Random Number Generators (RNGs) are the brain behind most online casino games, like slots. Once you understand their importance, it is easy to see why people are eager to hack them. The ability to rig the games in one’s favor is a desire probably every person who played a game of chance had at one point or another. The casinos have been targets of scammers and conmen since they were first created and RNGs are just the latest point of vulnerability people are trying to exploit. However, hacking into RNGs is a lot easier said than done. People who designed them and other security measures knew how important they are and had done their utmost to protect them from unauthorized access. In fact, the measures are so strict that the question is whether hacking into RNGs is even possible.
What are RNGs?
Random number generators are algorithms designed to simulate randomness. They are at the core of almost every electronic game. In video games, they are used to determine various random events, like control critical hits or chances of finding some rare loot. They add an element of randomness to the gameplay, making it unpredictable. Even competitive games, like Counter-Strike: Global Offensive or Dota 2, use them to some degree. In CS: GO, RNG determines the way bullets hit a target, while in Dota 2 they are used to control how a character’s ability affects the enemy. This is the biggest gripe players have with them, as they can undermine skill at critical moments. In games of chance, RNGs are crucial, as they determine the outcome of every hand or spin. They can be programmed to pay out a certain percentage of all bets, which is the way how most slots work, making gambling transparent and preventing casinos from scamming their players.
Are Random Number Generators Truly Random?
We define randomness as any event that doesn’t have a discernible pattern. Outside of nature, true randomness is almost impossible. Raindrops or ocean waves can be random, but any algorithm or program has to have a pattern to work and that is why we call the pseudo-random number generators. Steve Ward, a Professor of Computer Science and Engineering at MIT explained why it is hard for computers to generate truly random numbers. He said that computers are deterministic, meaning that if you ask the same question, you will get the same answer every time. Translate that to a coin toss and you see the problem. The more complicated pattern, the harder it is to discover it and predict it or exploit it. Some sources use RNG based on advanced algorithms or even quantum lights to achieve almost true randomness but are usually too expensive to cumbersome to be applicable in online casinos.
Exploiting Random Number Generators
Simple RNGs can be cracked fairly easily. It all comes down to recording the results they put out and analyzing them. If a pattern is simple, it will be discovered in no time. This gives you the ability to predict the next result and exploit the RNG. You can see why this would be disastrous for online casinos. If anyone with some free time and a powerful computer on their hand can crack their RNG, they would be out of business in a single afternoon. That is why RNG algorithms are mindbogglingly complicated and their sequences are very long. Even the best algorithm can be cracked, just like the best cipher, if a computer is provided with enough data. Long sequences prevent that, practically making it impossible to crack the RNG. RNGs also use something called seed, a starting value that determines where the sequence will start. This adds another layer of randomness but also boosts security since even if hackers get a hold of the algorithm, they also need the seed to see where does it start.
Most security measures aimed at preventing people from hacking RNGs revolve around denying access. As long as a hacker can’t access raw data or see the source code, RNGs are fairly secure. These measures are constantly updated and improved, as casinos try to stay one step ahead of potential attackers. Changing the seed is also an important security measure. By using the stream cipher, operators can change the seed at random intervals and messing hackers’ attempts at discovering it. Hardware that runs the RNG is also critical and must be protected from both remote and physical access at all times. Finally, online casinos try to use the best RNG algorithms they can afford. Usually, this is their best defense from hackers, as these high-end RNGs are almost impossible to crack and not many people will even entertain the idea, let alone try it.
Is It Possible to Hack into RNGs?
The short answer to this question is yes. The long answer, however, is a tad more complicated. Any program can be hacked into, given enough time, skill, and resources. RNGs try to make that process impossibly long so that hackers wouldn’t even consider it. Rare are the ones that try and even rarer the ones that succeed. One of the few we know about is the famous Russian hacker Alex, who managed to crack the RNG used in an online casino and make a fortune for himself and his associates. As a mathematician and programmer who worked for the Russian military on various cryptographic projects, Alex was uniquely positioned to use his knowledge to reverse-engineer RNGs and create a global network of operatives that would roam the casinos and milk the slot rooms. Fortunately for online casinos, there aren’t many people that have the skill to pull off hacking an RNG. Even those that do rarely try, as penalties are quite severe and remaining undetected is almost impossible.