
The Photographic Science of Detecting Fake Lottery Tickets - ecaron
http://www.hackerfactor.com/blog/?/archives/478-Fool-Me-Once.html
======
biot
Is it possible to reverse engineer the image such that it passes all tests?
Knowing the various algorithms that could be used, what would be involved in
constructing the modification such that it doesn't reveal evidence of any
modifications?

One thought would be to actually render an entire scene in something like POV-
Ray. Imagine if something like this rendering
<http://www.povray.org/community/hof/chado.php> contained a winning lottery
ticket on the table. If you save the rendered image using the same compression
algorithm and same EXIF heading information as a camera, how would one tell
the difference?

~~~
cuu508
I imagine it would be hard for renderer to fake all subtle qualities digital
camera introduces. Things like "colors too clean", "noise too uniform",
"geometric distortion doesn't match any existing lens" would turn up.

In this specific case I think I'd print a fake ticket with dot matrix printer
and take photos of it.

~~~
K2h
I have worked so hard to completely replace dot matrix that I am actually
trying to think were I could get access to one and am coming up blank! Many
receipts are now the crappy thermal paper that magically disappers from being
left on the dash.. Its like magic in the retailers favor...and just about
everything else is laser. Where would you get the dot matrix?

------
jonah
Simply blowing the contrast out in Photoshop makes the fakery pretty apparent
too: <http://i.imgur.com/6niwJ.png>

------
Bud
What's funny about this to me is that the "04 02" reveals the fake without any
kind of photographic analysis whatsoever. The numbers are supposed to be
sorted smallest to largest. A valid ticket would read "02 04".

~~~
bri3d
The author mentions that anomaly in the article, but goes on to assume that
the sorting is picked by the state printing the ticket (probably for the
benefit of being able to continue the case study).

I also noted that the differing color of the "04 02" in that image can be
spotted with the naked eye if zoomed in - no advanced analysis techniques
necessary.

I think the techniques used were far more interesting than the particular case
study - while the media and non-camera-original nature of the images made the
author's most basic techniques somewhat ineffective, the fakes were overall
very poorly executed.

~~~
scoot
If it were the case that the numbers on this ticket were unsorted, you would
expect all of the rows to be unsorted, whereas everything except 04 & 02 are
in order, including the numbers that follow in the same row. Still interesting
to see the "forensic" approach to this.

------
delinka
To fake a lottery ticket for posting online, it'd be much easier just to print
a fake ticket and then photograph it. I suppose, however, that the purpose of
doing it digitally is to practice skills and "because I can."

To fake a lottery ticket for claiming a prize ... well, that'd be fraudulent
and would result in loss of freedom for quite some time.

------
user0398
I find it utterly frustrating that a scientific seeming article would end with
this conclusion:

 _"A single algorithm can trigger false-positive or false-negative results...
if something is really real, then it should pass everything."_

How you going to be so thorough about detecting a crappy photoshop job and
then trip over your own words in the conclusion?

------
kapgoals
Not for nothing, but if you merely zoom in on the picture you can tell that
the 'winning' line is a different color with the naked eye. And if you want to
'prove' this, a 10-second color replacement in photoshop does the job:
<http://i.imgur.com/7Mg4z.png>

------
greendestiny
There is nothing scientific about any of these tests. What's a 'high' ELA or
'low'? The thing that triggers a 'positive' seems to be only the authors
intuition. While some of the tests might show something, I'm pretty sure ELA
is absolute garbage - you can't separate the number of needed resaves because
of the content frequencies from number of times it has already been resaved.

~~~
sliverstorm
What, may I ask, makes a test scientific?

~~~
greendestiny
You don't need to get technical about it, but I think most people would expect
any test described as scientific to be objective.

~~~
tantalor
Do you mean free of bias or reproducible?

I think the author was clearly free from bias, and his results are easily
reproduced by applying the same algorithms.

The subjectivity which you complain about may be the conclusions drawn from
the results of the tests, which I think are distinct. Specifically, you cite
his "intuition" as the origin of the conclusion.

I think the author's intuition is reliable because, like "real" scientists,
he's an expert and speaks publicly about his work.[1] Or at least he appears
to be. Are you prepared to challenge him as an expert?

[1] <http://www.hackerfactor.com/papers/bh-usa-07-krawetz-wp.pdf>

~~~
greendestiny
I could, but shouldn't we demand he show some proof for his claims?

It seems to me that if you pull a bit of maths and technical magic out the
normal skepticism the tech community melts away into a compliant bundle of
gullibility.

------
morsch
This site has a GIMP script for doing Error Level Analysis:
<http://sites.google.com/site/elsamuko/forensics/ela> (After saving it to your
~/.gimp-2.6/scripts folder, the tool hides in the Image menu.)

I just tried it on a couple of my own images, the results are very
interesting.

------
hardy263
Can you use Photoshop filters to do this, or are there more professional
programs to do so?

------
FaceKicker
Slightly related, I was wondering how the actual lottery tells if your ticket
is real - do the machines record your ticket's serial number and number(s)
chosen and then send the info to the lottery HQ? Or do the lottery machines
compute an HMAC of some kind and encode it in the serial number on the ticket
itself?

~~~
excuse-me
I don't know about this US lottery specifically but in most systems everything
is recorded at HQ. Not just the numbers, but the place, the date and time,
serial number etc

That way they can also check with CCTV.

It's an interesting topic in database design because the link to the store may
fail at any time (remember lotteries started years ago on dialup) and you must
not have an issued-unrecorded ticket at any point in the process

~~~
kijin
Then why did it take so long for them to announce how many winners there were?
First they said "at least one", and then they said "three". If everything was
stored in a central database, they could have found out the exact figures (and
a lot more) as soon as the last winning number was announced.

Maybe it's due to lack of coordination between states? Or maybe they need to
do fraud checking, etc. by watching CCTV footage from the point of sale?

~~~
tantalor
I doubt they use recordings for fraud prevention. I'd be pretty upset if my
winning lottery ticket were denied because the store lost the recording, or
never had them. It's just too costly to record every purchase.

~~~
excuse-me
They don't insist on CCTV but it's a useful tool.

Actually the major source of fraud in most lotteries is the store owner . For
small wins the ticket is taken back to the store to scan it to check for a
win, the store owner will tell the buyer that it lost, or that it only won a
much smaller prize, pay that out of the till and then claim the prize.
Especially in poor/immigrant communities where many player may not speak
English or have internet access.

There was a story on here about an analyst for an oil company who worked out
the random number sequence for a lottery in Ontario. He also analysed the
winning claims and discovered that certain stores where claiming a
disproportionate number of middle wins.

------
K2h
not directly related, but this made me remember some reading I did awhile ago
on EXIF analysis.

a really cool tool for EXIF <http://www.sno.phy.queensu.ca/~phil/exiftool/>

