but if the site uses a random number generator then the site itself doesn't know what cards are coming next
I studied internet security witin my degree last year and I posed this exact question. The lecturer himself plays online poker. there is a consortium (can't remember the name) that regulates poker sites etc. There is deffinately one for the united kingdom and united states which makes sites such as will hill and paradise poker safe. Random number generators are just that random, so not even the site itself can determine what is coming next....
well not totally - computers can't actually generate random numbers, they are just forumulated from complex mathematical operations which are "seeded" (i.e. the complex mathematical sequence's start point), from the elapsed time in seconds from 1st Jan 1970 (which hence should always be changing). If you know the seed, and plug it in to the formula - normally called something like rand() - you
always get the same sequence of numbers. Hence in geek-monkey school they're called pseudo-random numbers, because they ain't really random at all, just reaaaally hard to reproduce if you don't know what started them off.
Its damn near impossible to obtain any of that information anyhow. On top of this what you see on the screen in front of you when you play is a thin-client, i.e. the program running on your computer, that talks to the company's poker server, has hardly any information being sent to it - only your cards, and the betting. Everything else
should be inaccessible to the outside world, and only known by the server itself. This is how the software would be written, and only someone who actually coded the thing in the first place would have any chances of putting back doors in. Its in the company's interest to make the thing as solid as possible - they make enough off the rakes anyhow to risk possible bankruptcy from legal action by its members if it ever turned out something was awry.
Given all of this (and the fact that a lot of peeps might not have understood diddly squit of the last 2 paragraphs) I can't see how it is possible
at all to cheat, without access to a company's internal admin software (which would have to be lousily written) and an admin internal account registered with it. I mean, as with anything, its always possible, but the chances are bloody remote.
More chance of someone working
for a poker company would be on the fiddle.