For those curious about the technical details of how he did it:
> Here’s how the Multi-State Lottery Association’s random-number generators were supposed to work: The computer takes a reading from a Geiger counter that measures radiation in the surrounding air, specifically the radioactive isotope Americium-241. The reading is expressed as a long number of code; that number gives the generator its true randomness. The random number is called the seed, and the seed is plugged into the algorithm, a pseudorandom number generator called the Mersenne Twister. At the end, the computer spits out the winning lottery numbers.
> Tipton’s extra lines of code first checked to see if the coming lottery drawing fulfilled Tipton’s narrow circumstances. It had to be on a Wednesday or a Saturday evening, and one of three dates in a nonleap year: the 147th day of the year (May 27), the 327th day (Nov. 23) or the 363rd day (Dec. 29). Investigators noticed those dates generally fell around holidays — Memorial Day, Thanksgiving and Christmas — when Tipton was often on vacation. If those criteria were satisfied, the random-number generator was diverted to a different track. Instead, the algorithm would use a predetermined seed number that restricted the pool of potential winning numbers to a much smaller, predictable set of numbers.
Now if he'd just taken that one level deeper, and had code to pick the Julian date of the rigged draws on days that _appeared_ random, but actually weren't ...
At NSA there's a "Peter Jenks Award" for people who do this sort of thing. Great story which started with LFSRs in the 60s.
You would want to cheat only the one time, and have your program copy the original program into place, change the timestamps, and delete itself.
More obvious is don't collect it with a person who is legally not allowed to collect it. This person should also not be seen buying the ticket on camera. I would probably have someone play the same numbers every week for months before it hits.
Here's what I'm wondering, and pardon me if this is a stupid question:
Why go through all of the trouble generating true randomness with a Geiger counter just to use the result as the seed to a PRNG, rather than using your true random method to generate the lottery numbers directly?
Besides the point about a need to generate a large number of random numbers, there's another thing: you don't know the distribution of the true random generator exactly. You know it's random, but in addition to that, the distribution needs to be flat. That's why you use a PRNG with a known-to-be flat distribution to further process the entropy. As an interesting sidenote, though, Mersenne Twister doesn't have a particularly good distribution by modern standards. For this, I would use a cryptographically secure PRNG.
You can generally turn any random binary distribution into a uniform binary distribution by generating two bits, then if they're different, output the first bit, and if they're the same, ignore the result.
I'm guessing because the lottery system needed to generate a large number of random numbers (given that they are running lots of lottery systems), and this gives a fairly verifiable way of doing that from one initial chunk of randomness.
That said, I don't work in this area, so you should give my comment very little weight. :)
A geiger counter counts from 0-9 repeatedly and stops when a muon is detected. I guess you could count longer but I think the 10 digit modulus is sufficient.. not sure. This is the random initialization.
I'm curious at how you would actually successfully hide the control flow. The only think I can think of would be some factorization, maybe a couple of mods, but that would be detectable. You don't want to explicitly modify the control flow per se. I mean you'd have to be able to hide it from code review... and then mathematical review.
He was the Security Director with privileged access to the production system. I don't think his changes went through code review.
I'm struggling to differentiate what's established fact and what's the author's theory in this article[0], but it sounds like he could have used a root kit on a USB thumb drive to modify the code directly on the production machine.
You can find people that will do a job but not really question what they're doing even if it should be questioned. Developers make spyware and do all kinds of terrible things as long as they get paid they just kind of do what is asked and not ask too many questions.
This sort of implies that the developers just aren't thinking deeply about what they're building. Certainly possible, but you're also much more likely to get garbage software this way. Isn't it as likely (or more so) that the developers just believe in what they're building?
Typically true random stuff like geiger counters do not have enough entropy in a single reading to be a true secret. They are statistically predictable and produce a curve of data.
By using it to seed a pseudo random number generator you are making the values come out in a completely flat distribution. The geiger counter adds non-deterministic results while the pseudo random number generator adds entropy.
My understanding is that for this type of gaming, e.g. gambling, there are regulations governing the randomness and repeatability of the randomness for computer/electronic run games. Part of it due to necessities of verification of sufficient randomness from the perspective of the gamer but also that of the gaming establishment. The game needs to be provably sufficiently random to the advertised odds for fairness to both the gamer and the gaming establishment.
For all intents and purposes, using a true source of randomness as the seed for something like a one-time use of Mersenne Twister as a pseudorandom number generator (PNG) is indistinguishable to an end user of true randomness. What it does do, though, is allow for reproducible testing to ensure you don't have an xkcd PNG [0].
Source: bar chat with a couple of friends & former coworkers who had spent time in that area of gaming (e.g. working on video poker machines destined for casinos), so take it with a grain of salt.
The amount of entropy is usually limited. For the lottery, it doesn't seem like it would be a problem, but in general, you don't want your function calls to block while gathering "random data"
Am241 source coupled to a detector sounds sophisticated, but it matches description of now-outdated type of ceiling smoke detectors. It's probably not that mechanically elaborate.
Those working papers have things like "guaranteed low-end prize structures" per pack of tickets.
Tips based on those working papers:
- Buy from a fresh pack until you get a winner then stop. Since there's a guaranteed number of winners per pack, each loser you scratch improves the odds for the rest of the pack.
- Don't buy from a pack that's already had a big winner. Most working papers stipulate no more than 1 large prize per pack.
I see one game in Missouri has a score of 146. Is there anything stopping someone from buying all the remaining tickets (other than time and money obviously) and pocketing the $4 million difference?
Also, is it possible someone has grand prize winner but incorrectly throws it in the trash (because they overlooked the fact that it was a winner/didn’t scratch it all the way off)? Would the website pick up on that?
Nothing stopping someone from buying all the remaining tickets. But if you do the math, I think you'll find it's still not worth it. How fast can you scratch/verify tickets? If you take the lump sum, you get something like 60% of the grand prize. If you take the annuity, it pays out over 20-40 years. Taxes will take out another chunk.
But everyone's situation is different. If you already have losses that could be tax-deducted from the win, that would help you. If you could monetize the process by selling your story or gaining youtube fame, that would help. Some youtuber did buy $1,000,000 worth of tickets without any particular strategy and presumably made profit from the youtube side of his business. As expected, he got back ~70% so it only cost him ~$300k + production costs.
Some states only publish claim numbers for prizes over a certain amount. For prizes below that amount, I estimate using the % claimed of all published prizes.
If 25% of the prizes greater than $30 have been claimed, then I assume 25% of the prizes lesser than $30 have been claimed. Everything in the low numbers has large enough data pools for it to average out accurately. It's not until you get to the $600+ prize level where things would be really inaccurate.
You'll also note there's usually a lag for prizes $600+.
When you look at aggregates across states, you might see something like 25% of prizes below $600 have been claimed but only 19% of prizes above $600 have been claimed. I figure that's because $600+ has to be claimed at lottery headquarters and go on taxes. So people might delay, try to hide the money from their spouse, wait for tax reasons, the headquarters has to manually process it rather than the automated machine at a retail outlet, whatever...
Actually that other explanation is for fractional tickets in other locations of the database, like prizes remaining.
Specifically in `num_tx_initial` it might be because they don't report the number of tickets printed. But if they print the odds of a win and numbers of winners available, then you can estimate how many non-winners there are and thus how many printed tickets there are.
I am a university Prof and a statistician. I'd love to get these data into my courses if you are willing to share it. It's a great example that students can easily relate to.
Employees could really game the system. On average there's 1 "big" prize (outside the GLEP prizes) every 4 packs. Any time you see a pack go from start to ~5 remaining without a big prize, buy every remaining ticket.
There's also guaranteed restrictions on the maximum number of losers in a row. So if you see ~6+ (depends on ticket) losers in a row, then buy the next few until you win. I've run simulations on those distributions and it's profitable. But it's a situation that only an employee could take advantage of. And it probably comes up rarely.
I'm a bit confused. How does the employee know that the previous 6 tickets were losers? It's not like all customers are scratching them off then and there in front of them?
> It's not like all customers are scratching them off then and there in front of them?
A good number of tickets (most tickets?) are purchased by habitual players who'll buy many tickets per sale, and many of those people will even scratch them off in the store:
> “Some customers come in up to three times a day to play, spending up to one hour to scratch-off tickets right in the store after spending $300 or more.”
If you don't see this happening often, you're not likely living in poor or low-income neighborhoods, not patronizing the local convenience stores, or at least not paying attention to the 1 or 2 individuals that you'll often see lingering near the counter.
I've heard of this off and on for years, but seeing as I don't know anyone who has actually done it I think practically it's not too profitable. If he has everything in a sqlite db though, hmm..
Nope. Like throwing a coin, with scratch-off ticket packs actions don't have any effect on the following packs. They're mixed to prevent precisely attacks such as the one you describe.
I would be interested, if you are willing to share the data. Actually, I am thinking now: what if you introduce some anomaly in the data. Something like the man did in the article (draw from a different distribution), and a challenge would be to detect it.
If I ran the (presumably cash-strapped) website for Northeastern and Central Pennsylvania I wouldn't want my software engineers spending $1 to support Europeans that would never subscribe anyways.
I mean, all they have to do is "if europe, remove trackers" and they're golden.
The problem a lot of websites have is that they have no control or insight in which trackers there are, and whether they conform to GDPR rules. Which is IMO exactly why we need these rules.
Or European readers are not their target base and doing specific development for them (GDPR compliance) is just wasted money. For example, those readers will not be interesting to advertisers on a local newspaper who are interested to target consumers in the area covered by the newspaper.
> serving a 25-year prison sentence for rigging computers to win lottery jackpots for himself, friends and family
This is outrageously absurd a human has been put in prison, let alone for 25 years, for such a bullshit reason. Many murderers and rapists in many countries get less.
"In Iowa, which has indeterminate sentencing, a 25-year sentence could mean Tipton is released much sooner; Sand expects Tipton to be released by the Iowa Board of Parole within seven years."
Turns out that "indeterminate sentencing" works by giving a range (min to max years), and after min years the parole board will evaluate the case and, apparently, often release people well before the max years.
Whatever, anything above 1 year is too much for such a crime. Gaming a lottery is nothing comparable to a violent crime. I would say just confiscate what he won + enforcement expenses + some months of forced labor removing graffiti.
If that was the punishment, what would you (hypothetical, no evidence it happened) do about his sister, best friend and college roommate all having won in the past year? Or the money he already spent or moved out of the country?
I'm a fan of sophisticated white collar criminals going to jail for longer, and drug users and nonviolent dealers not.
> sister, best friend and college roommate all having one
If proven guilty - the same.
> Or the money he already spent or moved out of the country?
I dunno. Whatever. Take all but the essential belongings he has perhaps. Force to more labor. Adding prison years will hardly serve any good purpose anyway.
> I'm a fan of sophisticated white collar criminals going to jail for longer, and drug users and nonviolent dealers not.
Me too. But white collar criminals gaming the state and their own employees are one thing, a lottery - another. In general I'd leave anything about lotteries to be free wild west. A lottery is a gamble, whoever chooses to take any part in a lottery takes the risk. As long as there is no violence taking place I actually don't think it's necessary to interfere at all.
What the f..k? From the prisoner's perspective, that's as if their freedom would be subject to a gamble, and a rigged one at that given discrimination issues.
The parole board is a gamble to some extent, but it's better than the alternative. No possibility of getting out early eliminates the need to be on your best behavior in prison, which creates a bigger management nightmare.
So you sentence someone to 2-10 years and the idea is if they behave they get out in 2 years. If they don't behave, they will have to try again each year to convince the parole board they are no longer a problem, or if they never get their act together then they are released at the 10 year mark (this is called maxing out).
Oftentimes for non-violent crimes they get their parole automatically at the minimum time without having to see the parole board, unless they became a management nightmare in prison.
It is not plausible that a fixed-term alternative would be the smaller of the two numbers.
Discrimination is a serious issue, but orthogonal to this mode of sentencing. The possibility of parole is generally regarded as a progressive measure, and abolishing it would not help with the discrimination problem.
What even is the point of restitution at this point? The state practically re-victimizing victims of financial crimes, “You can be made while, but only if the convicted can survive society’s collective blood lust and never makes another mistake for the rest of their life” lmao
I think the original title, Iowa man convicted of lottery rigging scheme granted parole, works better.
He was a software engineer who worked on rng software for state lotteries. And he was charged with installing code on lottery computers to predict winning numbers. It sounds like a legitimate conviction to me.
Hey dang, I see that this guideline is not currently duplicated on the submit page. Is there a reason for that? It seems like it would be useful as a reminder to submitters.
We generally don't put reminders like that on things, partly because we don't want to be nannies, partly because it's hard to know where to stop with such measures, and partly because of laziness. Or inertia, to be more polite.
This article goes into a lot more detail. It looks like it was just two lines of code. But apparently the codebase actually had backdoors already present. His employer, MSLA doesn't come out looking good. After winning a few lotteries Eddie actually reported the security hole and suggested a fix. It was ignored.
Sounds more like he was able to install software on the same computer to use the same RNG as the lottery. In essence not doing anything to the original code, but using known information about it to get similar enough results.
I wish there was a straight forward, linear way of calculating prison time for dollars spent. IMO there should be a 1:1 correlation (or something along those lines) for how much prison time someone does for each dollar.
It seems that a decent number of people do relatively little prison time for stealing millions of dollars while others that steal a much smaller amount still spend a long time in prison.
Prison time is based on harm (or so the theory goes). How much harm is done by any action to its victim is subjective to the victim's circumstance.
Calculating harm isn't a maths problem, which is why judges exist. Moreover, wishing that prison time were directly proportional to monetary loss would be an abandonment of morality.
Steal 10 million dollars from a family owned small business that leads to their bankruptcy and the family homes being lost? Life In Prison.
Steal 10 million dollars from Bezos? Fine. This actually seems somewhat reasonable to me, I have a feeling you are more likely to get punished stealing from Bezos than the family business though.
No. Guilt is based on intent, not harm. And there are many victimless crimes (like buying controlled substances) where the harm is zero and the penalty far from zero.
> This site is currently unavailable to visitors from the European Economic Area while we work to ensure your data is protected in accordance with applicable EU laws.
Makes you wonder how often this happens and someone gets away with it. If he'd quit after one or two wins (or at least not had someone try to claim Iowa's prize in the most suspicious way imaginable) he could have quietly retired.
I, and perhaps other people, believe that there isn’t such a thing as a spoiler for a work of nonfiction. Is the aforementioned podcast presenting a factual account?
Darknet Diaries tells its stories through interviews with people who were there and the podcaster's own experiences and research. I am not sure I would call the account 'factual', but he makes his best effort to get as close to the source as possible. More like investigative journalism.
In any case, not sure I agree with the attitude regarding reading a transcript. Does everyone expect the "facts" (whatever those actually are) to be handed to them on a silver platter or something? No juice no squeeze...
I recall the actual discovery process by security consultant was interesting, revealing, and perhaps even instructive to anyone who might take an interest in infosec. There also emerged a palpable sense of danger to the main protagonist as the story progressed. I don't think a dry textual synopsis would convey those details as well as the podcast format does
Because it's storytelling. I'm sure you can look up the 'facts' on Google News like everyone else. But personal experiences don't lend well to such summarizations
An alternate way of including people un this format is to tell them what happened and then tell them there is a captivating version they can watch
For example the Costa Concordia incident is easy: ship sank off the coast of Italy, disaster. But I watch an hour long video about it for the sensation.
"a description of an important plot development in a television show, movie, or book which if previously known may reduce surprise or suspense for a first-time viewer or reader."
Why would it have to be nonfiction? I don't understand your viewpoint at all. Do you think nonfiction can't have a plot, or something?
The security hack part of it isn't that sophisticated--it's literally just someone changing values in a database to make certain tickets a winner.
The interesting part of the story is the sleuthing the investigator did while trying to conceal his investigation so the guilty parties did not get tipped off.
Federal does not have parole. It does have a "good time" system where sentences can be reduced by ~15%, and I would expect most white collar prisoners to be able
to stay out of trouble.
Just a note - People who have been in federal prison over 35 years, before the law changed, are still eligible for parole.
The state of NH makes it an option for lottery winners to keep their identity private. I know this decision was praised but to me without full transparency those close to the process will be tempted to pass winning tickets to themselves/family/friends.
The lottery itself is not going to have the manpower to check if every winner was or was not childhood best friends with workers at the lottery. Being in the public would be more likely to bring that to light + would scare people off.
> Here’s how the Multi-State Lottery Association’s random-number generators were supposed to work: The computer takes a reading from a Geiger counter that measures radiation in the surrounding air, specifically the radioactive isotope Americium-241. The reading is expressed as a long number of code; that number gives the generator its true randomness. The random number is called the seed, and the seed is plugged into the algorithm, a pseudorandom number generator called the Mersenne Twister. At the end, the computer spits out the winning lottery numbers.
> Tipton’s extra lines of code first checked to see if the coming lottery drawing fulfilled Tipton’s narrow circumstances. It had to be on a Wednesday or a Saturday evening, and one of three dates in a nonleap year: the 147th day of the year (May 27), the 327th day (Nov. 23) or the 363rd day (Dec. 29). Investigators noticed those dates generally fell around holidays — Memorial Day, Thanksgiving and Christmas — when Tipton was often on vacation. If those criteria were satisfied, the random-number generator was diverted to a different track. Instead, the algorithm would use a predetermined seed number that restricted the pool of potential winning numbers to a much smaller, predictable set of numbers.
https://www.nytimes.com/interactive/2018/05/03/magazine/mone...