Welcome Guest
Log In | Register )
You last visited December 8, 2016, 4:45 am
All times shown are
Eastern Time (GMT-5:00)

Lottery security chief: Rigging computerized game "sadly" possible

Hot LottoHot Lotto: Lottery security chief: Rigging computerized game "sadly" possible
53
Rating:

Lottery Post alerted the industry to this possibility 11 years ago

The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors in the trial for his coworker accused of rigging a Hot Lotto drawing to win a $14.3 million ticket.

Ed Stefan, a former chief security officer for the Multi-State Lottery organization, testified Wednesday that it's "sadly" possible his friend and former coworker, Eddie Tipton, installed a malicious self-deleting computer program onto a number-generating computer to rig a Dec. 29, 2010, drawing that produced the winning ticket. Tipton, 52, is on trial for two counts of fraud.

It's a historic case, believed to be the first trial for a person accused of manipulating a draw. Stefan's admission that it's possible to manipulate the lottery aligns with a theme underscoring the case since Tipton's January arrest: The greatest threat to any company's digital security comes from within.

The expertise IT employees have can make one with ill-intentions particularly dangerous, Stefan said.

"They have the knowledge, they have the background, they have the access, they have the understanding," he said. "They have the keys to the kingdom."

Stefan's testimony backed Assistant Iowa Attorney's General Rob Sand's case to jurors that Tipton attempted to pull off the ultimate "21st-century inside job" using a self-deleting rootkit. The prosecutor has said Tipton could have installed the program when he accessed the Hot Lotto drawing computers more than a month before the drawing to change the clocks.

After purchasing the ticket on Dec. 23, 2010, Tipton, legally barred from playing the lottery, allegedly filtered the ticket through a Texas friend to make a claim for the money. Tipton's defense contends there are no phone records or other evidence tying him to anybody who tried to redeem the ticket and no forensic evidence a rootkit was installed on the lottery association's comptuers.

Stefan told jurors he became physically ill last fall when he first saw publicly-released video footage from a Des Moines QuickTrip of a man purchasing the ticket at 3:24 p.m. Tipton and Stefan became friends in a college calculus class in Houston in the early 90s and have remained close, he said.

Tipton introduced Stefan to his now-wife, and Stefan helped Tipton get a job in 2003 at the Urbandale-based lottery association that provides games such as Hot Lotto to lotteries across the country, he testified. The two share a patent for a lottery technology idea. It felt like "finding out your mother is an ax murderer" when he saw the man in the video, he said.

"It looks just like Eddie, it sounds just like Eddie, it acts just like Eddie, the mannerisms are just like Eddie," he said. "As a disinterested third party, I would say, 'Oh, that's Eddie.' As someone who's known him half my life, it's incredibly difficult to believe that's Eddie Tipton."

Lottery Post warned about this

In August 2004, the Lottery Post website first alerted the industry to the issues surrounding computerized lottery drawings in the Petition for True Lottery Drawings.

In the petition, Lottery Post Founder Todd Northrop warned of the dangers of hacking, and specifically that a knowledgeable hacker could disguise even the fact that the drawing system was hacked.  Northrop wrote:

Computer hacking is a term that has entered the daily lexicon because of its prevalence within every aspect of computers.  Hackers can produce code that goes undetected for long periods of time, and causes unseen problems.  Why do the state lotteries think that they are immune from hacking, when some of the most secure computers in the world have been hacked into?  Worse, a state employee "on the take" could insert malicious computer code into the drawing process that could specify the exact numbers that are drawn.  A crafty programmer could keep this secret for a long time.

Sadly enough, what Northrop wrote 11 years ago is is precisely what Tipton is accused of doing today.

Despite the fact that the petition was not promoted in social media or any common marketing method — it was only available as a small link — nearly 10,000 lottery players have found and signed it.  Clearly, computerized drawings are a problem in theory, and now in actuality.

Des Moines Register, Lottery Post Staff

We'd love to see your comments here!  Register for a FREE membership — it takes just a few moments — and you'll be able to post comments here and on any of our forums. If you're already a member, you can Log In to post a comment.

19 comments. Last comment 1 year ago by cbr$.
Page 1 of 2
jarasan's avatar - new patrick.gif
Harbinger
D.C./MD.
United States
Member #44103
July 30, 2006
5583 Posts
Offline
Posted: July 15, 2015, 6:28 pm - IP Logged

Lottery Post alerted the industry to this possibility 11 years ago

The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors in the trial for his coworker accused of rigging a Hot Lotto drawing to win a $14.3 million ticket.

Ed Stefan, a former chief security officer for the Multi-State Lottery organization, testified Wednesday that it's "sadly" possible his friend and former coworker, Eddie Tipton, installed a malicious self-deleting computer program onto a number-generating computer to rig a Dec. 29, 2010, drawing that produced the winning ticket. Tipton, 52, is on trial for two counts of fraud.

It's a historic case, believed to be the first trial for a person accused of manipulating a draw. Stefan's admission that it's possible to manipulate the lottery aligns with a theme underscoring the case since Tipton's January arrest: The greatest threat to any company's digital security comes from within.

The expertise IT employees have can make one with ill-intentions particularly dangerous, Stefan said.

"They have the knowledge, they have the background, they have the access, they have the understanding," he said. "They have the keys to the kingdom."

Stefan's testimony backed Assistant Iowa Attorney's General Rob Sand's case to jurors that Tipton attempted to pull off the ultimate "21st-century inside job" using a self-deleting rootkit. The prosecutor has said Tipton could have installed the program when he accessed the Hot Lotto drawing computers more than a month before the drawing to change the clocks.

After purchasing the ticket on Dec. 23, 2010, Tipton, legally barred from playing the lottery, allegedly filtered the ticket through a Texas friend to make a claim for the money. Tipton's defense contends there are no phone records or other evidence tying him to anybody who tried to redeem the ticket and no forensic evidence a rootkit was installed on the lottery association's comptuers.

Stefan told jurors he became physically ill last fall when he first saw publicly-released video footage from a Des Moines QuickTrip of a man purchasing the ticket at 3:24 p.m. Tipton and Stefan became friends in a college calculus class in Houston in the early 90s and have remained close, he said.

Tipton introduced Stefan to his now-wife, and Stefan helped Tipton get a job in 2003 at the Urbandale-based lottery association that provides games such as Hot Lotto to lotteries across the country, he testified. The two share a patent for a lottery technology idea. It felt like "finding out your mother is an ax murderer" when he saw the man in the video, he said.

"It looks just like Eddie, it sounds just like Eddie, it acts just like Eddie, the mannerisms are just like Eddie," he said. "As a disinterested third party, I would say, 'Oh, that's Eddie.' As someone who's known him half my life, it's incredibly difficult to believe that's Eddie Tipton."

Lottery Post warned about this

In August 2004, the Lottery Post website first alerted the industry to the issues surrounding computerized lottery drawings in the Petition for True Lottery Drawings.

In the petition, Lottery Post Founder Todd Northrop warned of the dangers of hacking, and specifically that a knowledgeable hacker could disguise even the fact that the drawing system was hacked.  Northrop wrote:

Computer hacking is a term that has entered the daily lexicon because of its prevalence within every aspect of computers.  Hackers can produce code that goes undetected for long periods of time, and causes unseen problems.  Why do the state lotteries think that they are immune from hacking, when some of the most secure computers in the world have been hacked into?  Worse, a state employee "on the take" could insert malicious computer code into the drawing process that could specify the exact numbers that are drawn.  A crafty programmer could keep this secret for a long time.

Sadly enough, what Northrop wrote 11 years ago is is precisely what Tipton is accused of doing today.

Despite the fact that the petition was not promoted in social media or any common marketing method — it was only available as a small link — nearly 10,000 lottery players have found and signed it.  Clearly, computerized drawings are a problem in theory, and now in actuality.

Been saying it along!!!!!!!!!!!!! YAY Todd!!!!!!!!!!!!!! You was right and so was a lot of us!!!!!!!

SmashThe next step is to immediately end computerized drawings "You have 7 days to cease and desist your unlawful computerized lottery systems."

Respect my authoratai!!

Cartman

    hearsetrax's avatar - 0118

    United States
    Member #52345
    May 21, 2007
    2659 Posts
    Offline
    Posted: July 15, 2015, 7:26 pm - IP Logged

    well this covers compuker drawings for a few and many ......

     

    but I doubt this will quell the few and many who still believe that thars a cheat to to regular ball drawings

      Raven62's avatar - binary
      New Jersey
      United States
      Member #17843
      June 28, 2005
      49767 Posts
      Offline
      Posted: July 15, 2015, 7:29 pm - IP Logged

      It's frustrating to be shouting the alarm on forthcoming doom, only to have it fall upon deaf ears!

      Alex Jones shares your frustration.

      A mind once stretched by a new idea never returns to its original dimensions!

        four4me's avatar - gate1
        MD
        United States
        Member #1701
        June 18, 2003
        8362 Posts
        Offline
        Posted: July 15, 2015, 9:46 pm - IP Logged

        We should all submit these findings to the attorney general in your state.

        Big John says. You don't hit the number. The number hits you!!!!

                       I'm not Big John, I'm Four4me, Big John's a friend.
          ttech10's avatar - blobdude
          Texas
          United States
          Member #92330
          June 5, 2010
          887 Posts
          Offline
          Posted: July 15, 2015, 10:01 pm - IP Logged

          Along with rigged drawings, computerized drawings can also accidentally screw people over, as was the case in Tennessee.

          The severely flawed drawings have been happening every day since computerized drawings replaced the lottery's real mechanical ball drawings more than three weeks ago.

          That's a total of 80 Pick 3 and Pick 4 drawings in which almost half the lottery ticket players bought were unwinnable.

          The flaw in the drawings prevented two of the same numbers from appearing together, in what players refer to as "doubles" and "triples", and in Pick 4, "quads".

            noise-gate's avatar - images q=tbn:ANd9GcR91HDs4UJhjxO7cmeMQWZ5lB_FOcMLOGicau4V74R45tDgPWrr
            Bay Area - California
            United States
            Member #136477
            December 12, 2012
            4108 Posts
            Offline
            Posted: July 16, 2015, 12:41 am - IP Logged

            Tipton's thoughts of Stefan....Image result for thrown under the bus

            People who say it cannot be done should not interrupt those who are doing it- George Bernard Shaw.

              Avatar
              NY
              United States
              Member #23835
              October 16, 2005
              3474 Posts
              Offline
              Posted: July 16, 2015, 2:58 am - IP Logged

              "The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors"

              He should have told them that the greatest threat is inadequate security protocols. Protocols that allow unauthorized software changes to go undetected for weeks on end. Protocols that don't allow them to know when security devices like surveillance systems are tampered with. Protocols that allow somebody to access the drawing computers without other people carefully observing them. Protocols that allow somebody to know weeks ahead of time which computer will be used to conduct a particular drawing.

              There's a world of difference between problems that result from poor software or faulty implementation of decent software and deliberate tampering with the approved software.

                JADELottery's avatar - MeAtWork 03.PNG
                The Quantum Master
                West Concord, MN
                United States
                Member #21
                December 7, 2001
                3675 Posts
                Offline
                Posted: July 16, 2015, 9:03 am - IP Logged

                Uh, Duh !?!

                Gee, What're The Odds?

                Presented 'AS IS' and for Entertainment Purposes Only.
                Any gain or loss is your responsibility.
                Use at your own risk.

                Order is a Subset of Chaos
                Knowledge is Beyond Belief
                Wisdom is Not Censored
                Douglas Paul Smallish
                Jehocifer

                  pickone4me's avatar - 021414tvlies zpsa453b327.jpg
                  Wisconsin
                  United States
                  Member #104962
                  January 23, 2011
                  1075 Posts
                  Offline
                  Posted: July 16, 2015, 12:13 pm - IP Logged

                  My haters owe me an apology.

                  Trump 2016!

                    TnTicketlosers's avatar - Lottery-065.jpg

                    United States
                    Member #71120
                    February 19, 2009
                    1209 Posts
                    Offline
                    Posted: July 16, 2015, 12:18 pm - IP Logged

                    ttech we have been doomed for years...thanks for the support.

                      rcbbuckeye's avatar - Lottery-043.jpg
                      Texas
                      United States
                      Member #55889
                      October 23, 2007
                      5603 Posts
                      Offline
                      Posted: July 16, 2015, 1:57 pm - IP Logged

                      My haters owe me an apology.

                      Pick,pick,pick. You keep on with your little pity party.

                      Listen. Try real hard to let this sink in. Try!

                      We been down this road before.

                      You need to quit calling people "haters". Nobody here knows you well enough to either love you or hate you. You are a stranger, just as we are strangers to you.

                      Again, I will repeat myself. Read this real slow like. Realllllllllly slow. Let it soak in to your little brain.

                      Here it is.........."a difference of opinion does not constitute hate".

                      Here is an example. My co-workers and I sometimes have a difference of opinion on something. Even so, we don't hate each other.

                      I truly hope you have a great day!

                      CAN'T WIN IF YOU'RE NOT IN

                      A DOLLAR AND A DREAM (OR $2)

                        malin1257's avatar - 8ball
                        Antwerp
                        Belgium
                        Member #86174
                        January 30, 2010
                        37 Posts
                        Offline
                        Posted: July 16, 2015, 3:51 pm - IP Logged

                        "The top threat to any lottery's integrity is its own information technology employees, a former lottery security chief told jurors"

                        He should have told them that the greatest threat is inadequate security protocols. Protocols that allow unauthorized software changes to go undetected for weeks on end. Protocols that don't allow them to know when security devices like surveillance systems are tampered with. Protocols that allow somebody to access the drawing computers without other people carefully observing them. Protocols that allow somebody to know weeks ahead of time which computer will be used to conduct a particular drawing.

                        There's a world of difference between problems that result from poor software or faulty implementation of decent software and deliberate tampering with the approved software.

                        Dance!BRAVO!

                          noise-gate's avatar - images q=tbn:ANd9GcR91HDs4UJhjxO7cmeMQWZ5lB_FOcMLOGicau4V74R45tDgPWrr
                          Bay Area - California
                          United States
                          Member #136477
                          December 12, 2012
                          4108 Posts
                          Offline
                          Posted: July 16, 2015, 5:06 pm - IP Logged

                          Pick,pick,pick. You keep on with your little pity party.

                          Listen. Try real hard to let this sink in. Try!

                          We been down this road before.

                          You need to quit calling people "haters". Nobody here knows you well enough to either love you or hate you. You are a stranger, just as we are strangers to you.

                          Again, I will repeat myself. Read this real slow like. Realllllllllly slow. Let it soak in to your little brain.

                          Here it is.........."a difference of opinion does not constitute hate".

                          Here is an example. My co-workers and I sometimes have a difference of opinion on something. Even so, we don't hate each other.

                          I truly hope you have a great day!

                          Buckeye l thought you said you were not going to fall for his BS posts. .. Lol.

                          People who say it cannot be done should not interrupt those who are doing it- George Bernard Shaw.

                            rcbbuckeye's avatar - Lottery-043.jpg
                            Texas
                            United States
                            Member #55889
                            October 23, 2007
                            5603 Posts
                            Offline
                            Posted: July 16, 2015, 5:24 pm - IP Logged

                            Buckeye l thought you said you were not going to fall for his BS posts. .. Lol.

                            No. That was jjprince. He's a troll.

                            Pick is simply misguided.

                            CAN'T WIN IF YOU'RE NOT IN

                            A DOLLAR AND A DREAM (OR $2)