Slashdot Mirror

← Back to Stories (view on slashdot.org)

Allegation: Lottery Official Hacked RNG To Score Winning Ticket

Posted by timothy on from the his-number-was-up dept.

SternisheFan writes with this excerpt from Ars Technica about what may be the most movie-worthy real-life crime story of the year so far: Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."

9 of 342 comments (clear)

  1. Honestly ... by gstoddart · · Score: 5, Interesting

    I'm actually surprised there haven't been more cases of insiders rigging lotteries.

    I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.

    --
    Lost at C:>. Found at C.
    1. Re:Honestly ... by Anonymous Coward · · Score: 5, Interesting

      http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal

      Nope, balls don't work either.

    2. Re:Honestly ... by OzPeter · · Score: 4, Interesting

      This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened.

      There was a case in Australia* with an a gaming machine based on a horse race scenario. Someone started winning big on it, and when the investigation was done it was discovered that when the game was not actively being played, it displayed a "demonstration" game .. that turned out to be the next real game that would be played (or some such). So all you had to do was to wait until the demo came on, then then when it finished, bet on the horse that one the demo.

      A perfect example of stupidity in the place of malice. So while your reasoning is potentially valid (and with a nod to Dennis Ritchie and his paper on trusting compilers), there is a broader set of reasoning to be against electronic gaming.

      * Writing from memory because I can't be bothered hitting google.

      --
      I am Slashdot. Are you Slashdot as well?
    3. Re:Honestly ... by Kaenneth · · Score: 4, Interesting

      Promotional machines/settings; they can set individual machine odds.

      A new cluster of machines come in they set the game to payout well, to get people addicted, so it becomes some people's favorite machine.

      After a couple weeks/months they slowly lower the percentage, while moving the machine out of the prime spot, with the addicts following it, and they set up the next new game...

    4. Re:Honestly ... by rahvin112 · · Score: 3, Interesting

      Most businesses have replaced or will replace their security cameras with high resolution cameras, typical 720P or higher. 1080P cameras are now the standard. This is a remarkably high resolution and with the recording being digital it is VERY easy to identify people. The lottery probably requires vendors to have such cameras.

  2. Re:This happened back in the day... by GerbilSoft · · Score: 5, Interesting

    And now for a follow-up question: Why exactly was a "highly locked-down computer" set to automatically execute code from flash drives?

  3. Who controls the cameras? by whoever57 · · Score: 4, Interesting

    Why do people who have access to the computer also have the ability to control the cameras?

    Splitting responsiblity this way is such a basic and obvious security measure.

    --
    The real "Libtards" are the Libertarians!
  4. Re:Erm.. Why a computer? by Whorhay · · Score: 3, Interesting

    Neither is the computer though. I wonder what the difference is and if it actually is significant enough to matter. I'd just go with a set of dice, buy new dice for every drawing and pick some random person on the street to roll the dice each time.

  5. Circumstantial much by guruevi · · Score: 4, Interesting

    He's got the winning lottery ticket, there was a malfunction with the camera's. So far I haven't seen any 'evidence' that that person actually did it. He might have been in cahoots with his co-workers. Splitting the ticket 2-5-ways is still pretty lucrative.

    If he did it, he was pretty dumb to think he could get away with it. He should've
    1. Remained anonymous (if possible, some lotteries allow it, some don't), let his lawyer pick up the money
    2. Gone for a lot lower number (winning low enough so you can get a cash payout at the shop (~$600/week is still a nice bonus))
    3. Allowed enough time for the evidence to be destroyed (video camera's probably overwrite old stuff every n months) then played and collected. If you implement your own RNG, you could easily predict numbers in advance.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com