Re: Up to 22.5x your Bitcoins! Play instantly! No waiting for blocks to confirm!

Quote from: indicasteve on August 06, 2011, 01:07:51 AM

I think the owner of that site is setting himself up for a fail.

The owner heard about my concerns and has taken the site offline.

His mybitcoin.com userid and 'secret' were also exposed in plain text javascript on the site...but I guess that don't matter anymore anyway.

If he has ANY of the game logic running in javascript on the client side, he is doomed. If the game runs in the client, it would be trivial to edit the code and cheat.

I think there are some firefox plugins that allow you to step through a javascript as its running and edit it along the way as you please.

I've read the front-end js source code, there's not much you can do to hack it. Everything validates at the server through Socket.IO. I've entered bogus withdraw requests for funds that I don't have and the server didn't allow it.