Hacker News new | past | comments | ask | show | jobs | submit login

Sort of maybe. It sounds like the slot machine makers are being cheap with their machines. There are such things as hardware RNG that will produce a truly random number, it's just that for most applications they're overkill. This seems like an instance where not only aren't they overkill, they're almost mandatory. They talk a bit about using encryption to protect the PRNG algorithm, but that's just a bandaid, at best it buys them a little bit of time, but ultimately it will be cracked the same way.

A hardware RNG is actually pretty cheap to make, there are actually open source (as in the circuit diagrams are available) ones floating around the internet that you can build for less than $20 worth of parts. The manufacturers probably don't want to go that far because a) compared to most of the parts in the machine it's a fairly expensive piece so it will cut into profits, b) hardware RNG function a bit different from a PRNG so properly integrating one requires a certain amount of skill, c) it isn't their problem really, they already got their money, it's the casinos that are losing, and d) it's simpler to just prosecute the handful of people doing this (for now).

e) it's much harder to be sure a hardware RNG actually does produce random outputs compared to a PRNG

That was somewhat covered by point b, but yeah, in terms of verification it's tricky to determine if a hardware RNG is actually, you know, random. The other part that makes it tricky is that most hardware RNGs don't produce enough entropy to keep a system fed during active usage so you typically need to use their outputs as inputs to more traditional PRNGs or to periodically re-seed a PRNG which was actually the main thing I was thinking about with point b.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact