Allegation: Lottery Official Hacked RNG To Score Winning Ticket

← Back to Stories (view on slashdot.org)

Allegation: Lottery Official Hacked RNG To Score Winning Ticket

Posted by timothy on Tuesday April 14, 2015 @02:09AM from the his-number-was-up dept.

SternisheFan writes with this excerpt from Ars Technica about what may be the most movie-worthy real-life crime story of the year so far: Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."

342 comments

Min score:

Reason:

Sort:

Honestly ... by gstoddart · 2015-04-14 02:12 · Score: 5, Interesting

I'm actually surprised there haven't been more cases of insiders rigging lotteries.
I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.

--
Lost at C:>. Found at C.
1. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:18 · Score: 0
  
  I'm actually surprised there haven't been more cases of insiders rigging lotteries.
  I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
  I had always thought, like so many lotteries for random things, that those associated with the company, even by merely being a family member of someone that is employed by them, makes it so that they can not participate in the drawings. It is so common place of a rule, I thought it was required by federal law. I suppose it isn't.
  Well, if they can't catch him, good on him. I'm certain they will add the law / rule during this trial.
2. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:19 · Score: 5, Insightful
  
  You don't see it more often because only idiots actually try to skim the lottery via the actual lottery.
  The ones who get away with it are the guys taking it out of the account via the budget (usually for a tax break for their large donors), or taking bribes from shop owners who want to sell tickets.
3. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:22 · Score: 0, Troll
  
  I don't know. I modded it insightful.
4. Re:Honestly ... by LordWabbit2 · 2015-04-14 02:25 · Score: 1, Flamebait
  
  Erm, firstly that's racist, and second wtf does it have to do with anything?
  
  If a company cant trust it's IT department it's screwed. I've worked in environments with billions, I had to get a security clearance to work there.
  Most financial institutions will not hire someone who is black listed, too much temptation for them.
  
  --
  There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
5. Re:Honestly ... by truesaer · 2015-04-14 02:27 · Score: 1
  
  If you're going to steal $14 million you'd think you could at least figure out a way to not claim the winnings yourself. You need a trusted co-conspirator. It seems like if this guy hadn't been so obvious about it the plan would have worked just fine. So I wonder how many rigged lottery drawings have never been caught due to slightly more clever criminals?
6. Re:Honestly ... by gstoddart · 2015-04-14 02:28 · Score: 3, Informative
  
  I had always thought, like so many lotteries for random things, that those associated with the company, even by merely being a family member of someone that is employed by them, makes it so that they can not participate in the drawings.
  Of course they do, for the obvious reasons.
  
  The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney. In January, Tipton was charged with two counts of fraud. The allegations that he used his insider access to tamper with the RNG were first made in the court documents filed last week.
  It's not like he walked up and tried to claim the ticket personally.
  It is required that people not be able to participate. But someone went to great lengths to do this at arms length from themselves.
  
  --
  Lost at C:>. Found at C.
7. Re:Honestly ... by bondsbw · 2015-04-14 02:30 · Score: 4, Insightful
  
  Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:
  1) Casino boss invites high ranking government official.
  2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
  3) Official wins jackpot
  4) Boss wins jackpot (figuratively)
  You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
8. Re:Honestly ... by Shakrai · 2015-04-14 02:33 · Score: 5, Funny
  
  You need a trusted co-conspirator.
  Those words are mutually exclusive. :)
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
9. Re:Honestly ... by colfer · 2015-04-14 02:35 · Score: 2
  
  Yep, from TFA: "The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney."
10. Re:Honestly ... by TheCarp · 2015-04-14 02:36 · Score: 3, Insightful
  
  Maybe more people who do it are at least somewhat smart about how they employ their tools? It sounds like this guy did a lot of upfront planning, but then failed at some of the most basic precautions. Why would he be caught dead anywhere near a lotto point of sale during such a caper? Surely that many millions justifies an accomplice to do the actual ticket purchasing and crying in front of the media, and the promising to help grandma and the community.
  Note the implication in the article talking about rootkits....they clearly didn't find the actual software. If he hadn't been caught on video buying the ticket they would have little to go on.
  
  --
  "I opened my eyes, and everything went dark again"
11. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:39 · Score: 0
  
  The difference is that this guy got caught. I have heard reported stories of people that have been showing up to cash tickets at much higher frequency than the odds would allow but the trail kinda peters out there since they can't seem to prove any crimes have been committed.
12. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:40 · Score: 1
  
  aren't you the same race that thought the earth was square
13. Re:Honestly ... by Mr+D+from+63 · 2015-04-14 02:42 · Score: 2
  
  It might justify an accomplice, but finding one is very risky. Most folks will not want to participate and be compelled to turn you in just to protect themselves. I guess it would be easy enough to pay a guy to get your ticket for you. A better disguise may have helped.
  
  What is really hard is getting the money in the end and not being noticed.
14. Re:Honestly ... by Holi · 2015-04-14 02:43 · Score: 1
  
  Who trusts software for lottery drawings? Isn't that why G-tech uses the air driven ping pong ball setup for their drawings?
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
15. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:44 · Score: 1
  
  It sounds like this guy did a lot of upfront planning, but then failed at some of the most basic precautions.
  Shit. These guys always do that. They always mess up some mundane detail.
16. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:46 · Score: 1
  
  Way to read the article doofus.
17. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:49 · Score: 0
  
  need and trust? Agreed. That's why the market should never be fully responsible for essentials.
  (As far as lottery tickets go, though, idgaf.)
18. Re:Honestly ... by TWX · 2015-04-14 02:49 · Score: 5, Insightful
  
  There was a game somewhere that was proven to have software so faulty that it wasn't even capable of 'drawing' one of the possible numbers that players could choose.
  
  Computer-based random number generators are just about the worst possible way to conduct a lottery. They're not random, they're subject to tampering, they're only understood by a few people, and their function while operating cannot be observed by the public. They also aren't exciting.
  
  Machines that dump a bunch of balls into a spinning drum and then start pulling those balls out look cool on TV, plus they can be inspected, the public understands how they work, their operation is transparent, and because of the nature of the beast, are about as random as one can get within the context of a machine doing the drawing.
  
  --
  Do not look into laser with remaining eye.
19. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:57 · Score: 5, Interesting
  
  http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal
  Nope, balls don't work either.
20. Re:Honestly ... by Anonymous Coward · 2015-04-14 02:57 · Score: 1, Funny
  
  Erm, firstly that's racist ... Most financial institutions will not hire someone who is black
  
  Make your mind up.
21. Re:Honestly ... by causality · 2015-04-14 02:59 · Score: 1
  
  Politicians can literally transform your hopes and dreams into money lining their wallet.
  How could you tell?
  
  --
  It is a miracle that curiosity survives formal education. - Einstein
22. Re:Honestly ... by someone1234 · 2015-04-14 03:02 · Score: 4, Insightful
  
  You could ask any street urchin to buy a ticket for you.
  He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
  
  --
  Patents Drive Free Software as Hurricanes Drive Construction Industry
23. Re:Honestly ... by operagost · 2015-04-14 03:03 · Score: 4, Insightful
  
  Yeah, but he purchased the ticket himself, assuming the authorities are correct. He must have not even bothered to wear any kind of disguise, because convenience store cameras are usually so bad you can't even tell whether a perp is human.
  
  --
  
  Gamingmuseum.com: Give your 3D accelerator a rest.
24. Re:Honestly ... by Anonymous Coward · 2015-04-14 03:03 · Score: 0
  
  Erm, firstly that's racist, and second wtf does it have to do with anything?
  If a company cant trust it's IT department it's screwed. I've worked in environments with billions, I had to get a security clearance to work there.
  Most financial institutions will not hire someone who is black listed, too much temptation for them.
  you are a racist fool
25. Re:Honestly ... by timothy · 2015-04-14 03:05 · Score: 1
  
  a) That's a funny word to title that comment with ;)
  b) I wonder how many such schemes *have* been effected; maybe some smart lotto cheaters have done so with much smaller jackpots, gotten their closest conspirators to actually buy the tickets, etc.
  
  --
  jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
26. Re:Honestly ... by Adriax · 2015-04-14 03:07 · Score: 2
  
  Your first 4 words answered your own question.
  It's just random racism. A troll post designed to elicit a predictable response so the trolls can convince themselves they're some kind of puppet master and therefor superior.
  Since they're protected from meaningful responses by internet anonymity, just ignore them. And if you feel the overrhougiding need to respond, keep it short and simple.
  Don't respond with humor though. That can be misinterpreted as a kindred spirit agreeing with them and getting in on the action.
  
  --
  I don't suffer from insanity, I enjoy every minute of it!
27. Re:Honestly ... by OzPeter · 2015-04-14 03:26 · Score: 4, Interesting
  
  This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened.
  There was a case in Australia* with an a gaming machine based on a horse race scenario. Someone started winning big on it, and when the investigation was done it was discovered that when the game was not actively being played, it displayed a "demonstration" game .. that turned out to be the next real game that would be played (or some such). So all you had to do was to wait until the demo came on, then then when it finished, bet on the horse that one the demo.
  A perfect example of stupidity in the place of malice. So while your reasoning is potentially valid (and with a nod to Dennis Ritchie and his paper on trusting compilers), there is a broader set of reasoning to be against electronic gaming.
  * Writing from memory because I can't be bothered hitting google.
  
  --
  I am Slashdot. Are you Slashdot as well?
28. Re:Honestly ... by Anonymous Coward · 2015-04-14 03:34 · Score: 0
  
  Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:
  1) Casino boss invites high ranking government official.
  2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
  3) Official wins jackpot
  4) Boss wins jackpot (figuratively)
  You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
  A suitcase of cash is just as untraceable, and costs a hell of a lot less than running a casino.
29. Re:Honestly ... by itzly · 2015-04-14 03:36 · Score: 1
  
  http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal
  You could fix the ball machine and its procedures easier than you can get a computer to function properly.
30. Re:Honestly ... by ShanghaiBill · 2015-04-14 03:40 · Score: 4, Insightful
  
  Another reason you don't see it more often, is that most lotteries don't use a software RNG. Many use labeled ping pong balls, in a transparent container, that are selected in front of a live audience, and broadcast on TV in real time. That is more difficult to rig.
31. Re:Honestly ... by IronChef · 2015-04-14 03:41 · Score: 5, Informative
  
  I worked for years in a slot machine company, and the scenario you propose would be difficult to execute. That sort of thing was easier in the old days when machines used socketed ROMs ... but today it's increasingly server managed and cryptographically signed and there is simply no way for the owner of a machine to flip a switch and rig the game.
  A game will have several payout selections, like 95.6%, 98%, etc. and you can choose among them, but that is about it.
  Slot manufacturers are under the microscope and will not jeopardize their licenses by making it easy for owners to rig games--at least in the US. The industry is HIGHLY regulated and multiple third party labs are involved in certifying the products.
32. Re:Honestly ... by RevWaldo · 2015-04-14 03:48 · Score: 1
  
  That was for six balls, not 40. And you can certainly put a myriad of safeguards in place to protect them from tampering, and to check them before and after the drawing. (Right off the top of my head, run an unofficial draw right before the official one and look for improbable results, like the same draw happening twice.) Put the folks that handle Las Vegas security in charge of them and see how far an interloper would get.
  
  .
  
  --
  Prisencolinensinainciusol. Ol Rait!
33. Re:Honestly ... by Anonymous Coward · 2015-04-14 03:50 · Score: 0
  
  But it has been rigged, there's video of this old lady doing some sort of ball switch.
34. Re:Honestly ... by Lumpy · 2015-04-14 03:55 · Score: 1
  
  Because smart people would not be as stupid as this guy.
  They would have never suspected him if someone that was not related to him in any way purchased the ticket and collected the winnings. He instantly because the focus of an investigation the second he won. Even if he was 100% innocent they will look at someone that has access to ANYTHING in the system with a fine tooth comb and a magnifying glass.
  If I was to do it, No chance in hell I would be anywhere near the buying of the ticket or the collection of the winnings.
  
  --
  Do not look at laser with remaining good eye.
35. Re:Honestly ... by Lumpy · 2015-04-14 03:57 · Score: 1
  
  No but he was a dipshit that bought the ticket. 100% rookie move.
  
  --
  Do not look at laser with remaining good eye.
36. Re:Honestly ... by Lumpy · 2015-04-14 03:57 · Score: 4, Funny
  
  I filled it with new balls all with the same number.... I CANT LOSE!
  
  --
  Do not look at laser with remaining good eye.
37. Re:Honestly ... by Anonymous Coward · 2015-04-14 04:07 · Score: 0
  
  Actually, it's for 30 balls, not 6.
38. Re:Honestly ... by Anonymous Coward · 2015-04-14 04:09 · Score: 0
  
  Good RNGs are sufficiently random if they can collect enough entropy from their surroundings. The problem with many (not all) software RNGs is that they don't accrue enough entropy from sufficiently random sources in and around the computer to actually be as good as they think.
  Tamperproofing is possible, but expensive. I know somebody with a chip that will zeroize itself if anyone attempts to open it and even fancy scans won't work. It uses a number of proprietary technologies and is protected from a lot of different conditions (vibration, exposure to different atmospheric conditions, attacks on the power source, physical intrusion, thermal changes, EM changes, etc).
  Most gaming companies don't have access to that sort of tech (or at least don't avail themselves of it).
39. Re:Honestly ... by jeffmeden · 2015-04-14 04:15 · Score: 1
  
  I'm actually surprised there haven't been more cases of insiders rigging lotteries.
  I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
  How would you know if there were, and they were getting away with it?
40. Re:Honestly ... by jeffmeden · 2015-04-14 04:18 · Score: 2
  
  Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:
  1) Casino boss invites high ranking government official.
  2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
  3) Official wins jackpot
  4) Boss wins jackpot (figuratively)
  You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
  There (should be) a paper trail of payouts to any winner from any casino, for tax purposes. The distinction that a mechanical vs electronic device was "rigged" is totally secondary to that fact. If this was skirted, then several other laws were also broken that day.
41. Re:Honestly ... by Immerman · 2015-04-14 04:18 · Score: 1
  
  Hell, you wouldn't even necessarily have to rig the machines - unlike analog machines which are completely governed by chance, digital machines are *required* to maintain a certain payout ratio to prevent rigging in the house's favor. Hence the subset of people who hang out around the slots waiting for a shot at a machine that hasn't paid out in a long time. And nobody is in a position to monitor which machines are getting especially "hot" like the boss.
  
  --
  --- Most topics have many sides worth arguing, allow me to take one opposite you.
42. Re:Honestly ... by Immerman · 2015-04-14 04:23 · Score: 1
  
  > They're not random, they're subject to tampering, they're only understood by a few people, and their function while operating cannot be observed by the public. ...and there you've just listed several reasons why someone might want to use a computer-based RNG for a lottery. Or for that matter electronic voting machines. So much wealth/power flowing through something so easily tampered with... if you're one of the people in a position to easily tamper with it, why *wouldn't* you want that?
  
  --
  --- Most topics have many sides worth arguing, allow me to take one opposite you.
43. Re:Honestly ... by penguinoid · 2015-04-14 04:28 · Score: 1
  
  I'm actually surprised there haven't been more cases of insiders rigging lotteries.
  Maybe that's because most insiders clever enough to rig the lottery, are also clever enough to have someone not immediately suspect collect the winnings. If someone p0wned the random number generator and then gave the occasional seemingly unrelated unknown person the number in exchange for some of the money, how would you know? Sure, eventually someone might figure out that people are doing better than chance, but that would take a long time for the statistics to accumulate.
  
  --
  Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
44. Re:Honestly ... by Anonymous Coward · 2015-04-14 04:29 · Score: 0
  
  He should have hired someone to buy it for him. Find a bum, make sure he's drunk so his memory will be hazy and then offer him $20 to go in and buy the ticket. Give him a fake fortune-cookie strip with the lotto numbers on the back so he won't make a mistake.
45. Re:Honestly ... by timelorde · 2015-04-14 04:32 · Score: 1
  
  ahem...
  
  s/Dennis Ritchie/Ken Thompson/
  
  kids these days. no sense of history.
46. Re:Honestly ... by wisnoskij · 2015-04-14 04:35 · Score: 1
  
  Well most people would have enough sense to have someone else win the lottery. In fact the best way would probably be to just sell the number to a middle man who would take a cut of some complete stranger who never even heard of the inside guy.
  
  --
  Troll is not a replacement for I disagree.
47. Re:Honestly ... by djbckr · 2015-04-14 04:36 · Score: 1
  
  Legitimate question: Does https://www.random.org/ seem to be a good place to get *really* random numbers? I'm curious if it's suitable for reliable random number generation. Based on the site it seems so, but I was wondering if somebody smarter than me could answer that with some degree of confidence.
48. Re:Honestly ... by HornWumpus · 2015-04-14 04:39 · Score: 4, Funny
  
  I don't believe any slot machine only takes 2% house odds.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
49. Re:Honestly ... by wisnoskij · 2015-04-14 04:39 · Score: 1
  
  So if you have access to a lot of random numbers RNG can use these truly random numbers to generate some decently random numbers? So what, RNG is a formula that takes in random numbers and makes them less random?
  
  --
  Troll is not a replacement for I disagree.
50. Re:Honestly ... by gstoddart · 2015-04-14 04:41 · Score: 1
  
  If I was to do it, No chance in hell I would be anywhere near the buying of the ticket or the collection of the winnings.
  Well, that's grand an all ... but then you have a co-conspirator who could be the source of you getting caught.
  So, either you try to be a clever criminal all on your own, or you try to be a clever member of a conspiracy.
  It's all well and good to say "yarg, if I was a master criminal I'd have lackeys to do the dirty work". But having lackeys is just another link in the chain.
  If you hire some kid to buy the ticket and bring it back to you, unless you off the kid, at some point he'll say "oh, yeah, that guy asked me to buy him the ticket".
  Obviously, if people could find infallible ways to do this, they'd do so. And, equally obviously, it's hard to do this kind of thing without leaving some form of trail.
  If I had plans to be a master criminal, I sure as fuck wouldn't be posting on Slashdot about how I'd prevent myself from getting caught. ;-)
  
  --
  Lost at C:>. Found at C.
51. Re:Honestly ... by HornWumpus · 2015-04-14 04:41 · Score: 1
  
  Criminals will buy winning lottery tickets for face value. To launder cash.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
52. Re:Honestly ... by dcw3 · 2015-04-14 04:41 · Score: 2
  
  Surely, someone will notice the great big brass ones.
  
  --
  Just another day in Paradise
53. Re:Honestly ... by Anonymous Coward · 2015-04-14 04:43 · Score: 0
  
  What's really odd is that he's even eligible to win the lottery. Most contests I've seen including a disclaimer that employees of the company/business (and even their families) can't participate. This doesn't necessarily prevent fraud since the McDonald's Monopoly game got rigged for a few years, so that the winner gave kickbacks to the conspirator.
  The guy who works for a lottery commission can win? Something's wrong there.
54. Re:Honestly ... by dcw3 · 2015-04-14 04:46 · Score: 2
  
  This is why I'm against electronic gambling.
  It's not any safer to utilize non-electronic. In spite of all the cameras at the casinos in Vegas, I've personally witnessed a couple of people get away with cheating. It can be trivial to do things right in front of a camera that won't be noticed.
  
  --
  Just another day in Paradise
55. Re:Honestly ... by Anonymous Coward · 2015-04-14 04:52 · Score: 0
  
  uhm, every single slot machine ever is rigged in the house's favor. just how much is configurable, sure. the requirements and oversight is there so that it can't be rigged to pay out on demand (the "inspector, why don't you go play machine #57 for a while" scenario) or never.
56. Re:Honestly ... by Iniamyen · 2015-04-14 05:01 · Score: 1
  
  Flat, but not necessarily square.
57. Re:Honestly ... by bev_tech_rob · 2015-04-14 05:03 · Score: 1
  
  I'm actually surprised there haven't been more cases of insiders rigging lotteries.
  I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
  I had always thought, like so many lotteries for random things, that those associated with the company, even by merely being a family member of someone that is employed by them, makes it so that they can not participate in the drawings. It is so common place of a rule, I thought it was required by federal law. I suppose it isn't.
  Well, if they can't catch him, good on him. I'm certain they will add the law / rule during this trial.
  According to the article, that rule was in place for this lottery. Video cameras caught him buying the ticket, but the drone behind the counter probably didn't know him from Adam...
  
  --
  You're messin' with my Zen Thing, man.....
58. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:10 · Score: 1
  
  The Texas lottery used to have ping pong balls which would be stirred around a container with paddles and jets of air, then the required number would plop out and into a chute to be read. This is as fair and secure as any other way, assuming all the balls weighed the same and were the same exact shape.
  Letting a computer do the RNG work? This is just plain stupid. Reminds me a lot like voting on a computer -- it can be completely rigged, and there would be absolutely no way to tell that stuff was tampered with... if the person hacking it was any good.
59. Re:Honestly ... by mlts · 2015-04-14 05:14 · Score: 1
  
  Tamperproofing isn't that expensive. The SIM card on a phone will zap itself if decapped, same with my $45 eTokens.
  Another example of this was the Java iButtons from Dallas Semiconductors (RIP.)
  If a company wanted a tamperproof card, it could be done fairly easily with the entire module epoxy potted to further deter unauthorized modification.
60. Re:Honestly ... by rodrigoandrade · 2015-04-14 05:14 · Score: 1
  
  Indeed.
  
  There's a common myth that all casinos cheat (and Hollywood isn't helping here...) simply because people don't understand probabilities and how the odds of most games are stacked against the player.
61. Re:Honestly ... by Kaenneth · 2015-04-14 05:23 · Score: 4, Interesting
  
  Promotional machines/settings; they can set individual machine odds.
  A new cluster of machines come in they set the game to payout well, to get people addicted, so it becomes some people's favorite machine.
  After a couple weeks/months they slowly lower the percentage, while moving the machine out of the prime spot, with the addicts following it, and they set up the next new game...
62. Re:Honestly ... by RevWaldo · 2015-04-14 05:26 · Score: 1
  
  Ah, you're right, my bad. I'd stand by the rest of it though. And in this case they changed the winning probability from 1000:1 to 8:1 and only got caught because they bought too many tickets. Changing the odds from 29,144,841:1 to 1:1 by messing with the ping pong balls and not getting caught is another story.
  
  .
  
  --
  Prisencolinensinainciusol. Ol Rait!
63. Re:Honestly ... by wired_parrot · 2015-04-14 05:26 · Score: 1
  
  And if you read about the 1980 Pennsylvania Lottery scandal, you'll see that it failed because for it to be pulled off it required a half-dozen people to be involved in the conspiracy, which made it very likely that someone would be careless and talk. There were multiple security precautions, and overcoming them all involved multiple people and left a very easily traceable chain of evidence back to the perpetrator.
  With the computer RNG, there was a single point of failure that could be overcome by a single well connected person, without any physical record except circumstantial evidence. I'd say the 1980 case, if anything proved how difficult it is to tamper with the spinning ball system without getting caught.
64. Re:Honestly ... by Paradise+Pete · 2015-04-14 05:27 · Score: 2
  
  No but he was a dipshit that bought the ticket. 100% rookie move.
  A partner would be both expensive and risky. So far, the only evidence they seem to have is that somebody messed with the camera, and that he had "an interest in root kits". Well he's the security director. Not exactly a shocking revelation. Would you convict on those two facts? I don't think you can. If forensics on the computer don't reveal anything I'd say he walks. All the way to the bank.
65. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:30 · Score: 0
  
  This is why I'm against electronic voting. One guy can infect a system and rig the election.
  With paper ballots, you have two guys (one from each party) at a polling station collecting and transporting the ballots. You have another two guys at a different polling station, etc, etc, across the county and state. State-wide that means a huge number of people must all be in on and keep the secret. Vs just one. It's heck of a lot less likely for them to get away with it using paper ballots. There are too many people to keep quit, or hope every one doesn't make a slip-up somewhere.
66. Re:Honestly ... by rkww · 2015-04-14 05:32 · Score: 3, Informative
  
  with a nod to Dennis Ritchie and his paper on trusting compilers
  Reflections on Trusting Trust -- Ken Thompson
67. Re:Honestly ... by TheCarp · 2015-04-14 05:32 · Score: 4, Informative
  
  Not entirely, if you can trust that his interests and yours are aligned then you can generally trust him. Actually, I was reading some interesting articles on Rockefellar and the railroads recently, where they came up with an ingenious price fixing scheme where Rockefellar was a colluding customer whose interests were aligned with the conspirators.
  Basically price fixing often has a loophole.....rebates. Colluding companies can still compete by offering secret rebates to customers, thus reducing the effective rate while appearing to honor the collusion agreement.
  Enter the colluding customer. Rockefellar was in a uinique position as he owned several companies and nobody really knew what all companies he owned and didn't. He was given what were called "Drawbacks", that is rebates for every barrel of oil which shipped, whether he was the customer or not! This allowed him to ship under any name and still get his rebate without admitting which companies were his.
  In this way, colluding entities were prevented from defecting by aligning incentives to create a kind of trust.
  
  --
  "I opened my eyes, and everything went dark again"
68. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:35 · Score: 0
  
  For every dollar you put in, on average you get 0.98 back. Slot machines are designed to make people sit there a while and have them win small amounts quite frequently, but inevitably slowly drain money.
69. Re:Honestly ... by Shakrai · 2015-04-14 05:37 · Score: 1
  
  Not entirely, if you can trust that his interests and yours are aligned then you can generally trust him.
  Which is impossible when you're engaged in the commission of a crime. Your interests will never align. See prisoner's dilemma.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
70. Re:Honestly ... by eth1 · 2015-04-14 05:43 · Score: 3, Insightful
  
  You could ask any street urchin to buy a ticket for you.
  He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
  Hm... if someone came up to me as asked me to buy them a lottery ticket, I'd be rather suspicious. At the very least, I'd buy a second one with the same numbers and keep it for myself.
71. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:44 · Score: 0
  
  Actually, the law controlling payouts says that he already doesn't get any money.
72. Re:Honestly ... by colfer · 2015-04-14 05:44 · Score: 1
  
  Right, I think the fact that he waited until the last minute to claim it, using a lawyer, shows he didn't trust anyone. By waiting he probably was trying to prevent the lawyer from coming up with a plan to take the ticket.
73. Re:Honestly ... by Dutch+Gun · 2015-04-14 05:48 · Score: 1
  
  That's not how statistical probability works. Even if the machine lost a million times in a row, the odds of it hitting payola on the next pull is the same as on the first. You don't need anything except a good random number generator and time to ensure the payout rate is exactly where it's supposed to be.
  
  --
  Irony: Agile development has too much intertia to be abandoned now.
74. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:50 · Score: 0
  
  so now we have group minds?
75. Re:Honestly ... by colfer · 2015-04-14 05:52 · Score: 1
  
  I doubt it has a catch-up feature to make a quota. Just random odds, same luck every time. If that's not working, they know something is really wrong.
76. Re:Honestly ... by Anonymous Coward · 2015-04-14 05:55 · Score: 0
  
  Read carefully and critically: 98% payout != 2% house odds
77. Re:Honestly ... by colfer · 2015-04-14 05:57 · Score: 1
  
  Urchin would be suspicious and buy one for himself too. Then he'd get to split the jackpot.
78. Re:Honestly ... by bondsbw · 2015-04-14 06:20 · Score: 1
  
  With paper ballots, you have two guys (one from each party) at a polling station collecting and transporting the ballots. You have another two guys at a different polling station, etc, etc, across the county and state.
  I wasn't aware this is how it worked. I'm not disputing you, just that I didn't know.
  I've recently been in favor of having volunteer "watchdogs" to count votes as they came in to the precinct. Having the two main parties count votes as you described is good, but I'd like to see anyone who is interested have a chance to be an additional official vote counter. If these people come up with different counts, they would all recount together. Finally, each one would sign a notarized document that is copied to each party and delivered to the state to tally.
  Maybe this is how it already works, I just don't know.
  
  --
  All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
79. Re:Honestly ... by Wintermute__ · 2015-04-14 06:27 · Score: 1
  
  It sounds like this guy did a lot of upfront planning, but then failed at some of the most basic precautions.
  Shit. These guys always do that. They always mess up some mundane detail.
  It's not a mundane detail, Michael!
80. Re:Honestly ... by Immerman · 2015-04-14 06:28 · Score: 1
  
  As I recall, writing digital gambling software is actually extremely challenging specifically because you must *guarantee* certain probabilities - the house can only skim a tiny percentage (less than 1% if I recall correctly). Meanwhile, there's no such thing as random from a computer, only deterministic simulations of it. "Luck" must be manufactured in order to guarantee specific odds. It's not impossible that fair dice never come up anything but snake-eyes, but if virtual dice do the same it's good odds that the house has them rigged, or at the very least people will *think* they have been - and how could you ever hope to prove otherwise in an investigation?
  There is certainly an element of "avoid the appearance of impropriety (reality be damned)", but that's a standard feature in pretty much every professional ethics course ever taught, so everyone involved knows the score.
  
  --
  --- Most topics have many sides worth arguing, allow me to take one opposite you.
81. Re:Honestly ... by Vokkyt · 2015-04-14 06:28 · Score: 1
  
  Not always. Scummy neighborhood gas stations usually have a fair list of banned customers who still loiter around anyways and harass people into buying smokes/booze/lotto tickets for them. The 7/11 where I used to live had a fair sized list that the hobos just waited around the corner and either begged for you to buy them the cheapo cigars or had a couple of crinkled bills for beer or lotto tickets.
  If the conspirator had the patience and time, they could have just gotten all dirtied up and waited outside a station like this for a few hours one night and there'd surely be someone who'd buy him a ticket, especially if he used the aforementioned fortune cookie thing. If he gets the cops called on him, most of the time they just tell the hobo to move along since it's more of a hassle to arrest them.
82. Re:Honestly ... by rahvin112 · 2015-04-14 06:35 · Score: 3, Interesting
  
  Most businesses have replaced or will replace their security cameras with high resolution cameras, typical 720P or higher. 1080P cameras are now the standard. This is a remarkably high resolution and with the recording being digital it is VERY easy to identify people. The lottery probably requires vendors to have such cameras.
83. Re:Honestly ... by Sowelu · 2015-04-14 06:37 · Score: 1
  
  Sounds like someone's never heard of iterated prisoner's dilemma. Even beyond that, there's plenty of real-world reward grids where player 1's reward for (C,C) is even higher than (D,C). "But that's not interesting in game theory at all!" So what?
  You and your partner commit a crime and nobody knows a crime was committed. Do you really think that ratting out your partner will always be a better result than high-fiving and both keeping it quiet? That's silly.
84. Re:Honestly ... by Fire_Wraith · 2015-04-14 06:38 · Score: 1
  
  You would need someone with some connection to you, just one that would not be readily apparent such as family. Some sort of amount of trust, both in wanting the money, and in the fact that either one of you can spoil the whole thing for the other, but also based on a third factor. A mistress you're planning to run away with, that nobody knows about, would probably be the most ideal, as they're romantically attached to you, and this helps them get what they want, which is to tie you to them. It's certainly not foolproof, but better than soliciting some random person.
  
  Needless to say, of course, this is all highly illegal, and would constitute criminal conspiracy in addition to whatever other laws are broken, so I'm not suggesting anyone do this - merely red teaming the scenario.
85. Re:Honestly ... by rahvin112 · 2015-04-14 06:39 · Score: 2
  
  There are a few, usually by the entrance. They move them around too. Most of the machines have significantly lower payout rates but there are always a few that have high payouts so people hear and see large payouts.
86. Re:Honestly ... by TheCarp · 2015-04-14 06:43 · Score: 1
  
  I am familiar with prisoner's dilemma but not this rather radical and non-sensical interpretation of it which seems to hardly be a prediction worth reporting when its so clear that criminal conspiracies are able to align the interests of their members. While its true they may do so with varrying degrees of effectiveness and sometimes it doesn't work indefinitely but, any notion that they can't be aligned is tantamount to claiming you just proved gravity doesn't work, you can claim it all you want but I expect to remain firmly on the ground anyway.
  
  --
  "I opened my eyes, and everything went dark again"
87. Re:Honestly ... by Shakrai · 2015-04-14 06:47 · Score: 1
  
  Perhaps I should have been more clear? Your interests may align for the commission of a crime, but you have a non-zero chance of getting caught and they will not align if that should come to pass. The modern criminal justice system is very adept at convincing people to roll on one another.
  If you're engaged in a criminal conspiracy (any crime with more than one participant) and the authorities get involved it's essentially a game of musical chairs. Are you going to be the last one standing?
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
88. Re:Honestly ... by TheCarp · 2015-04-14 06:53 · Score: 1
  
  > Needless to say, of course, this is all highly illegal, and would constitute criminal conspiracy in addition to
  > whatever other laws are broken, so I'm not suggesting anyone do this - merely red teaming the scenario.
  Sure but so is defrauding the lotto anyway so, once you decided to go down that path, you may as well go for the gold, nobody is going to give you credit for half measures, you are either going to prison or getting away, there is no in between on a case like this.
  Its an odd calculous, to consider the risk vs protection factors of having accomplices, honestly, im not too sure how to it really works out in the end but, its pretty obvious to me that this was a situation that called for one.
  
  --
  "I opened my eyes, and everything went dark again"
89. Re:Honestly ... by TheCarp · 2015-04-14 07:02 · Score: 1
  
  Non-zero yes but, there are many many more investigations than arrests. Just because a crime is suspected doesn't mean that the investigation will catch anyone. Even in this case, they clearly had suspicion when they went and sought out the video of who bought the ticket.... but if it wasn't him and the ticket was presented for redemption by the person who bought the ticket who had no easy connection to him (this would be very tricky.... need to find someone without a cell phone probably....homeless?)
  Thats the thing, it seems to me that the video is the real cincher. Once you see him on the video, its done, its obvious, that is the string which ties everything into a nice package. Without that, you have more suspects and less answers.
  Generally, yes, once you are caught and being questioned, you are usually pretty boned....hell even innocent people sometimes do better with a guilty plea than taking a chance in court. However, if you can avoid them being so sure who did it, that is a whole different story.
  
  --
  "I opened my eyes, and everything went dark again"
90. Re:Honestly ... by TsuruchiBrian · 2015-04-14 07:03 · Score: 1
  
  "never" is a very absolute kind of a word.
91. Re:Honestly ... by TsuruchiBrian · 2015-04-14 07:12 · Score: 1
  
  You can stick 2 people in a room and make them fight each other to the death. This possibility doesn't mean that the interests of these two people is "never aligned". It just means that their interests are not always guaranteed to align. That doesn't mean they can't be aligned for certain stretches of time. As long as you can trust your own judgement about when people's interests align with yours, you should trust them.
  This doesn't mean you continue to trust them after they've been caught.
  Smart criminals are able to insulate themselves from being implicated in a crime, and understand when others do the same.
  
  The modern criminal justice system is very adept at convincing people to roll on one another.
  
  It is also very bad at keeping snitches safe from retaliation. There are instances of gangs looking up the names of snitches on government websites and then murdering them. I guess the government didn't think gangs knew how to use computers.
92. Re:Honestly ... by Anonymous Coward · 2015-04-14 07:20 · Score: 0
  
  Frankly even that is too obviously tied to the politician. These days it is often a close relative that benefits.
  How did my sister who works a barista come to own a $2.3 million vacation home? Just lucky I guess.
  Why does my wife have a bank account in Belize? She's frugal!
93. Re:Honestly ... by Shakrai · 2015-04-14 07:23 · Score: 1
  
  Non-zero yes but, there are many many more investigations than arrests.
  I'm sure that fact is comforting to the people that lost the dice roll. :)
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
94. Re:Honestly ... by Anonymous Coward · 2015-04-14 07:26 · Score: 0
  
  That's ridiculous.
  Have you ever heard of someone "falling off the corner of the Earth"? No, of course not, you hear of someone "falling off the edge of the Earth".
  Clearly the Earth does not have corners, therefore it is not square.
95. Re:Honestly ... by TheCarp · 2015-04-14 07:44 · Score: 1
  
  Their comfort has no bearing on the analysis. The vast majority of planes take off and land without incident, but that is of little comfort to the survivors of plane crashes. The magnitude of their sorrow does not have any implication for airline safety.
  
  --
  "I opened my eyes, and everything went dark again"
96. Re:Honestly ... by Ambvai · 2015-04-14 07:46 · Score: 1
  
  That might not actually be stupidity-- I know a similar game that used to be available in some districts of the US where it would offer a preview of the next game and if you weren't an absolutely ignorant of how to play it, you could use that preview to determine if the next game was a winner.
  The reason was that implementing such a system made it a game of skill ('ability to read the results' or something like that) rather than a game of chance, and thus permitted in that area.
97. Re:Honestly ... by TWX · 2015-04-14 07:48 · Score: 1
  
  You want random? Monitor your microphone input on your computer, or use an NTSC tuner and have it sample the static on a nonexistent channel.
  
  --
  Do not look into laser with remaining eye.
98. Re:Honestly ... by TheCarp · 2015-04-14 07:50 · Score: 1
  
  Glad I looked this one up, for some reason I really feel like this quote should be Kay.
  "Yes there was a mundane detail"
  "It's not a mundane detail, Michael!"
  "Don't talk to me about my business Kay!"
  Office space works even better for this one though....given the competency of the criminal minds involved.
  
  --
  "I opened my eyes, and everything went dark again"
99. Re:Honestly ... by Anonymous Coward · 2015-04-14 07:56 · Score: 0
  
  A partner would be both expensive and risky.
  Expensive? Big whoop, so you only get 5 million instead of 10 million. That's still a nice payout.
  Risky? Why would it be risky? You aren't picking a total stranger, are you? Of course not. You pick someone you know you can trust, a close friend.
100. Re:Honestly ... by Shakrai · 2015-04-14 08:04 · Score: 1
  
  Your odds of being caught for the commission of a crime are significantly higher than your odds of ending up in a plane crash. I'm not certain why you're trying to equate them or argue this point with me.
  I have already explained my point of view, ad nauseam. I will explain it one last time: It is not logical to rely on others if you're going to gamble something as fundamental as your freedom. The deck is already stacked against you, adding other flawed human beings into the equation is not likely to increase your chance of success.
  Nitpick it all you want, I'm not going to walk back my original statement. The words "trusted" and "co-conspirator" are mutually exclusive.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
101. Re:Honestly ... by TheCarp · 2015-04-14 08:11 · Score: 1
  
  > Your odds of being caught for the commission of a crime are significantly higher than your odds of ending up in a
  > plane crash. I'm not certain why you're trying to equate them or argue this point with me.
  I never claimed otherwise. However they are the same in one detail.... the remorse of those after the fact has no bearing whatsoever on the odds of it happening. I am the one perplexed at why you brought it up.
  > The words "trusted" and "co-conspirator" are mutually exclusive.
  I see why you think that, and I understand why you would come to that conclusion. I don't agree that others would or do necessarily come to the same conclusion.
  
  --
  "I opened my eyes, and everything went dark again"
102. Re:Honestly ... by JustSomeProgrammer · 2015-04-14 08:13 · Score: 1
  
  Paper trail is only required for large amounts or if the customer requests a receipt. I've never had to present id when cashing in my chips since I never cashed in a very large amount at once. Thus I've never had any taxes on gambling income because on the books I have 0 gambling income.
103. Re:Honestly ... by Anonymous Coward · 2015-04-14 08:17 · Score: 0
  
  The nice thing about random.org is that it will generate several strings. Roll dice, pick one, random achieved, even if the strings aren't random per se.
104. Re:Honestly ... by Anonymous Coward · 2015-04-14 08:35 · Score: 0
  
  Hell, you wouldn't even necessarily have to rig the machines - unlike analog machines which are completely governed by chance, digital machines are *required* to maintain a certain payout ratio to prevent rigging in the house's favor. Hence the subset of people who hang out around the slots waiting for a shot at a machine that hasn't paid out in a long time. And nobody is in a position to monitor which machines are getting especially "hot" like the boss.
  Wow. 30 years ago I was listening to foolish gamblers and there "hot" machines. Nice to know they are still out there.
105. Re:Honestly ... by Shakrai · 2015-04-14 08:47 · Score: 1
  
  I brought it up because you said, "Non-zero yes but, there are many many more investigations than arrests." Even if you accept the premise that there's a low probability of being caught, it's still a high impact event. Can you put a price on your freedom? The winning move is clearly not to play. If you must play, play by yourself. Far more criminals get caught because someone rolled on them than get caught through gumshoe police work.
  Greed is also a factor, because it tends to override common sense. Common sense says that anyone working in a sensitive position at the lottery is going to find themselves under a microscope if they hit it big. Frankly I'm surprised there weren't rules in place precluding such employees from playing.
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
106. Re:Honestly ... by Anonymous Coward · 2015-04-14 08:53 · Score: 0
  
  This is why most contests forbid employees of the contest sponsor from entering.
107. Re:Honestly ... by Anonymous Coward · 2015-04-14 08:55 · Score: 0
  
  Worked in a casino, it's tough to do that. Most likely the official would get a free limo ride, comped food and drinks, free player credits and keep the winnings unreported. Slots and other machines take randomization chips certified by slot techs and the gambling authority of that state. Much harder to tamper with and rig that than it is to give away comps they already give away to other patrons.
108. Re:Honestly ... by Anonymous Coward · 2015-04-14 08:57 · Score: 0
  
  Exactly. Anytime someone wins big it must be verified by a casino slot tech, a tech from the game manufacturer and the gambling authority. You're not going anywhere for a while, especially a progressives win in the tens of thousands. They'll give you a room and most likely you'll get it the next day.
109. Re:Honestly ... by TheCarp · 2015-04-14 09:17 · Score: 1
  
  Common sense is just bullshit you invoke when you want to discount someone else's opinion, as a phrase it has no other purpose.
  I mean your not wrong except in the assumption that "Crime" is a thing or "Conspirators" are. Neither are all created equal. This sort of pie in the sky analsys is fine for a hypothetical but in real situations there are always trade offs.
  Quite simply there are many criminal enterprises that one cannot do alone or, the benefits of having help far outweigh the risks. This case here is a PRIME example. He could only pull it off alone if everything goes perfectly, which it clearly didn't if they even went to the level of investigation of getting the store video (unless that is SOP? I don't know, my wife's family had a store with lotto but apparently nobody hit that big so she doesn't know)
  Any individual crime just has too many factors to make such blanket statements about, especially when there are different kinds of crime that different people have different attitudes towards to begin with. Its just not that cut and dry.
  Yes conspirators roll all the time, and people confess often without meaning to as well. However that just isn't the whole story. One man can't line dance so it doesn't really matter whether he wants to have partners or not.
  All that said.... again not all situations are equal. I don't think its SOP to get the store video footage which means they already suspected tampering. If they already suspected tampering, they likely already suspected him of being the tamperer. Most criminals are not operating under a microscope so much as above the telescopes.....its an entirely different game at that point, and a game with a serious disadvantage, especially when your microscopist has hundreds of millions of reasons to wait for you to show up.
  
  --
  "I opened my eyes, and everything went dark again"
110. Re:Honestly ... by FunkSoulBrother · 2015-04-14 09:39 · Score: 1
  
  I really have nothing more than speculation to go on here so I could be wrong, but judging the state of some of the places I've seen selling lottery tickets, I don't think the lottery has particularly onerous requirements in order to become a vendor.
111. Re:Honestly ... by Anonymous Coward · 2015-04-14 09:52 · Score: 0
  
  well who's idea was to make some hold up the phone to the loto machine printing the tickets at the bar? and to have some talk in a foreign language in to as well.
112. Re:Honestly ... by FunkSoulBrother · 2015-04-14 09:58 · Score: 1
  
  If you start winning sufficiently large amounts, this doesn't work. The casino might not know where all of its $500 dollar chips are, but it damn well will have a record of all of the $5,000 chips and there is scrutiny when cashing them in.
  If you're deliberately cashing in stacks of 1000 at a time in order to avoid scrutiny over $10,000 in chips, that is called 'structuring' and the Federal government doesn't look on it too kindly. But they would have to notice, and I'm sure they miss plenty. I guess it's a risk/reward calculation we all have to make (should we be lucky enough to find ourselves in possession of many thousands of dollars in casino chips...)
113. Re:Honestly ... by FunkSoulBrother · 2015-04-14 10:08 · Score: 1
  
  My understanding is that this is not correct (your comments on the difficulty of programming an RNG notwithstanding.)
  If you can assume a magical perfectly random algorithm for a moment, you simply have to design a slot machine as follows (simple example):
  Machine takes $1 bets only. Machine "rolls" a virtual ten sided die. On the number 10, a jackpot of $9 is paid. On any other number, the bet is lost.
  This machine would make $1 profit for every $10 wagered, over time, "guaranteed" (by mathematics, not rigged programming) and would never need to be 'overdue' to hit or any other such nonsense. A customer could get lucky and hit 10 jackpots in a row, but the odds would be fairly astronomical.
  Incidentally, such a machine would be a pretty bad bet compared to most Vegas slot machines, but I think still a high enough payout to be legal in Nevada. I think it would be roughly comparable to the odds on the bad machines in the McCarran airport...
114. Re:Honestly ... by Anonymous Coward · 2015-04-14 10:21 · Score: 0
  
  Wheels within wheels...
115. Re:Honestly ... by Anonymous Coward · 2015-04-14 10:33 · Score: 0
  
  "overrhougiding", huh? Seems longs and complex. This is not humor.
  [WTF is "a little bit"? Give me a number of seconds, so I can continue reading and come back here. Dammit.]
116. Re: Honestly ... by Anonymous Coward · 2015-04-14 10:57 · Score: 0
  
  I think you'll find that your friends are not as close as you think with $10 million on the line
117. Re: Honestly ... by Anonymous Coward · 2015-04-14 11:02 · Score: 0
  
  "Reminds me a lot like voting on a computer -- it can be completely rigged, and there would be absolutely no way to tell that stuff was tampered with..."
  And how would you know if your paper ballot was tampered with?
118. Re:Honestly ... by rogueippacket · 2015-04-14 11:22 · Score: 2
  
  You could ask any street urchin to buy a ticket for you. He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
  Think it through a bit more... this guy still has to collect with his winning ticket. It wasn't the act of buying the ticket alone that was suspicious, it was that he tried to claim the winnings while being in the employ of the lotto. I think that's a red flag everywhere.
119. Re:Honestly ... by Immerman · 2015-04-14 13:45 · Score: 1
  
  I could be wrong - it *was* a long time ago (RNG aside - that's not difficult to program, it's provably impossible)
  As I understand it the regulations require your virtual die to not only come up 10 a fair number of times, but that you be able to *prove* that it will *always* comes up a fair number of times, AND often enough to be *perceived* as coming up a fair number of times to people unskilled in the arcane mathematics of pseudorandom number generation. A much more challenging proposition.
  
  --
  --- Most topics have many sides worth arguing, allow me to take one opposite you.
120. Re:Honestly ... by Anonymous Coward · 2015-04-14 13:48 · Score: 0
  
  Yes, with some provisos. It is recognized as an accepted source of randomness for gambling applications in some jurisdictions. However, since its internal workings are not externally verifiable, there's no way to tell (from the outside) whether the random number generator was replaced like in this story.
  So the usual security measures apply: access it over HTTPS only to avoid MITM and/or use their signed API to generate random numbers. If you need to design resistance to the random.org administrators (or hackers, if it's compromised), you'll need an independent random source to combine with the random.org numbers (such that both must be compromised to subvert the process).
121. Re:Honestly ... by Anonymous Coward · 2015-04-14 16:07 · Score: 0
  
  I'm a former slot mechanic in Nevada and I second the parent. While I've been out of the field for nearly 20 years, while I was in it in the mid-late 90's, the roms were socketed. Jackpots would be verified by using an EPROM programmer to verify against a master chip, and both were kept in the main cage in a keyed cabinet (at one small casino I worked at, anyway). On top of this, during Gaming Control inspections, both those chips and chips in random machines were checked against what GC carried.
  Now all this is with the old 80's-90's style stepper slots and poker machines. It was around this time that the Bally Game Maker, IGT's copy Game King, and the Odyssey (which was really a PC in disguise) showed up. These machines allowed percentages to be set by game and by machine, which means one game might be very low while another might be more than 100%.
  Speaking of percentages, these are averaged over hundreds of thousands or millions of plays. Also, none of these games are truly random so that those percentages can be tailored: however, the actual variables are stored in the machine's NOR flash (for older slots) and not accessible to anyone, at least on the gaming floor.
  All that said, I wouldn't be surprised if most of this no longer applies anymore. However, there's a saying, that if you can be approved (as a gaming machine manufacturer) in Nevada, you can be approved anywhere, and there's no way that NGC will allow that to be messed with since it remains the state's #1 industry and pays a large chunk of the taxes.
122. Re:Honestly ... by countach · 2015-04-15 01:19 · Score: 1
  
  Yes, why the heck spend millions on computers and security when the problem is more easily solved with ping pong balls? Inquiring minds would like to know.
123. Re:Honestly ... by Anonymous Coward · 2015-04-15 02:51 · Score: 0
  
  Not true. A suitcase of money has to be dispensed carefully or laundered. The more money, the harder it is.
  Casino payouts are documented, so there is no need to launder the money.
  There is less risk to the recipient in the casino scenario.
124. Re:Honestly ... by Anonymous Coward · 2015-04-15 04:21 · Score: 0
  
  http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0CB8QFjAA&url=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2F1980_Pennsylvania_Lottery_scandal&ei=848uVcCqLsjDggS2rIGQDA&usg=AFQjCNFXPgQqIGBaxM6vQhKZM4--YXvzZg&bvm=bv.90790515,d.eXY
125. Re:Honestly ... by rpstrong · 2015-04-15 04:33 · Score: 1
  
  Sure, after all, its not as if ping pong balls can be rigged.
126. Re:Honestly ... by Klebb · 2015-04-15 05:57 · Score: 1
  
  I'm actually surprised there haven't been more cases of insiders rigging lotteries.
  I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
  And not just rigging lotteries - games/contests will always have the risk of cheating. Several years ago I realized even church bingo games are a cheat. The "companies" that run these for the church can easily skim off because of the way the instant tickets are packaged. Instant-tickets, also called pull-tab tickets, are packaged in boxes in what appears to be random order and those boxes/cases are shrink wrapped and sent to bingo halls. But the order of the tickets is the same in every box. So, the organization running the local bingo games just needs to buy one case of tickets, unwrap them and count in to find the winning tickets, and remove them from the rest of the boxes. Don't blame the churches, they don't know about it. Blame the scamming companies that take advantage of the churches and cheat their bingo players out of the cash. So it goes with lotto - you have a much larger temptation and I'm sure people will continue to try.
127. Re:Honestly ... by david_thornley · 2015-04-15 06:40 · Score: 1
  
  For several hundred dollars, you can buy a nice USB stick-like thing that will generate random numbers, either by thermal noise or radioactive decay. If you really need random, I'd check into them.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
128. Re:Honestly ... by Anonymous Coward · 2015-04-15 07:46 · Score: 0
  
  It's not common because in most sane jurisdictions, all officials and their family members are banned from participating in the lottery which they control. It's a textbook definition of "conflict of interest".
129. Re: Honestly ... by Anonymous Coward · 2015-04-15 12:49 · Score: 0
  
  Regardless of the sincerity of friends, how do you explain him giving exactly half his winnings to you, but not to the myriad of those first in line?
130. Re:Honestly ... by weweedmaniii · 2015-04-15 13:07 · Score: 2
  
  Yes the balls can be rigged but after speaking with some lottery folks years ago, they go to great lengths to insure there's no tampering with the balls. The state lottery decided to do their first ever live draw remotely and I was assigned there doing first aid/security (I was in the National Guard) The lottery security guy was explaining how they had several sets of balls. All sets were weighed before and after the draw and had to be within a very narrow window of weight both before & after. the draw set is also chosen randomly and before and after the draw each ball is weighed to make sure there is no tampering as well as the set holder without the balls. So about 15 minutes prior the sets were weighed, one was chosen each ball was weighed and the set holder was weighed. The draw was done live and immediately after the everything was reweighed and passed. This was 20 years ago so the methods may have improved or changed. I don't play much but I think the big money is still ping pong balls, now the small every 5-10 minute is RNG I guess.
  
  --
  "If stupid things work...then they are not stupid."
131. Re:Honestly ... by bingoUV · 2015-04-15 19:57 · Score: 1
  
  "guaranteed" (by mathematics, not rigged programming)
  
  Even if a mathematically fair virtual dice is rolled, mathematics doesn't guarantee anything within a lifetime of the universe. Laws made by humans on the other hand have to be obeyed in minutes / hours.
  
  --
  Bingo Dictionary - Pragmatist, n. A myopic idealist.
132. Re:Honestly ... by bkk_diesel · 2015-04-15 21:29 · Score: 1
  
  Don't forget the scandal in Thailand where the person picking the balls was wearing special contact lenses that allowed him to identify the "correct" balls to draw. (reference: http://www.bangkokpost.com/print/401261/).
133. Re:Honestly ... by Jack+Griffin · 2015-04-15 23:03 · Score: 1
  
  You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
  Not sure what wild west frontier town you're living in, but modern gambling machines are heavily restricted here, and through independent regulation/inspection it's extremely difficult to rig anything without triggering an investigation and probable criminal charges. The casino already makes billions legally so the motivation to risk that for a few dollars more seems rather pointless.
134. Re:Honestly ... by Jack+Griffin · 2015-04-15 23:06 · Score: 1
  
  A friend worked on the back-end systems at a casino about 20 years ago. Back then the machines were programmed to a 91% payout based on legislation.
135. Re:Honestly ... by Jack+Griffin · 2015-04-15 23:10 · Score: 1
  
  Nope, balls don't work either.
  Balls do work, just shit house security of the balls doesn't.
136. Re: Honestly ... by Anonymous Coward · 2015-04-16 14:59 · Score: 0
  
  This story is old!
137. Re:Honestly ... by FunkSoulBrother · 2015-04-18 05:08 · Score: 1
  
  Right, thus my quotes. This is the reason I enjoy to gamble!
  Maybe *I* will be the guy who is there when two six sided dice roll an '8' 10 times in a row. Maybe I will see a lot more blackjacks than I statistically should during a 3 day trip to Vegas.
This happened back in the day... by GerbilSoft · 2015-04-14 02:13 · Score: 5, Insightful

...but instead of hacking a random number generator, they injected paint into the ping-pong balls used for the live drawing.

http://en.wikipedia.org/wiki/1...
1. Re:This happened back in the day... by GerbilSoft · 2015-04-14 02:15 · Score: 5, Interesting
  
  And now for a follow-up question: Why exactly was a "highly locked-down computer" set to automatically execute code from flash drives?
2. Re:This happened back in the day... by thaylin · 2015-04-14 02:20 · Score: 2
  
  Who said it autoexecuted? He went in there to actually do work on the computer, supposedly. I did not see anything in the report that shows he just plugged it in and left.
  
  --
  When you cant win, ad hominem.
3. Re:This happened back in the day... by Daniel+Hoffmann · 2015-04-14 02:21 · Score: 2
  
  Because it was running Windows XP?
4. Re:This happened back in the day... by LordWabbit2 · 2015-04-14 02:21 · Score: 1
  
  Because it's a feature!
  
  --
  There are three kinds of falsehood: the first is a 'fib,' the second is a downright lie, and the third is statistics.
5. Re:This happened back in the day... by colfer · 2015-04-14 02:22 · Score: 2
  
  Didn't need to. Somebody had root, probably him. He at least had privileges to change the time!
6. Re:This happened back in the day... by GerbilSoft · 2015-04-14 02:23 · Score: 1
  
  The article doesn't explicitly say anything other than that the the defendant "tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection", so I assumed that it auto-executed.
  
  Needs a followup detailing what exactly was done to tamper with the system, but I don't suppose that's likely given the nature of the system in question.
7. Re:This happened back in the day... by Anonymous Coward · 2015-04-14 02:26 · Score: 0
  
  The answer is probably part of a rather sad and sordid story, probably related to "Tipton entered the so-called draw room [...] to change the time on the computers" and interspersed with buzzwords like "industry standard" and similar.
  You don't want to know.
8. Re:This happened back in the day... by WillAdams · 2015-04-14 02:31 · Score: 2
  
  You're conflating the movie (injecting paint) w/ the real life court case (it was determined that they had sprayed the exterior of the ping pong balls w/ fixative).
  
  --
  Sphinx of black quartz, judge my vow.
9. Re:This happened back in the day... by Shakrai · 2015-04-14 02:33 · Score: 1
  
  they injected paint into the ping-pong balls used for the live drawing.
  My State still uses ping-pong balls and a live drawing, at least for the non "quickdraw" games. I'm not sure if that's admirable or pathetic. :)
  
  --
  I want peace on earth and goodwill toward man.
  We are the United States Government! We don't do that sort of thing.
10. Re:This happened back in the day... by gstoddart · 2015-04-14 02:37 · Score: 1
  
  Well, it also says he went in ostensibly to change the time on the computers.
  So he was basically at the physical computer, and whether the thing did an autorun or he issued a quick command is irrelevant.
  
  The former security director "was 'obsessed' with root kits, a type of computer program that can be installed quickly, set to do just about anything, and then self-destruct without a trace," prosecutors wrote. They went on to say a witness would testify at trial that Tipton told him before December 2010 that he had a self-destructing rootkit.
  If you already have the right tools, and are physically sitting at the machine, and the cameras suddenly are only recording a fraction of what happens ... this is at best a small amount of work.
  I mean, really, f:\fuck_em_all.exe will not take long to type before you set the clock as you said you would, and suddenly the camera isn't going to capture you doing it.
  
  --
  Lost at C:>. Found at C.
11. Re:This happened back in the day... by mwvdlee · 2015-04-14 02:41 · Score: 2
  
  Makes me wonder; would it be possible to set up a root account that requires two different passwords (the number of humans required to be present in the room) out of a set of five allowed passwords (the number of humans that were allowed to enter the room).
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
12. Re:This happened back in the day... by Holi · 2015-04-14 02:49 · Score: 1
  
  So do Powerball and Mega Millions.
  
  --
  Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
13. Re:This happened back in the day... by Talderas · 2015-04-14 03:34 · Score: 1
  
  It would be easier to control physical access so that two of the five people that have access must be present to enter the room.
  
  --
  "Lack of speed can be overcome. In the worst case by patience." --Znork
14. Re:This happened back in the day... by Anonymous Coward · 2015-04-14 03:40 · Score: 0
  
  Yes.
15. Re:This happened back in the day... by colfer · 2015-04-14 06:03 · Score: 1
  
  Split the password in two.
16. Re:This happened back in the day... by squeeze69 · 2015-04-14 07:14 · Score: 1
  
  Was it windows based?!? :-/ Sigh, silly autorun mania... :( BTW: Why the surveillance system (cameras) were under control of people who could interact with the (barely) "highly locked-down computer"?
17. Re:This happened back in the day... by mwvdlee · 2015-04-14 18:59 · Score: 1
  
  Two out of five, not always the same two.
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
18. Re:This happened back in the day... by Anonymous Coward · 2015-04-14 23:55 · Score: 0
  
  autorun.inf
19. Re:This happened back in the day... by ebvwfbw · 2015-04-15 14:18 · Score: 1
  
  Don't be silly. Windows 95.
  I say that knowing that certain well known businesses use windows 95 for financial transactions. No plans on updating.
Weaksauce by Anonymous Coward · 2015-04-14 02:14 · Score: 1

I have no idea whether or not the defendant is guilty, but surely what prosecutors meant to say is "None of the 6 employees testified that they changed the camera settings. One of those 6 is the defendant"
1. Re:Weaksauce by Anonymous Coward · 2015-04-14 03:23 · Score: 0
  
  No, you're not smarter than these lawyers. His lawyer would strongly discourage getting him on the stand. Historically, [...] criminal defense practitioners have subscribed to the strict prohibition that a criminal defendant should never testify in his/her own defense. The reasoning for said approach centers around the burden of proof and presumption of innocence: the government has the burden to prove the defendant's guilt beyond a reasonable doubt and the defendant is not mandated to prove his/her innocence. Why help the government? Moreover, criminal defendants generally do not make good testifying witnesses.
2. Re:Weaksauce by Anonymous Coward · 2015-04-14 03:29 · Score: 0
  
  Lol, no. The prosecutor's assertion is that the defendant did it. They aren't a newspaper or the judge, they don't have to use weasel words.
3. Re:Weaksauce by idontgno · 2015-04-14 05:33 · Score: 1
  
  Of course not. They said "We asked these five, and they denied it. The sixth is the defendant." What wasn't said was "We asked him too, and he denied it too, but that doesn't matter because he's a lying cheating scumbucket, and his denial is just further proof of his guilt."
  
  --
  Welcome to the Panopticon. Used to be a prison, now it's your home.
4. Re:Weaksauce by Anguirel · 2015-04-14 12:53 · Score: 1
  
  He probably didn't deny it, he most likely is refusing to testify at all, which is not quite the same.
  
  --
  ~Anguirel (lit. Living Star-Iron)
  QA: The art of telling someone that their baby is ugly without getting punched.
Employees can play? by Anonymous Coward · 2015-04-14 02:15 · Score: 1

Are there not laws in the US that prohibit employees of the lottery industries from playing in the lottery?
1. Re:Employees can play? by CajunArson · 2015-04-14 02:21 · Score: 3, Informative
  
  Of course. If you read more about the story, this guy setup a shell corporation in Belize that tried to claim the prize just before it was going to expire. He obviously knew that he couldn't walk in and claim the prize, but he thought he could get away with having this magical shell corporation claim it on his behalf and that it wouldn't get back to him.
  
  --
  AntiFA: An abbreviation for Anti First Amendment.
Completely dumb by Thisstatementisfalse · 2015-04-14 02:20 · Score: 1

Did this guy not realize that winning the lottery while being the security director of the lottery association would be extremely suspicious to begin with? There would be an investigation, even if there was no evidence of wrongdoing. This guy's plan was flawed from the start.
1. Re:Completely dumb by Harald+Paulsen · 2015-04-14 02:25 · Score: 4, Insightful
  
  Are all criminals dumb, or do we just catch the dumb ones?
  That's something I've always wondered.
  
  --
  Harald
2. Re:Completely dumb by oodaloop · 2015-04-14 02:31 · Score: 4, Insightful
  
  Probably the latter. The selection bias here is huge. The really smart criminals aren't caught.
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
3. Re:Completely dumb by Richard_at_work · 2015-04-14 02:34 · Score: 1
  
  Because *he* never intended to claim the prize - the prize was claimed by a lawyer representing a shell company out of Belize. This bloke himself was exempt from being allowed to take part in the lottery due to the fact he worked on it - if he had claimed it, the prize wouldn't have been handed over.
4. Re:Completely dumb by Anonymous Coward · 2015-04-14 02:34 · Score: 0
  
  I wonder this as well, he literally did not know a single person he could trust who would go buy ticket with needed numbers other than himself in order to get the jackpot?
5. Re:Completely dumb by Rande · 2015-04-14 02:44 · Score: 4, Insightful
  
  The really smart criminals get into politics. Then, even if you are caught, nothing happens to you...unless you've pissed off another higher ranked politician, in which case it doesn't matter if you've actually done what you've been accused of.
6. Re:Completely dumb by Mr+D+from+63 · 2015-04-14 02:46 · Score: 1
  
  the prize was claimed by a lawyer representing a shell company out of Belize. .
  Which is a quite a big red flag in itself.
7. Re:Completely dumb by Anonymous Coward · 2015-04-14 02:52 · Score: 1
  
  This is exactly the problem. A winning ticket is anonymous.
  If someone hand me a winning lottery ticket to cash for them - and I am enough of a criminal to do that - why would I share the cash? It is not likely there will be repeat business anyway. It is not likely he would be able to have many tries - even this one was discovered.
  Mafia types get around such problem by promising a painful death to cheaters - but he probably didn't have that sort of reputation.
8. Re:Completely dumb by Anonymous Coward · 2015-04-14 02:56 · Score: 0
  
  the prize was claimed by a lawyer representing a shell company out of Belize. .
  Which is a quite a big red flag in itself.
  Not really, most people that win that kind of money don't just walk into the 7-11 and ask they deposit 15 mil into their checking account. They get a lawyer and often would rather be unknown then have it publicly announced under their real name.
9. Re:Completely dumb by phorm · 2015-04-14 03:26 · Score: 1
  
  A large portion of criminals are dumb. For the ones that aren't and still get caught, sometimes it's due to clever police-work, etc, but oft-times just plain bad luck plays a factor.
10. Re:Completely dumb by lengel · 2015-04-14 03:41 · Score: 1
  
  the prize was claimed by a lawyer representing a shell company out of Belize. .
  Which is a quite a big red flag in itself.
  Not really, most people that win that kind of money don't just walk into the 7-11 and ask they deposit 15 mil into their checking account. They get a lawyer and often would rather be unknown then have it publicly announced under their real name.
  Except in many cases the lottery T&C in fine print on the ticket states you agree to be publicly identified when you buy the ticket if you win. It is great PR for the lottery association to parade the winner in front of the press so it comes across as "see anyone can win and change his/her life forever".
11. Re:Completely dumb by Anonymous Coward · 2015-04-14 04:12 · Score: 0
  
  A winner may ask the lottery to keep their name secret from the public but I highly doubt that you can claim such a large amount of money without telling the lottery itself what your name is. The closest thing might be to hire someone to claim the prize for you and then under contract give you the money (which is exactly what it sounds like he was trying to do) but even that might be seen as a form of fraud by the lottery.
12. Re:Completely dumb by Anonymous Coward · 2015-04-14 04:59 · Score: 0
  
  The ones we dont catch we call politicians.
13. Re:Completely dumb by Asgard · 2015-04-14 08:06 · Score: 1
  
  The T&Cs are satisfied since the entity redeeming the ticket is identified -- just not as an individual person. The owner is set when the back of the ticket is signed (http://www.bna.com/taxpayer-pay-gift-b12884908246/) and that can be any legal entity from the looks of that article.
14. Re:Completely dumb by david_thornley · 2015-04-15 06:48 · Score: 1
  
  Some of them go into finance, also.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
15. Re:Completely dumb by Jack+Griffin · 2015-04-15 23:16 · Score: 1
  
  You have to wonder about this? Just read any of these stories about "criminal masterminds" and they're all dumb as planks. Take this guy, he actually bought the ticket himself. How fucking stupid do you have to be for that rookie error?
  Take it as fact, there are tons of clever crooks out there that you never hear about because no-one knows they've even been ripped off.
16. Re:Completely dumb by Jack+Griffin · 2015-04-15 23:18 · Score: 1
  
  Not even the really smart ones. The mildly smart ones also don't get caught. I'd even go so far as to say it's only the really stupid ones get convicted. A half smart person can still get caught, but get off in court with a half decent alibi.
Ambiguous by Imagix · 2015-04-14 02:21 · Score: 1

What the heck does "could only be entered by two people at a time" mean? The room is only big enough to hold two people, or that no single person can enter the room? (Requires two different keys, perhaps?) The second interpretation would mean that there's an accomplice somewhere.... Also, is it really an "excerpt" when it's just under half of the original article?
1. Re:Ambiguous by colfer · 2015-04-14 02:32 · Score: 1
  
  Probably takes two keys to get in.
2. Re:Ambiguous by Richard_at_work · 2015-04-14 02:37 · Score: 2
  
  From reading various articles on this, the person in question entered the room under the auspices of carrying out legitimate maintenance work, but had doctored the surveillance camera so it only recorded one second a minute rather than continuously - getting the other person to look the other way for a few minutes is a simple matter of social engineering ("hey, I forgot X and I'm right in the middle of this, could you get it?") and doesn't mean they were in on it.
413 by Anonymous Coward · 2015-04-14 02:22 · Score: 0

$14.3 million? Interesting that the prize consists of the Numerals of the Blind Prophet.
1. Re:413 by Anonymous Coward · 2015-04-14 05:05 · Score: 0
  
  It's reversed PI
2. Re:413 by Anonymous Coward · 2015-04-14 05:46 · Score: 0
  
  Don't you mean "consists of the first three digits of pi"? That's the problem with being able to do arbitrary things to numbers to find "coincidences", there are a lot of things to coincide with.
3. Re:413 by Anonymous Coward · 2015-04-14 06:16 · Score: 0
  
  It really isn't, as you'd have to transpose them, and there's only 10 numbers to choose from.
Audit trails, dammit? by JaredOfEuropa · 2015-04-14 02:23 · Score: 2

I'm surprised to see a complete lack of audit trails on critical systems like this. They need to require individual accounts of which every action is logged in an immutable audit trail. On both the camera system and the random number box. There is no way to prevent malfeasance committed using privileged accounts, but you should at least be able to determine who did what after the fact.

--
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
1. Re:Audit trails, dammit? by colfer · 2015-04-14 02:33 · Score: 1
  
  RTFA, he was "obsessed" with self-erasing rootkits, so could defeat an audit log I'd assume.
2. Re:Audit trails, dammit? by JaredOfEuropa · 2015-04-14 02:42 · Score: 1
  
  Audit logs should sit on a separate machine, or preferably be written to optical media sitting in a vault.
  
  --
  If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
3. Re:Audit trails, dammit? by IgnitusBoyone · 2015-04-14 02:45 · Score: 1
  
  I'm surprised by the actual sophistication of the attack. Usb with actuall executable code, I mean granted maybe all it did was replace a text file with the winning results. Time minipulation of camera's. Someone planned this it might of been Ocean's 14.
  
  --
  Momento Mori
4. Re:Audit trails, dammit? by itzly · 2015-04-14 02:51 · Score: 1
  
  A sysadmin I knew had an old machine dedicated to logging set up in a broom closet, printing out the important log messages on a dot matrix printer fed by a box of continuous folded paper.
5. Re:Audit trails, dammit? by gstoddart · 2015-04-14 02:58 · Score: 2
  
  Except a rootkit can probably bypass anything in the OS which would allow for auditing.
  That's kind of the point of a rootkit.
  So depending on the OS, and just how much this could bypass, that there was simply no record isn't surprising.
  That's what the tool is designed for, and it certainly isn't there to do anything but bypass security.
  If you have security holes in your OS which can be exploited, chances are your auditing is included in things which can be bypassed.
  
  --
  Lost at C:>. Found at C.
6. Re:Audit trails, dammit? by ckatko · 2015-04-14 02:58 · Score: 1
  
  It's common, really. Any time someone knows they have something to hide, they make sure not to leave a paper trial.
  
  Why do you think there are "no statistics" on how many police shoot or kill civilians? Because they don't want to know.
  
  Why aren't there ANY statistics for cruise ship deaths? Because they're in international waters and they don't give a shit. Go ahead, google "Cruise Ship Death Statistics." You'll find a couple websites run by a individuals. That's it. No news investigations. No research. Not a damn thing save for a couple of guys in their spare time trying to warn everyone.
7. Re:Audit trails, dammit? by Anonymous Coward · 2015-04-14 03:45 · Score: 0
  
  non internet or network box may not be on the domain and may only have one or two local logons.
8. Re:Audit trails, dammit? by courteaudotbiz · 2015-04-14 03:49 · Score: 1
  
  Yeah, cause everyone knows a broom closet is the most secure place for such an important task as printing the logs of a multimillion dollar lottery... Broom closet is the best, if you require less, there's also under the receptionist's desk, and the middle solution would be in the boss's office. Secure datacenters are only seen in movies, like "Sex Tape".
9. Re:Audit trails, dammit? by Anonymous Coward · 2015-04-14 03:56 · Score: 0
  
  separate machine and that does not work here on a system that is stand alone non networked.
10. Re:Audit trails, dammit? by Anonymous Coward · 2015-04-14 04:14 · Score: 0
  
  Back in the day of dot-matrix printers there were very few "secure datacenters." As far as alternatives go the broom closet is probably one of the better ideas that I've seen given the availability of technology and security at the time.
11. Re:Audit trails, dammit? by itzly · 2015-04-14 04:15 · Score: 1
  
  That was not a multi million dollar lottery, but a simple university lab with no money to afford a secure room and armed guards, and only a handful of servers to protect. Still, it was a cheap and effective solution. Outsiders didn't even know there was a hard paper copy, and even people working in the lab didn't have access to the closet.
12. Re:Audit trails, dammit? by itzly · 2015-04-14 04:17 · Score: 1
  
  You could put the real computer in a locked room, and only provide serial access through a terminal. Add special hardware to the serial cable to log all data on a write-only system.
13. Re:Audit trails, dammit? by gstoddart · 2015-04-14 04:57 · Score: 1
  
  You could put the real computer in a locked room, and only provide serial access through a terminal.
  And, then you have to have a locked room outside of (and enclosing your locked room) to limit access to the serial connected terminal, otherwise you've just stupidly erased the benefit of your locked room.
  I don't think you've solved the problem, just changed where the attack point is -- and that's the serial cable.
  Yours just adds complexity so now you have two rooms which need to be secured.
  Yo dawg, I hear you like locked rooms ...
  
  --
  Lost at C:>. Found at C.
14. Re:Audit trails, dammit? by Anonymous Coward · 2015-04-14 05:50 · Score: 0
  
  even people working in the lab didn't have access to the closet.
  At multiple previous universities I've worked at, the broom closets were often some of the most secure rooms in the building for some reason. At several places they would have logged electronic locks, while labs were still using mechanical keys because the university said electronic keys were too expensive (stolen equipment came from grant money anyway, not university money). That said, there was usually someone in the IT or machine shop crew who worked out a way to bypass the locks on the door, who you would go to when you needed to break into the close because you just needed to borrow a mop.
15. Re:Audit trails, dammit? by gewalker · 2015-04-14 05:51 · Score: 1
  
  Sounds like this could change due to Congressional interest though. Major Cruise Lines Begin Posting Crime Stats. Admittedly this is crime stats not cruise ship deaths, but there is enough overlap death stats might be publicly known eventually.
16. Re:Audit trails, dammit? by RavenLrD20k · 2015-04-14 07:26 · Score: 1
  
  I dunno about you, but I've seen some heavily secured broom closets. 5 inch solid doors, anti-pick plates around the latches (all three of them), dual deadbolt locks each with a different key... You'd think the janitors were keeping some kind of chemical weapon stored in there instead of just some ammonia and bleach with a mop.
17. Re:Audit trails, dammit? by JazzLad · 2015-04-14 07:50 · Score: 1
  
  I get 500,000 results ...
  
  --
  "If you have nothing to hide, you have nothing to fear." - Every fascist, ever
18. Re:Audit trails, dammit? by david_thornley · 2015-04-15 06:52 · Score: 1
  
  Of course I haven't read TFA, but I presume he entered the room with some sort of storage device (probably USB) to copy things from there to the computer. Put in a terminal and you make that harder. Have a special computer in the link that does nothing but log all data, and you've made the crime much harder.
  Somebody's going to have to enter the computer room sometime, but if it's more rare then the attack surface is diminished, and additional precautions become possible.
  
  --
  "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
White Rabbit Object by Anonymous Coward · 2015-04-14 02:24 · Score: 0

should of taken down the raptors fences as well.
1. Re:White Rabbit Object by Anonymous Coward · 2015-04-14 02:46 · Score: 0
  
  should HAVE
  there is no instance where "should of" is ever right except if you're able to put a comma after should. It should, of course, be obvious.
  This is not about being a grammar nazi, this is about making sure that people stop seeing badly written language and then memorize it.
2. Re:White Rabbit Object by Anonymous Coward · 2015-04-15 11:20 · Score: 0
  
  dud, u shuddof tkn ur meds
Erm.. Why a computer? by thegarbz · 2015-04-14 02:25 · Score: 5, Insightful

What is the point of using an expensive and highly locked down computer in place of a dead simple machine filled with pingpong balls?
1. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 02:36 · Score: 2, Insightful
  
  Hard to justify millions of dollars in spending for ping pong balls and a GoPro camera.
2. Re:Erm.. Why a computer? by slashmydots · 2015-04-14 02:43 · Score: 2, Informative
  
  They have been proven statistically not random.
3. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 02:44 · Score: 0
  
  From a comment higher up in the thread, this:
  http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal
  is why.
4. Re:Erm.. Why a computer? by MasseKid · 2015-04-14 02:45 · Score: 2
  
  Because supposedly, it was more secure than pingpong balls, which have been hacked in the past. http://en.wikipedia.org/wiki/1...
5. Re:Erm.. Why a computer? by Whorhay · 2015-04-14 02:48 · Score: 3, Interesting
  
  Neither is the computer though. I wonder what the difference is and if it actually is significant enough to matter. I'd just go with a set of dice, buy new dice for every drawing and pick some random person on the street to roll the dice each time.
6. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 03:03 · Score: 0
  
  Citation needed.
7. Re:Erm.. Why a computer? by Sloppy · 2015-04-14 03:03 · Score: 3, Insightful
  
  Because 9/11. Someone exploited the previous system once, so instead of thinking, we need to make expensive, radical changes.
  I like all the questions in this thread. People, if you're going to start asking questions, just cut to the end and ask why have a lottery at all. They are a totally worthless idea. Every second you spend on thinking of how to "fix" their integrity, is a second you could spend on something much more useful, like thinking about how to make dog shit taste like chocolate pudding. Now let's get to work on the cocoa powder experiments, everyone.
  
  --
  As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
8. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 03:15 · Score: 0
  
  Neither is the computer though. I wonder what the difference is and if it actually is significant enough to matter. I'd just go with a set of dice, buy new dice for every drawing and pick some random person on the street to roll the dice each time.
  And how do you pick that random person, eh?
9. Re:Erm.. Why a computer? by 140Mandak262Jamuna · 2015-04-14 03:23 · Score: 1
  
  Yes, lottery is a tax on mathematically challenged.
  But such people exist, and if the government does not provide it, more unscrupulous operators will fill the vacuum and skin them alive even more. Ideally we should educate the people so that they slowly stop gambling. In the mean time, provide slightly better alternatives than criminal gangs.
  
  --
  sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
10. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 03:36 · Score: 0
  
  Lol, I always enjoy the smug idiots who blather about the lottery being a "tax on the mathematically challenged".
  First, in some cases playing the lottery actually makes mathematical sense. When it gets high enough, the expected return on your dollar is positive. So...math?
  Second, it's an entertainment expense. You play it for the anticipation and to imagine (with at least a nonzero, if only within rounding error) winning.
  Now, this isn't to say people don't spend money they can't afford to spend, which really is dumb.
11. Re:Erm.. Why a computer? by gnasher719 · 2015-04-14 03:40 · Score: 1
  
  Yes, lottery is a tax on mathematically challenged.
  My more generous interpretation is that a lottery sells you one week of hope that you might get rich for very little money. That's why the USA have these ridiculously high lottery winnings.
  
  Imagine you were put in a room with 19 others. And they tell you "one of you has won the $200 million lottery. We'll give you a choice: You can all 20 each walk out with $10 million, or one walks out with $200 million and the rest with nothing". What would you pick?
12. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 04:05 · Score: 0
  
  Now days the balls are coded with stuff the makes finger prints show up and they flip coins right before the draw to see what set of balls they are going to use.
13. Re:Erm.. Why a computer? by RobinH · 2015-04-14 04:10 · Score: 1
  
  It's not like a machine filled with pingpong balls can't be hacked either. True, it might be easier for a layperson to detect tampering, and that's worth it right there.
  
  --
  "I have never let my schooling interfere with my education." - Mark Twain
14. Re:Erm.. Why a computer? by itzly · 2015-04-14 04:19 · Score: 1
  
  And they tell you "one of you has won the $200 million lottery. We'll give you a choice: You can all 20 each walk out with $10 million, or one walks out with $200 million and the rest with nothing".
  I would take the $10 million, without any hesitation.
15. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 04:40 · Score: 0
  
  Neither is the computer though.
  I take it that people haven't heard of hardware random number generators? I'd be very much surprised if lotteries don't use them.
  http://en.wikipedia.org/wiki/Hardware_random_number_generator
16. Re:Erm.. Why a computer? by HornWumpus · 2015-04-14 04:51 · Score: 1
  
  I've seen it get high enough that a simple minded analysis shows a positive return. They always neglect the chance they will have to split the winnings.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
17. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 04:51 · Score: 0
  
  ..... and pick some random person on the street ....
  Ahh, there's your problem.
18. Re:Erm.. Why a computer? by HornWumpus · 2015-04-14 04:57 · Score: 1
  
  'Numbers' games never had house odds as high as state lotteries.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
19. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 05:02 · Score: 0
  
  Analysis here, and elsewhere. I don't buy the taxes argument as meaningful, any way you make money will be taxed.
20. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 05:06 · Score: 0
  
  Marginal benefit of the first $10 million is the highest. Taking the sure $10 million over a 1/20 chance at $200 million is the rational way to maximize self interest. Unfortunately a large proportion of the population is stupid enough to act against their own best interest, for which claim I need no more proof than the existence of the lottery.
21. Re:Erm.. Why a computer? by slashmydots · 2015-04-14 05:23 · Score: 1
  
  WRONG. They have photon splitter quantum mirror thingies as PCI cards now - as seen on Slashdot. It does something with fiber optics where the photo has precisely 50% chance of going left or right after hitting some kind of quantum mirror thing. Over a trillion results, the variance was like 50.00000000000001% or something.
22. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 05:37 · Score: 0
  
  Hardware Random Number Generator
  You can configure something that is (allegedly) quantum-random. For example: a Geiger counter connected to a computer that detects radioactive particles emitted by a smoke detector.
23. Re:Erm.. Why a computer? by Solandri · 2015-04-14 05:55 · Score: 1
  
  The computer is a lot easier to audit. You can have it run a million drawings in a few seconds, burn the output to a blank CD (since you don't want to be inserting flash drives into it), then have another computer audit those million drawing results for similar randomness.
  
  Auditing a physical random drawing machine means weighing and measuring each part to be sure its still within specs, and making sure there aren't other possible vectors for cheating, like smooth vs rough balls. In one lottery where the balls were drawn by blindfolded kids, they've even heated or chilled the balls which were supposed to be drawn. Which cannot be detected in an audit after the fact.
24. Re:Erm.. Why a computer? by Whorhay · 2015-04-14 06:02 · Score: 1
  
  That does seem to be very random, although not actually perfectly random as you noted with a miniscule variance. I'm not trying to claim that using new dice with different people rolling the dice will be more random, it could quite possibly be less random. My main points though are:
  Would rolling dice be sufficiently random such that guessing the most likely numbers is impractical?
  Would rolling dice be an easier system to corrupt, as apparently happened in this case?
25. Re:Erm.. Why a computer? by 0123456 · 2015-04-14 06:05 · Score: 1
  
  I would take the $10 million, without any hesitation.
  Yes, it's a silly scenario. The point of a lottery is that you pay a small amount of money for a tiny chance of making life-changing money. $10 million is already life-changing money for most people--they can pay off their debts, buy a bigger house and retire--so there's little incentive to hold out for more.
26. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-14 06:22 · Score: 0
  
  Now try thinking like someone who would like to defeat your simple solution. What might you do to cheat the system?
27. Re:Erm.. Why a computer? by 140Mandak262Jamuna · 2015-04-14 06:36 · Score: 1
  
  That is not the game played by lottery. To keep the pot at 200 million, and nplayers=20, we need to raise the price of the ticket to 10million + house margin. Something like 22 million. (Yes, the pot is less than 50% of the collection) So would you pay 22 million bucks for 1/20 chance of winning 200 million dollars?
  
  --
  sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
28. Re:Erm.. Why a computer? by HornWumpus · 2015-04-14 06:44 · Score: 1
  
  Taxes are meaningful. You buy lottery tickets with after tax money. Ignoring taxes is the only way to make the lottery ever seem like a good bet.
  Taxes is another way that illegal numbers games are better then lotteries.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
29. Re:Erm.. Why a computer? by thegarbz · 2015-04-14 10:21 · Score: 1
  
  Lack of randomness would be inherent in the manufacturing intolerance of the balls and can be easily mitigated by replacing the balls every week which would actually be quite cheap. The rest is the result of chaos and inherently random.
30. Re:Erm.. Why a computer? by thegarbz · 2015-04-14 10:23 · Score: 1
  
  They are a totally worthless idea.
  They are no more worthless than the idea of gambling in general, it provides a brief amount of suspense and hope, and adds an element of luck to life.
  Not totally worthless. But close.
31. Re:Erm.. Why a computer? by thegarbz · 2015-04-14 10:27 · Score: 1
  
  Why? People get joy out of gambling. Many people like the idea that they have skin in the game that is based on luck. Even when the odds are against them, and even when they know the house will take home more at the end of the day then they do people still get a kick out of these games.
  I as an engineer who does statistics on a daily basis also play lottery occasionally. The only people who are being taxed are those who think they can do this for a living and make money, and then the bitter irony is that some top mathematicians have managed to game various lotteries to actually beat the house, so you tax the mathematically challenged, ignore the mathematically competent, and fund the mathematical genius.
32. Re:Erm.. Why a computer? by Whorhay · 2015-04-15 07:06 · Score: 1
  
  Two ways that I can think of off the bat:
  1. Rigged dice
  2. Dice roller using slight of hand
  For rigged dice it should be simple enough to roll the dice a few times before hand to verify that they work properly. Use a single pair of dice, one representing 10's the other 1's, roll both together once for each number in the lottery. I suppose you could use an electric magnet with rigged dice to get them to roll how you want but I'm not sure you could do anything other than cause the same number to be rolled each time, which would be blatantly obvious as cheating.
  For a non-random person, and yes I realize that picking a random person is just as error prone as anything else, you could get your own ringer. The trouble then is what could that ringer accomplish? Are their people that can actually roll dice consistently enough to roll the numbers they want? Barring that possibility they could use slight of hand to substitute rigged dice for each roll. The problem with slight of hand is that it only looks magical and convincing when you aren't looking for it. Pick people wearing short sleeves and keep multiple cameras trained on them at all times and you've ruled out that threat entirely.
  For me the biggest reason to go with something simple like dice is that the ways to cheat it are pretty obvious and easily detectable if you are looking, corrupting it would require multiple people to be involved in the cheating. The output from a computer for random numbers in such a system is far easier to cheat because it is so complex that most people involved may not even know what they are looking for and it only requires a single person that is passably sly to pull it off.
33. Re:Erm.. Why a computer? by Anonymous Coward · 2015-04-15 11:22 · Score: 0
  
  Gah, i hate it when I see such a bullshit comment, sitting at (Score: 3 (unqualified)), which after downmodding it becomes (Score 2, Informative).
  
  This is complete and utter crap.
  
  Posting as AC beause I modded you down.
34. Re:Erm.. Why a computer? by Jack+Griffin · 2015-04-15 23:23 · Score: 1
  
  Yes, lottery is a tax on mathematically challenged.
  Not so. I have a degree in Maths, I buy the odd ticket form time to time when the jackpot gets high because a few dollars is small entry fee for a few days of dreaming of what I would do if I won millions. I know the chance is next to zero, but it is still non-zero which is all you need to dream. Buying a movie ticket has a similar value proposition.
RNG? by ArcadeMan · 2015-04-14 02:29 · Score: 2

RNG sucks. I'd rather play a BLM or a THF.

--
Get free satoshi (Bitcoin) and Dogecoins
1. Re:RNG? by Anonymous Coward · 2015-04-14 11:39 · Score: 0
  
  RDM forever...
  (The Avesta type, not the Refresh-whore)
  --sf
2. Re:RNG? by Anonymous Coward · 2015-04-14 13:40 · Score: 0
  
  not before rng/nin was nerfed in 2005, with kraken club they were absolute kings
They just don't want to pay him by drknowster · 2015-04-14 02:29 · Score: 1

poor bastard
Why not use something better for RNGing the Lotto? by Anonymous Coward · 2015-04-14 02:32 · Score: 0

Like I dunno a physical mechanism that relies on nuclear decay to decide what number to hit. They aren't that complicated, they aren't any more dangerous than a smoke detector and unless you can hack physics (at which point you probably no longer care about money) you can't really mess with them.
In any case this just goes to show the old adage holds true, your system is only secure as its weakest component. Also something about all security measures pretty much flying out the window the second someone has physical access to your hardware etc etc.
Why are lottery employees allowed to play at all? by Errol+backfiring · 2015-04-14 02:34 · Score: 0

When I read contest or lottery rules, it always states that the people who work at the organising organisation are not allowed to participate in it. Even if everybody plays fair, an organiser winning his own lottery will be suspected of foul play.

--
Nae king! Nae laird! Nae yurrupiean pressedent! We willna be fooled again!
Why are they even allowed to play? by Anonymous Coward · 2015-04-14 02:35 · Score: 0

When I worked for a firm responsible for auditing a lottery, we weren't legally allowed to play... the entire company couldn't play, no matter how "close" you were to the auditing.
1. Re:Why are they even allowed to play? by Anonymous Coward · 2015-04-14 03:00 · Score: 0
  
  Employees aren't allowed to play, if you read the article they note that he tried to mask the fact that he was claiming the prize. He apparently waited until the last minute to make the claim and when he did so it was through a shell company that in turn was represented by an attorney.
2. Re:Why are they even allowed to play? by war4peace · 2015-04-14 03:07 · Score: 1
  
  Another someone who hasn't read TFA.
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
3. Re:Why are they even allowed to play? by HornWumpus · 2015-04-14 04:52 · Score: 1
  
  Get out FA reader. We don't like your kind.
  
  --
  John McAfee 'It was like that time I hired that Bangkok prostitute; to do my taxes, while I fucked my accountant'
4. Re:Why are they even allowed to play? by war4peace · 2015-04-15 07:01 · Score: 1
  
  Because knowledge is dangerous and steers you away from the righteous path?
  
  --
  ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
Who controls the cameras? by whoever57 · 2015-04-14 02:35 · Score: 4, Interesting

Why do people who have access to the computer also have the ability to control the cameras?
Splitting responsiblity this way is such a basic and obvious security measure.

--
The real "Libtards" are the Libertarians!
1. Re:Who controls the cameras? by JMZero · 2015-04-14 03:50 · Score: 1
  
  Crazy, eh? It's almost like the information security director wasn't doing a good job. I'm guessing you could find a number of non-optimal things in the setup, given that the person in charge of security was probably not terribly interested in catching himself.
  
  --
  Let's not stir that bag of worms...
2. Re:Who controls the cameras? by Anonymous Coward · 2015-04-14 14:01 · Score: 0
  
  Splitting responsiblity this way is such a basic and obvious security measure.
  The accurate term is Separation of duties, and security measure is something you decided after going through the task of risk assessment, which includes identifying and valuing assets.
  So why would I want to spend resources protecting a system that is just a glorified vending machine where the clogged up change dispenser is cleared out to a random customer once in a while?
Just roll some dice by __aabppq7737 · 2015-04-14 02:36 · Score: 1

The intercept believes that dice are cryptographically secure, and I wouldn't doubt it if they were well polished. Honestly, it's probably much easier is it to secure the integrity of the results of rolling dice, if everyone in a crowd watches the roll. (Of course, you'd need reasonable physical security to protect against enraged losers)
1. Re:Just roll some dice by Anonymous Coward · 2015-04-14 03:02 · Score: 0
  
  Drilling pips, sizing, weighting, edging (sharp/burred/smooth), adding hair, changing the numbers on sides, etc, etc. Even if the person throwing them is honest, many of those are hard to detect without constant and very precise scientific measurements, and will, in the long run, guarantee a certain pattern.
  http://www.straightdope.com/columns/read/2878/how-do-you-load-a-pair-of-dice
2. Re:Just roll some dice by Anonymous Coward · 2015-04-14 03:22 · Score: 0
  
  Who says you have to let anyone have direct access to the dice? Have them manufactured, independently verified and certified as random by a group of people. Then seal them in a large clear plastic/glass enclosure that is glued shut. "tossing" them is done by some kind of mechanism that either shakes the whole enclosure or simply turns it over. I have a difficult time believing you could accurately rig such a system without doing something very obvious.
3. Re:Just roll some dice by Anonymous Coward · 2015-04-14 03:27 · Score: 0
  
  It's impossible to make a dice with certain numbers of even sides. For example, the UK lottery has 49 balls and you can't have a 49 sided die.
Re:Why are lottery employees allowed to play at al by gstoddart · 2015-04-14 02:43 · Score: 1, Informative

Seriously, why don't you RTFA where they point out that a corporation registered in Belize tried to claim this prize through an attorney in New York.
It's not like the someone who was barred from playing walked in and tried to claim the prize.
Yes, your what you say is obvious. So obvious, in fact, that it isn't what happened.

--
Lost at C:>. Found at C.
Re:Why are lottery employees allowed to play at al by oodaloop · 2015-04-14 02:43 · Score: 1

Apparently he used a shell company.

--
Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
Last Paragraph by RivenAleem · 2015-04-14 02:48 · Score: 1

What happens if he testifies that he didn't tamper with the cameras? They will need more than all 4 other people testifying the same to prove perjury.
1. Re:Last Paragraph by Anonymous Coward · 2015-04-14 03:41 · Score: 1
  
  It's called "circumstantial evidence", which contrary to the TV definition is an actual valid type of evidence. He a) had access b) had motive c) bought the winning lottery ticket d) used a shell corporation to do so. There are probably an e, f, and g but I'm not in the prosecution.
  Once you take the odds of someone else having done it, it's probably more than 1 in 7 billion or whatever the population is. Ergo, he did it or orchestrated that someone do it.
2. Re:Last Paragraph by bluefoxlucid · 2015-04-14 04:41 · Score: 1
  
  There are a lot of sticking points here. They say it's reasonable to assume he did it, that it's reasonable to assume he planted a trojan to generate a winning number, and that it's reasonable to assume he messed with the camera when nobody else did. That's an awful lot of narrative, and needs some evidence backing it up; not a lot, but enough to show the trails leading in and out.
  I'm most interested in how he knew the numbers on the ticket. Did he specify what lotto numbers he wanted, or did he ask for a random ticket? If he asked for just a ticket, he'd need to hack the lotto computer after getting the ticket; the case rests on him hacking the machine at a specified time, before he bought a ticket, so they have to prove he self-selected the numbers at retail.
  
  --
  Support my political activism on Patreon.
Comp by Impy+the+Impiuos+Imp · 2015-04-14 02:49 · Score: 1

> glass room
Damn. This attack required simultaneously balls and a lack of balls, ping pong.

--
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
Why? by Anonymous Coward · 2015-04-14 02:56 · Score: 0

Why in the world are they using a full fledged computer to generate random numbers for the lottery? A simple random number circuit board in a locked glass box with a button the outside and a readout should be more than enough. If you want to be extra paranoid about security have a bunch of them manufactured by multiple companies while not telling those companies what they will be used for, use 3 or more at a time in your glass box and store the rest of them in a safe only accessible by 6 or more people and every few months randomly change out the boards and destroy the old ones.
Re:Why not use something better for RNGing the Lot by Holi · 2015-04-14 02:56 · Score: 1

Or you know a clear cylinder filled with numbered ping pong balls and an air compressor, like what they use in the largest lotteries.

--
Sorry, teleporters just kill you and then make a copy. A perfect, soul-less copy.
Network connection by bickerdyke · 2015-04-14 02:58 · Score: 1

Well, had it been connected to a network, an IDS could have raised an alarm that a usb device has been added. Or to rephrase uit for the /.-Crowd. "On localhost, noone hears you scream".
And somehow I still don't completly believe the "not connected to a network" thing. How would they transmit the drawn numbers to their frontend sytems? manually? How would this be secured against someone "mistyping" a few digits?

--
bickerdyke
Re:Why not use something better for RNGing the Lot by Anonymous Coward · 2015-04-14 02:59 · Score: 0

Like I dunno a physical mechanism that relies on nuclear decay to decide what number to hit. They aren't that complicated, they aren't any more dangerous than a smoke detector and unless you can hack physics (at which point you probably no longer care about money) you can't really mess with them.
I can mess with them. Bringing my own radiation source, I can force an arbitrary short delay between radioactive events. Lump of radium, or an industrial x-ray device.
The even easier course is to replace the display driver chip so it shows the numbers I want. You can get some very small microcontrollers - even smaller if you invest in a custom chip. Which you can do when your budget is the winning ticket.
Circumstantial much by guruevi · 2015-04-14 03:03 · Score: 4, Interesting

He's got the winning lottery ticket, there was a malfunction with the camera's. So far I haven't seen any 'evidence' that that person actually did it. He might have been in cahoots with his co-workers. Splitting the ticket 2-5-ways is still pretty lucrative.
If he did it, he was pretty dumb to think he could get away with it. He should've
1. Remained anonymous (if possible, some lotteries allow it, some don't), let his lawyer pick up the money
2. Gone for a lot lower number (winning low enough so you can get a cash payout at the shop (~$600/week is still a nice bonus))
3. Allowed enough time for the evidence to be destroyed (video camera's probably overwrite old stuff every n months) then played and collected. If you implement your own RNG, you could easily predict numbers in advance.

--
Custom electronics and digital signage for your business: www.evcircuits.com
1. Re:Circumstantial much by CaptainLard · 2015-04-14 03:44 · Score: 1
  
  Sounds like you two are on the same page!
  
  The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney.
  Unfortunately that means you're going to need a new plan...
2. Re:Circumstantial much by Anonymous Coward · 2015-04-14 03:45 · Score: 0
  
  He (or one of his associates) already failed before cashing in by going on a massive ticket buying spree with all the possible 4/6 combinations, and calling someone someone to listen in on the ticket machine printing all the tickets.
3. Re:Circumstantial much by Anonymous Coward · 2015-04-14 03:47 · Score: 0
  
  Well, (1) and (3) kind of did both happen. He lived in a place that didn't allow anyonymity, but a shell corporation (he supposedly set up) in Belize is where the winning ticket claim came from, not him directly. And that claim came within hours of the final deadline for claim, which is waiting as long as possible.
4. Re:Circumstantial much by pz · 2015-04-14 03:52 · Score: 1
  
  The parent poster (with three good ideas for less detectable malfeasance) is apparently smarter than the so-called security expert that is the subject of the article.
  Perhaps we catch only the stupid criminals, and the parent poster speaks with the voice of experience (wink, wink, nudge, nudge)?
  
  --
  
  Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
5. Re:Circumstantial much by Anonymous Coward · 2015-04-14 04:51 · Score: 0
  
  Lol. No. And you are using circumstantial as some sort of pejorative, which it isn't.
  Circumstantial evidence is just "logic evidence". You'd think nerds would understand this but I see so many posts like yours, and saw so many during the Hans Reiser trial. Once you add up enough circumstantial evidence with even a tiny amount or _no_ physical evidence to make it vanishingly likely anyone else committed the crime, you have your culprit.
  First of all, he did do #1. And arguing "if he did it, he would have been smarter" is a fairly bizarre argument. You could say that about any criminal who is caught.
6. Re:Circumstantial much by Anubis+IV · 2015-04-14 04:53 · Score: 1
  
  Except that the so-called security expert is being accused of doing two of the three things the parent poster said.
  1) He was as anonymous as possible. The lottery ticket was provided by a corporation in Belize that was claiming the prize via a New York-based lawyer.
  3) He allowed as much time as possible to pass. The ticket wasn't claimed until hours before it was set to expire, nearly a year after the drawing.
  Despite allegedly taking those steps, he's been caught.
7. Re:Circumstantial much by pz · 2015-04-14 05:35 · Score: 1
  
  Yes, now that I, too, read TFA, I see that. It appears that the fellow's biggest mistakes are (a) talking to other people about rootkits, and (b) buying the lottery ticket himself (or at least not wearing a disguise). Perhaps he should also have waited more than just a month to buy the ticket after rooting the machine. If he was really smart, then he might have started buying smaller wins, and became overconfident and greedy, but that's pure speculation.
  
  --
  
  Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
8. Re:Circumstantial much by Anonymous Coward · 2015-04-14 07:21 · Score: 0
  
  He should've
  1. Remained anonymous (if possible, some lotteries allow it, some don't), let his lawyer pick up the money
  He did - the ticket was claimed by a company in Belize through an attorney.
  
  2. Gone for a lot lower number (winning low enough so you can get a cash payout at the shop (~$600/week is still a nice bonus))
  Debatable. That would require far more can-trips, with every time coming with the potential to be caught.
  
  3. Allowed enough time for the evidence to be destroyed (video camera's probably overwrite old stuff every n months) then played and collected.
  Again, he did. He waited 'till the last minute, almost a year after the drawing.
9. Re:Circumstantial much by Anonymous Coward · 2015-04-14 10:31 · Score: 0
  
  RTFA much?
  God forbid you do that before fucking commenting.
10. Re:Circumstantial much by Jack+Griffin · 2015-04-15 23:27 · Score: 1
  
  Gone for a lot lower number (winning low enough so you can get a cash payout at the shop (~$600/week is still a nice bonus))
  This was what I was thinking. You don't need a million dollars in one go if you can get $1000/week for the rest for your life. Cheat small, but often and stay under the radar.
Re:Why are lottery employees allowed to play at al by war4peace · 2015-04-14 03:04 · Score: 2

Someone hasn't read TFA.

--
...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
Kids these days. Harrumph! by operagost · 2015-04-14 03:10 · Score: 2

Darn young baby boomer whippersnappers are so lazy. He wouldn't have been caught if he'd just typed in the code live instead of slothfully brandishing a newfangled flash drive!
cat > rootkit.exe
In my day, I would've had to key it in the front panel! A command shell is pure luxury!

--

Gamingmuseum.com: Give your 3D accelerator a rest.
How did he cash in the ticket? by sirwired · 2015-04-14 03:11 · Score: 0

I would have thought that in every state with a lottery, lottery employees and their immediate family are simply prohibited from playing. (And close friends get really intense scrutiny.)
douchebaggery by Anonymous Coward · 2015-04-14 03:15 · Score: 0

One might wonder why the "draw tower" of computers even had accessible USB ports. Or why they were not superglue filled in with stubs. I think that every person who has ever bought a lottery ticket from them should join in a class action suit...
Hot Glue by g0bshiTe · 2015-04-14 03:16 · Score: 1

In the USB slot would have prevented this, or add the policy to ignore USB's or disable USB's in bios. Those are just off the top of my head for preventing something like this.

--
I am Bennett Haselton! I am Bennett Haselton!
1. Re:Hot Glue by phorm · 2015-04-14 03:29 · Score: 1
  
  Even an RNG etc might periodically need updates, for which it's not unreasonable to assume USB drives might be used. Having better audit practices would help, but it sounds like they already had a "minimum 2-person team" requirement that this dude bypassed due to his privileges as head of security. It's a case of "who watches the watchers"
How can he even play the lottery? by rdwwdr · 2015-04-14 03:24 · Score: 0

How is it the "information security director of the Multi-State Lottery Association" is allowed to play the lottery? I figure the standard legalese around this is anyone working for the lottery, and their families, can't play. Actually he can't and has been arrested according to this Jan 15 article http://www.lotterypost.com/new....
Lottery by computer? ROFL by cfalcon · 2015-04-14 03:27 · Score: 1

If the lottery is made by computer, why would anyone trust that?
It's not rocket science. You don't need a jilliflops of processing to make a few random numbers each WEEK. How about those nice machines with the balls that zip around? Or honestly, even dice thrown down a staircase. There's so many better ways to make random numbers. Computers are TERRIBLE at random numbers, requiring special hardware to not just be pseudorandom, and a bunch of people to certify that it is, in fact, random. The only reason ANYONE should generate random numbers from a computer EVER is if:
1- You need it for software and they don't need to be that random (so you by definition already have a computer, and a pseudorandom thing will work)
2- You need a WHOLE LOT of random numbers, more than could be created physically for similar cost
Terrible design. A computer is the worst possible way to solve this problem.
This is News for Nerds... but it shouldn't be. Lotteries should NEVER use computers to generate numbers. They are discrete procedural machines, and can't make randomness without special hardware, then every step along the way from hardware generation to presentation has to not be corrupted.
NUMB3RS by barlevg · 2015-04-14 03:34 · Score: 1

I remember this episode...
I see other possibility by Anonymous Coward · 2015-04-14 03:41 · Score: 0

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment
Or that four others did it together.
The obvious defence. by SuricouRaven · 2015-04-14 03:43 · Score: 0

"If I had intended to defraud the lottery, do you think I could have been so idiotic as to buy the ticket myself? If I were guilty, I wouldn't have been caught."
I like the logic described in the summary by DickBreath · 2015-04-14 03:46 · Score: 1

We suspect the cookie jar was robbed. I think Joe put his hand in the cookie jar. Five total people including Joe had access to the cookie jar. The other four will testify, pass a polygraph, psychic mumbo jumbo, whatever, that they did not put their hand into the cookie jar. Thus, it MUST have been Joe!

--

I'll see your senator, and I'll raise you two judges.
1. Re:I like the logic described in the summary by Anonymous Coward · 2015-04-14 04:15 · Score: 0
  
  He bought the winning ticket. Who else could it be.
Re:Why not use something better for RNGing the Lot by lengel · 2015-04-14 03:47 · Score: 1

Like I dunno a physical mechanism that relies on nuclear decay to decide what number to hit. They aren't that complicated, they aren't any more dangerous than a smoke detector and unless you can hack physics (at which point you probably no longer care about money) you can't really mess with them.
In any case this just goes to show the old adage holds true, your system is only secure as its weakest component. Also something about all security measures pretty much flying out the window the second someone has physical access to your hardware etc etc.
I would not have to hack the physics, I would hack the detector.
USB ports?!?!? by pz · 2015-04-14 03:48 · Score: 0

An air-gapped computer that still had unsecured USB ports?
Some people don't get it.

--

Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
1. Re:USB ports?!?!? by gweihir · 2015-04-14 10:00 · Score: 1
  
  The tragic thing here is that this abysmally bad level of security is by far not the worst you will regularly find in installation that really need working security.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
He should have... by sycodon · 2015-04-14 03:48 · Score: 4, Funny

...put the cameras on a 30 minute loop and hired an acrobat to lower into the room from the roof after hours and change the system. Then do the Lotto Commissioner's wife to keep him distracted.
Just be sure to check for a new logo on the floor.

--
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
duhhh by Anonymous Coward · 2015-04-14 03:50 · Score: 0

I don't see the problem. Morons pour money into pot in the hopes the will get all the money all the morons poured into the pot.
Each [drawing time-frame,] a portion of the money from the pot is removed to pay all the parasites who instead of getting real jobs, work for the people who started the scheme in the first place, or ARE the people who started the scheme in the first place. Those people can be said to be winning the lottery every [drawing time-frame]. What's LEFT is then maybe awarded to one of the morons who put money in, the rest are out of luck, and out a portion of their (presumably) hard-earned money.
Eventually, one of the morons, by sheer luck, wins the pot, or at least, what's left of it after all the money comes out to pay for and pay-off all the people who need their palms greased to keep this random pyramid scheme legal, and of course the cost of actually running the thing, the cost of advertising it, the cost of printing up all the tickets, the machines to print the tickets, the facilities for deciding what the winning numbers will be, and of course the kickbacks that they give, ironically, to education, (which if it worked, no one would play the lottery anymore,) ALL OF WHICH comes out of ticket sales. That pot, minus what's been siphoned off, goes to one or maybe a small number of morons. THEN the fools are offered a fraction of the pot if they want all of it now, instead of a tiny fraction of it paid to them over a loooong time.
Either way, the moron(s) who "win" then pay about half of that money to the government, and blow the rest on bullshit in short order.
Total paid in might hypothetically be 10 million dollars over the period for a given game. The total paid out however is likely a tiny fraction of that. All these dipshits would have been better-off keeping their money, instead of squandering it like the retards they are, on useless and worthless lottery tickets.
This is why they say, a lottery is a tax on people who are bad at math.
The government loves them though, because it gives hope to morons, tax dollars to them, (repeatedly on the same work done,) and gives lots of opportunities for people to make money disappear into the pockets of people in government. It's the ideal tax. It makes lots of money that doesn't have to be paid out for any particular thing, and the people being taxed are volunteering to be taxed, because they're too fucking stupid to realize it.
If I were king, emperor, or some other absolute autocrat, I would leave lotteries and gambling legal, but eliminate ALL regulation, and laws regarding them, and run periodic PSA's letting people know that if they are fucking stupid enough to throw money down a rathole on a rigged game, the government won't care if the games are rigged, fixed, etc., because there shouldn't be a law against people hurting themselves. If you feel you deserve to be hurt, here's a hammer. Have at it, man. However... doing so will revoke any and all health and/or life-insurance coverage you have.
Re:Lottery by computer? ROFL by DickBreath · 2015-04-14 03:51 · Score: 1

How about a bunch of dice in a box with a shaker, a camera, and purpose built OCR software to identify the numbers on the dice.

Instead of a dice, one could use a coin. Now generate me a 4096 bit random number. :-)

Oh, you did say computers needed special hardware in order to not be psuedorandom.

--

I'll see your senator, and I'll raise you two judges.
News Flash by Anonymous Coward · 2015-04-14 04:00 · Score: 0

All state and multi-state lotteries are rigged. Ask yourself, why do the lottery jackpots seem to get larger around the holidays before they are won? They aren't rigged to let a specific individual win. They are rigged to only allow winning when the amount is sufficient for the state to get a good chunk of money.
Re:Lottery by computer? ROFL by itzly · 2015-04-14 04:25 · Score: 1

Oh, you did say computers needed special hardware in order to not be psuedorandom.
Not terribly difficult, though. A $10 web cam with a lens cap on works well enough.
And actually, pseudo random works too, as long as you encrypt it with a secret key. The difficulty is ensuring that nobody knows the secret key.
Foolproof by Sqr(twg) · 2015-04-14 04:30 · Score: 1

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions -The fifth person is defendant."
Sounds convincing, until you realize that this would also be true if they were prosecuting any one of the other four.
1. Re:Foolproof by rahvin112 · 2015-04-14 06:54 · Score: 1
  
  That's why it's called circumstantial evidence. As noted in the thread already it's not hard to build up enough circumstantial evidence that he did it such that it rules out anyone but him. The fact that he purchased the ticket is pretty damning, he's not allowed to participate in the lottery as a condition of employment. The rest just layers on the evidence such that a jury will conclude he did it.
B-15 by Anonymous Coward · 2015-04-14 04:34 · Score: 1

B as in betrayal.
A more movie-worthy real-life crime story by Anonymous Coward · 2015-04-14 04:46 · Score: 0

"what may be the most movie-worthy real-life crime story of the year so far:"
I'd disagree - I'm pretty sure that this is straight out of Hollywood: http://www.bbc.co.uk/news/uk-england-london-32291526
Obligatory bitcoin spam by Anonymous Coward · 2015-04-14 04:52 · Score: 0

Google "provably fair gambling" and never buy a state-issued lottery ticket again
TFS is missing important data... by hcs_$reboot · 2015-04-14 04:56 · Score: 1

On December 23, a little more than a month after Tipton allegedly tampered with the computers, a man at a convenience store was video taped buying a Hot Lotto ticket that later won the $14.3 million payout. Authorities identified the man as Tipton, but as an employee of the association that administered the lottery, he was barred by law from buying lotto tickets or claiming lottery prizes. The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney

--
Slashdot, fix the reply notifications... You won't get away with it...
1. Re:TFS is missing important data... by gweihir · 2015-04-14 09:57 · Score: 1
  
  So this guy is a shoddy operator in addition. On the other hand, what can you expect in a government employee.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Rookie mistake by Anonymous Coward · 2015-04-14 05:18 · Score: 0

It was a basic mistake for this guy to change the camera capture rate. Everyone knows that the proper way to do this is to build an exact replica of the room, pre-record your supposed legitimate actions in the replica room, and then overlay that footage onto the live feed from the camera using a split-screen technique (so that the mandatory accompanying person still shows up on the video) and patch the doctored camera feed back into the system in place of the real one.
How? by Anonymous Coward · 2015-04-14 05:27 · Score: 0

So exactly how did he get a store's machine to print a winning lottery ticket a month after infecting the machine?
Real ping pong balls are best by ITRambo · 2015-04-14 05:37 · Score: 1

Never use an electronic random number generator for any game of chance. Use physical means, like picking bouncing ping pong balls, painted with numbers, one at a time. That's pretty hard to crack without superpowers.
So the street urchin... by Anonymous Coward · 2015-04-14 05:48 · Score: 0

Buys THREE extra tickets on that number, ensuring himself of 75% of the jackpot and laughing all the way to the bank.
This scenario must have passed through the criminal's mind on the way to his ultimate and suboptimal solution...
The prosecutors ought to be impeached by Stormy+Dragon · 2015-04-14 05:50 · Score: 1

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."
So according to these prosecutors, taking your fifth ammendment right to remain silent == automatically guilty despite lack of evidence.
1. Re:The prosecutors ought to be impeached by LWATCDR · 2015-04-14 08:11 · Score: 1
  
  That is why he is the prosecutor and not the judge.
  Frankly it does not matter what he things it will matter what the Jury thinks and odds are very high that they will think he not telling the truth.
  What I do not understand is why he needed to change the time. A GPS receiver and a time server in the secure area should have been good enough.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
2. Re:The prosecutors ought to be impeached by Stormy+Dragon · 2015-04-14 08:21 · Score: 1
  
  That is why he is the prosecutor and not the judge.
  Prosectuors are still officers of the court and aren't allowed to make unconstitutional arguments to the jury.
3. Re:The prosecutors ought to be impeached by LWATCDR · 2015-04-15 05:21 · Score: 1
  
  He is not in court or in front of a jury.
  And really taking the 5th when asked that question will do enough damage during the trial that the DA will not need to say a word.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
four out of five? by chilenexus · 2015-04-14 06:22 · Score: 2

> "Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant."

In other words, five out of five individuals will testify that they did not change the cameras' recording instructions.
he will have gotten away with it by Anonymous Coward · 2015-04-14 07:24 · Score: 0

If he had taken somebody else as accomplice and split 50/50.
Balls by gatkinso · 2015-04-14 07:52 · Score: 1

I thought that the lottery used bouncing ping pong balls live on TV.

--
I am very small, utmostly microscopic.
There is a LOT more than just this by WindBourne · 2015-04-14 07:53 · Score: 2

Go look at the Powerball PRIOR to the new group bring awarded managing it.
You will see that over and over, the winners were on the east coast. Keep in mind that CA was one of the largest states to be part of Powerball, and had one of the most buyers of tickets, and yet, states on the east coast overwhelmingly won more than CA, esp. on the big ones.
Technically, it is possible. Statistically, it was theft that was going on.

--
I prefer the "u" in honour as it seems to be missing these days.
you underestimate tamperers. Child resistant by raymorris · 2015-04-14 08:33 · Score: 1

You under estimate the cleverness of those who seek to tamper. Tamper resistance somewhat weaker than the content protection on DVDs isn't too difficult. As you probably know, many people break that protection without even knowing that they are doing so. What you describe isn't tamper-proof, merely child-resistant.
You mention chips packaged with the intent that if the plastic is removed from the top of the chip, it stops working (sometimes). That's when you use thin needles to probe the chip right through the thin plastic. In some cases, you can simply remove the covering from the BOTTOM of the chip rather than the top.
Sweet Caps in the 1970s by justthinkit · 2015-04-14 08:49 · Score: 1

Showing my age but...

Some forty years ago, Sweet Chapparrel (sp?) cigarettes ran a promotion. Selected cig packs paid out. Turns out the scratch pattern on the pack was tied to the fly fishing lure displayed on the other side of the pack. Figure all this out, and you know how to scratch each ticket for best results. Next thing you know, people are travelling from town to town, buying up all the cigarettes.

People ended up buying freezers to store the cartons of cigarettes they purchased...

--
I come here for the love
Physical Security by HuskyDog · 2015-04-14 09:05 · Score: 1

The article states that the room could "only be entered by two people at a time". What does that mean exactly? Was it a very small room with only enough room for two people (or three if they're European :-) ). Or does it mean that none-one was allowed in on their own? In this latter rather more usefully secure case what process was used to enforce this rule? Just the CCTV?

Surely, systems like this need to be in rooms with locks which require multiple keys to open so that a lone individual can't get in no matter who they are? Perhaps a timed lock which can only be opened during normal working hours when there are plenty of people around would also be a good idea.
1. Re:Physical Security by gweihir · 2015-04-14 09:55 · Score: 1
  
  One instance I have seen of that, in something that had a bit higher security needs than the example here, was two card readers that needed to be used simultaneously. Turns out that a stick and some tape was enough to fool it. Problem was that even after we explained and offered to demonstrate, nothing happened. For years.
  
  --
  Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Highly locked-down computer? by DougPaulson · 2015-04-14 09:17 · Score: 1

"Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners"

A computer you can insert a thumbdrive into and infect with software isn't by definition LOCKED-DOWN.

What was the name of the Operating System that the RNG ran on?
Cannot have been reasonably secured... by gweihir · 2015-04-14 09:45 · Score: 1

I mean, even that it has ports for thumb-drives and accesses them readily without at the very least two people having to unlock them physically first is already grossly insecure. That you can set the cameras to partial recording and that the people that can do this are the same ones that are allowed to enter the room is beyond stupid and can only be called a criminal violation of separation-of-duties.
In short, they were setting themselves up for it, and the one that finally hacked the system is only to a small part the one responsible.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Re:Lottery by computer? ROFL by gweihir · 2015-04-14 10:03 · Score: 1

If the lottery is made by computer, why would anyone trust that?
Simple: People that play the lottery are already stupid. Just remember that a randomly selected person is typically deeply stupid. Capability is power-law distributed, not Gaussian. The 10-15% not stupid ones pull the average score up by a lot.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Even that's been hacked by Derling+Whirvish · 2015-04-14 17:54 · Score: 1

http://en.wikipedia.org/wiki/1... The 1980 Pennsylvania Lottery scandal, colloquially known as the Triple Six Fix, was a plot to rig the Daily Number, a three-digit game the Pennsylvania Lottery offers. All of the balls except four and six were weighted, meaning that the drawing was almost sure to be a combination of only fours and sixes. The scheme was successful in that 666, an expected result, was drawn on April 24, 1980.
Thanks for the info. by franciscoeduca · 2015-04-14 22:21 · Score: 1

Thanks you, have a nice day :) http://www.educa.net/curso/cur...
Re: Something more useful by Anonymous Coward · 2015-04-15 09:16 · Score: 0

Every second you spend on thinking of how to "fix" their integrity, is a second you could spend on something much more useful, like thinking about how to make dog shit taste like chocolate pudding.
No need as far as dogs are concerned. They alread think it does.
Many veterinary web sites talk about this.
Re:Lottery by computer? ROFL by DickBreath · 2015-04-16 05:37 · Score: 1

While encrypted psuedo random is a more complex function, it is still PSUEDO random not real random. Future output is a function (now a more complex function) of past output.

Not only the secret key must be kept secret, but the seed (either current or original) must be kept secret.

If the attacker knows the algorithm, which they might, then they may be able to analyze the output. If they know the seed, then the problem becomes one of a known-plaintext attack upon the encryption algorithm. If they know the encryption key, it becomes a matter of finding a seed that generates some known pre-encryption output of the psuedo random algorithm.

We could go back and forth about the practicality and difficulty of such attacks. But switching from psuedo to true random eliminates that entire discussion.

Your $10 webcam + lens cap is a good idea BTW. Or other similar ideas of using various sensors to capture random noise. Just hope the noise really is random. Also, a $10 webcam without a lens cap, pointed at something, like a busy street, might also be a source of randomness in the pixel data.

--

I'll see your senator, and I'll raise you two judges.
Why Could He Even Play? by herbierobinson · 2015-04-18 04:01 · Score: 1

Most places running lotteries forbid employees from playing (of at least from accepting the payout).
In fact, the public service ethics laws in most states would automatically forbid accepting the payout as a conflict of interest... Massachusetts' laws do and so do the Federal ethics laws. Many states base their own laws on the Federal laws; so, given the number of states in that multiple state lottery, there have to be a number of ethics laws that could be used to prosecute just on the basis of accepting the payout.

--
An engineer who ran for Congress. http://herbrobinson.us