Slashdot Mirror

← Back to Stories (view on slashdot.org)

Allegation: Lottery Official Hacked RNG To Score Winning Ticket

Posted by timothy on from the his-number-was-up dept.

SternisheFan writes with this excerpt from Ars Technica about what may be the most movie-worthy real-life crime story of the year so far: Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."

15 of 342 comments (clear)

  1. This happened back in the day... by GerbilSoft · · Score: 5, Insightful

    ...but instead of hacking a random number generator, they injected paint into the ping-pong balls used for the live drawing.

    http://en.wikipedia.org/wiki/1...

  2. Re:Honestly ... by Anonymous Coward · · Score: 5, Insightful

    You don't see it more often because only idiots actually try to skim the lottery via the actual lottery.

    The ones who get away with it are the guys taking it out of the account via the budget (usually for a tax break for their large donors), or taking bribes from shop owners who want to sell tickets.

  3. Re:Completely dumb by Harald+Paulsen · · Score: 4, Insightful

    Are all criminals dumb, or do we just catch the dumb ones?

    That's something I've always wondered.

    --
    Harald
  4. Erm.. Why a computer? by thegarbz · · Score: 5, Insightful

    What is the point of using an expensive and highly locked down computer in place of a dead simple machine filled with pingpong balls?

    1. Re:Erm.. Why a computer? by Anonymous Coward · · Score: 2, Insightful

      Hard to justify millions of dollars in spending for ping pong balls and a GoPro camera.

    2. Re:Erm.. Why a computer? by Sloppy · · Score: 3, Insightful

      Because 9/11. Someone exploited the previous system once, so instead of thinking, we need to make expensive, radical changes.

      I like all the questions in this thread. People, if you're going to start asking questions, just cut to the end and ask why have a lottery at all. They are a totally worthless idea. Every second you spend on thinking of how to "fix" their integrity, is a second you could spend on something much more useful, like thinking about how to make dog shit taste like chocolate pudding. Now let's get to work on the cocoa powder experiments, everyone.

      --
      As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  5. Re:Honestly ... by bondsbw · · Score: 4, Insightful

    Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:

    1) Casino boss invites high ranking government official.
    2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
    3) Official wins jackpot
    4) Boss wins jackpot (figuratively)

    You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.

    --
    All my liberal friends think I'm a conservative, all my conservative friends think I'm a liberal.
  6. Re:Completely dumb by oodaloop · · Score: 4, Insightful

    Probably the latter. The selection bias here is huge. The really smart criminals aren't caught.

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  7. Re:Honestly ... by TheCarp · · Score: 3, Insightful

    Maybe more people who do it are at least somewhat smart about how they employ their tools? It sounds like this guy did a lot of upfront planning, but then failed at some of the most basic precautions. Why would he be caught dead anywhere near a lotto point of sale during such a caper? Surely that many millions justifies an accomplice to do the actual ticket purchasing and crying in front of the media, and the promising to help grandma and the community.

    Note the implication in the article talking about rootkits....they clearly didn't find the actual software. If he hadn't been caught on video buying the ticket they would have little to go on.

    --
    "I opened my eyes, and everything went dark again"
  8. Re:Completely dumb by Rande · · Score: 4, Insightful

    The really smart criminals get into politics. Then, even if you are caught, nothing happens to you...unless you've pissed off another higher ranked politician, in which case it doesn't matter if you've actually done what you've been accused of.

  9. Re:Honestly ... by TWX · · Score: 5, Insightful

    There was a game somewhere that was proven to have software so faulty that it wasn't even capable of 'drawing' one of the possible numbers that players could choose.

    Computer-based random number generators are just about the worst possible way to conduct a lottery. They're not random, they're subject to tampering, they're only understood by a few people, and their function while operating cannot be observed by the public. They also aren't exciting.

    Machines that dump a bunch of balls into a spinning drum and then start pulling those balls out look cool on TV, plus they can be inspected, the public understands how they work, their operation is transparent, and because of the nature of the beast, are about as random as one can get within the context of a machine doing the drawing.

    --
    Do not look into laser with remaining eye.
  10. Re:Honestly ... by someone1234 · · Score: 4, Insightful

    You could ask any street urchin to buy a ticket for you.
    He has some highly sophisticated method, but was caught at the easiest part anyone could do better.

    --
    Patents Drive Free Software as Hurricanes Drive Construction Industry
  11. Re:Honestly ... by operagost · · Score: 4, Insightful

    Yeah, but he purchased the ticket himself, assuming the authorities are correct. He must have not even bothered to wear any kind of disguise, because convenience store cameras are usually so bad you can't even tell whether a perp is human.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  12. Re:Honestly ... by ShanghaiBill · · Score: 4, Insightful

    Another reason you don't see it more often, is that most lotteries don't use a software RNG. Many use labeled ping pong balls, in a transparent container, that are selected in front of a live audience, and broadcast on TV in real time. That is more difficult to rig.

  13. Re:Honestly ... by eth1 · · Score: 3, Insightful

    You could ask any street urchin to buy a ticket for you.
    He has some highly sophisticated method, but was caught at the easiest part anyone could do better.

    Hm... if someone came up to me as asked me to buy them a lottery ticket, I'd be rather suspicious. At the very least, I'd buy a second one with the same numbers and keep it for myself.