Schneier on Security
A blog covering security and security technology.
« Hogwarts Security |
| Digital-ER »
September 5, 2005
Bad Game-Show Random-Number Generator
A fun story about a bad game-show random-number generator.
Posted on September 5, 2005 at 6:16 AM
• 26 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Fun story? It's sad, and tragic
It's not always the random nuber generator that's at fault....
At least one government run system uses a (true) random number generator to generate lucky numbers for the investors. The avarage pay out is about what you would expect for an investment of that sort (ie a secure government bond). Obviously if you only buy a small number then the odds of getting a return are very random.
However the governemnt concerned had a problem, each unit of investment had it's own serial number, you could buy and redeam units whenever you wanted, however serial numbers are not reissued. After something like 50 years the numbers are a very very sparse data set, therefore you have to have some way of mapping the random number to a valid unit...
Untill recently it was not possible to do this in a manner tha could not be exploited to your (marginal) gain.
A friend who is a statistician by training has been running a test for around six years now, and yes he is showing an increase of around 1.3% over the normal expected rate, it's not a lot but in these times of low interest rates on secure savings it's a margin worth having.
This reminds me of the "Who Wants To Be A Millionaire" shenanigans involving Major Charles Ingram and his friend in the audience with the tickly throat. Nothing as impressive as unraveling a pseudo random number generator – in this episode coded coughs were used to scoop the loot:
Just like Michael Larsen, Major Charles Ingram’s life didn’t exactly improve after the show’s credits rolled...
Is this story posted anywhere else? Rotten.com is blocked by my company's proxy server ("Category: Mature/Extreme"...)
the second challenge for the game show guy, finding two pieces of currency with consecutive serial numbers, is easy. i get bills like that all the time from my bank, they're brand new and stick together. you don't have to withdraw fifty grand in one dollar bills.
Well if anyone every needed a good example of Karma...
I guess the Bureau of Engraving and Printing didn't sell uncut currency sheets back then.
http://en.wikipedia.org/wiki/Michael_Larson tells the story as well. And I think explains the radio contest better: the contest appears to be to find a bill sequential to a bill the radio station had, or actually find the same bill they had previously held.
"Fun story? It's sad, and tragic"
Well yes, it ends sadly and tragically. But slap a new ending, and it would make a great made-for-TV movie. Someone call HBO.
(I like the part where he figured out how to win, but not how to quit the game.)
I've read about this before. Moral of the story: Even some smart people can be really dumb sometimes.
An alternative tip: type your url into Google and view Google's cache. This also comes in handy when the server is down! (And you have a deadline that is fast approaching...)
"They were giving away a $30,000 jackpot to anyone who could produce "consecutive serial numbers" on two pieces of American currency."
I got that twice in the last week. My wallet had two sequences of bills and nothing else.
I presume, as another poster mentioned above, that some policy has changed?
"I got that twice in the last week. My wallet had two sequences of bills and nothing else.
"I presume, as another poster mentioned above, that some policy has changed?"
New $20 bills, in sequential order, are common in ATM machines. It's still just as likely to get new $1 bills.
Although it seems likely that the bank can get you a stack of consecutive $1 bills if you ask. (I know someone who once took a stack of new $1 bills and make a pad of them using the proper glue. He turned heads when he tore sheets of money off a pad.)
How could someone so bright be so stupid as to leave that much cash just lying around?
I once worked with someone who claimed to be the third best PacMan player on an international level. It's not something that could be easily believed, save for the fact that he instantly recognized and pointed out patterns in everything he looked at, often beyond anyone else's ability. A couple marathon sessions of WinMame and some online games and he (slowly) proved his point. This was a kind of mathematical talent that served him and us well, but often did not help in areas of life we might have otherwise taken for granted -- while patterns probably stood out on their own, the laws and regulations running counter to natural patterns seemed to be almost imperceptible to him.
"How could someone so bright be so stupid as to leave that much cash just lying around?"
He was obviously obsessed with complex routines, but somewhat oblivious to the simple ones. I think the real question is how someone so gifted could have ended up driving an ice-cream truck for a living, no?
"I know someone who once took a stack of new $1 bills and make a pad of them using the proper glue. He turned heads when he tore sheets of money off a pad."
Funny, I've heard about that trick.
I don't know if he still does it but I once saw Woz leave uncut sheets of $2 bills behind after a meal in Vegas.
The waitress appeared more than a bit unsure of what to do with the sheet. Even if she accepted it as legal tender, it wouldn't fit in the register.
If you found what happened to Michael Larsen after he won the money to be odd, you may find this related article to be interesting: http://www.rotten.com/library/culture/...
Essentially, winning the lottery can be the worst thing that's ever happened to you.
"Essentially, winning the lottery can be the worst thing that's ever happened to you."
Yeah, one thing that surprises me is how few people realise that a one million dollar prize just isn't all that much money anymore. OK, it's quite a lot more money than I could put my hands on, but it is not enough to, say, BOTH buy a really nice house AND retire to live on the interest from the rest. For example, around here (which admittedly has fairly steep real estate prices, but there is no tax on lottery prizes), if you bought a basic two bedroom flat in a lower-middle class neighbourhood and invest the rest in a relatively safe way (say high interest government guaranteed bonds) your annual interest before tax will be about 1.5 x minimum wage. Nice, but don't give up your day job, and forget about the jet, sports car, etc.
Of course if you're a financial wiz you could probably parley your million into some much better investments and manage them carefully, but in that case you probably weren't "investing" in the lottery to begin with...
"Major Charles Ingram .... in this episode coded coughs were used to scoop the loot"
Another aside, but I am one of those people who believe this was a serious miscarriage of justice. I'm not certain that Ingram is innocent, but I'm pretty sure the evidence against him doesn't reach the necessary standard of proof for a criminal conviction. An interesting essay about this (which does have some security related aspects) can be found at:
(Incidentally, the chance of 19 out of 36 random coughs corresponding to the correct answer is about 1 in 3,000 without any biasing at all; if the correct answer is said about twice as often as the rest (giving 2 out of 5 instead of 1 out of 4 per cough) it rises to about 8%. If we eliminate the 5 "significant coughs" which actually occurred _after_ Ingram had identified the correct answer, it rises to 1% without any biasing and 34% with it.)
The story reminded me of one of the reasons that Alan Turing and the organisation at Bletchly Park (I can't remember its name) was able to break the enigma system: sheer luck. If I remember correctly, the German army operating standards didn't use the system to its full capacity. The German navy, on the other hand, did. As a consequence, the army's system was cracked by analysis of the messages and the navy's wasn't until a ship (u-boot?) and its enigma unit were captured and the system was reverse-engineered, as it were. If the army was using the system completely as designed, it would have been much longer to crack.
I am working from memory, but I probably read this from either "Alan Turing: The Enigma" by Andrew Hodges or "The Code Book: The Secret History of Codes and Code-breaking" by Simon Singh.
They didn't crack Enigma by luck - more like after-the-fact social engineering.
Enigma needed a code word to be transmitted to signify that day's rotor position. Then they sent the settings in code, twice. Polish analysts worked this out.
Ergo if the first three letters sent were HIT, then the next 6 letters would be LERLER in code. People used all sorts of 6 letter words, like Berlin, regularly. The Bletchley analysts then tried to guess what 6 letter words the operator was using. They used to have files on specific Enigma operators.
The reason the Navy's codes were harder to break was that they had a larger number of rotors, and enforced stricter procedures about choosing random 6 letter words.
It's amazing how often greed trips these people up (or perhaps amazing how many never get caught because they show more restraint).
The LAST thing you want is to win too much. Be sure to lose enough during the process so that you don't look incredibly lucky.
On that note, a friend of mine happened upon on an Internet blackjack game 6 or so years ago. For fun, invested 20 bucks and was playing around with it. He discovered that the application was running the rand() function on the local system instead of the remote server. Rewrote the rand() function and parlayed his 20 bucks into 10 grand. Guess how much he got to keep.
it is really sad and can hardly be reffered to as a funny story.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.