Gaining an Advantage in Roulette
You can beat the game without a computer:
On a perfect [roulette] wheel, the ball would always fall in a random way. But over time, wheels develop flaws, which turn into patterns. A wheel that’s even marginally tilted could develop what Barnett called a ‘drop zone.’ When the tilt forces the ball to climb a slope, the ball decelerates and falls from the outer rim at the same spot on almost every spin. A similar thing can happen on equipment worn from repeated use, or if a croupier’s hand lotion has left residue, or for a dizzying number of other reasons. A drop zone is the Achilles’ heel of roulette. That morsel of predictability is enough for software to overcome the random skidding and bouncing that happens after the drop.”
Clive Robinson • April 14, 2023 7:58 AM
@ ALL,
The same unbalanced,”wear and slop” applies to many systems even software not just mechanical systems.
For most people the closest evidence they will see frequently is those little “balance adjust” weights hammered in on the rim of a wheel where the tyre is held.
From a security perspective unbalance causes vibrations or even resonances that are conducted, radiated, or both. These can and frequently do carry “information” impressed / modulated upon them out of the confines of a system.
We tend to call them “side channels”, and they almost always exist for two fundemental “laws of nature” reasons,
1, Work is inefficient.
2, Work is a dynamic process.
If it was not then “entropy” could not be fundemental to the functioning of the universe as we currently understand it.
The big problems with side channels are,
1, Realising an instance exists.
2, Stoppering it’s channel capacity.
These form the fundementals of TEMPEST and EmSec.
Unfortunately in ICTsec the issue of,
“Secure in theory, but not in practice”
Arises, a prime example being the AES algorithm, secure in theory but riddled with time, power, and work side channels in practical implementations. Especially bad where in the design and implementation of systems “Efficiency -v- Security” favoured “efficiency” in some way.
In many cases trying to solve side channels is like air bubbles under wallpaper when you hang it (put it up). If you push down in one place the bubble just moves or breaks into smaller more numerous bubbles. You actually have to use a technique of sweeping or brushing the air out to the sides to resolve it.
In EmSec you effectively do the same with energy ensuring it gets securely swept into a disapative load where the information bandwidth is very low.