Reef Central Online Community
Premium Aquatics

Home Forum Here you can view your subscribed threads, work with private messages and edit your profile and preferences View New Posts View Today's Posts

Find other members Frequently Asked Questions Search Reefkeeping ...an online magazine for marine aquarists Support our sponsors and mention Reef Central

Go Back   Reef Central Online Community > General Interest Forums > Reef Discussion
Register Blogs FAQ Calendar Mark Forums Read

Notices

User Tag List

Reply
Thread Tools
Old 07/20/2017, 11:11 AM   #1
DanCorals
Registered Member
 
Join Date: Mar 2011
Posts: 66
Casino Aquarium Hack

Has anyone know heard what controller / network setup the casino was using?

http://money.cnn.com/2017/07/19/tech...ace/index.html


DanCorals is offline   Reply With Quote
Old 07/20/2017, 11:16 AM   #2
mcgyvr
Registered Member
 
mcgyvr's Avatar
 
Join Date: Sep 2003
Location: North Carolina
Posts: 20,050
I don't know but it really doesn't matter..
I guarantee ALL "connected" reef controllers are susceptible to attacks/hackers like that..


__________________
Who me?
mcgyvr is offline   Reply With Quote
Old 07/20/2017, 11:52 AM   #3
slay
Registered Member
 
slay's Avatar
 
Join Date: Dec 2002
Posts: 118
Quote:
Originally Posted by mcgyvr View Post
I don't know but it really doesn't matter..
I guarantee ALL "connected" reef controllers are susceptible to attacks/hackers like that..
My home security cameras/feeds, other connected home control connected devices, and even my Reeflink are connected via a TOR Hidden Services proxy and authentication cookies. An onion router proxy service should be nigh impossible to get through aside from social engineering.

Really, any decent security company that deals with a customer as sophisticated as a casino should've done some similar at minimum or perhaps something more sophisticated (I'm not a computer security specialist by any means, so I'm not even sure what's possible).

I find it sad that my house is, in one sense, better protected than at least one actual casino.


__________________
180 mixed soft/lps/sps reef, 75 sump. Radeon XR30w G3 Pros,MP40qdx2, Vectra return, Reeflink, SRO-3000 skimmer, UV/calcium reactor/carbon/gfo.
480 predator, two cat sharks. 18" lionfish & friends.
slay is offline   Reply With Quote
Old 07/20/2017, 12:15 PM   #4
mcgyvr
Registered Member
 
mcgyvr's Avatar
 
Join Date: Sep 2003
Location: North Carolina
Posts: 20,050
Yes of course the are ways/devices/firewalls/proxy/vpn,etc... that can be added to have a more secure system as a whole..

My comment was basically about the built in security features/functions of the devices themselves.. slim to none..


__________________
Who me?
mcgyvr is offline   Reply With Quote
Old 07/20/2017, 12:19 PM   #5
slay
Registered Member
 
slay's Avatar
 
Join Date: Dec 2002
Posts: 118
Quote:
Originally Posted by mcgyvr View Post
Yes of course the are ways/devices/firewalls/proxy/vpn,etc... that can be added to have a more secure system as a whole..

My comment was basically about the built in security features/functions of the devices themselves.. slim to none..
Well, yeah.

You'd just hope CASINO security would have you know, enough foresight to spot that. Any competent security service should be aware of all devices on the network, and I say that almost as a self-evident statement (LOL).


__________________
180 mixed soft/lps/sps reef, 75 sump. Radeon XR30w G3 Pros,MP40qdx2, Vectra return, Reeflink, SRO-3000 skimmer, UV/calcium reactor/carbon/gfo.
480 predator, two cat sharks. 18" lionfish & friends.
slay is offline   Reply With Quote
Old 07/20/2017, 04:42 PM   #6
Mishri
Registered Member
 
Mishri's Avatar
 
Join Date: Jul 2004
Location: Great Falls, MT
Posts: 1,404
hmm.. how are you using TOR on the regular internet? Don't you have to be on the TOR network for it to work correctly? btw.. there are a lot of weaknesses in it anyway.. there have been multiple attacks. your onion router isn't making your browsing safer...

I don't think you've worked for any large companies where someone high up says, we need this installed and working right now, make it work. doesn't need certified at that point, it gets an internet connection. Maybe it's a weather monitor to display to the hotel guests.. maybe it's projector that needs a network connection for a presentation.. maybe it's an aquarium monitor..

-there wouldn't be any data you can gather from a casino machine from this hack that an attendant could tell you.. we have casinos all over the place here.. i can look at any of the machine data I want to... it's mostly just for book keeping/financials.. doesn't tell you anything about if/when a machine will hit. you'll have some machines that pay out more than they take in, others that have tens of thousands taken in and little paid out and still aren't paying out for years. -most casinos around here cycle through those machines that pay out too much.. unplug them and get rid of them... law of averages says eventually they'll start taking in more than they pay.. but.. small casinos can't take a $10,000 hit in one night when the max payout is supposed to be $800.


__________________
300 gallon 8ft long, 2x xf250 gyre, reef octopus 250-int - work in progress
Aquarist since 1986

Last edited by Mishri; 07/20/2017 at 04:50 PM.
Mishri is offline   Reply With Quote
Old 07/20/2017, 04:53 PM   #7
DasCamel
Registered Member
 
DasCamel's Avatar
 
Join Date: Oct 2013
Location: Kenmore, WA
Posts: 1,542
I have a secret for you. I bet that casino still has vulnerabilities. 100% security is impossible in a modern environment.


__________________
375g DT 125g sump acrylic, Mixed SPS/LPS tank with anemones and fish.

Current Tank Info: 375g Build thread http://www.reefcentral.com/forums/showthread.php?t=2608197
DasCamel is offline   Reply With Quote
Old 04/08/2021, 04:23 AM   #8
bryantcecil
Registered Member
 
bryantcecil's Avatar
 
Join Date: Apr 2021
Posts: 1
I didn't know about it, thanks.


bryantcecil is offline   Reply With Quote
Old 04/08/2021, 11:37 PM   #9
Roberterop
Registered Member
 
Roberterop's Avatar
 
Join Date: Apr 2021
Posts: 1
It's almsost an useless information.


Roberterop is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Forum Jump


All times are GMT -6. The time now is 11:27 AM.


TapaTalk Enabled

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.
Powered by Searchlight © 2021 Axivo Inc.
Use of this web site is subject to the terms and conditions described in the user agreement.
Reef CentralTM Reef Central, LLC. Copyright 1999-2014
User Alert System provided by Advanced User Tagging v3.3.0 (Pro) - vBulletin Mods & Addons Copyright © 2021 DragonByte Technologies Ltd.