines are ALREADY using local information in selecting their random number, the time. Sure, they may not be seeding the PRNG with time data but if they simply sped up the clock speed so humans couldn't time their pull it seems like they would be fine. I'm kinda puzzled why they are so slow in the first place.

Presuming humans are only able to time their actions to 1/60th of a second (accurate to within a video frame in smooth video) and the payouts are no more than $100 per win (yes I know there are million dollar slots but a $1000 machine max suggests small wins) at a quarter per play suggests that if they used on the order of 60* 4*100 distinct time slots per second it shouldn't be profitable to try to time them.

Ok more accurately 60*4*100*1/(expected house take as a fraction of money spent) as any timing info is in addition to the usual rate of return. Given a reasonable house cut of 10% that means the clock (i.e. how frequently they increment the PRNG...or with better programming how they compute how many times they must increment) needs to only run at 240 kHz. Surely this can't be too taxing. What was the idea that caused them to use such large time increments?

---

On another issue I don't see how this is illegal in any way (is there any law against this?) so why not use this on the huge jackpot slots with the understanding that you'll be banned after a win?

Nick PFebruary 8, 2017 9:13 PM

"On another issue I don't see how this is illegal in any way (is there any law against this?) so why not use this on the huge jackpot slots with the understanding that you'll be banned after a win?" (Peter Gerdes)

Is it actually illegal to cheat casino games with electronic methods? I've occasionally wondered if the casinos pushed for regulations to include civil or criminal punishment for such things.

WaelFebruary 8, 2017 9:35 PM

@Nick P,

Is it actually illegal to cheat casino games with electronic methods?

Of course it is! Punishable by prison sentence too! Ask the early pioneers like Kieth Taft. I trust you'll find s free PDF :)

How the random number generator is used is actually more important than the "randomness" it produces.

ab praeceptisFebruary 9, 2017 8:18 AM

If I didn't get it wrong, the problem in that story isn't so much a lousy PRNG but a constellation far worse.

Explanation: The *outcome* of the whole mechanism must not be truly random; in fact, it must be "lousy random" due to legal boundaries.

That does, however, *not* mean that no quality random can be used.

The story here demonstrates a *generally lousy* mechanism. "The law requires us to ..." is but an excuse.
In fact, their mechanism so utterly bad that it's outcome can be predicted based on a small sample series of prior states.

Let's look closer:

Law requires that a certain part of all money spent must be returned to "winning" players. Moreover - I presume taking an educated guess - the law gives certain boundaries, such as money input and output relations, i.e. that a certain proportion of smaller "wins" is returned to smaller players, etc.

Hence, a properly designed machine does use *two* mechanisms, namely one *true hq (pseudo)random* player mechanism and one "legal requirements controlling tainter".

That way, legal requirements can be fulfilled (and demonstrated to be fulfilled) and the machine still is not predictable.

Obviously, quite some machines have a poor design with just one mechanism, namely one with the a lousy prng that within one and the same mechanism is implementing legally required tainting. *Obviously* that single mechanism is designed poorly making it worse, up the point that on the basis of a small sample series it can be predicted.

Dirk PraetFebruary 9, 2017 8:41 AM

@ ab praeceptis

Explanation: The *outcome* of the whole mechanism must not be truly random; in fact, it must be "lousy random" due to legal boundaries.

Apologies for stating the obvious, but can't they just call Intel or the NSA? Surely either one of them must have something lying around in some old archive that can be put into production right away.

Fred PFebruary 9, 2017 9:15 AM

@r - I can tell you that all the legal machines I dealt with were upgradable by replacing chips (although the type of chip varied some), but I can't speak for the grey market ones - some of them, apparently, were done extremely incompetently.


rFebruary 9, 2017 4:59 PM

@Dirk P,

In arcade machines, at least in the old days Intel was almost never heard of. You'd find all sorts of disparate systems in actual deployment, Fred's on the right train when he's talking about dead bugs and proms being replaced. Maybe Intel would be used now but I still doubt it due to the cost of their chips, if anything you'd still see MIPS Motorola ARM through various vendors like that.

Anyone have any direct experience with the old CG boards? Slot machines can't be too different than that imo.

@Fred P,

You'd think 'grey market' would be illegal, I wonder if these companies aren't plants that should be banned by the greater Casino market. To slip up that much and not set off any alarm bells makes me wonder if the makers weren't involved early on like how there's suspicion over the shimmers coming out for ATM's.

If I could prove my losses or even give a ball park I'd levy charges against the company with a quickness, 250k a day.

Milo M.February 9, 2017 6:31 PM

The FBI announcement mentions casinos in California, Illinois, and Missouri. They may not have visited Nevada, perhaps assuming easier pickings elsewhere.

https://www.justice.gov/usao-edmo/pr/four-russian-nationals-indicted-fraud-charges

A few quotes from the document on gaining approval for a machine in Nevada:

NEVADA GAMING CONTROL BOARD
NEW GAMING DEVICE SUBMISSION PACKAGE
http://gaming.nv.gov/Modules/ShowDocument.aspx?documentid=2786

"Regulation 14.040
14.040(2) - Describe all random number generation processes and all game outcome selection processes. Identify algorithm used and show step by step implementation of the random number generator in the source code. Attach a copy of the source code used for the random number generation and the random selection process as well as a description of how the RNG is seeded. The RNG should not use static seeds upon initialization and the seeding process should rely upon at least one non predictable factor (i.e. human interaction of turning a key). Identify RAM address locations, as the CPU sees them for random number generator seeds, parameters and data outcomes, etc. Does the RNG continuously “cycle” even when no game is being played and while not in a tilt or error state? The RNG should continue to cycle at a minimum of 100Hz (100 calls per second). Please provide the cycle frequency of the RNG and a description of how the frequency was verified. . . .

Does the device utilize a mechanical RNG? If so, describe how the mechanical RNG is monitored for compliance with the required confidence limits on a real time basis.

14.040(3) - What testing was conducted to check for patterning in the output of the random selection process? . . . A given random result should always produce the same displayed outcome to the patron. "

Another random number, with its mean value:

"The average cost of a New Gaming Device review averages around $95,000."

randomFebruary 9, 2017 8:58 PM

@Milo M.

I guess that reporting irregularities must be a necessity in some other section of those guidelines?

Otherwise it reads to me as, be random without being too random. The human element (turn of a key) is a nice touch. But there's always the insider angle, or a well resourced malicious actor that could force reinitialization and just wait and see exactly what time that key was turned.

Fred PFebruary 10, 2017 7:47 AM

@r "grey market" machines means that there are neither laws regulating them nor specific bans that are universally recognized (example: the local laws ban, say, slot machines but not poker machines, likely because the original authors of the law didn't think of poker gambling machines as a possibility). A large grey market is usually followed by either legalization (and regulation) or making them entirely illegal. I was up at GLI (a company hired by a number of jurisdictions to test gaming machines & code) during such a legalization process; they indicated that the vast majority of grey market machines (in a state that was newly regulating their poker machine market) didn't make it off the delivery truck; they'd do some cursory inspection on the truck, and send them back as failed.

MikeAFebruary 10, 2017 10:58 AM

@Fred P

I'm not Clive, but have some possibly relevant info:

- are you aware of any jurisdictions that require determinism in slot or lottery machines? At least in the sub-industry I worked in (video lottery machines), non-determinism was considered a requirement in the U.S.A. and Canadian jurisdictions I was aware of. Perhaps you're conflating them with the pre-generated card scratch-off games (which are sometimes deterministic, at least in large numbers)?
-

There was at least one state (Nebraska?) which had such a requirement for Video Lottery machines. It struck me as odd at the time, because many states had laws against "Knock off switches" on pinball and normal video games, to (attempt to) stop the bartender from "paying off" for free games accrued by skilled players. Meanwhile, other states specifically allowed card rooms with games like poker because they were games of skill. Laws vary quite widely, but often boil down to "Skill legal, chance illegal", or vice-versa.

Then there is the time-honored tradition of the gaming-commission inspectors (or manufacturers) gaffing the machines themselves. And many slot machines (used to?) allow varying the payout odds based on time of day, or even a via a network connection (private LAN, at least usually).

My own interest was tangential. For some time I was responsible for the statistic logging on coin-operated video games from one manufacturer. There, the problem was detecting skimming by the locations and collectors, cheating only the owner/operator of the machines. I know (most of?) our machines did not cheat the players themselves (e.g. "impossible Boss"), but there were manufacturers that did.

Meanwhile, the definition of "deterministic" is fluid. IIRC, there was at least one jurisdiction where the machine was required to generate a list of "winning plays" internally, and just run down that list. Not only no player-control input whatsoever, but no PRNG, unless you think of a "one time pad" being a PRNG.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.