Welcome Guest
Log In | Register )
You last visited December 10, 2016, 7:35 am
All times shown are
Eastern Time (GMT-5:00)

Is the Millionaire Raffle ADM Hacker Proof?

Topic closed. 17 replies. Last post 6 years ago by jimmy4164.

Page 1 of 2
PrintE-mailLink

United States
Member #93947
July 10, 2010
2180 Posts
Offline
Posted: July 11, 2010, 2:10 am - IP Logged

My subject line question may upset some, and confuse others.  Let me explain.  I am a retired computer programmer/analyst with considerable experience designing and implementing encryption systems, as well as intimate knowledge of how sequences of random numbers can be produced.  Rather than go into a long and esoteric mathematical explanation of random number generation, I will cut to the chase and direct my question to those who will know exactly what I'm talking about.  Hopefully, at least one of those people will be a programmer/analyst at the lottery commission.

Sequences of random numbers that are repeatable are called Pseudo-Random numbers and are produced with software using mathematical formulas that produce the exact same sequence each time the process is started with the same number, or "seed" as it is usually called.  Repeatable sequences are desirable for several reasons, the main one being that data dependent bugs in the software are more easily found with them.  OK, I said I would cut to the chase:

UNLESS the ADM which generates the list of winning numbers for the Millionaire Raffle is programmed to start its job on the night of the raffle with a PURELY RANDOM SEED OR A PURELY RANDOM LIST is generated with an algorythm using natural phenomena or random human timing interference,  THE PROGRAMMERS WHO MAINTAIN THE ADM COULD GENERATE THE ENTIRE LIST OF WINNING NUMBERS WELL IN ADVANCE OF THE OFFICIAL EVENT and, with this list in hand, increase their chances of winning by hanging out at the lottery outlets when the system is producing tickets with numbers approaching the next winner in the sequence, which they would already know!  There would be no guarantee of a win, as you cannot choose your number, but a person with this list would have a distinct advantage over everyone else.

I can just hear the outrage!!  Foul!  Foul!  Actually, I will be shocked if safeguards against the kind of fraud I'm describing are not already in place.  However, as a programmer, I would like to know what they are.  Even when the ping pong balls are randomly blowing around every night at 7pm on TV, I can't help but remember that fateful day back in 1980 when a certain TV bowling show host helped to ensure that the balls did not weigh the same! Smile

    rdgrnr's avatar - walt
    Way back up in them dadgum hills, son!
    United States
    Member #73904
    April 28, 2009
    14903 Posts
    Offline
    Posted: July 11, 2010, 12:16 pm - IP Logged

    My subject line question may upset some, and confuse others.  Let me explain.  I am a retired computer programmer/analyst with considerable experience designing and implementing encryption systems, as well as intimate knowledge of how sequences of random numbers can be produced.  Rather than go into a long and esoteric mathematical explanation of random number generation, I will cut to the chase and direct my question to those who will know exactly what I'm talking about.  Hopefully, at least one of those people will be a programmer/analyst at the lottery commission.

    Sequences of random numbers that are repeatable are called Pseudo-Random numbers and are produced with software using mathematical formulas that produce the exact same sequence each time the process is started with the same number, or "seed" as it is usually called.  Repeatable sequences are desirable for several reasons, the main one being that data dependent bugs in the software are more easily found with them.  OK, I said I would cut to the chase:

    UNLESS the ADM which generates the list of winning numbers for the Millionaire Raffle is programmed to start its job on the night of the raffle with a PURELY RANDOM SEED OR A PURELY RANDOM LIST is generated with an algorythm using natural phenomena or random human timing interference,  THE PROGRAMMERS WHO MAINTAIN THE ADM COULD GENERATE THE ENTIRE LIST OF WINNING NUMBERS WELL IN ADVANCE OF THE OFFICIAL EVENT and, with this list in hand, increase their chances of winning by hanging out at the lottery outlets when the system is producing tickets with numbers approaching the next winner in the sequence, which they would already know!  There would be no guarantee of a win, as you cannot choose your number, but a person with this list would have a distinct advantage over everyone else.

    I can just hear the outrage!!  Foul!  Foul!  Actually, I will be shocked if safeguards against the kind of fraud I'm describing are not already in place.  However, as a programmer, I would like to know what they are.  Even when the ping pong balls are randomly blowing around every night at 7pm on TV, I can't help but remember that fateful day back in 1980 when a certain TV bowling show host helped to ensure that the balls did not weigh the same! Smile

    It sounds like you would be the authority on this one Jimmy.

    I don't know what state you're in but I don't have a lot of faith in the state lotteries as a whole. I generally trust PB and MM and what I have for the rest of them would have to be called hope rather than trust. The main bugaboo for me is simply the computer systems. I don't know all the mechanics involved or the machinations required to compromise them; I only know I don't trust them.

    I had no idea about the info you just provided so you're way ahead of me on this issue. What do you recommend?


                                                 
                         
                                             

     

     

     

     

                                                                                                       

    "The only thing necessary for evil to triumph is for good men to do nothing"

                                                                                                --Edmund Burke

     

     


      United States
      Member #81843
      October 31, 2009
      856 Posts
      Offline
      Posted: July 11, 2010, 12:29 pm - IP Logged

      Good Post and thanks Jimmy

      I am just glad that DeBold is not in the Lottery business.

      DD

      What does ADM = ?

        Avatar
        NASHVILLE, TENN
        United States
        Member #33372
        February 20, 2006
        1044 Posts
        Offline
        Posted: July 11, 2010, 1:21 pm - IP Logged

        A computer program to produce randon numbers can be done in several ways.  Would you be so kind as to list several of the more popular ways or, perhaps, all the ways a program could produce random numbers (if the list isn't too long).

        Back in the old days (TRS-80), a random number program used the system's clock to generate numbers.  I have no idea how the "seed" is determine today and I would like to know.

        And if you possessed the very same program the Lotto uses, would you have an advantage?  I think not, unless you pressed <enter> at the very exact moment the Lotto people did.


          United States
          Member #93947
          July 10, 2010
          2180 Posts
          Offline
          Posted: July 11, 2010, 2:09 pm - IP Logged

          Thanks rdgrnr,

          "What do you recommend?"

          I was hoping that my post would prompt the lottery commission to address my concerns.  My recommendation would be for as many people as possible to contact them and request an explanation of how their ADM (Automatic Drawing Machine) is programmed.  My phone call to the published number didn't get me beyond a very nice front gatekeeper who was completely clueless regarding the issue.  Perhaps someone here has a better connection.

          You're wise to be wary of the computerized components of the lotteries.  It's very difficult to tinker with the randomness of the ping pong balls, as the conspirators in Pittsburgh found out in 1980, but computer programs offer many more subtle avenues for intrusion.  I outlined one of them in my original post here.  I used to know a computer software auditor that worked for a large bank.  His job was to scrutinize the source code as well as attempt to hack into it and do statistical analyses of its output to attempt to uncover weaknesses or even fraud by the programmers.  Some of the stories he told me (intelligible only to programmers!) of fraud he discovered were ingenious!  I would hope the Lottery Commission employs such auditors.

          I will be addressing the Pseudo Random sequence issue in my response to another poster here.


            United States
            Member #93947
            July 10, 2010
            2180 Posts
            Offline
            Posted: July 11, 2010, 2:12 pm - IP Logged

            ADM == Automatic Drawing Machine  (A computer program controlled entity)


              United States
              Member #93947
              July 10, 2010
              2180 Posts
              Offline
              Posted: July 11, 2010, 2:23 pm - IP Logged

              A computer program to produce randon numbers can be done in several ways.  Would you be so kind as to list several of the more popular ways or, perhaps, all the ways a program could produce random numbers (if the list isn't too long).

              Back in the old days (TRS-80), a random number program used the system's clock to generate numbers.  I have no idea how the "seed" is determine today and I would like to know.

              And if you possessed the very same program the Lotto uses, would you have an advantage?  I think not, unless you pressed <enter> at the very exact moment the Lotto people did.

              You're on the right track GasMeterGuy.  The only way to completely avoid fraud if Pseudo Random Sequences are being used is to use a PURELY RANDOM method to select the SEED.  As you allude to, a common way to do this is to use, say, the low 31 bits of the system clock, ticking away in microseconds.  Another way that I used in the past was to let the program run in a loop while waiting for a researcher to trigger the beginning of the random sequence.  Each pass through the loop I would call the random number generator, which would advance the process further into the sequence.  With this approach, it didn't matter what seed was used, as the human pushing the GO button was providing a VIRTUAL random seed.


                United States
                Member #93947
                July 10, 2010
                2180 Posts
                Offline
                Posted: July 11, 2010, 2:39 pm - IP Logged

                A computer program to produce randon numbers can be done in several ways.  Would you be so kind as to list several of the more popular ways or, perhaps, all the ways a program could produce random numbers (if the list isn't too long).

                Back in the old days (TRS-80), a random number program used the system's clock to generate numbers.  I have no idea how the "seed" is determine today and I would like to know.

                And if you possessed the very same program the Lotto uses, would you have an advantage?  I think not, unless you pressed <enter> at the very exact moment the Lotto people did.

                I forgot above -- if you insert Pseudorandom Numbers into your favorite search engine and pick one of the top entries from a place called Wiki... , you will find everything you ever wanted to know about them (and more!)

                As for the advantage of having the Lottery's computer program: saying "pressed <enter> at the very exact moment" implies you are assuming their program *IS* randomizing the seed.  But WE DON'T KNOW THIS, and it's the reason I posted here!

                  Avatar
                  NASHVILLE, TENN
                  United States
                  Member #33372
                  February 20, 2006
                  1044 Posts
                  Offline
                  Posted: July 11, 2010, 4:22 pm - IP Logged

                  I do not play Tennessee's lotto games because they use RNG.  There are just too many avenues condusive to fraud to suit me.  This I know about human nature:  If there is a way to take an advantage, people will take the advantage.

                    Coin Toss's avatar - shape barbed.jpg
                    Zeta Reticuli Star System
                    United States
                    Member #30470
                    January 17, 2006
                    10354 Posts
                    Offline
                    Posted: July 11, 2010, 6:01 pm - IP Logged

                    Not lotto, but video Keno and Poker

                    When I worked in downtown Vegas a co-worker and I used to walk through the Horshoe after work. We were on swing and got off at 2:00 or 4:00 a.m. so got to know some of the graveyard shift people at the'Shoe.

                    One night (2:00 a.m.) as we were walking through there one of the slot techs had some kind of gizmo hooked up to a bank of video Keno machines and we asked him what he was doing.

                    He told us since everything had gone to the "chip" (computerized) there were two programs for the keno machines, a hot and a cold one. The hot one was for the weekends as there was a lot more play and the money volume justified paying out more, the cold one was for during the week for when the machines took in a lot less.

                    He also said that there was an even newer device coming out and he could do everyy poker machine and every keno machine but just connecting to any given one of them when he got it, instead of doing it bank by bank of machines.

                    Also, along these lines, there was what's called a slot route in Las Vegas that was run by a gaming machine company that had video poker machines in a large group of taverns. They were sey up for a progressive jackpot, just like casino Mega Millions slots. Every time someone put a coin in any machine in this group the jackpot would increase. It was something like one cent for every $1.25 that went into the machines.

                    Here's the deal though, and this was mid 1990's technology. The entire network of machines was set up so no opne would ever hit a royal, meaning no one would ever win the jackpot.

                    So the technology to manipulate these things is there.

                    Those who run the lotteries love it when players look for consistency in something that's designed not to have any.

                    Lep

                    There is one and only one 'proven' system, and that is to book the action. No matter the game, let the players pick their own losers.


                      United States
                      Member #93947
                      July 10, 2010
                      2180 Posts
                      Offline
                      Posted: July 11, 2010, 6:57 pm - IP Logged

                      Coin Toss,

                      I was in Vegas recently for the first time and marvelled at how seriously so many of the slot players took their "work!"  We tried to get a feel for a ballpark number on what the house's "edge" was, but concluded we would have to stay there and record results for a very long time to come up with a reliable number.  One thing we were convinced of was that if the house was only grossing a small percentage on slots, like they do in roulette, they must pay out some big wins once in a while, because the typical run for us on nickle machines boiled down to about a $5 loss per hour! Confused  You know there is something fishy when the first thing that greets you when you enter any casino is a sea of slots, occupying the lion's share of their real estate.  You are at the mercy of the computer programmers and their managers with all of the computerized games.  Ironically, in the past, if you won too much at Blackjack, one of the few games it is possible to beat, you risked being accused of cheating.  Amazing.  Most people end up losing all the money they start with in slots, but how many times has anyone successfully sued the casinos over that fact?  Just imagine the magnitude of the task a state auditor would have if he or she attempted to thoroughly examine a casino's software and accounting systems to determine the actual average percentage they were making on slots.  Do you think they even try?  Even Keanu Reeves would be hard pressed to unravel this "Matrix!"

                      In Vegas, stick to the table games that have known odds, and in Pennsylvania, play the games whose winners are determined by those bouncing plastic balls...

                      ...until the Lottery Commission convinces us that there is no way for ANYONE to know the winning numbers in computerized games BEFORE the official drawing!!!

                        I hope this thread is addressed by the Lottery.  If you spot someone in another thread that might be a lottery employee, please point them over here!

                        jimjwright's avatar - Yellow 3.png
                        Park City, UT
                        United States
                        Member #69864
                        January 18, 2009
                        993 Posts
                        Offline
                        Posted: July 11, 2010, 8:08 pm - IP Logged

                        I would be suprised if any lotteries or online gambling sites are using software only pseudo random number generators.  I would expect them to use some type of hardware assisted random number generators.  But you never know some companies/states are not very smart and might make poor decisions in order to save money.

                        As a side job in the past I created custom membership web sites for clients.  They go thru the process of getting a merchant account, which gives them the ability to take credit card payments thru a payment gateway.  What this means depending on who they went with and if they do automatic rebilling that they could be storing credit card information on there server.  PCI regulation was sketchy at best in the past, and trust me these mom and pop shops that were doing this had no business taking credit card payments if they didn't understand the security involved in protecting the CC information of the client.  For this reason alone I never worked with a client that required information to be stored locally on there web site.  PCI regulation might be stricter now but who knows, but because of this in wouldn't suprise me at all if some states were shoddy with the use of software RNG because who is really regulating them?  Entities that do self regulation are usually the ones that need it the most.

                        Jimmy


                          United States
                          Member #93947
                          July 10, 2010
                          2180 Posts
                          Offline
                          Posted: July 11, 2010, 11:45 pm - IP Logged

                          I would be suprised if any lotteries or online gambling sites are using software only pseudo random number generators.  I would expect them to use some type of hardware assisted random number generators.  But you never know some companies/states are not very smart and might make poor decisions in order to save money.

                          As a side job in the past I created custom membership web sites for clients.  They go thru the process of getting a merchant account, which gives them the ability to take credit card payments thru a payment gateway.  What this means depending on who they went with and if they do automatic rebilling that they could be storing credit card information on there server.  PCI regulation was sketchy at best in the past, and trust me these mom and pop shops that were doing this had no business taking credit card payments if they didn't understand the security involved in protecting the CC information of the client.  For this reason alone I never worked with a client that required information to be stored locally on there web site.  PCI regulation might be stricter now but who knows, but because of this in wouldn't suprise me at all if some states were shoddy with the use of software RNG because who is really regulating them?  Entities that do self regulation are usually the ones that need it the most.

                          Jimmy

                          Thanks Jimmy,

                          I bet you have more than once considered cancelling all your plastic, save one debit card with a minimal balance!

                          My experiences writing programs for researchers, most of them PhDs in the social sciences, have convinced me that anyone relying on computers should be required to take a set of basic courses in logic and computer hardware and software.  To the extent that this has not happened, computer engineers are in a position to take over!  Middle managers rely on "techies" to  produce systems for them that they have been obliged to deliver to their upper management bosses.  Trust is a key ingredient in this process, and given what has transpired in the financial markets over the last 2+ years, it's becoming clearer every day that trust is not always warranted.  Just how strongly do you believe the assertion in your first sentence above?  :-)

                          --Jimmy


                            United States
                            Member #93947
                            July 10, 2010
                            2180 Posts
                            Offline
                            Posted: July 11, 2010, 11:51 pm - IP Logged

                            I do not play Tennessee's lotto games because they use RNG.  There are just too many avenues condusive to fraud to suit me.  This I know about human nature:  If there is a way to take an advantage, people will take the advantage.

                            The truth of your statement here is supported by the Trillion dollar fiasco we have yet to see the end of in our financial systems.

                              Coin Toss's avatar - shape barbed.jpg
                              Zeta Reticuli Star System
                              United States
                              Member #30470
                              January 17, 2006
                              10354 Posts
                              Offline
                              Posted: July 12, 2010, 12:40 am - IP Logged

                              jimmy4164,

                              No too awful long ago casinos provided slots for high rollers wives to have something to do while thier husbands were at the tables. That was the thinking back then.

                              The visionaries in the business kept saying there was a generation coming up that were video game players and guess what they're going to plau when they're old enought to gamble.

                              One night we had an old time boxman go on break with us (the old timers had great stories) and he spotted three nckel slots that they had tucked away by a bar. Old time "reel" machines, not computerized. These slots had three wheels and nine "stops", like gears, so the odds of a jackpt (which were way smaller then) were 9 X 9 X 9. But you didn't have to win the max prize to make money.

                              Well when he saw this machine he stopped and said (to the machine), "Hello old friend", thenm he told us, "I made a down payment on a house playing these and it's how I used to pay my mortgage. I didn;t know these downtoen joints still had any."

                              Then he explained "timing the machine", that is pulling the handle at just the right time. Kind of like a real good safecracker might work.

                              A couple of guys were skeptics but you could play in this casino (just not table games) on your breaks and this guy was winning $20 - $25 a break in nickels.

                              Just another reason everything went electronic.

                              Those who run the lotteries love it when players look for consistency in something that's designed not to have any.

                              Lep

                              There is one and only one 'proven' system, and that is to book the action. No matter the game, let the players pick their own losers.