GoCorp
Marriott Hotel, Gold Coast
Friday, 26th May 2000
 Final Draft
© COPYRIGHT 2000  I'll Do Anything For Money Pty Ltd
All rights reserved
Suggested Introduction

This is a big week for GoCorp. We have spent a lot of time in training. We have spent the afternoon in conference, tomorrow night the site goes live. As part of our work in getting the site up an running we have been doing a lot of work with the Government and we are fortunate tonight to have as our guest speaker, someone who has been invaluable in presenting our case in Brisbane. Will you please welcome, all the way from overseas, to tell you about what he has been up to and some of the regulatory issues he has had to deal with, Mr. David Stevens

 

Thank you for your kind introduction and thank you for your welcome to the fabulous Golden Coast. It is really great being here in Australia, or as you Aussies say, "Down Under". I just love that term…Down Under. Though I don't feel like I come from Up Over.

Oh, another thing I want to say is "G'day", I always thought of that as just some sort of advertising gimmick about Australia, but you people really do say it, so "G'day, it's great to be Down Under"

I appreciate the opportunity to talk to you all this evening because y'all are embarking on a remarkable journey into the arena of online gaming. You are standing at the threshold of what promises to be one of the great areas of internet entertainment and that, of course, means global entertainment.

Forget all night sessions playing Quake, minesweeper and other childish games, this is serious entertainment for adults. There is a lot at stake amongst the adult online population of the world and I don't think Governments really understand what is going on or are ready for it.

That is why I have been Down Under. I have been dealing with various regulators regarding security, regulations, and the myriad of other issues that are involved in setting up a gaming business, whether online or in the real world. Before I get too involved in the subject matter, let me tell you a bit about me and my background.

As you may be able to tell from the way I speak, I am not from Down Under. I was brought up in Arizona in the South West of the United States. I moved to Las Vegas in 1973 to work in the gaming industry where I started off as a blackjack dealer, but I found that I was more interested in the what was going on behind the scenes than actually dealing with the general public.

So, I moved into casino security for a while and worked my way up until I became part of the Regulatory Assessment Team for the company. Unfortunately, as part of my current contract, I am not permitted to name any of the organisations for whom I now work or for who I have ever worked, but that shouldn't make any difference to the content of my speech tonight.

About five years ago, having had enough of working for shady operators I ventured out, setting up my own shady operation. I started a consulting business, specialising in working with Governments on behalf of gaming operators. A more common name for what I do is a lobbyist.

We lobby the Government, media, community leaders and whoever needs a bit of influence cast their way. Through a series of circumstances I would rather not discuss this evening, I decided to leave the United States a few years ago.

It was just the start of the serious online gaming industry and I saw a unique opportunity to get in on the ground floor, so I moved to the Cayman Islands which is where it was all happening back then. As you likely know, the Cayman Islands is an isolated principality who have declared themselves independent of international laws. This suited me perfectly at the time.

The Caymans first came to the attention of the corporate world through offering shelf companies in what had become a tax haven. It was soon realised by those astute enough to read between the lines that there were many lucrative possibilities available using the, shall we say, "unique" structure offered by the Cayman's liberal tax regime.

That was the start of the Cayman Islands boom and it continues unabated. My life there is fairly luxurious despite the lack of modern amenities. The tax rate remains minimal, the laws are relaxed and the climate borders on tropical. Now, here I am Down Under and I have to say it is beautiful here too.

While here, I have met with some of your senior ministers and their advisors. I have appeared before the Senate Select Committee into online gaming and met with various industry organisations. Though I must admit to being a little confused about your industry representative organisation. For a while there was the Online Gaming Industry Association then it kind of vanished, and I come to Australia and there it is again. I was confused, but I have learned that in this industry, sometimes it is better not to ask questions.

Appearing before a government committee is an experience I always cherish, until the next time I have to appear. Probably very few you have ever appeared before a Senate Select Committee on anything, but let me tell you it not exactly what I would describe as fun. Politicians are a pretty sensitive lot and they ask some tough questions. They are hell bent on keeping their seat in power rather than really serving the public and finding out what is in our best interests. The good thing is that they will listen to special interest groups who can get their attention, which is the whole idea of lobbying.

In the Australian case, there was a concerted effort by the committee to be seen to be looking after the morals of people in your society and they also feel responsible about protecting the morals of those countries that allow their citizens to use online gaming facilities. Now, I don't want to spend any time covering whether or not Governments should, or even can, regulate online content, whether it be gaming, adult material or whatever. We all know what a joke it is going to turn out to be.

When it comes down to it, the purpose of all these committees of course is to shift the focus to outside activities so that no one will see what the politicians are up to themselves. You see, as I read it your Government is running scared right now because of your upcoming Goods and Services Tax, or GST. There have been all sorts of reports recently talking about how it is going to affect the price of various goods.

I know I am an outsider, but I did some research into Australian politics before I arrived. As I read it, in what ended up being a public relations disaster, your Government tried to shift everyone's attention away from the GST and onto the issue of mandatory sentencing in your North Territory. This ended up being a hotter political potato than the GST and like a hot potato the Government in Canberra dropped it as quickly as they could. But they needed something else to distract the populace.

A topic where they would be seen as supporting the public rather than taking advantage of your indigenous people for a cheap political victory. What could be better than the threat to society they see in anything online, especially online gaming. So, in the last week we have seen them waving the morals flag again and promising a freeze on online gaming licenses. Will it ever end?

Now I'm sure that your legal eagle, Scott Keddy, is just itching for a fight over this one. You can be sure that if the Government does anything to jeopardise the legitimate business activities of a company like GoCorp that has a license issued under your local legislature, Scott will be seeking huge damages on the company's behalf. (He can invest it in the Caymans if he wants)

And I have heard that Scott is a man of his word. Apparently, a letter from Michael Sarquiff from the Queensland Office of Gaming regulation in Brisbane was expected. No one except Scott believed it would arrive that day. In fact, Scott was so certain that would that he promised to run around the office naked if it didn't. Let's just hope that when Scott is suing the ass off the Government we can't see his.

But back to politicians, you all know of the various exploits of Clinton, Mugabe and even your Pauline Hanson. They are guilty of doing all the things that bring politicians into disrepute, and that is why politicians invent issues, so that they can take the attention of themselves.

The media loves it all, they lap it up. They will play up the idea that it is not safe to give your credit card number on the internet, even though millions of people give card details over the phone every day. There is no shortage of stories in the papers and on TV about how insecure the internet is, all the viruses that are being spread, paedophiles lurking in every chat room, scams designed to relieve you of all your money. But it's mostly just perception.

In fact that is one of the big problems with the online gaming industry, a few of the early operators have given the rest a bad name. I am the first to admit that the Cayman Islands has been the source of some of the problems. Who can blame people who may be interested in online gaming from being reluctant to give financial details to a company named Bets R Us in a far-off country with a bad reputation.

But things are on the change now and GoCorp, an Australian company, is leading the charge of regulated and monitored licensed online gaming providers. The fact that your Queensland treasurer has decide to issue an Interactive Gaming License is good news, but have you looked closely at the root motivation? What is the name of the legislation under which the license was issued? The Interactive Gaming (Players Protection) Act of 1998. So the license and the legislation are not really about allowing the company to run interactive services, it is about protecting the players.

The unsettling part of all this, the thing about which you should all feel insulted and be outraged over is who the Government is protecting the players from. Consider the situation for a moment and you will see that they are trying to protect the players from you. The moral campaigners aren't worried about the service providers, the modem manufacturers or the browser companies ripping people off. The finger is being pointed squarely at you, the people who write the software, operate the help desk, run the network, deal with credit card numbers.

Think about it, would you suggest to your mother that she puts up a bunch of money on the internet to play games of chance where she has no idea of the odds? If she even considered the issue of security, would she be satisfied with that offered by someone in a 3rd world location who she can't possibly contact? And, should be lucky enough to win, given the odds that may be offered, how can she be certain of receiving payment?

When you consider the scenario up until now, who can blame people for being suspicious, at the very least. But, as I am fond of saying and I will keep repeating, things are changing now that GoCorp is on the scene. However, it still comes back to the fact that the Government and players don't trust you or the system and we need to instill a strong sense of confidence in players who may be on the far side of the world, that GoCorp can be trusted. And that means, in essence, that each of you as individuals can be trusted along with the network and the games you offer players over the network.

I know you have all undergone security checks to acquire casino level accreditation, but in a modern world using modern technology, that just isn't enough any more.

One of the issues I have been discussing with Senator Alston and his band of thugs - sorry politicians - in Canberra is how we can tighten up the authentication procedure in regards to employees of GoCorp and the system used to play the online games.

There are many state-of-the-art systems that could be introduced, but they all have their flaws. And idiosyncrasies. Security starts with a sign-in at the front desk at its most simple level. Then to get a little tougher you can move up to key-cards and code-locked doors, but it isn't hard to clone a card or learn a code.

What is a lot more difficult is replicating discrete variables that are unique to the individual. The most obvious one that we all think of is our fingerprint. Each individual has a unique fingerprint, but the technology for reading the complex details of fingerprints and matching them to a database is not perfect and it is fairly slow.

Iris recognition has the same problems. Also, the fact that an individual's iris characteristics alter with age, illness and other environmental factors, like what the person has been smoking, makes it unsuitable for the level of security we are talking about here. Sure, it might be OK for use at a bank ATM, but that is different to casino security, which is essentially what we are talking about here.

One area that has been in the news recently and is something that GoCorp is about to set up in a beta test environment with a Silicon Valley company called GeneBank is a rapid and seemingly foolproof new method of identifying an individual using their DNA print.

That's right, we are going to tap in to the double helix strands of deoxyribonucleic acid, look at the basic building blocks that make up each of us and use this amazing signature to build a key that is unique to you as an individual and cannot be forged, copied, or tampered with in any way.

You may recall that DNA was used recently in an Australian town called Wee Waa. Can you believe the name of this place, Wee Waa. Who on earth thought up Wee Waa?? Anyway, they took DNA samples to help solve a vicious crime and just the fear of being caught flushed out the person responsible before all the samples had even been taken. Of course, you all know what DNA stands for don't you? National Dyslexics Association.

Over the coming month, we will be undertaking similar trials at GoCorp in co-operation with GeneBank and a new data warehouse setup by a Mr. Kerry Packer known as DataPool. Datapool has the ambitious aim to have personal public records on every Australian individual in their computer so that they can cross-reference information and target direct marketing material more effectively.

I have been assured by the ethics consultant to DataPool that in the short term they have no intention of incorporating your genetic information into their database. It will be kept in a totally separate system and used for testing purposes only. The important thing you should all keep in mind is that although you may have some concerns about personal privacy, you are giving up that fundamental right in order that GoCorp and its shareholders can gain great benefit and you should all be congratulated for that.

If any brave soul is willing to jump in the deep end, we would be happy to take our first DNA samples tonight. I should warn you that not only is the collection technique very different, to the saliva swab they took in Wee Waa but so is the collection site…let's just say I hope you are wearing clean underwear.

So, that's the personal security side of things, but what about the network? I don't think I need tell you about the potential problems faced by an online gaming service. If you think about every wannabe hacker that has tried to shift a satellite, alter the Government's home page or get free porn, then you ain't seen nothing to what they will do if they think they can gamble for nothing and have their offshore accounts credited if they win.

Paul Appleby asked me to run a few tests on the security of your system. Now this is not necessarily my area of expertise so I hired a couple of, I'll call them "IT graduates", to do some probes of various ports and we came up with some results that made Paul sit up and take notice. We set up a month or so ago with a packet sniffers hooked into a range of IP numbers hanging off an IP spoofer back end so we could cover our tracks.

It was a big non-event for a long time until one evening a week or so ago when BINGO! There was suddenly activity on one of the servers, it had been connected to the web, possibly for testing, we weren't sure, but we knew we had to act quickly. Using a proprietary tool we managed to get into the system.

We wanted to have some fun, prove a point and most importantly, not do any damage. So we found something called King of Cards that we renamed to Video and then renamed back again, so that it would have a date and tie stamp proving we had been there. We also installed a Trojan Horse that would just keep an eye on logins, collect user names and passwords and discretely send them back to us when there was heavy enough traffic so that it wouldn't be noticed.

I have a lot of respect for Phil Blackwell and his work. Paul had total confidence in what Phil and the team had produced, but I am sorry to say that I was able to demonstrate to Paul and members of the Queensland treasury that Phil couldn't secure a piece of sticky tape to the wall if he needed to.

For a start, I am not sure what you think of 128 bit encryption, but as far as the security world is concerned, it is nothing more than a joke. Paul offered a bet that even if I could get in, I couldn't crack the encryption. I guess he wasn't counting on the fact that with the internet I can distribute the work across a couple of hundred pretty powerful PCs. It took us 453 hours 26 minutes and if you want the fine details, 17.03 seconds of actual processor time to bust the encryption.

It is widely recognised that 128 bit encryption is just not strong enough any more. Most people don't know that the United States Office of National Security has 72 bit keys in escrow. I can see a few puzzled looks out there, but what this essentially means is that they have skeleton keys to these 72 bit encryption methods and with an appropriate court order, they are permitted to view any online data they wish. And we all trust the Government, to only use these tools with permission, right?

Now, if you think that is bad enough, the spooks have been working hard on cracking 128 bit encryption using National Security as their excuse, but I think it is just that they don't like secrets, no matter how innocuous they are and I say that if my team can bust your code, then you can bet that the men in black who talk into their cufflinks certainly can, whether they admit it or not. Call me paranoid, but I have been in this industry long enough that I don't trust anyone anymore.

So, after consultation with treasury officials and some outside encryption consultants from RSA, it looks like it might be back to the drawing board to up the encryption to 256 bit. Though, they will give you 6 months grace to install the tougher encryption. After long, let's call them discussions, I would call them heated arguments, a new set of licensing protocols has been adopted and signed off as recently as Tuesday of this week, but then look at what has happened since then.

As I mentioned earlier, your Federal Government has called for a moratorium, on gaming licenses. So, there I was, on a dawn flight to Canberra to talk to the powers that be. Now some of you might think that discussions with Government are about knowing the relevant laws loopholes and such things, but as anyone who has done any lobbying will tell you, it is more the art of schmoozing and marketing than of knowing anything about laws.

As Andrea Fontana is at pains to tell everyone he knows or is willing to listen, marketing is integral to the success of an online gaming venture. You can build it with the strongest security, but if no one knows about it, they won't come. However, it is questionable whether someone from Switzerland, a supposedly neutral country can be of any help in the marketing war that is about to erupt.

Obviously any industry such as online gaming will have teething problems. So, what are they? Well, the underlying mediocrity enshrined wherewith over-accommodating intermediary management impinges externally as to where fundamental objectivity is concerned altruism, while overtly and admirably welcomed in specific locations surrounding traditionally structured functionality often discriminate blatantly despite regarding the undermining intensity of unequivocally displaced occurrences in commonplace rectification while still distinguishing optimistic market recognition. Are you still with me?

Speaking of marketing, I must tell you a story about one of the sales people at Bets R Us. He was indulging in a little, lets call it, "horizontal folk dancing" with one of his new clients…am I going too fast for anyone? Suddenly and unexpectedly her husband pulled into the driveway. Since it would have been a little hard to convince him that they were discussing setting up a gaming account while they were naked he decided to attempt a rapid exit. Cut off from the door, he grabbed all his clothes and dived into the cupboard. Just as he thought he had gotten away with it, you won't believe what happened. His mobile phone started ringing. Now this guy was a good salesman, the sort of creative person that Andrea can use, because when the husband flung the cupboard door open, he handed him the phone and said "Its for you". It didn't work

One of the other interesting things that turned up while I was doing my background checks on everyone attending tonight was that Derek Locke is of New Zealand heritage. In understand that this is the equivalent of being a Canadian in the United States, but with a lower IQ. But at least Americans and Canadians talk the same language. Paul Appleby was explaining that Kiwis, as you call them, have different words to Australians. Kiwis say Jandles, you say thongs, Kiwis say Chilly Bin, you say Esky. Kiwis say blind date, you say livestock. Paul also said I might have to explain that to Derek at the baaaa.

I understand that Derek has had a pretty bad day today, but not as bad as me. For a start I have had to put on this fake American accent…