Slashdot Mirror
Computerized Betting System Proves Vulnerable
count3r writes "A front page article in today's New York Times reports that an employee of Autotote has been fired for (allegedly) hacking the system responsible for 65% of all horseracing bets in North America. The caper, if it is indeed a caper, resulted in a series of six bets that paid a total of $3,000,000 in last Saturday's Breeders' Cup."
Or why don't we look at one of the many articles that don't require registration. Darn NYTimes.
actualy that is still too much, that amount will still throw the books off enough to raise red flags.
it may take them a while to track it down to you but they'll know something is wrong and start looking.
if you don't get greedy you could do it for along time. the key is to not throw the books off and get thier attention.
say a hundred bucks a day it depends on what kind of money they take in.
that would at least cover your BEER!
A lot of people make a lot of money on internet gambling sites without breaking a single law. The people who play online poker suck so bad compared to professional poker players that it is like printing money for anyone who plays the game seriously. I suck which is why I don't play, but a lot of people are willing to give up there hard earned money to a redneck who has played poker since before he could write.
It may not get you $3M, but they won't have to work anymore, and they don't get put in FPMA prison.
Slashdotter are stupid and biased.
Worker Dismissed as Inquiry Widens Into Big Racing Bet
By JOE DRAPE
As the authorities investigated whether an exotic bet worth $3 million on last Saturday's Breeders' Cup horse races was rigged, the company that processed the wager said yesterday that it had fired a "rogue software engineer" who exploited a weakness in its system.
The company, Scientific Games Corporation of New York, said it had turned over the employee's name and evidence of potential wrongdoing to the state police and state wagering officials.
The employee attended Drexel University in Philadelphia with the winner of the bet, racing officials and a state investigator said.
The head of the company, Lorne Weil, said the worker had the access and know-how to breach the system run by the company's subsidiary Autotote, which processes 65 percent of racing wagers in North America.
Industry and law enforcement officials said that the F.B.I. had joined the police and the New York State Racing and Wagering Board in the inquiry of the wager, known as a pick six, which requires bettors to pick winners in six straight races. Payoff on the bet, made through the Catskill Off-Track Betting hub by telephone from Baltimore, has been held up.
Investigators are also looking into whether there have been questionable payoffs at other tracks. "This goes beyond one afternoon and the East Coast," said an investigator, speaking on condition of anonymity.
Though Mr. Weil tried to calm investors in his conference call yesterday, his disclosures pointed up the vulnerability of the $14.5 billion-a-year betting industry for which consumer confidence is crucial.
As racing has become more reliant on off-track and telephone betting, it is also depending more on a network of computers that link tracks and off-track sites. If the systems are proved flawed, or susceptible to manipulation, it could scare off bettors worried about the integrity of the process.
"There needs to be total review of the system so everyone can feel good and see that these things are not widespread," said Bill Nader, a New York Racing Association vice president. "Without integrity in the way a wager is processed, we don't have a sport."
The case in question involves the pick six bet on the last six races of the Breeders' Cup, horse racing's season-ending championship. The entire winning pool was held by Derrick Davis, a 29-year-old Maryland man who made the bets by phone.
Investigators are looking into whether the computer system was manipulated so that a bet made after several races had been run would appear to have been made beforehand.
Though Mr. Weil did not name the dismissed employee, the state investigator and racing officials identified him as Chris Harn, 29, who worked in Autotote's offices in Newark, Del.
Mr. Davis owns a Baltimore-based computer networking business, Utopian Networks Inc., but said yesterday that he was a knowledgeable bettor whose winning tickets were legitimate. "I didn't do anything wrong here," he said, refusing to elaborate and referring questions to his Baltimore lawyer, Steven A. Allen. Mr. Allen said his client was cooperating with the authorities and had nothing to hide.
"He is caught in the middle of a maelstrom," Mr. Allen said. "As far as he's concerned, he made a legitimate bet. The race was run, and he won, and he should have received his payoff. And that should have been the end of it. Now, instead, there's an investigation, people are making a variety of wild accusations, and his reputation is being sullied for no good reason."
Thomas Davis, Derrick's father, said his son grew up in Baltimore and attended engineering school in Pennsylvania, but would not be more specific. "I just think it's like the equivalent of his hitting the lottery," the father said. "I know in the bottom of my heart that it's a legitimate bet."
Stacy Clifford, a spokeswoman for the state wagering board, would not comment on the personnel involved in the investigation or its progress.
"The board routinely involves other organizations in its investigations and will involve law enforcement if it feels appropriate," she said. "They fired this person in connection with what happened Saturday, and since we're investigating what happened Saturday, we're certainly looking into it."
What started the investigation last Sunday was the configuration of the winning tickets and that they belonged to one bettor, Mr. Davis, who called his bets in by phone to the Catskill OTB hub, one of five regional corporations that, with New York City OTB, handle off-track bets in New York.
The winning tickets featured "singles," or races with only one horse selected, in the first four legs of the ticket, and then every horse in the final two races. On a $2 ticket, those combinations and strategy cost $192.
Mr. Davis bet a $12 pick-six ticket, or played that exact combination six separate times, costing him $1,152. It was a highly unusual strategy for betting the pick six -- horseplayers like to cover as many combinations as possible -- and the configuration raised suspicions of New York Racing Association officials, who alerted Breeders' Cup Ltd. and the state wagering board.
Mr. Davis had opened the Catskill OTB account within two weeks of the Breeders' Cup, had deposited money on five occasions -- four increments of $500 and one of $250 -- but had not made a bet until that pick six, according to investigative sources.
The six winning tickets were each worth $428,392. In addition, by including every horse in the last two races, the bettor collected 108 of the 186 consolation payoffs for hitting five of six winners; each consolation ticket was worth $4,606.20.
After an initial review on Monday, officials for Autotote and Catskill OTB said the tickets were recorded about 20 minutes before the first leg and appeared legitimate. But after further review, Mr. Weil said, the company determined that the fired employee had taken advantage of a weakness in the processing of bets.
While the tickets were logged and totaled at satellite sites such as Catskill OTB, they were not transferred to the host site, Arlington Park outside Chicago, until after the fifth race when the exact bets were verified. In this state of limbo, Mr. Weil said, the employee, who had the password to the data system, was able to alter the ticket after the results of the first four races of the pick six were known.
When Scientific Games announced the firing, trading in its stock was suspended on Nasdaq for more than 20 minutes. The stock closed at $7.62, down 57 cents. Mr. Weil maintained he was confident Autotote's systems were impenetrable to outside hackers.
"I think people see this for what it is -- a rogue individual bound and determined to exploit the only weak link we see in the system so far," he said.
Also, the ocean is wet, and there is porn on the internet.
Just so you know.
Hopefully this gets read so here goes.
The scandal you are thinking of did occur in Vegas years ago. The person in question was a programmer for a gaming machine company. What he did was write code for a video poker machine such that when a certain combination of betting occured, it would payout its highest amount.
This person then told a friend about this setup. The friend then went to the machine in question and did what was required. He of course won.
The problem came when, instead of simply taking the winnings and leaving, he had it sent to his room. Problem was, the room was not in his name but rather than name of the programmer.
The LV Gaming Commission investigated and found out what was going on. Both men were arrested and charged and found guilty.
There was another instance of the Keno being rigged but my memory is not as clear on that one other than the combination of numbers had never come up prior to this winning ticket. Ever. In the entire history of Vegas gambling.
Warning bells went off and an investigation ensued and the culprits were found and prosecuted.
The problem is that betting is all pool driven.
A lopsided payout will be noticed, not because someone one, people always win in a properly booked race/game/whatever, it is that the payout was disproportionate to the take.
If you make your book properly, you aren't making money off of people losing their bets, you make money off of the vig. Your payouts and take should roughly be equal if you did your books right.
A horse isn't a 100:1 long shot because the book maker thinks its a bad horse. The horse is a 100:1 long shot, because off all the betting dollars, only 1 out of every 100 dollars was bet on that horse.
The only way the house wins is to avoid making stupid bets. How does the house avoid making stupid bets? By nt betting. If I make sure that the other 99 dollars are going to cover your 1 dollar bet, and I collect the 10% vig from the losers, I make money, and don't have to worry about the long shot.
Legalized horse betting does the same thing, except since they can't charge a vig to the losers, they don't make a 100% payout. That way, no matter who wins, they have made sure they can cover the bets, and still make a profit. In this scenerio, the winner pays the vig in the shape of the odds aren't as high as they should have been, the winner didn't win as much as was proportionally alloted to him.
The reason why this was a dumb scheme, and the reason why they got caught is pure math. The track paid out more money then they took in, and immediately knew something was amiss. If the systems worked properly, that can't happen. Long shots hit all the time, even 100:1 long shots, but if your computer system adjusted the odds according to the bets made before post, you won't lose money.
The fact that they changed the bet afterward means that the odds were wrong. Of course most people don't realize these subtelties to book making, so probably thought it wasn't a dumb mistake.
It's still confusing no matter how many times I read it, but it sounds like he made six identical bets, when the point of the pick-six ticket is to place several different bets on one ticket. Anyone who can clarify this a bit more, please do.
Scientific Games also does lotteries. Here is how they are rigged. Only the gangsters running the rackets make money from gambling.
The Uncoveror: It's the real news.
That is in a different pool altogether, still a pool bet, just a seperate pool. You don't get credit for winning 6 times in a row, unless you explicitly say you are going to win 6 times in a row by making a super-6 bet, and the track (or book maker) has a pool set up for those 6 races.
These bets are usually called Quinella's, daily doubles, trifectas, etc.
And I will be taken to task that of these names , I only stated one that is a multiple race bet(daily-double), but the idea is still the same.
If I make a trifecta (first three horses of a given race) bet on horses 1,2, and 4, none of my money goes to affect the odds paid out on the #1 horse, or the #2 horse, or the #4 horse. Instead, all my money goes to affect the odds pay out on the 124 trifecta.
Some people will try to argue that payouts on these bets do actually have something to do with the odds of a given horse. That simply isn't the case. If three long shots come in first second and third, the pool will be high, and the winner will be paid a high win.
This isn't because the #1 horse had straight odds of 100:1. It is because of the same reason that the #1 horse had 100:1 odds, but not tied to the odds itself. If only 1 person in 100 think the horse will win, probably only 1 person in 100 will think it will be the lead horse in the top 3 also.
Or to bring it back to your original question, if I pick 6 long shots, and they all win, the chances that anyone else picked those same 6 long shots is minimal. You can't win more than the sum total of all bets though.
So even if you placed a super 6 bet, and each horse that won was a 100:1 long shot, but you were the only one that played the super-6 that day, you won't win anything but your bet back, because the odds of that bet is 1:1. The chances of this happening are probably less than me actually getting lucky tonight, but you get my drift.
You've got a great memory - that was 6 years ago. :-)
Here's the story from "The Risks Digest" ("Forum on Risks to the Public in Computers and Related Systems").
Basicly, they caught the guy, and then released him and even gave him the money back with interest.
The "source" of the problem? A missing clock that was supposed to seed the random number generator. Thus, upon rebooting (every morning I suppose), the same number sequence would be generated as the seed would be the same...
Greg
Loopsh of fury.
are you saying that the odds are set (or changed) *after* people place their bets? If so, isn't that fraud? If not, how do they know beforehand how much people will bet on each horse?
In horse racing, yes. The final odds are not known until after all the betting has ended, right at the start of the race. The track's computers tally up all the of the money bet on each horse, take out the vig (usually 18% or so on straight win bets, more on more exotic bets), and then determine how much to pay back to each winning ticket.
It's not fraud at all, it's how pari-mutual betting works. Bettors understand that all the money bet will be placed in the same pool... the money I bet now joins money previously bet, and the money bet in the future will be added to that. It's common to bet a horse at 4-1 odds, and at post time the horse is only 3-1 or perhaps 6-1.
Just as a simple example (no vig), I can make a bet a 10 minutes before post time, at which time $250 has been bet on Citation, and $750 has been bet on Secretariat. Thus, at this time, Citation pays 3-1. When the race goes off, a total of $1000 has been bet Citation, and $2000 on Secretariat. Now Citation is only 2-1. Doesn't matter that he was 3-1... only that in the final pool, he is 2-1. Sometimes it goes in your favor, sometimes the other way.
In the end, this is the most fair... every player is betting against each other, not the house. No bookmaker is required to keep all the odds in line, the pool does it automatically. It also means that tracks aren't afraid of successful players, because they take a percentage of every dollar bet, win or lose. The track just wants to keep the total amount bet as high as possible.
This does not affect the profit or loss of the racetracks and pari-mutual organizations ONE CENT. The pool for the pick 6 wager was $4,569,515... and the track is obligated to pay that amount back, less a "hold" percenatge (that the revenue for the track).
If this guy's winning tickets are disqualified, it will only increase the amount paid back to those who legitimately won. I'm guessing because I don't know the exact hold percenatge, but there were probably 8 or 9 winning tickets, each paying out $428,392. 6 of them belonged to the man in question. If his tix are disqualified, it will only mean that the $2.5 million that they were worth will be disrtibuted among the valid winners.
Under no circumstances will the racetrack make or lose any extra money as a result of what happens. If there were no other winners, the pool would either be carried over, or paid to the consolation winners (5 of 6). Most tracks employ the carry-over (to the necxt day), but this is the Breeder's Cup, which is a special, nationwide, once-a-year event, so the rules may be different.
The reason why this was a dumb scheme, and the reason why they got caught is pure math. The track paid out more money then they took in
No, the win did not pay out more than the track earned. Each winning ticket paid $428,392 from a pool of $4,569,515, which means that there were probably 8 or 9 winning tickets in total, nationwide. The guy they are investigating had 6 of them.
Having 6 of only 9 winning tickets is obviously unusual. His betting strategy is even more unusual... making single selections for 4 races, then "wheeling" then entire field for the last 2, which means if the first four come in, he's guaranteed to win. Combined with the "flaw" in the system which doesn't report the ticket to the central database until after the fourth race, this is an obvious red flag. Finally, making the same bet 6 times is simply stupid. It's the same as buying 6 lottery tickets with all of the same numbers... the only justification is to increase your percentage of the winner's pool if you KNOW you are going to win.
Think of recent Powerball lottery wins... if they announce there were 6 winners, and one guy shows up with 4 of the winning tickets, it's going to raise eyebrows.
Had this guy never made these wagers, most likely there would have been 2 legit winners, each of whom would have won about $1.8 million (or maybe 3 winners each getting $1.2 mil). Instead, since there were a lot more winning tickets, the payout on each was reduced to only $428 thousand.
Again, the track didn't lose anything, and if they disqualify his tickets, the money will get paid to the legit winners. That's how pari-mutual wagering works... the total pool is calculated, the house percenatge is taken out, and everything left is split among the winning tickets. When there are 9 winning tickets, each one gets paid less than if there were 3 winning tickets. The racetrack is unaffected. The legitimate winners are the victims.