HH Smithy Accuses Full Tilt Poker of Invasive Practices

In a recent blog, HH Smithy, which provides hand histories for online poker players worldwide, has accused Full Tilt Poker of invasive practices by harvesting Windows product keys from unsuspecting customers.

In a four-minute video clip entitled "Full Tilt Poker: In Your Computer, Stealing Your Product Keys," HH Smithy representative Kyle goes into detail about the security measures Full Tilt Poker used in an effort to track down multi-accounters, or players participating at FTP tables using more than one account.

The video shows that Full Tilt's Random Number Generator (RNG) hardware and software solutions were independently audited by a company named Cigital, but adds that the entire source code was never analyzed.

Quoting Cigital in the video, HH Smithy says that the company's disclaimer specifically states that the poker room's RNG was verified to function properly during the time Cigital evaluated its effectiveness, but that there is no way to provide concrete evidence of total randomness. "There's no way to guarantee that FTP used this package in their production code," states HH Smithy representative Kyle in his video.

The most interesting part of the video comes in the final two minutes, when HH Smithy demonstrates the various methods Full Tilt employed to stop multi-accounters from exploiting online poker players. The list of steps taken includes the fact that FTP gathered information from each machine that accessed its servers and checked several common parameters such as hard disk information, CLS IDs in Windows, Machine GUID, the user's IP address and/or Mac address, and the number of processors in the customer's computer.

These security measures are normal and expected according to the blog post by HH Smithy. However, the video clip goes on to state that Full Tilt Poker also confiscated each user's Windows Product Key, which is considered by many to be private property and worth hundreds of dollars. Since Cigital's seal of approval only referred to the site's RNG and not its other practices, HH Smithy claims that Full Tilt was directly responsible and had knowledge of its ability to scoop customers' product keys, which could have been intercepted by hackers or used by low-level FTP employees for other reasons without users' knowledge.

The product key information was hidden in an image file by the Full Tilt software through a process that HH Smithy calls steganography, which was easily discovered by HH Smithy upon routine evaluation. The conclusion of the video is that independent analysis is necessary of Full Tilt's security measures, adding that if low-level FTP customer service representatives could access customers' product keys, then that information could have easily been released at some point and stolen by malicious hackers.

For a full report on HH Smithy's discovery, visit the official blog post, which shows in detail, using technical jargon, how Full Tilt Poker was able to capture customers' Windows Product Keys.

For online poker players who are interested in obtaining as much information on opponents' tendencies as possible in order to make better, more-profitable decisions at the online poker tables, visit HHSmithy.com and order hand histories. There are a number of payment plans available to fit your needs and can assist you in improving your win rate immediately.