Cereus Security's Epic Fail
Unless you have been under a rock for the last couple of weeks, you have heard about the Cereus security flaw. For those that have been under a rock, there was a flaw with the encryption that Cereus used that would allow someone to view another playerâs hole cards over an unsecured wireless network. No instances of cheating have been discovered to date as a result and Cereus quickly changed their encryption over to a SSL based encryption. They are currently investigating to see if anyone used this flaw to exploit other players.
Apparently the old UB software used SSL and in addition, this old encryption âslipped byâ the auditors. Câmon guys at Cereus. With all that has went on in the past with UB and AP, donât you think that it would have been in your best interests to do everything possible to make sure that a situation like this does not come up.
I donât care if this is considered a âminorâ flaw and that it was corrected quickly. The fact remains that a site that has a history of cheating allowed a flaw to pass that could have started another scandal.
Look at it this way. If an embezzler gets out of jail, odds are that he is not going to get a job handling money again. If a child predator gets out of jail, red flags are going to be raised if he takes a job near a school or if he starts hanging around a place with a group of children. If a site has a history of cheating, then the suspicion of cheating is always going to be there.
Yes, it is true that UB has supposedly taken the steps to correct this problem and to prevent it in the future. It is true that they have hired people to actively test and hack the system. However, wasnât the new network from the beginning supposed to be the greatest thing since sliced bread and provide users with greater security?