Welcome Guest
Log In | Register )
You last visited August 15, 2020, 2:53 pm
All times shown are
Eastern Time (GMT-5:00)

Lottery security chief: Rigging computerized game "sadly" possible

Jul 15, 2015, 6:23 pm

Share this news story on Facebook
Tweet this news story on Twitter
Hot LottoHot Lotto: Lottery security chief: Rigging computerized game "sadly" possibleRating:

Lottery Post alerted the industry to this possibility 11 years ago

The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors in the trial for his coworker accused of rigging a Hot Lotto drawing to win a $14.3 million ticket.

Ed Stefan, a former chief security officer for the Multi-State Lottery organization, testified Wednesday that it's "sadly" possible his friend and former coworker, Eddie Tipton, installed a malicious self-deleting computer program onto a number-generating computer to rig a Dec. 29, 2010, drawing that produced the winning ticket. Tipton, 52, is on trial for two counts of fraud.

It's a historic case, believed to be the first trial for a person accused of manipulating a draw. Stefan's admission that it's possible to manipulate the lottery aligns with a theme underscoring the case since Tipton's January arrest: The greatest threat to any company's digital security comes from within.

The expertise IT employees have can make one with ill-intentions particularly dangerous, Stefan said.

"They have the knowledge, they have the background, they have the access, they have the understanding," he said. "They have the keys to the kingdom."

Stefan's testimony backed Assistant Iowa Attorney's General Rob Sand's case to jurors that Tipton attempted to pull off the ultimate "21st-century inside job" using a self-deleting rootkit. The prosecutor has said Tipton could have installed the program when he accessed the Hot Lotto drawing computers more than a month before the drawing to change the clocks.

After purchasing the ticket on Dec. 23, 2010, Tipton, legally barred from playing the lottery, allegedly filtered the ticket through a Texas friend to make a claim for the money. Tipton's defense contends there are no phone records or other evidence tying him to anybody who tried to redeem the ticket and no forensic evidence a rootkit was installed on the lottery association's comptuers.

Stefan told jurors he became physically ill last fall when he first saw publicly-released video footage from a Des Moines QuickTrip of a man purchasing the ticket at 3:24 p.m. Tipton and Stefan became friends in a college calculus class in Houston in the early 90s and have remained close, he said.

Tipton introduced Stefan to his now-wife, and Stefan helped Tipton get a job in 2003 at the Urbandale-based lottery association that provides games such as Hot Lotto to lotteries across the country, he testified. The two share a patent for a lottery technology idea. It felt like "finding out your mother is an ax murderer" when he saw the man in the video, he said.

"It looks just like Eddie, it sounds just like Eddie, it acts just like Eddie, the mannerisms are just like Eddie," he said. "As a disinterested third party, I would say, 'Oh, that's Eddie.' As someone who's known him half my life, it's incredibly difficult to believe that's Eddie Tipton."

Lottery Post warned about this

In August 2004, the Lottery Post website first alerted the industry to the issues surrounding computerized lottery drawings in the Petition for True Lottery Drawings.

In the petition, Lottery Post Founder Todd Northrop warned of the dangers of hacking, and specifically that a knowledgeable hacker could disguise even the fact that the drawing system was hacked.  Northrop wrote:

Computer hacking is a term that has entered the daily lexicon because of its prevalence within every aspect of computers.  Hackers can produce code that goes undetected for long periods of time, and causes unseen problems.  Why do the state lotteries think that they are immune from hacking, when some of the most secure computers in the world have been hacked into?  Worse, a state employee "on the take" could insert malicious computer code into the drawing process that could specify the exact numbers that are drawn.  A crafty programmer could keep this secret for a long time.

Sadly enough, what Northrop wrote 11 years ago is is precisely what Tipton is accused of doing today.

Despite the fact that the petition was not promoted in social media or any common marketing method — it was only available as a small link — nearly 10,000 lottery players have found and signed it.  Clearly, computerized drawings are a problem in theory, and now in actuality.

Des Moines Register, Lottery Post Staff

We'd love to see your comments here!  Register for a FREE membership — it takes just a few moments — and you'll be able to post comments here and on any of our forums. If you're already a member, you can Log In to post a comment.

19 comments. Last comment 5 years ago by cbr$.
Page 1 of 2
jarasan's avatar - new patrick.gif
Harbinger
Maryland
United States
Member #44102
July 30, 2006
6181 Posts
Online
Posted: July 15, 2015, 6:28 pm - IP Logged

Lottery Post alerted the industry to this possibility 11 years ago

The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors in the trial for his coworker accused of rigging a Hot Lotto drawing to win a $14.3 million ticket.

Ed Stefan, a former chief security officer for the Multi-State Lottery organization, testified Wednesday that it's "sadly" possible his friend and former coworker, Eddie Tipton, installed a malicious self-deleting computer program onto a number-generating computer to rig a Dec. 29, 2010, drawing that produced the winning ticket. Tipton, 52, is on trial for two counts of fraud.

It's a historic case, believed to be the first trial for a person accused of manipulating a draw. Stefan's admission that it's possible to manipulate the lottery aligns with a theme underscoring the case since Tipton's January arrest: The greatest threat to any company's digital security comes from within.

The expertise IT employees have can make one with ill-intentions particularly dangerous, Stefan said.

"They have the knowledge, they have the background, they have the access, they have the understanding," he said. "They have the keys to the kingdom."

Stefan's testimony backed Assistant Iowa Attorney's General Rob Sand's case to jurors that Tipton attempted to pull off the ultimate "21st-century inside job" using a self-deleting rootkit. The prosecutor has said Tipton could have installed the program when he accessed the Hot Lotto drawing computers more than a month before the drawing to change the clocks.

After purchasing the ticket on Dec. 23, 2010, Tipton, legally barred from playing the lottery, allegedly filtered the ticket through a Texas friend to make a claim for the money. Tipton's defense contends there are no phone records or other evidence tying him to anybody who tried to redeem the ticket and no forensic evidence a rootkit was installed on the lottery association's comptuers.

Stefan told jurors he became physically ill last fall when he first saw publicly-released video footage from a Des Moines QuickTrip of a man purchasing the ticket at 3:24 p.m. Tipton and Stefan became friends in a college calculus class in Houston in the early 90s and have remained close, he said.

Tipton introduced Stefan to his now-wife, and Stefan helped Tipton get a job in 2003 at the Urbandale-based lottery association that provides games such as Hot Lotto to lotteries across the country, he testified. The two share a patent for a lottery technology idea. It felt like "finding out your mother is an ax murderer" when he saw the man in the video, he said.

"It looks just like Eddie, it sounds just like Eddie, it acts just like Eddie, the mannerisms are just like Eddie," he said. "As a disinterested third party, I would say, 'Oh, that's Eddie.' As someone who's known him half my life, it's incredibly difficult to believe that's Eddie Tipton."

Lottery Post warned about this

In August 2004, the Lottery Post website first alerted the industry to the issues surrounding computerized lottery drawings in the Petition for True Lottery Drawings.

In the petition, Lottery Post Founder Todd Northrop warned of the dangers of hacking, and specifically that a knowledgeable hacker could disguise even the fact that the drawing system was hacked.  Northrop wrote:

Computer hacking is a term that has entered the daily lexicon because of its prevalence within every aspect of computers.  Hackers can produce code that goes undetected for long periods of time, and causes unseen problems.  Why do the state lotteries think that they are immune from hacking, when some of the most secure computers in the world have been hacked into?  Worse, a state employee "on the take" could insert malicious computer code into the drawing process that could specify the exact numbers that are drawn.  A crafty programmer could keep this secret for a long time.

Sadly enough, what Northrop wrote 11 years ago is is precisely what Tipton is accused of doing today.

Despite the fact that the petition was not promoted in social media or any common marketing method — it was only available as a small link — nearly 10,000 lottery players have found and signed it.  Clearly, computerized drawings are a problem in theory, and now in actuality.

Been saying it along!!!!!!!!!!!!! YAY Todd!!!!!!!!!!!!!! You was right and so was a lot of us!!!!!!!

SmashThe next step is to immediately end computerized drawings "You have 7 days to cease and desist your unlawful computerized lottery systems."

Respect my authoratai!!

Cartman

    hearsetrax's avatar - alien on_computer.jpg

    United States
    Member #52343
    May 21, 2007
    3273 Posts
    Offline
    Posted: July 15, 2015, 7:26 pm - IP Logged

    well this covers compuker drawings for a few and many ......

     

    but I doubt this will quell the few and many who still believe that thars a cheat to to regular ball drawings

      Raven62's avatar - binary
      25
      New Jersey
      United States
      Member #17842
      June 28, 2005
      127665 Posts
      Offline
      Posted: July 15, 2015, 7:29 pm - IP Logged

      It's frustrating to be shouting the alarm on forthcoming doom, only to have it fall upon deaf ears!

      Alex Jones shares your frustration.

      A mind once stretched by a new idea never returns to its original dimensions!

      Catch-22: A dilemma or difficult circumstance from which there is no escape because of mutually conflicting or dependent conditions.

      Corruptissima re publica plurimae leges: When the republic is at its most corrupt the laws are most numerous.

        four4me's avatar - gate1
        MD
        United States
        Member #1701
        June 18, 2003
        9509 Posts
        Offline
        Posted: July 15, 2015, 9:46 pm - IP Logged

        We should all submit these findings to the attorney general in your state.

        Big John says. You don't hit the number. The number hits you!!!!

                       I'm not Big John, I'm Four4me, Big John's a friend.
          ttech10's avatar - blobdude
          Texas
          United States
          Member #92326
          June 5, 2010
          887 Posts
          Offline
          Posted: July 15, 2015, 10:01 pm - IP Logged

          Along with rigged drawings, computerized drawings can also accidentally screw people over, as was the case in Tennessee.

          The severely flawed drawings have been happening every day since computerized drawings replaced the lottery's real mechanical ball drawings more than three weeks ago.

          That's a total of 80 Pick 3 and Pick 4 drawings in which almost half the lottery ticket players bought were unwinnable.

          The flaw in the drawings prevented two of the same numbers from appearing together, in what players refer to as "doubles" and "triples", and in Pick 4, "quads".

            Avatar
            Chasing $ Millions.
            White Shores- California
            United States
            Member #136473
            December 12, 2012
            6279 Posts
            Offline
            Posted: July 16, 2015, 12:41 am - IP Logged

            Tipton's thoughts of Stefan....Image result for thrown under the bus

             * Voice of Reason *   

             

            People who say it cannot be done should not interrupt those who are doing it- George Bernard Shaw.

              KY Floyd's avatar - lysol avatar.jpg
              NY
              United States
              Member #23834
              October 16, 2005
              4252 Posts
              Offline
              Posted: July 16, 2015, 2:58 am - IP Logged

              "The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors"

              He should have told them that the greatest threat is inadequate security protocols. Protocols that allow unauthorized software changes to go undetected for weeks on end. Protocols that don't allow them to know when security devices like surveillance systems are tampered with. Protocols that allow somebody to access the drawing computers without other people carefully observing them. Protocols that allow somebody to know weeks ahead of time which computer will be used to conduct a particular drawing.

              There's a world of difference between problems that result from poor software or faulty implementation of decent software and deliberate tampering with the approved software.

                Avatar

                Zimbabwe
                Member #21
                December 7, 2001
                4530 Posts
                Offline
                Posted: July 16, 2015, 9:03 am - IP Logged

                Uh, Duh !?!

                Gee, What're The Odds?

                .

                  pickone4me's avatar - lightbulb
                  Wisconsin
                  United States
                  Member #104958
                  January 23, 2011
                  1153 Posts
                  Offline
                  Posted: July 16, 2015, 12:13 pm - IP Logged

                  My haters owe me an apology.

                  Redacted

                    TnTicketlosers's avatar - Lottery-065.jpg

                    United States
                    Member #71118
                    February 19, 2009
                    1224 Posts
                    Offline
                    Posted: July 16, 2015, 12:18 pm - IP Logged

                    ttech we have been doomed for years...thanks for the support.

                      rcbbuckeye's avatar - Lottery-062.jpg
                      Texas
                      United States
                      Member #55887
                      October 23, 2007
                      10220 Posts
                      Offline
                      Posted: July 16, 2015, 1:57 pm - IP Logged

                      My haters owe me an apology.

                      Pick,pick,pick. You keep on with your little pity party.

                      Listen. Try real hard to let this sink in. Try!

                      We been down this road before.

                      You need to quit calling people "haters". Nobody here knows you well enough to either love you or hate you. You are a stranger, just as we are strangers to you.

                      Again, I will repeat myself. Read this real slow like. Realllllllllly slow. Let it soak in to your little brain.

                      Here it is.........."a difference of opinion does not constitute hate".

                      Here is an example. My co-workers and I sometimes have a difference of opinion on something. Even so, we don't hate each other.

                      I truly hope you have a great day!

                      CAN'T WIN IF YOU'RE NOT IN

                      A DOLLAR AND A DREAM (OR $2)

                        malin1257's avatar - 8ball
                        Antwerp
                        Belgium
                        Member #86171
                        January 30, 2010
                        44 Posts
                        Offline
                        Posted: July 16, 2015, 3:51 pm - IP Logged

                        "The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors"

                        He should have told them that the greatest threat is inadequate security protocols. Protocols that allow unauthorized software changes to go undetected for weeks on end. Protocols that don't allow them to know when security devices like surveillance systems are tampered with. Protocols that allow somebody to access the drawing computers without other people carefully observing them. Protocols that allow somebody to know weeks ahead of time which computer will be used to conduct a particular drawing.

                        There's a world of difference between problems that result from poor software or faulty implementation of decent software and deliberate tampering with the approved software.

                        Dance!BRAVO!

                          Avatar
                          Chasing $ Millions.
                          White Shores- California
                          United States
                          Member #136473
                          December 12, 2012
                          6279 Posts
                          Offline
                          Posted: July 16, 2015, 5:06 pm - IP Logged

                          Pick,pick,pick. You keep on with your little pity party.

                          Listen. Try real hard to let this sink in. Try!

                          We been down this road before.

                          You need to quit calling people "haters". Nobody here knows you well enough to either love you or hate you. You are a stranger, just as we are strangers to you.

                          Again, I will repeat myself. Read this real slow like. Realllllllllly slow. Let it soak in to your little brain.

                          Here it is.........."a difference of opinion does not constitute hate".

                          Here is an example. My co-workers and I sometimes have a difference of opinion on something. Even so, we don't hate each other.

                          I truly hope you have a great day!

                          Buckeye l thought you said you were not going to fall for his BS posts. .. Lol.

                           * Voice of Reason *   

                           

                          People who say it cannot be done should not interrupt those who are doing it- George Bernard Shaw.

                            rcbbuckeye's avatar - Lottery-062.jpg
                            Texas
                            United States
                            Member #55887
                            October 23, 2007
                            10220 Posts
                            Offline
                            Posted: July 16, 2015, 5:24 pm - IP Logged

                            Buckeye l thought you said you were not going to fall for his BS posts. .. Lol.

                            No. That was jjprince. He's a troll.

                            Pick is simply misguided.

                            CAN'T WIN IF YOU'RE NOT IN

                            A DOLLAR AND A DREAM (OR $2)