Allegation: Lottery Official Hacked RNG To Score Winning Ticket 342
A reader writes with this excerpt from Ars Technica about what may be the most movie-worthy real-life crime story of the year so far: Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.
In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.
"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."
In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.
"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."
Honestly ... (Score:5, Interesting)
I'm actually surprised there haven't been more cases of insiders rigging lotteries.
I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
Re:Honestly ... (Score:5, Insightful)
You don't see it more often because only idiots actually try to skim the lottery via the actual lottery.
The ones who get away with it are the guys taking it out of the account via the budget (usually for a tax break for their large donors), or taking bribes from shop owners who want to sell tickets.
Re:Honestly ... (Score:5, Insightful)
Another reason you don't see it more often, is that most lotteries don't use a software RNG. Many use labeled ping pong balls, in a transparent container, that are selected in front of a live audience, and broadcast on TV in real time. That is more difficult to rig.
Re:Honestly ... (Score:5, Funny)
I filled it with new balls all with the same number.... I CANT LOSE!
Re: (Score:3)
Surely, someone will notice the great big brass ones.
Re: (Score:2)
If you're going to steal $14 million you'd think you could at least figure out a way to not claim the winnings yourself. You need a trusted co-conspirator. It seems like if this guy hadn't been so obvious about it the plan would have worked just fine. So I wonder how many rigged lottery drawings have never been caught due to slightly more clever criminals?
Re:Honestly ... (Score:5, Funny)
You need a trusted co-conspirator.
Those words are mutually exclusive. :)
Re: (Score:3)
Yep, from TFA: "The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney."
Re:Honestly ... (Score:4, Insightful)
Re:Honestly ... (Score:4, Interesting)
Most businesses have replaced or will replace their security cameras with high resolution cameras, typical 720P or higher. 1080P cameras are now the standard. This is a remarkably high resolution and with the recording being digital it is VERY easy to identify people. The lottery probably requires vendors to have such cameras.
Re:Honestly ... (Score:5, Informative)
Not entirely, if you can trust that his interests and yours are aligned then you can generally trust him. Actually, I was reading some interesting articles on Rockefellar and the railroads recently, where they came up with an ingenious price fixing scheme where Rockefellar was a colluding customer whose interests were aligned with the conspirators.
Basically price fixing often has a loophole.....rebates. Colluding companies can still compete by offering secret rebates to customers, thus reducing the effective rate while appearing to honor the collusion agreement.
Enter the colluding customer. Rockefellar was in a uinique position as he owned several companies and nobody really knew what all companies he owned and didn't. He was given what were called "Drawbacks", that is rebates for every barrel of oil which shipped, whether he was the customer or not! This allowed him to ship under any name and still get his rebate without admitting which companies were his.
In this way, colluding entities were prevented from defecting by aligning incentives to create a kind of trust.
Re:Honestly ... (Score:5, Insightful)
Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:
1) Casino boss invites high ranking government official.
2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
3) Official wins jackpot
4) Boss wins jackpot (figuratively)
You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
Re: (Score:2)
Politicians can literally transform your hopes and dreams into money lining their wallet.
How could you tell?
Re:Honestly ... (Score:5, Interesting)
This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened.
There was a case in Australia* with an a gaming machine based on a horse race scenario. Someone started winning big on it, and when the investigation was done it was discovered that when the game was not actively being played, it displayed a "demonstration" game .. that turned out to be the next real game that would be played (or some such). So all you had to do was to wait until the demo came on, then then when it finished, bet on the horse that one the demo.
A perfect example of stupidity in the place of malice. So while your reasoning is potentially valid (and with a nod to Dennis Ritchie and his paper on trusting compilers), there is a broader set of reasoning to be against electronic gaming.
* Writing from memory because I can't be bothered hitting google.
Re:Honestly ... (Score:4, Informative)
Reflections on Trusting Trust -- Ken Thompson [win.tue.nl]
Re:Honestly ... (Score:5, Informative)
I worked for years in a slot machine company, and the scenario you propose would be difficult to execute. That sort of thing was easier in the old days when machines used socketed ROMs ... but today it's increasingly server managed and cryptographically signed and there is simply no way for the owner of a machine to flip a switch and rig the game.
A game will have several payout selections, like 95.6%, 98%, etc. and you can choose among them, but that is about it.
Slot manufacturers are under the microscope and will not jeopardize their licenses by making it easy for owners to rig games--at least in the US. The industry is HIGHLY regulated and multiple third party labs are involved in certifying the products.
Re:Honestly ... (Score:5, Funny)
I don't believe any slot machine only takes 2% house odds.
Re:Honestly ... (Score:5, Interesting)
Promotional machines/settings; they can set individual machine odds.
A new cluster of machines come in they set the game to payout well, to get people addicted, so it becomes some people's favorite machine.
After a couple weeks/months they slowly lower the percentage, while moving the machine out of the prime spot, with the addicts following it, and they set up the next new game...
Re: (Score:3)
There are a few, usually by the entrance. They move them around too. Most of the machines have significantly lower payout rates but there are always a few that have high payouts so people hear and see large payouts.
Re: (Score:3)
Of course, all they need to do is not get caught. Same thing happens with slot machines and other random chance electronic games... it's easier than lobbying:
1) Casino boss invites high ranking government official.
2) Boss says, "We know you'll have fun, but I think you'll have more fun on machine number 57 if you grant consideration to improving legal conditions surrounding our fine establishment."
3) Official wins jackpot
4) Boss wins jackpot (figuratively)
You're a fool if you don't think this happens. This is why I'm against electronic gambling. Not because of some moral "gambling is of the devil" thing... but because it would be trivial to rig these machines and then erase all evidence that anything fraudulent happened. Politicians can literally transform your hopes and dreams into money lining their wallet.
There (should be) a paper trail of payouts to any winner from any casino, for tax purposes. The distinction that a mechanical vs electronic device was "rigged" is totally secondary to that fact. If this was skirted, then several other laws were also broken that day.
Re: (Score:2)
Hell, you wouldn't even necessarily have to rig the machines - unlike analog machines which are completely governed by chance, digital machines are *required* to maintain a certain payout ratio to prevent rigging in the house's favor. Hence the subset of people who hang out around the slots waiting for a shot at a machine that hasn't paid out in a long time. And nobody is in a position to monitor which machines are getting especially "hot" like the boss.
Re: (Score:3)
This is why I'm against electronic gambling.
It's not any safer to utilize non-electronic. In spite of all the cameras at the casinos in Vegas, I've personally witnessed a couple of people get away with cheating. It can be trivial to do things right in front of a camera that won't be noticed.
Re:Honestly ... (Score:4, Insightful)
Maybe more people who do it are at least somewhat smart about how they employ their tools? It sounds like this guy did a lot of upfront planning, but then failed at some of the most basic precautions. Why would he be caught dead anywhere near a lotto point of sale during such a caper? Surely that many millions justifies an accomplice to do the actual ticket purchasing and crying in front of the media, and the promising to help grandma and the community.
Note the implication in the article talking about rootkits....they clearly didn't find the actual software. If he hadn't been caught on video buying the ticket they would have little to go on.
Re: (Score:3)
What is really hard is getting the money in the end and not being noticed.
Re:Honestly ... (Score:5, Insightful)
You could ask any street urchin to buy a ticket for you.
He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
Re:Honestly ... (Score:4, Insightful)
You could ask any street urchin to buy a ticket for you.
He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
Hm... if someone came up to me as asked me to buy them a lottery ticket, I'd be rather suspicious. At the very least, I'd buy a second one with the same numbers and keep it for myself.
Re: (Score:3)
You could ask any street urchin to buy a ticket for you. He has some highly sophisticated method, but was caught at the easiest part anyone could do better.
Think it through a bit more... this guy still has to collect with his winning ticket. It wasn't the act of buying the ticket alone that was suspicious, it was that he tried to claim the winnings while being in the employ of the lotto. I think that's a red flag everywhere.
Re: (Score:2)
Re:Honestly ... (Score:5, Insightful)
Computer-based random number generators are just about the worst possible way to conduct a lottery. They're not random, they're subject to tampering, they're only understood by a few people, and their function while operating cannot be observed by the public. They also aren't exciting.
Machines that dump a bunch of balls into a spinning drum and then start pulling those balls out look cool on TV, plus they can be inspected, the public understands how they work, their operation is transparent, and because of the nature of the beast, are about as random as one can get within the context of a machine doing the drawing.
Re:Honestly ... (Score:5, Interesting)
http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal
Nope, balls don't work either.
Re: (Score:2)
http://en.wikipedia.org/wiki/1980_Pennsylvania_Lottery_scandal
You could fix the ball machine and its procedures easier than you can get a computer to function properly.
Re: (Score:2)
.
Re: (Score:2)
Because smart people would not be as stupid as this guy.
They would have never suspected him if someone that was not related to him in any way purchased the ticket and collected the winnings. He instantly because the focus of an investigation the second he won. Even if he was 100% innocent they will look at someone that has access to ANYTHING in the system with a fine tooth comb and a magnifying glass.
If I was to do it, No chance in hell I would be anywhere near the buying of the ticket or the collecti
Re: (Score:2)
I'm actually surprised there haven't been more cases of insiders rigging lotteries.
I should think knowing all of those zillions of dollars are just sitting there would cause more people to decide to see if they could get away with it.
How would you know if there were, and they were getting away with it?
Re: (Score:2, Flamebait)
If a company cant trust it's IT department it's screwed. I've worked in environments with billions, I had to get a security clearance to work there.
Most financial institutions will not hire someone who is black listed, too much temptation for them.
Re: (Score:3)
Your first 4 words answered your own question.
It's just random racism. A troll post designed to elicit a predictable response so the trolls can convince themselves they're some kind of puppet master and therefor superior.
Since they're protected from meaningful responses by internet anonymity, just ignore them. And if you feel the overrhougiding need to respond, keep it short and simple.
Don't respond with humor though. That can be misinterpreted as a kindred spirit agreeing with them and getting in on the ac
Re:Honestly ... (Score:4, Informative)
Of course they do, for the obvious reasons.
It's not like he walked up and tried to claim the ticket personally.
It is required that people not be able to participate. But someone went to great lengths to do this at arms length from themselves.
Re: (Score:2)
No but he was a dipshit that bought the ticket. 100% rookie move.
He should have... (Score:5, Funny)
...put the cameras on a 30 minute loop and hired an acrobat to lower into the room from the roof after hours and change the system. Then do the Lotto Commissioner's wife to keep him distracted.
Just be sure to check for a new logo on the floor.
This happened back in the day... (Score:5, Insightful)
http://en.wikipedia.org/wiki/1... [wikipedia.org]
Re:This happened back in the day... (Score:5, Interesting)
Re: (Score:3)
Who said it autoexecuted? He went in there to actually do work on the computer, supposedly. I did not see anything in the report that shows he just plugged it in and left.
Re: (Score:2)
Needs a followup detailing what exactly was done to tamper with the system, but I don't suppose that's likely given the nature of the system in question.
Re: (Score:2)
Well, it also says he went in ostensibly to change the time on the computers.
So he was basically at the physical computer, and whether the thing did an autorun or he issued a quick command is irrelevant.
Re: (Score:3)
Because it was running Windows XP?
Re: (Score:2)
Re: (Score:3)
Didn't need to. Somebody had root, probably him. He at least had privileges to change the time!
Re: (Score:3)
Makes me wonder; would it be possible to set up a root account that requires two different passwords (the number of humans required to be present in the room) out of a set of five allowed passwords (the number of humans that were allowed to enter the room).
Re: (Score:2)
It would be easier to control physical access so that two of the five people that have access must be present to enter the room.
Re: (Score:2)
You're conflating the movie (injecting paint) w/ the real life court case (it was determined that they had sprayed the exterior of the ping pong balls w/ fixative).
Re: (Score:2)
Ambiguous (Score:2)
Re: (Score:2)
Probably takes two keys to get in.
Re: (Score:3)
From reading various articles on this, the person in question entered the room under the auspices of carrying out legitimate maintenance work, but had doctored the surveillance camera so it only recorded one second a minute rather than continuously - getting the other person to look the other way for a few minutes is a simple matter of social engineering ("hey, I forgot X and I'm right in the middle of this, could you get it?") and doesn't mean they were in on it.
Audit trails, dammit? (Score:3)
Re: (Score:2)
RTFA, he was "obsessed" with self-erasing rootkits, so could defeat an audit log I'd assume.
Re: (Score:2)
Re: (Score:2)
A sysadmin I knew had an old machine dedicated to logging set up in a broom closet, printing out the important log messages on a dot matrix printer fed by a box of continuous folded paper.
Re: (Score:2)
Re: (Score:2)
That was not a multi million dollar lottery, but a simple university lab with no money to afford a secure room and armed guards, and only a handful of servers to protect. Still, it was a cheap and effective solution. Outsiders didn't even know there was a hard paper copy, and even people working in the lab didn't have access to the closet.
Re: (Score:3)
Except a rootkit can probably bypass anything in the OS which would allow for auditing.
That's kind of the point of a rootkit.
So depending on the OS, and just how much this could bypass, that there was simply no record isn't surprising.
That's what the tool is designed for, and it certainly isn't there to do anything but bypass security.
If you have security holes in your OS which can be exploited, chances are your auditing is included in things which can be bypassed.
Re: (Score:2)
You could put the real computer in a locked room, and only provide serial access through a terminal. Add special hardware to the serial cable to log all data on a write-only system.
Re: (Score:2)
I'm surprised by the actual sophistication of the attack. Usb with actuall executable code, I mean granted maybe all it did was replace a text file with the winning results. Time minipulation of camera's. Someone planned this it might of been Ocean's 14.
Re: (Score:2)
Why do you think there are "no statistics" on how many police shoot or kill civilians [stlpublicradio.org]? Because they don't want to know.
Why aren't there ANY statistics for cruise ship deaths? Because they're in international waters and they don't give a shit. Go ahead, google "Cruise Ship Death Statistics." You'll find a couple websites run by a individuals. That's it. No news investigations. No research. N
Erm.. Why a computer? (Score:5, Insightful)
What is the point of using an expensive and highly locked down computer in place of a dead simple machine filled with pingpong balls?
Re: (Score:2, Insightful)
Re: (Score:3, Informative)
Re:Erm.. Why a computer? (Score:4, Interesting)
Neither is the computer though. I wonder what the difference is and if it actually is significant enough to matter. I'd just go with a set of dice, buy new dice for every drawing and pick some random person on the street to roll the dice each time.
Re: (Score:3)
Re:Erm.. Why a computer? (Score:4, Insightful)
Because 9/11. Someone exploited the previous system once, so instead of thinking, we need to make expensive, radical changes.
I like all the questions in this thread. People, if you're going to start asking questions, just cut to the end and ask why have a lottery at all. They are a totally worthless idea. Every second you spend on thinking of how to "fix" their integrity, is a second you could spend on something much more useful, like thinking about how to make dog shit taste like chocolate pudding. Now let's get to work on the cocoa powder experiments, everyone.
Re: (Score:2)
But such people exist, and if the government does not provide it, more unscrupulous operators will fill the vacuum and skin them alive even more. Ideally we should educate the people so that they slowly stop gambling. In the mean time, provide slightly better alternatives than criminal gangs.
Re: (Score:2)
Yes, lottery is a tax on mathematically challenged.
My more generous interpretation is that a lottery sells you one week of hope that you might get rich for very little money. That's why the USA have these ridiculously high lottery winnings.
Imagine you were put in a room with 19 others. And they tell you "one of you has won the $200 million lottery. We'll give you a choice: You can all 20 each walk out with $10 million, or one walks out with $200 million and the rest with nothing". What would you pick?
Re: (Score:2)
And they tell you "one of you has won the $200 million lottery. We'll give you a choice: You can all 20 each walk out with $10 million, or one walks out with $200 million and the rest with nothing".
I would take the $10 million, without any hesitation.
Re: (Score:2)
RNG? (Score:3)
RNG sucks. I'd rather play a BLM or a THF.
Who controls the cameras? (Score:5, Interesting)
Why do people who have access to the computer also have the ability to control the cameras?
Splitting responsiblity this way is such a basic and obvious security measure.
Re: (Score:2)
Crazy, eh? It's almost like the information security director wasn't doing a good job. I'm guessing you could find a number of non-optimal things in the setup, given that the person in charge of security was probably not terribly interested in catching himself.
Last Paragraph (Score:2)
What happens if he testifies that he didn't tamper with the cameras? They will need more than all 4 other people testifying the same to prove perjury.
Network connection (Score:2)
Well, had it been connected to a network, an IDS could have raised an alarm that a usb device has been added. Or to rephrase uit for the /.-Crowd. "On localhost, noone hears you scream".
And somehow I still don't completly believe the "not connected to a network" thing. How would they transmit the drawn numbers to their frontend sytems? manually? How would this be secured against someone "mistyping" a few digits?
Circumstantial much (Score:5, Interesting)
He's got the winning lottery ticket, there was a malfunction with the camera's. So far I haven't seen any 'evidence' that that person actually did it. He might have been in cahoots with his co-workers. Splitting the ticket 2-5-ways is still pretty lucrative.
If he did it, he was pretty dumb to think he could get away with it. He should've
1. Remained anonymous (if possible, some lotteries allow it, some don't), let his lawyer pick up the money
2. Gone for a lot lower number (winning low enough so you can get a cash payout at the shop (~$600/week is still a nice bonus))
3. Allowed enough time for the evidence to be destroyed (video camera's probably overwrite old stuff every n months) then played and collected. If you implement your own RNG, you could easily predict numbers in advance.
Re: (Score:2)
Sounds like you two are on the same page!
The winning ticket went unclaimed for almost a year. Hours before it was scheduled to expire, a company incorporated in Belize tried to claim the prize through a New York attorney.
Unfortunately that means you're going to need a new plan...
Re: (Score:2)
The parent poster (with three good ideas for less detectable malfeasance) is apparently smarter than the so-called security expert that is the subject of the article.
Perhaps we catch only the stupid criminals, and the parent poster speaks with the voice of experience (wink, wink, nudge, nudge)?
Kids these days. Harrumph! (Score:2)
Darn young baby boomer whippersnappers are so lazy. He wouldn't have been caught if he'd just typed in the code live instead of slothfully brandishing a newfangled flash drive!
cat > rootkit.exe
In my day, I would've had to key it in the front panel! A command shell is pure luxury!
Hot Glue (Score:2)
Lottery by computer? ROFL (Score:2)
If the lottery is made by computer, why would anyone trust that?
It's not rocket science. You don't need a jilliflops of processing to make a few random numbers each WEEK. How about those nice machines with the balls that zip around? Or honestly, even dice thrown down a staircase. There's so many better ways to make random numbers. Computers are TERRIBLE at random numbers, requiring special hardware to not just be pseudorandom, and a bunch of people to certify that it is, in fact, random. The only reas
Re: (Score:2)
Instead of a dice, one could use a coin. Now generate me a 4096 bit random number.
Oh, you did say computers needed special hardware in order to not be psuedorandom.
NUMB3RS (Score:2)
I like the logic described in the summary (Score:2)
There is a LOT more than just this (Score:3)
You will see that over and over, the winners were on the east coast. Keep in mind that CA was one of the largest states to be part of Powerball, and had one of the most buyers of tickets, and yet, states on the east coast overwhelmingly won more than CA, esp. on the big ones.
Technically, it is possible. Statistically, it was theft that was going on.
Re: (Score:3, Informative)
Of course. If you read more about the story, this guy setup a shell corporation in Belize that tried to claim the prize just before it was going to expire. He obviously knew that he couldn't walk in and claim the prize, but he thought he could get away with having this magical shell corporation claim it on his behalf and that it wouldn't get back to him.
Re:Completely dumb (Score:5, Insightful)
Are all criminals dumb, or do we just catch the dumb ones?
That's something I've always wondered.
Re:Completely dumb (Score:5, Insightful)
Re:Completely dumb (Score:5, Insightful)
The really smart criminals get into politics. Then, even if you are caught, nothing happens to you...unless you've pissed off another higher ranked politician, in which case it doesn't matter if you've actually done what you've been accused of.
Re: (Score:2)
Because *he* never intended to claim the prize - the prize was claimed by a lawyer representing a shell company out of Belize. This bloke himself was exempt from being allowed to take part in the lottery due to the fact he worked on it - if he had claimed it, the prize wouldn't have been handed over.
Re: (Score:2)
the prize was claimed by a lawyer representing a shell company out of Belize. .
Which is a quite a big red flag in itself.
Re: (Score:2, Informative)
Seriously, why don't you RTFA where they point out that a corporation registered in Belize tried to claim this prize through an attorney in New York.
It's not like the someone who was barred from playing walked in and tried to claim the prize.
Yes, your what you say is obvious. So obvious, in fact, that it isn't what happened.
Re: (Score:2)
Re: (Score:3)
Someone hasn't read TFA.
Re: (Score:2)
Re: (Score:2)
Another someone who hasn't read TFA.