Casinobit - no house edge, 100% payout

[lightlord]

Dooglas is the man when it comes to testing gambling sites. It doesn't look good to write him off as color blind when he is just trying to give you advice. You would think knowing that someone who potentially would play your games is having trouble would make you want to change it so the max amount of customers can play.

+1

I agree, the font on the green boxes, look very ugly. I can see it fine, I have very good vision.
But you should change it to something that is a lot more appealing to customers.

[1714030611]

1714030611

[1714030611]

1714030611

[1714030611]

1714030611

[dooglus]

And we do not have support for the color blind at the moment sorry 

Dooglas is the man when it comes to testing gambling sites. It doesn't look good to write him off as color blind when he is just trying to give you advice. You would think knowing that someone who potentially would play your games is having trouble would make you want to change it so the max amount of customers can play.

It seems that there's a definite divide in the way that gambling site operators respond to my style of commenting.  Some are very appreciative of and responsive to my comments, and some take it entirely the wrong way.

I tend to give up pretty quickly on the sites where I get a negative reaction since it doesn't bode well for the future should I actually have an issue with a payout or whatever.  I personally won't ever be playing at casinobit given what I've seen of how they have interacted with potential customers on this thread.

[casascius]

Secret list! List! Not the transaction ID.

I swear it's like people keep repeating what others said instead of thinking for themselves.

This is troubling.  I'm not much of a gambler, and haven't ever played SatoshiDice, but someone bringing a casino to the Bitcoin community is really not doing their homework to not understand how SatoshiDice's hashing works and why knowing the secret list ahead of time isn't a problem if it's being hashed with the transaction ID.  The algorithm is too simple for someone willing to build a casino website to not understand, and the overconfident attitude is highly misplaced.  Sorry, but I must apply my stamp of disapproval to this one.

Just to make it clear, I have no interest in anything gambling-related whatsoever.

I actually hoped you would swallow your pride there and admit that I was right for a second, especially considering you decided to delete your own post. Which further accused us of trying to scam.

I like you all guys regardless and appreciate the feedback  

I'll give it to you as requested!

The post I deleted was based on the assumption that you didn't understand how hashing works (you admit this in the context of password security) and was an attempt to explain it.  The reason I deleted it was that I came to understand that your point might have been that the secret list would permit the business to defraud its shareholders, not so much the business to defraud bettors.  I don't know that to be certain, but felt it was prudent to give you the benefit of the doubt.

I don't think I ever accused you of trying to scam - rather, my contention was that you didn't appear to have the requisite security knowledge to run a bitcoin casino and handle other people's money, and appeared to be taking an attitude not of trying to learn it, but boldly dismissing it with overconfidence.

When you are confronted with someone engaging you on a security-related topic,

I swear it's like people keep repeating what others said instead of thinking for themselves.

isn't an appropriate response.  The correct response is to either alleviate the concern, or address it on its own merits, without reference to people "not thinking for themselves".  In this case, the correct response would be "Including the transaction ID in the hash protects the bettors but doesn't solve the problem that leaves the shareholders vulnerable to insider fraud."

It's really not a matter of pride for me: I'll be proud of you if you bring a stable secure trusted casino to the Bitcoin world with a willingness to learn whatever you need to do to build the best business you can.

[CasinoBit]

I actually hoped you would swallow your pride there and admit that I was right for a second, especially considering you decided to delete your own post. Which further accused us of trying to scam.

I like you all guys regardless and appreciate the feedback  

I'll give it to you as requested!

The post I deleted was based on the assumption that you didn't understand how hashing works (you admit this in the context of password security) and was an attempt to explain it.  The reason I deleted it was that I came to understand that your point might have been that the secret list would permit the business to defraud its shareholders, not so much the business to defraud bettors.  I don't know that to be certain, but felt it was prudent to give you the benefit of the doubt.

I don't think I ever accused you of trying to scam - rather, my contention was that you didn't appear to have the requisite security knowledge to run a bitcoin casino and handle other people's money, and appeared to be taking an attitude not of trying to learn it, but boldly dismissing it with overconfidence.

When you are confronted with someone engaging you on a security-related topic,

I swear it's like people keep repeating what others said instead of thinking for themselves.

isn't an appropriate response.  The correct response is to either alleviate the concern, or address it on its own merits, without reference to people "not thinking for themselves".  In this case, the correct response would be "Including the transaction ID in the hash protects the bettors but doesn't solve the problem that leaves the shareholders vulnerable to insider fraud."

It's really not a matter of pride for me: I'll be proud of you if you bring a stable secure trusted casino to the Bitcoin world with a willingness to learn whatever you need to do to build the best business you can.

I am not into building businesses at the moment though. It was never my intention to claim that I have enough security knowledge to run a bitcoin casino, even if I was the owner, I didn't study for it and you need professional people who actually work in network security as a fulltime job. You have to be surrounded with great people for any business to succeed and a bitcoin casino isn't an exception.

The game on the main page doesn't require registration, you can send an amount and receive back at your address. The captcha is meant to be that way and the email is for opening support tickets on the site, if we value our customers anonimity it doesn't mean that we never contact our players. It isn't at all like anything, it gives you a sense of community and brings people together, a whole new experience.

And we do not have support for the color blind at the moment sorry 

Dooglas is the man when it comes to testing gambling sites. It doesn't look good to write him off as color blind when he is just trying to give you advice. You would think knowing that someone who potentially would play your games is having trouble would make you want to change it so the max amount of customers can play.

I wasn't trying to be mean to Dooglas or make him feel uncomfortable, just addressing the issue with some humor. It did seem like he was "taking the piss" so to say.

[Junko]

PR/Marketing fail itt

[CasinoBit]

PR/Marketing fail itt

More like competitors trolling me but meh, it's currently in the first testing stages and we don't really care to introduce the bitcoin community to the casino. We care more about introducing people from the gambling community who are new to bitcoin to the casino.

[🏰 TradeFortress 🏰]

PR/Marketing fail itt

More like competitors trolling me but meh, it's currently in the first testing stages and we don't really care to introduce the bitcoin community to the casino. We care more about introducing people from the gambling community who are new to bitcoin to the casino.

Your game needs to be provably fair before any sane person plays it.

[dooglus]

I wasn't trying to be mean to Dooglas or make him feel uncomfortable, just addressing the issue with some humor. It did seem like he was "taking the piss" so to say.

I was serious.  Your choice of colours and font size make that part of the page very ugly and hard to read for me.

Your game needs to be provably fair before any sane person plays it.

He may not be looking for sane customers.  The insane ones probably make for better profits.  And if you look at the online gambling market as a whole, approximately 0.00% of all the money bet is bet at provably fair casinos.

If you're trying to appeal to the general public rather than people who know about bitcoin then provable fairness is probably something it's safe to ignore for the moment.  Most people don't even realise it's possible for a casino to prove that they're not cheating.

[giantdragon]

I want to remind again that Casinobit admin is misleading about 100% payout! Having 2 zeroes on the roulette gives him 5.26% advantage.

[dooglus]

I want to remind again that Casinobit admin is misleading about 100% payout! Having 2 zeroes on the roulette gives him 5.26% advantage.

That depends on the payouts.  For example if he pays 37-1 for a single number instead of the usual 35-1 then it could be zero edge.  Seems unlikely though.  It would be simpler to just not have zeros on the wheel.  Makes the maths easier.

[CasinoBit]

I want to remind again that Casinobit admin is misleading about 100% payout! Having 2 zeroes on the roulette gives him 5.26% advantage.

The roulette shouldn't even be there at the moment, everything is being remade.

PR/Marketing fail itt

More like competitors trolling me but meh, it's currently in the first testing stages and we don't really care to introduce the bitcoin community to the casino. We care more about introducing people from the gambling community who are new to bitcoin to the casino.

Your game needs to be provably fair before any sane person plays it.

There is no such thing. We could show that the game on the main page probably provably fair like Satoshi. The rest of casinos are BSing about provable fairness, we might as well MD5 hash the current millisecond and provide the string to the user as "evidence".

[🏰 TradeFortress 🏰]

I want to remind again that Casinobit admin is misleading about 100% payout! Having 2 zeroes on the roulette gives him 5.26% advantage.

The roulette shouldn't even be there at the moment, everything is being remade.

PR/Marketing fail itt

More like competitors trolling me but meh, it's currently in the first testing stages and we don't really care to introduce the bitcoin community to the casino. We care more about introducing people from the gambling community who are new to bitcoin to the casino.

Your game needs to be provably fair before any sane person plays it.

There is no such thing. We could show that the game on the main page probably provably fair like Satoshi. The rest of casinos are BSing about provable fairness, we might as well MD5 hash the current millisecond and provide the string to the user as "evidence".

I'm not sure how you think the rest of the casinos are BSing about provable fairness. THEY ARE NOT. SIMPLE EXAMPLE:

Lucky Number ranges from 1 to 100. If it's less than 50, you win 2x!

SITE has a secret. Say "foo". Now if they tell the secret, then people can calculate the lucky number. So they HASH it with something like SHA256 and tell you that.

YOU has a secret too. Say "bar". You give the secret to SITE. Now site will know your lucky number since they combine your secret, with their secret. However they cannot change their secret now since they already gave you the hash.

Now do you understand it?

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

[dooglus]

Your game needs to be provably fair before any sane person plays it.

The rest of casinos are BSing about provable fairness.

What do you mean by that?  Is it that you don't understand how provable fairness works, or have you found some way the sites can cheat despite their so-called provable fairness?  If so, could you please point out how?

[CasinoBit]

I want to remind again that Casinobit admin is misleading about 100% payout! Having 2 zeroes on the roulette gives him 5.26% advantage.

The roulette shouldn't even be there at the moment, everything is being remade.

PR/Marketing fail itt

More like competitors trolling me but meh, it's currently in the first testing stages and we don't really care to introduce the bitcoin community to the casino. We care more about introducing people from the gambling community who are new to bitcoin to the casino.

Your game needs to be provably fair before any sane person plays it.

There is no such thing. We could show that the game on the main page probably provably fair like Satoshi. The rest of casinos are BSing about provable fairness, we might as well MD5 hash the current millisecond and provide the string to the user as "evidence".

I'm not sure how you think the rest of the casinos are BSing about provable fairness. THEY ARE NOT. SIMPLE EXAMPLE:

Lucky Number ranges from 1 to 100. If it's less than 50, you win 2x!

SITE has a secret. Say "foo". Now if they tell the secret, then people can calculate the lucky number. So they HASH it with something like SHA256 and tell you that.

YOU has a secret too. Say "bar". You give the secret to SITE. Now site will know your lucky number since they combine your secret, with their secret. However they cannot change their secret now since they already gave you the hash.

Now do you understand it?

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

What stops people from paralleling the SHA256 hashing on many ALUs, like GPUs for example and bruteforcing the key?

Your game needs to be provably fair before any sane person plays it.

The rest of casinos are BSing about provable fairness.

What do you mean by that?  Is it that you don't understand how provable fairness works, or have you found some way the sites can cheat despite their so-called provable fairness?  If so, could you please point out how?

How do you propose provable fairness will be implemented in Texas Holdem except using mental poker?

[casascius]

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

What stops people from paralleling the SHA256 hashing on many ALUs, like GPUs for example and bruteforcing the key?

The fact that doing so will probably take anywhere between 175 and 24395872948732987 years to complete.

Hashing is a wonderful tool that solves all sorts of problems that when solved make a provably fair casino possible.  I invite you to learn as much as you can on the topic.

[CasinoBit]

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

What stops people from paralleling the SHA256 hashing on many ALUs, like GPUs for example and bruteforcing the key?

The fact that doing so will probably take anywhere between 175 and 24395872948732987 years to complete.

Hashing is a wonderful tool that solves all sorts of problems that when solved make a provably fair casino possible.  I invite you to learn as much as you can on the topic.

This makes cracking passwords using good graphical cards very easy. Currently you can check about 310^9 SHA256 hashes per second (src), keep in mind that attacker knows salt and algorithm which you use for hashing passwords. So in one day attacker can bruteforce 310^96060*24 = 2,6 * 10^14 passwords. Assuming that password is chosen completely random from a set A-Za-z0-9 (62 different characters) in one day attacker can bruteforce password with a length of log(2,6 * 10^14) / log(62) = 8.

Still I will pass the idea up top, after we introduce the deposit/withdraw modules and the general bitcoin exchange we can add something like that as a seperate little application below every casino game.

[SgtSpike]

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

What stops people from paralleling the SHA256 hashing on many ALUs, like GPUs for example and bruteforcing the key?

The fact that doing so will probably take anywhere between 175 and 24395872948732987 years to complete.

Hashing is a wonderful tool that solves all sorts of problems that when solved make a provably fair casino possible.  I invite you to learn as much as you can on the topic.

This makes cracking passwords using good graphical cards very easy. Currently you can check about 310^9 SHA256 hashes per second (src), keep in mind that attacker knows salt and algorithm which you use for hashing passwords. So in one day attacker can bruteforce 310^96060*24 = 2,6 * 10^14 passwords. Assuming that password is chosen completely random from a set A-Za-z0-9 (62 different characters) in one day attacker can bruteforce password with a length of log(2,6 * 10^14) / log(62) = 8.

Still I will pass the idea up top, after we introduce the deposit/withdraw modules and the general bitcoin exchange we can add something like that as a seperate little application below every casino game.

And when a site uses a secret 10 characters in length, your bruteforce suddenly takes 3,844 days.  Watch out if they increase it to 14 characters, then you're looking at 155 million years!

So what makes you think a site like SatoshiDice would use an easy-to-bruteforce 8 character or less secret?  In fact, they use a 64 character secret!  http://satoshidice.com/secretlist.php

Seriously, you are doing a TERRIBLE job with PR for this site.  You come in here like a buffalo in a china shop, aggressively attacking anyone who disagrees with you, with no regard for the fact that THEY MIGHT BE RIGHT!  I would strongly suggest that you step down out of whatever public role you hold with the "company" and have someone else with a much thicker skin and who knows their cryptography step up to do the job.

[CasinoBit]

You might say, but the site knows their secret! What if they played the game THEMSELVES? They'd knew what PLAYER secret to use to win! But the only point of that is you're SCAMMING THE GAME. However if 10% of the "game" is owned by outside investors, then you can scam them. So yeah, satoshidice can scam their shareholders but not you.

What stops people from paralleling the SHA256 hashing on many ALUs, like GPUs for example and bruteforcing the key?

The fact that doing so will probably take anywhere between 175 and 24395872948732987 years to complete.

Hashing is a wonderful tool that solves all sorts of problems that when solved make a provably fair casino possible.  I invite you to learn as much as you can on the topic.

This makes cracking passwords using good graphical cards very easy. Currently you can check about 310^9 SHA256 hashes per second (src), keep in mind that attacker knows salt and algorithm which you use for hashing passwords. So in one day attacker can bruteforce 310^96060*24 = 2,6 * 10^14 passwords. Assuming that password is chosen completely random from a set A-Za-z0-9 (62 different characters) in one day attacker can bruteforce password with a length of log(2,6 * 10^14) / log(62) = 8.

Still I will pass the idea up top, after we introduce the deposit/withdraw modules and the general bitcoin exchange we can add something like that as a seperate little application below every casino game.

And when a site uses a secret 10 characters in length, your bruteforce suddenly takes 3,844 days.  Watch out if they increase it to 14 characters, then you're looking at 155 million years!

So what makes you think a site like SatoshiDice would use an easy-to-bruteforce 8 character or less secret?  In fact, they use a 64 character secret!  http://satoshidice.com/secretlist.php

Seriously, you are doing a TERRIBLE job with PR for this site.  You come in here like a buffalo in a china shop, aggressively attacking anyone who disagrees with you, with no regard for the fact that THEY MIGHT BE RIGHT!  I would strongly suggest that you step down out of whatever public role you hold with the "company" and have someone else with a much thicker skin and who knows their cryptography step up to do the job.

I am a simple website admin, I am not here to discuss cryptography or any technical related info. I am a messenger between the person above me and the average user, I reply to emails, help resolve account problems etc etc, anyone with enough braincells to comprehend the concept of internal company hierarchy will understand that no one will pay a chief security expert which works with banks (and we have access to those) 150$ an hour to discuss ciphers with 16 year old teenagers that play Minecraft.

It is clear how much competition and dirty promoting exist on these forums since I was met with sticks and stones.

I mean no disrespect but I would rather trust my money to casino 777 than Satoshi or any other "provably fair" casino which will likely loose it's bitcoins as foolishly as Bitcoinia. Those who mind don't matter, those who matter don't mind. If there are any serious entrepreneurs that are ready to invest I can easily arrange an online chat with an expert.

[casascius]

I am a simple website admin, I am not here to discuss cryptography or any technical related info. I am a messenger between the person above me and the average user, I reply to emails, help resolve account problems etc etc, anyone with enough braincells to comprehend the concept of internal company hierarchy will understand that no one will pay a chief security expert which works with banks (and we have access to those) 150$ an hour to discuss ciphers with 16 year old teenagers that play Minecraft.

It is clear how much competition and dirty promoting exist on these forums since I was met with sticks and stones.

I mean no disrespect but I would rather trust my money to casino 777 than Satoshi or any other "provably fair" casino which will likely loose it's bitcoins as foolishly as Bitcoinia. Those who mind don't matter, those who matter don't mind. If there are any serious entrepreneurs that are ready to invest I can easily arrange an online chat with an expert.

Got it.  Like Tom Smykowski.  He deals with the god damn customers, so the engineers don't have to.  He has people skills, he is good at dealing with people!  Can't you understand that?  What the hell is wrong with you people?

[SgtSpike]

I am a simple website admin, I am not here to discuss cryptography or any technical related info. I am a messenger between the person above me and the average user, I reply to emails, help resolve account problems etc etc, anyone with enough braincells to comprehend the concept of internal company hierarchy will understand that no one will pay a chief security expert which works with banks (and we have access to those) 150$ an hour to discuss ciphers with 16 year old teenagers that play Minecraft.

It is clear how much competition and dirty promoting exist on these forums since I was met with sticks and stones.

I mean no disrespect but I would rather trust my money to casino 777 than Satoshi or any other "provably fair" casino which will likely loose it's bitcoins as foolishly as Bitcoinia. Those who mind don't matter, those who matter don't mind. If there are any serious entrepreneurs that are ready to invest I can easily arrange an online chat with an expert.

If you are a simple website admin, then please stop acting like you know more than everyone else here about provably fair gameplay, etc.  It is obvious you do not, as indicated by the countless number of statements you have made in this thread that were just plain wrong.

I've highlighted more text meant to insult in your prior post, which only serves to further dig yourself into a hole.  A proper response might have been as follows:

I am a simple website admin. I am not here to discuss cryptography or any technical related info. I am a messenger between the person above me and the average user. I reply to emails, help resolve account problems, etc, etc.

It is clear how much competition exists on these forums since I was met with a good deal of adversity.

I mean no disrespect, but I would rather trust my money to casino 777 than Satoshi or any other provably fair casino. Those who mind don't matter, those who matter don't mind. If there are any serious entrepreneurs that are ready to invest I can easily arrange an online chat with an expert.

Notice how you can still get your point across without using sarcasm, implying lack of braincells in others, and guessing at their age?

It is obvious you DO mean disrespect by continually making snarky comments towards everyone here.  Revise your attitude, and maybe people will take you and your site more seriously.  People have given you good feedback and advice, and all you do is toss it in the trash and throw tantrums about how it doesn't need to be changed.  You seem to take every comment of constructive criticism personally.  I assume you want this site to succeed, but to do that, you need to grow a thicker skin, learn to take people's advice, know that you are NOT the smartest person in the room, and be the better person in any situation you come across.

Just my two bitcents.