She lost her job, since this racket destroyed Simon Marketing.
Then you audit the process and the work often.
what if you are the person to take, process and finalize orders at a company? You can take all their money. If you split these into 3 separate tasks, none of them can do anything. (because social factors will have more chance to keep the 3 in normal working order, where only 1 is easily to corrupt without 2 other holding them steady.)
It's unbeleivable such large coorporations still have these kind of issues. over complicated structures in my opinion, where people stop seeing the forest through the trees so to speak, and lose sight of these important matters.
While working at IBM, there was a bit of fanfare for someone in my dept who got a very big promotion (iirc, he skipped a couple levels up at once). The promotion was because he'd noticed a flaw in the system that could have allowed four people to collectively conspire and get away with maybe $6 million. He reported it and the managers were all suitably impressed. I never managed to get enough details to understand the potential scam, or the solution implemented.
Contrast this with the much larger amounts at stake with this sweepstakes & fast food org, and they aren't putting in any such multi-party controls. No surprise they were scammed.
Design the org so that power is separated, no one has the opportunity to steal at scale.
Power corrupts, absolute power corrupts absolutely. Divide the power and you remove the impetus for corruption. I don't think that cop would have done anything but an ordinary good job, had that multi-million dollar temptation not just showed up in his lap...
currently. I hope for the sake of the investors that it stays so, but I have a feeling it will not.
(This feeling is not at all informed by my bitterness at not buying in when 1BTC was 20 bucks.)
The other thing is that bitcoin actually solves a need in the world - the ability to transfer wealth from one person to another anywhere in the world without intermediaries. Folks can argue about how necessary this is for the average person, but it's certainly something that beanie babies (or any other physical collectible good) cannot provide.
See, the only people for whom this is an actual “need” are crazy libertarians (questionable) and criminals (absolutely). Nobody else in the world considers this an unmet need.
What good is a solution in search of a problem?
Pretty much the entire population of Venezuela and Zimbabwe would beg to differ... and that's just recent history.
In the months/years after 9/11 I remember that a recurring theme in longform stories was that their events took place shortly before or after 9/11 and had collectively been forgotten. One that I still remember is a Sports Illustrated feature about 8 Wyoming college cross-country runners who died in the worst vehicle crash in Wyoming history . Though maybe in today's 24/7+ media cycle and attention deficits, plenty of interesting stories slip through the cracks on a more regular basis.
I have a friend who was there during this terrible incident.
In this case, the answer was one, and the amount of money was millions of dollars. Should we be surprised that it happened?
Back in the day, not many:
A list of easter eggs wouldn't appear to tell us anything about how easy or hard it would be get a secret back door in.
I've worked on popular software (>10 million users) that had Easter eggs. Dozens of people in the company knew about each Easter egg that shipped, including managers. Not everyone is a soulless killjoy.
Thousands of developers over a decade have touched code going into iOS & Mac OS and so far have a pretty good track record on internal espionage and back doors.
> remember that time you could bypass the root password
Pretty dumb mistake, but willing to put money on them that it won't happen again. I think you severely underestimate just how competent Apple (and Google, Facebook, or Microsoft) are at their job given the enormous complexity of the problems they solve.
Maybe. Or maybe they have an impeccable track record on not getting caught (at least publicly). It's essentially impossible to differentiate the two.
This sounds like "guilty until proven innocent" logic - maybe we should drown people to prove they're not witches. I'm all for a healthy dose of skepticism, but there's a point it passes into fantasy.
This is not guilty until proven innocent, this is just the way most businesses operate.
This is true only if we were to ignore the following:
organised crime; politicians; all secret services, both domestic and foreign; corporate espionage; opportunity getting the better of people, especially problem gamblers and drug addicts
I'm pretty sure the Chinese government would be capable of planting two or three sleepers in Apple's software division if they decided to.
I'm not interested in conjecture. Like I said, the stuff of movies.
The valley is a pretty incestuous place and people with specific skills are pretty small in number. It doesn’t seem wacky that someone with nation state budget wouldn’t have a network of influence to get someone hired somewhere.
People do it for their friends all of the time.
To that end, I’m amazed it took that long for the FBI to take down the network in the article. The more people who are read in to criminal activity, the risk exponentially increases, as anybody who has been on either end of investigative leverage can tell you. I’m stunned one person in the early days of this scam, particularly when it started involving colorful people, didn’t flip as a bargaining tool for other things they were into.
As tomnipotent said, it’d make a cool movie.
Whatever their plans are, there is some number N of employees who could subvert those plans. It is legitimate to wonder how big that number is, and to note that there is no way for anyone outside of Apple to know.
While most people are focusing on the lack of human controls that allowed there to be a single person who could pull this off, I think an over looked issue was the over reliance on these tamper resistant seals. They had a single type of seal from a single supplier that was apparently used by itself to show tamper resistance.
This is actually less secure then the setup at the Starbucks I worked at where the tamper resistant bags had serial numbers on both the body of the bag and on a removable tag, so that if somebody was to open the bag (which you could only do by ripping it) and put it in a new bag, the serial number would no longer match.
Sure, it's all written down in the rules somewhere but it's an elaborate effort to disguise the actual odds of winning to get people to buy more cheeseburgers. You think you are 3 quarters of the way to a PT Cruiser when you are in fact barely more likely to get it that you were before you got the first three.
In reality there were millions of Park Places tickets in circulation.
Not that I thought I'd ever get the jet myself. It just didn't really stand out as ridiculous when a mere mountain bike required 2,750 points. A 24-pack of Pepsi was worth 4 points. So, you'd need to drink roughly 16,500 cans of Pepsi for the bike. Or 45 cans per day for a year. It all seemed effectively impossible to me.
But, somebody figured out how it could be achieved. That's amazing. I'd pefer they held Pepsi to their word on that one, but I would have settled for a big fine for marketing their product through lying to children.
It's generally overlooked for free fries but for real prizes you need an adult to claim them. Like teenagers that sneak in to a casino - they can win a few hundred bucks but if they win a big prize there will be a demand for ID, they'll be kicked out, and no prize awarded.
Kids can't be encouraged to gamble because they aren't going to make mature decisions.
The amusement park was a lot of fun.
One thing I think is interesting is they allow employees to play but they have a different color for their tickets, which for consumers are handed out at the cash register based on certain items bought. I'm guessing this is to keep employees from taking a huge stash of tickets home at the end of a shift.
The coupons are sometimes alright. We've got a huge collection of small cans of tomato sauce and small boxes of tissues. The online second chance thing is mostly a scam too sadly. You basically win entries into a sweepstakes for movie/tickets or a cruise. You can win $5 Fandango tickets, but it's a royal hassle to redeem them. You can also win gas points, but I'm not sure they redeem properly. It takes hundreds of dollars of purchases to even get the single gas point on average.
The whole thing is mostly a waste of time. The other promotion they do where you can earn up points to buy cookware is a lot better. Got a decent pot and a usable knife out of that last time.
exactly as likely
A lot of people think the lottery is the best way for them to achieve financial freedom.
The game style (shrouded game pieces used to make winning combinations with a smattering of instant winners) predated the Monopoly branding by years, maybe a decade. We had several such games in the McDonald's I worked at in the 1970s, none with Monopoly branding.
The mark of a good security expert is that they will tell you the threat they themselves, potentially, are. (This is true for IT as well.)
I guess the company just didn’t care, as long as someone won and the marketing worked.
McDonald's counts those millions good as gone when they start the promotion, but it's worth it since they assuredly get a huge return on the investment. They assumed Simon marketing was doing their job, and we shouldn't be surprised they didn't care to look analyze the integrity of the game. They were selling truckloads of Big Macs & Mcnuggets and that all that really matters to them.
Any-who... great writing, and interesting look into to a "game" I'm sure most of us have a connection to. Pretty amazing it was hijacked by a few people for so long. Really enjoyed this read!
Running the last game that was known ahead of time to be rigged seems indefensible. The article doesn’t challenge the position that catching the crooks is a good reason to defraud more people.
Which, from a regulatory point of view, seems strictly worse than running an honest game.
So to run this type of promotion in Canada, you need to set up a façade of presenting it as a game of skill or mixed skill/chance instead, which usually involves something like having a prospective winner answer a math question. Look up "skill-testing question Canada" for more info.
And Québec in particular has piles of extra rules on top of that, which often leads to "offer not valid in Québec" as part of the promotion.
> CONTEST IS OPEN TO RESIDENTS [...] WORLDWIDE, EXCEPT FOR QUEBEC, CRIMEA, CUBA, IRAN, SYRIA, NORTH KOREA, and SUDAN.
Quebec seems to stand out in that list. https://capturetheflag.withgoogle.com/rules.pdf
My brother won a Sony Watchman (mini-TV) and we all double checked his math before redeeming.
Most business folks I know are more concerned about getting things shipped that work than what their potential toxic combination impact can have.
There should have been 3 people, and the tickets should always have been in sight of 2 of them. That way one person can go the the bathroom while the other 2 keep watch over the tickets.
Does anyone know what the 'Omega III supercomputer' is?
Edit: It's pretty hard to find anything about it! Apparently the University of Georgia had one too, but I'm giving up now and getting back to work :)
Edit 2: Apparently it was IBM (360?) compatible: https://it.unt.edu/sites/default/files/benchmarks-01-1980.pd...
(edit: and here's a manual I found for the Model I. Does indeed sound like a System/360 compatible. http://www.bitsavers.org/pdf/cdc/omega480/22291359A_OMEGA_48...)
In any case, the ones who get caught are done in by carelessness, and over-confidence. You have to wonder how many are not getting caught if they can manage these two faults.
I wonder the same about leaks like the Snowden leaks. If Snowden could do this how many other people get access to the same data and use it for their own purposes be it financial, political or both ? My guess is a lot.
There may very well be people who are getting away with doing it now, but the leaked data eventually winds up being used which is how you get caught.
2 things that stood out
> Hanssen [...] is serving his sentence at the ADX Florence, a federal supermax prison near Florence, Colorado in solitary confinement for twenty-three hours a day.
The guy made a deal to avoid the death penalty, but from what I've read about solitary confinement this can't be much better.
>U.S. mole hunters investigated 90 employees at WTC for almost a year and came up with ten suspects, although the lead investigator noted that "there are so many problem personalities that no one stands out"
Now take a highly ranked powerful machiavellian person, and the scenario suddenly seems very likely.
However, it seems like being named in public is the best way to prevent fraud. Many of these scams are through second counsins' friends and weird sources. Now an insider could just go through their best friend and no one would ever be able to connect the dots.
I'm not sure if I'm for or against winners staying anonymous. If they would require public identification, winners could simply change their name to smith. I'd happily change my name for a hundred million dollars.
He gave the tip to his brother. Being able to shield your identity would make fraud both more tempting and less likely to be caught.
HN Discussion Thread 
People were rigging the libor rate to make billions of dollars and nobody was caught for over 20 years
While the LIBOR (and similar) rate had a huge impact given how many products referenced it, the direct trading is rather smaller and the direct impact of misquoting was small. Rates were moved hundredths to at most tenths of a percent.
Using the billions figure is hyperbolic and doesn't reflect what the people involved did or were trying to do.
If you want to fix problems in important markets, just like in code, you need a clear, detailed, and nuanced understanding of what happened and the motivations of those involved.
"On 27 July 2012, the Financial Times published an article by a former trader which stated that Libor manipulation had been common since at least 1991."
In other words, this came to light under the previous US POTUS and - much like the crash of 2007 / 2008 - __nothing__ happened. It's amazing how much power the MSM has over the narrative(s) and public perception.
The point being these financial companies get to operate without fear; without penalty. Which was the nature of the comment that comment was added to.
as opposed to the Russian POTUS :)
The Man Who Cracked the Lottery https://nyti.ms/2Ksihm9
it seems many of these cases involve insiders
Having successfully argued for the creation of regulated utility monopolies, he assembled a huge empire which subsequently collapsed in the Great Crash of 1929, investors and indeed himself were wiped out...
His name is Rich Uncle Pennybags
I'd love to learn more about this. How do you separate inconsequential details told by liars from inconsequential details told by excited people?
One study found this by analyzing insurance claims 
I think I might have to revise my understanding of what it means to be an honest businessman.
It is depressing to me that greed so easily trumps morality.
How is this possible?
Even then, in 1988, that $70,000 salary was pretty good. That's the equivalent of $149,000 today. (Or $52,000 in 1981 when he was a cop).
Not all of these still exist today, but many do.
As the benefits got more expensive, salaries came up.
Also, police officers are not paid well.
Inflation only tells some of the story -- oil is marginally controlled by a cartel, OPEC. I seem to recall OPEC following a cheap oil strategy to drive smaller producers to close their wells.
"A group of Burger King restaurants tried to get a class act lawsuit together, so did a group of unhappy McDonald’s customers in Canada."
McDonald's Monopoly on a Blockchain
Had I known the FBI cared about these things...
Tickets can start as simply generic serial numbers, but a post-distribution cryptographically-audited process then upgrades some to winners.
By the way random facts, but we prefer calling ourselves and being called members of the Church of Jesus Christ of Latter Day Saints (LDS Church) instead of Mormons. Mormon was the name of an ancient American prophet-historian who abridged records of other prophets into a book of scripture which would later be called The Book of Mormon. We by no means worship Mormon, but instead Christ that’s why we prefer the other name.
Which aren't (yet) regulated in the US.
> a disgraced Ronald McDonald actor who was convicted of making harassing phone calls while posing as the clown
Any lottery game or house raffle with little transparency should be suspect.
Great piece. I somehow missed all this too in the 9/11 aftermath.