Topic: crypto-games.net, 30% house edge, bugs and vulnerabilities, screw the investors! - page 7. (Read 12939 times)

Quote from: subSTRATA on July 03, 2015, 09:56:33 PM

again, i stand that i didnt threaten them at any point.

Pay me or I sell the exploit , which would only screw investors. Yeah okay, no harm done there Roll Eyes

i never demanded payment from them, i only asked that the full sum be agreed to and i did agree that I would disclose the first bug if they agreed, which they did not. the disclosure of the second bug was not up to me as I had no in depth knowledge of it at the time. then the insults began... i never even put the bug to use either. again, youre free to think what you think, but at this point i have no ill intentions to either of the individuals running the site.

well it seems this has quickly turned against me somehow, i agree that xetsr has valid points and that i am at fault for a lapse in judgement, but i did not get anything out of this from either crypto-games or any other third party.

You didn't get anything out of this... but what if someone did pay you? This is the point I'm trying to make. if someone offered you what you were asking for, you would have sold them the exploit, right? Like your previous posts suggested.

You were willing to release the exploit for a price at the expense of investors. cant find it now, but at the point in which the dev/admin mentioned that emails were sent out to investors, is around the time when i learned that there were investors on the site.

ill be quite honest here, i initially noticed the bug when i clicked "max" on the site, and noticed the discrepancy of 6500x and 0.02% win chance. at that point in time, i had no knowledge there was an investment option on the site.

Quote from: xetsr on July 03, 2015, 10:14:39 PM

Am I misunderstanding something here?

no you are not, that is my fault and a serious lapse in judgement.

Okay then, glad you realized your mistake and the damage that could have been done if you were to get an offer and proceeded to sell the exploit.

Just so everyone knows, I have nothing to do with the site and I'm not a investor. I'm just wondering why nobody else could see the point I was trying to make. If someone pulled this BS at just-dice (offered to sell an exploit if Dooglus didn't pay up), all the kids over there would go absolutely crazy.

I changed my feedback to neutral since you admitted you made a mistake

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

Quote from: xetsr on July 03, 2015, 10:09:56 PM

Quote from: subSTRATA on July 03, 2015, 10:04:18 PM

Quote from: subSTRATA on July 03, 2015, 09:56:33 PM

again, i stand that i didnt threaten them at any point.

Pay me or I sell the exploit , which would only screw investors. Yeah okay, no harm done there Roll Eyes

i never demanded payment from them, i only asked that the full sum be agreed to and i did agree that I would disclose the first bug if they agreed, which they did not. the disclosure of the second bug was not up to me as I had no in depth knowledge of it at the time. then the insults began... i never even put the bug to use either. again, youre free to think what you think, but at this point i have no ill intentions to either of the individuals running the site.

well it seems this has quickly turned against me somehow, i agree that xetsr has valid points and that i am at fault for a lapse in judgement, but i did not get anything out of this from either crypto-games or any other third party.

You didn't get anything out of this... but what if someone did pay you? This is the point I'm trying to make. if someone offered you what you were asking for, you would have sold them the exploit, right? Like your previous posts suggested.

You were willing to release the exploit for a price at the expense of investors. cant find it now, but at the point in which the dev/admin mentioned that emails were sent out to investors, is around the time when i learned that there were investors on the site.

ill be quite honest here, i initially noticed the bug when i clicked "max" on the site, and noticed the discrepancy of 6500x and 0.02% win chance. at that point in time, i had no knowledge there was an investment option on the site.

Quote from: xetsr on July 03, 2015, 10:14:39 PM

Am I misunderstanding something here?

no you are not, that is my fault and a serious lapse in judgement.

edit: at this point

Quote from: subSTRATA on July 03, 2015, 09:13:57 AM

Quote from: Emerge on July 03, 2015, 09:10:51 AM

Quote from: subSTRATA on July 03, 2015, 09:08:42 AM

Quote from: Quickseller on July 03, 2015, 09:01:38 AM

I am not even sure that I would trust the site to pay out large wins that a +EV strategy would result in. The site is very new, has a tiny bankroll, and is acting very unprofessionally.

big point here; even if they decide to pay out, their decisions in handling this entire matter were questionable at best, announcing their site as the subject of this thread was probably the biggest mistake, this is a lose-lose situation for them now.

Yeah, and it's not only them at risk, but also investor's money.
Them being "confident" is totally going to bring a lot of people down.

Time to take a couple of last looks at the site lol.

great point, after this, their site is dead regardless of the outcome. inviting people to come and dump your bankroll and not even consulting with your investors? that's some special publicity right there.

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: Quickseller on July 03, 2015, 10:05:47 PM

I can't speak to any specific conversations that either Dooglus or subSTRATA had with this site's owner, or the owner of other sites. However if it were me that had found the exploit, then I would have told them something along the following:

"I have found an issue with your site that others could potentially use to steal from you, I have no intention of disclosing it to anyone other then you, nor do I have any intention of using such exploit personally, although I cannot guarantee that others will not use the same public information to exploit this same issue."

I think the above would pass the test of not being blackmail, while still being reasonably compensated for your time/skills.

The fact is that gambling sites are for-profit entities, and giving advice as to how to prevent yourself from getting robbed when large amounts of money is at stake should not be given for free. These sites should invest in the time/effort to prevent these kinds of exploits from existing in the first place.

https://bitcointalksearch.org/topic/m.11780169

Quote

the admin of the site seems rather hostile and is trying to rip both me and dooglus off, demanding a lower bounty for the deal, i am entertaining offers in this thread or through pm regarding this. a percentage of this will be paid to dooglus for his help in confirming this issue.

Am I misunderstanding something here?

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: subSTRATA on July 03, 2015, 10:04:18 PM

Quote from: subSTRATA on July 03, 2015, 09:56:33 PM

again, i stand that i didnt threaten them at any point.

Pay me or I sell the exploit , which would only screw investors. Yeah okay, no harm done there Roll Eyes

i never demanded payment from them, i only asked that the full sum be agreed to and i did agree that I would disclose the first bug if they agreed, which they did not. the disclosure of the second bug was not up to me as I had no in depth knowledge of it at the time. then the insults began... i never even put the bug to use either. again, youre free to think what you think, but at this point i have no ill intentions to either of the individuals running the site.

well it seems this has quickly turned against me somehow, i agree that xetsr has valid points and that i am at fault for a lapse in judgement, but i did not get anything out of this from either crypto-games or any other third party.

You didn't get anything out of this... but what if someone did pay you? This is the point I'm trying to make. if someone offered you what you were asking for, you would have sold them the exploit, right? Like your previous posts suggested.

You were willing to release the exploit for a price at the expense of investors.

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

Quote from: Quickseller on July 03, 2015, 10:05:47 PM

I can't speak to any specific conversations that either Dooglus or subSTRATA had with this site's owner, or the owner of other sites. However if it were me that had found the exploit, then I would have told them something along the following:

"I have found an issue with your site that others could potentially use to steal from you, I have no intention of disclosing it to anyone other then you, nor do I have any intention of using such exploit personally, although I cannot guarantee that others will not use the same public information to exploit this same issue."

I think the above would pass the test of not being blackmail, while still being reasonably compensated for your time/skills.

The fact is that gambling sites are for-profit entities, and giving advice as to how to prevent yourself from getting robbed when large amounts of money is at stake should not be given for free. These sites should invest in the time/effort to prevent these kinds of exploits from existing in the first place.

something along those lines;

i made it clear there were two bugs in the initial pm sent, and at which a later point DCM was suddenly surprised there were two bugs. also i made it clear in the first few pages of the thread that no details would be disclosed except to the site owner.

Mist

sr. member

Activity: 434

Merit: 250

:)

Quote from: xetsr on July 03, 2015, 09:40:55 PM

Quote from: Mist on July 03, 2015, 08:51:39 PM

Quote from: subSTRATA on July 03, 2015, 08:46:35 PM

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Yeah, shits fucked on this site. Avoid it like the plague boys Cheesy

thats a rather crude way to put it, but yes, basically that.

this guy needs to get out, like now. 4.66 BTC invested given the current situation.

I'm not here to sugar coat anything. Poorly coded, bad management, and the lack of ability to do math. Recipe for the investors to lose everything. Only reason to stay around here is if you are a player that can abuse the glitches and make some bank.

not saying im trying to sugar coat it, just saying the language was rather crude. but after the shady turn of events, im going to assume that crypto-games.net will not be giving anything for the bug finding(s), and considering the address in OP as a tip address. if dooglus wants to post one too ill gladly edit it into the op, the guy really deserves credit for finding some back-end bugs.

Yeah, I got you. Dooglus really is good at finding bugs and he gets paid from sites regularly for it. I'm sure he wont mind too much though.

Wait, so Dooglus blackmails other sites too? word it anyway you want but this was blackmail, pay my price or I release / sell the exploit that would harm not only the owner but innocent investors who probably didn't know better.

right? Or am I missing something here?

I never said doog blackmails people. The fuck are you leaping on me here for? Sites approach him for it and he helps them out. He also finds them by himself on the side but never blackmails anyone for it.

Quickseller

copper member

Activity: 2870

Merit: 2298

I can't speak to any specific conversations that either Dooglus or subSTRATA had with this site's owner, or the owner of other sites. However if it were me that had found the exploit, then I would have told them something along the following:

"I have found an issue with your site that others could potentially use to steal from you, I have no intention of disclosing it to anyone other then you, nor do I have any intention of using such exploit personally, although I cannot guarantee that others will not use the same public information to exploit this same issue."

I think the above would pass the test of not being blackmail, while still being reasonably compensated for your time/skills.

The fact is that gambling sites are for-profit entities, and giving advice as to how to prevent yourself from getting robbed when large amounts of money is at stake should not be given for free. These sites should invest in the time/effort to prevent these kinds of exploits from existing in the first place.

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

Quote from: subSTRATA on July 03, 2015, 09:56:33 PM

again, i stand that i didnt threaten them at any point.

Pay me or I sell the exploit , which would only screw investors. Yeah okay, no harm done there Roll Eyes

i never demanded payment from them, i only asked that the full sum be agreed to and i did agree that I would disclose the first bug if they agreed, which they did not. the disclosure of the second bug was not up to me as I had no in depth knowledge of it at the time. then the insults began... i never even put the bug to use either. again, youre free to think what you think, but at this point i have no ill intentions to either of the individuals running the site.

well it seems this has quickly turned against me somehow, i agree that xetsr has valid points and that i am at fault for a lapse in judgement, but i did not get anything out of this from either crypto-games or any other third party.

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: subSTRATA on July 03, 2015, 09:56:33 PM

again, i stand that i didnt threaten them at any point.

Pay me or I sell the exploit , which would only screw investors. Yeah okay, no harm done there Roll Eyes

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

again, i stand that i didnt threaten them at any point.

xetsr

legendary

Activity: 1120

Merit: 1000

Blackmail is blackmail.

I dont know the current situation with this site but if these are real investors, you are just as bad as the site owner. Same with dooglus.... others have gotten negative feedback for blackmailing other scammers, not sure why neither of you have gotten some yet.

Bottom line: You were willing to profit from possibly innocent investors if the owner failed to pay you.

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

Quote from: xetsr on July 03, 2015, 09:40:55 PM

Quote from: Mist on July 03, 2015, 08:51:39 PM

Quote from: subSTRATA on July 03, 2015, 08:46:35 PM

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Quote from: Mist on July 03, 2015, 08:51:39 PM

Yeah, shits fucked on this site. Avoid it like the plague boys Cheesy

thats a rather crude way to put it, but yes, basically that.

this guy needs to get out, like now. 4.66 BTC invested given the current situation.

I'm not here to sugar coat anything. Poorly coded, bad management, and the lack of ability to do math. Recipe for the investors to lose everything. Only reason to stay around here is if you are a player that can abuse the glitches and make some bank.

not saying im trying to sugar coat it, just saying the language was rather crude. but after the shady turn of events, im going to assume that crypto-games.net will not be giving anything for the bug finding(s), and considering the address in OP as a tip address. if dooglus wants to post one too ill gladly edit it into the op, the guy really deserves credit for finding some back-end bugs.

Yeah, I got you. Dooglus really is good at finding bugs and he gets paid from sites regularly for it. I'm sure he wont mind too much though.

Wait, so Dooglus blackmails other sites too? word it anyway you want but this was blackmail, pay my price or I release / sell the exploit that would harm not only the owner but innocent investors who probably didn't know better.

right? Or am I missing something here?

think what youd like, i offered to help them but they turned hostile on me, and even though i tried to keep their site's name hidden, they went and let it out themselves, causing all this. i admit i did try to sell it for a short period of time, but soon abandoned the idea, morality isnt that cheap, and i plan to keep it that way.

in regards to "pay my price" or whatever, i offered 1 BTC for the bug on the +EV bets, and another 0.5 BTC for a back end bug that dooglus found, but agreeing to disclose that second part was not my decision as i had no in depth-knowledge of that bug. apparently, getting the major bug that allowed for +EV bets (32% at that) wasnt good enough, so the admin started getting rather hostile and insulting. from that last part, i was tempted to sell it or whatever, but as i said above, i abandoned the idea in 20 or so minutes, opting for the moral route. then you know, all this started.

i expressed it before too, there are several other bugs that are clearly being exploited right now; i am not disclosing them especially because one individual has invested quite a large sum into the site. also, i never threatened them.

xetsr

legendary

Activity: 1120

Merit: 1000

Quote from: subSTRATA on July 03, 2015, 08:46:35 PM

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Quote from: subSTRATA on July 03, 2015, 08:46:35 PM

Yeah, shits fucked on this site. Avoid it like the plague boys Cheesy

thats a rather crude way to put it, but yes, basically that.

this guy needs to get out, like now. 4.66 BTC invested given the current situation.

I'm not here to sugar coat anything. Poorly coded, bad management, and the lack of ability to do math. Recipe for the investors to lose everything. Only reason to stay around here is if you are a player that can abuse the glitches and make some bank.

not saying im trying to sugar coat it, just saying the language was rather crude. but after the shady turn of events, im going to assume that crypto-games.net will not be giving anything for the bug finding(s), and considering the address in OP as a tip address. if dooglus wants to post one too ill gladly edit it into the op, the guy really deserves credit for finding some back-end bugs.

Yeah, I got you. Dooglus really is good at finding bugs and he gets paid from sites regularly for it. I'm sure he wont mind too much though.

Wait, so Dooglus blackmails other sites too? word it anyway you want but this was blackmail, pay my price or I release / sell the exploit that would harm not only the owner but innocent investors who probably didn't know better.

right? Or am I missing something here?

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

assuming with this hotfix, that a 99.999 is the highest obtainable roll, one player is still exploiting for a +EV using the exploit that dooglus has found:

1 - ( 1094*0.001 ) = -.094, 9.4% edge for the player.

this is an absolute laughingstock at this point.

Mist

sr. member

Activity: 434

Merit: 250

:)

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Quote from: joter85 on July 03, 2015, 12:04:06 PM

Yeah, shits fucked on this site. Avoid it like the plague boys Cheesy

thats a rather crude way to put it, but yes, basically that.

this guy needs to get out, like now. 4.66 BTC invested given the current situation.

I'm not here to sugar coat anything. Poorly coded, bad management, and the lack of ability to do math. Recipe for the investors to lose everything. Only reason to stay around here is if you are a player that can abuse the glitches and make some bank.

not saying im trying to sugar coat it, just saying the language was rather crude. but after the shady turn of events, im going to assume that crypto-games.net will not be giving anything for the bug finding(s), and considering the address in OP as a tip address. if dooglus wants to post one too ill gladly edit it into the op, the guy really deserves credit for finding some back-end bugs.

Yeah, I got you. Dooglus really is good at finding bugs and he gets paid from sites regularly for it. I'm sure he wont mind too much though.

waterpile

hero member

Activity: 602

Merit: 500

Quote from: mfaspk on July 03, 2015, 12:00:45 PM

since I was following chat there, I witnessed a number of people divesting out of there including a MOD.

Guys please. We all make mistakes, don't we?

In your case mistake isn't an option, you're running a gambling site and people have entrusted you with their hard earned money.. don't play the i am just a human excuse.. people already warned you and want to get it fixed before it it would turn into a pretty big mess but you chose your ego " We are confident with our code" yeah right, serves you right

subSTRATA

legendary

Activity: 1288

Merit: 1043

:^)

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Quote from: subSTRATA on July 03, 2015, 08:31:25 PM

Yeah, shits fucked on this site. Avoid it like the plague boys Cheesy

thats a rather crude way to put it, but yes, basically that.

this guy needs to get out, like now. 4.66 BTC invested given the current situation.

I'm not here to sugar coat anything. Poorly coded, bad management, and the lack of ability to do math. Recipe for the investors to lose everything. Only reason to stay around here is if you are a player that can abuse the glitches and make some bank.

not saying im trying to sugar coat it, just saying the language was rather crude. but after the shady turn of events, im going to assume that crypto-games.net will not be giving anything for the bug finding(s), and considering the address in OP as a tip address. if dooglus wants to post one too ill gladly edit it into the op, the guy really deserves credit for finding some back-end bugs.

Mist

sr. member

Activity: 434

Merit: 250

:)