Archive for August, 2008
Blackjack Optimal Strategy Calculator
So during my trip to Las Vegas for Black Hat 2008, I played my first game of blackjack at a casino. I had turned on the TV in my room earlier that day and happened to see a program that was explaining basic strategy in blackjack. The basic strategy is this: since ten is the most common card value that will come up, assume that every card you don’t see has a value of ten.
This is pretty simple and I was getting the hang of playing – even getting help from the dealer when I made an incorrect move. However, one situation that kept coming up was when I was delt sixteen and the dealer was showing a ten. All week I was wondering what the correct move is for this scenario, so I decided to develop a program to tell me. I didn’t get around to writing it until the plane ride home, and even then I had to rewrite it twice before it started producing the correct output, but I’m pretty sure it’s correct as it is almost identical to the optimal playing strategy found on Wikipedia and other websites.
The method behind it is actually very simple – there are six main functions: player-hit, player-stand, player-turn, dealer-hit, dealer-stand, dealer-turn.
The player-hit function returns the probability of the player winning if the player hits on the current hand. It does this by calling player-turn for each possible card that could be delt to the player and averaging the results.
The player-turn function returns the probability of the player winning in his current situation. First it evaluates whether the player is over 21 – if so, it returns zero indicating that the player loses. Otherwise, it finds the probabilities of winning if the player should hit and if the player should stand, and returns whichever is higher.
The player-stand function returns the probability of the player winning if the player accepts no more cards for this game. All it really does is call dealer-turn.
The dealer-hit function works exactly like the player-hit function.
The dealer-turn function works similarly to the player-turn function, except that the dealer has strict rules as to whether they can hit or stand – if the dealer is 16 or under, or has 17 with an ace, the dealer must hit. Otherwise, the dealer stands.
The dealer-stand function checks to make sure the dealer isn’t over 21, then it tests to see who has a higher hand value. The function returns 1.0 if the player has a higher hand, 0.5 for a draw, and 0.0 if the dealer has a higher hand.
The value of each hand is stored in two numbers: one number is the sum of all the cards in the hand (with aces holding a value of 11), and the other is the number of aces in the hand. This is done so that some aces can be counted as having a value of one if the hand goes over 21.
And that’s basically it. You can use the probability-table function to produce a table of every starting blackjack scenario which will tell you the optimal move – hit or stand. Note that the table function takes a long time to run. Also, the program assumes an infinite deck, which obviously won’t be the case for any real situation.
Blackjack Optimal Strategy Calculator
6 commentsBlack Hat 2008 & DEFCON 16
Back story
By some unexpected fortune last week I found myself in Las Vegas attending Black Hat & Defcon. Apparently there was some attempt by the heads of my office to get clearance from E&Y so that I could go, but that didn’t work out with me being an intern. I was notified about a week before Black Hat that someone was suddenly unable to go and now there was an extra ticket so I would need to make travel plans.
Cut to Monday morning; I roll out of bed at about 4:30am. After showering and throwing clothes on, I’m ready to be picked up at 5:00 to get to Newark airport for my 7:50 flight. I get a call around 5:05: the driver of my car has two flat tires, but they’re going to try to find another car in the area. The minutes crawl by until around 6:00 I get another call from the driver saying that he’s on his way. Since it takes about an hour to get to Newark airport, I narrowly made it through security in time. If the plane wasn’t slightly delayed, this trip would have started off very poorly.
We spend Monday in Houston for our ‘all-hands’ meeting with the Houston team, where many people on the team give presentations on various security-related topics. Because the hurricane was coming we decided to all catch a late flight Monday night to Las Vegas. By this time I was beat, so I checked into the hotel and went to sleep.
Spent Tuesday hanging out – later that night I gambled at a casino for the first time playing blackjack (more on that later).
Black Hat: Day One
Wednesday was the first day of Blackhat which started off with a keynote speech by Ian O. Angell about how complexity in information systems leads to increased risk. He made numerous mentions of how combining human systems with technology systems is disasertous but while eloquent in his speech, I largely disagreed with his opinion. He mentioned in one portion of his speech that we have a desire to categorize things and seemed to insinuate that this is a bad thing. This is, however, how the human brain operates which leads me to believe that it is an efficient way of interpreting reality. Yes, it may not be proper in all possible scenarios, but what is? Overall, he seemed to resent technology which made me resent his keynote.
Later I went to Dan Kaminsky’s talk on the new DNS cache poisoning attack. I had already heard about the details of the attack, but at Black Hat he went over the extent of the damage that could be caused by this attack: just about everything. Originally one of my co-workers mentioned that for anything important, such as your bank’s website, you’ll see a signed SSL certificate ensuring that the website is legit. However, Kaminsky pointed out that Certificate Authorities validate certificate purchases by way of email. So if I control the DNS entry for goodbank.com, I’ll get the mail to anyone@goodbank.com. When I get an email from the CA for my newly-signed SSL cert – bam! You think you’re at goodbank.com, you see a signed SSL certificate, but its all controlled by evil Eve. Pretty cool attack.
A cool but low-profile talk I saw was entitled ‘Return-Oriented Programming: Exploits Without Code Injection’ by Hovav Shacham. Intrigued by the title, I went to the talk and discovered how the author came up with a system for injecting not code, but instead injecting pointers to areas of memory which contained libc functions that when executed contiguously would exhibit malicious behavior. While no evil code was injected, evil behavior would be executed. He even showed how he could run a sort in a vulnerable program by injecting pointers to libc which was pretty cool.
Finally I went to a talk on how implantable medical devices have virtually no security due to battery constraints.
Black Hat: Day Two
On day two, one of the guys from the Houston office was giving a talk on ‘extreme client side exploitation’. Basically, the talk was about how the Same Origin Policy is flawed and how to exploit it using GIFARS. GIFAR is a term which comes from a file which combines a GIF and a JAR together such that the resulting file is a valid GIF and JAR (this is possible due to the way each of these files are parsed; GIFs from the top-down, and JARs from the bottom-up). On sites which you can upload your own images (facebook, myspace, flickr, etc.), you can upload a GIFAR which will live on the website’s server. By getting a user to view a webpage which has an <applet> tag that points to the GIFAR, the attacker can gain access to the private information of the user on that website.
There were some other cool talks but I think my favorite was the Quantum Spookshow. During the conference they had a room with two quantum key distribution setups inside. One setup had a web cam at one end which was sending the encrypted stream via a network connection. At the same time the cryptographic key is transmitted via photons. The receiver is able to determine if the photon transmission has been intercepted and retransmitted or not by the principals of quantum mechanics. The other setup uses quantum entanglement to transmit the key, but has high bandwidth constraints. However, it has the advantage of having a truly random key.
Defcon: Day One
Defcon was a much more relaxed conference and filled with all kinds of cool stuff. The badges for the conference were actually a device that you could connect an SD card to and transfer files to other badges via infrared. They also had a lot of physical security talks which Black Hat didn’t have. My favorite talk from Defcon was entitled, “Advanced Physical Attacks” by Eric Schmiedl and covered a wide range of topics. First the talk was about spies and how the CIA and other agencies recruit them. One of my favorite parts of the talk was how you can listen to the sound of someone typing, and determine what keys they were pressing.
I ended the day at Defcon by buying some cool merch and playing about three hours of Guitar Hero with some other cool geeks. Unfortunately I only got to stay for the first day of Defcon, but the whole trip was outrageously fun.
No comments