One thought would be to actually render an entire scene in something like POV-Ray. Imagine if something like this rendering http://www.povray.org/community/hof/chado.php contained a winning lottery ticket on the table. If you save the rendered image using the same compression algorithm and same EXIF heading information as a camera, how would one tell the difference?
In this specific case I think I'd print a fake ticket with dot matrix printer and take photos of it.
I also noted that the differing color of the "04 02" in that image can be spotted with the naked eye if zoomed in - no advanced analysis techniques necessary.
I think the techniques used were far more interesting than the particular case study - while the media and non-camera-original nature of the images made the author's most basic techniques somewhat ineffective, the fakes were overall very poorly executed.
To fake a lottery ticket for claiming a prize ... well, that'd be fraudulent and would result in loss of freedom for quite some time.
"A single algorithm can trigger false-positive or false-negative results... if something is really real, then it should pass everything."
How you going to be so thorough about detecting a crappy photoshop job and then trip over your own words in the conclusion?
A nice tutorial (and a lot of articles) can be found on the Dartmouth site of Hany Farid.
Personally, I have had very very mixed results with this method, and never managed to model it correctly. Interpreting results always was a very human job.
I think the author was clearly free from bias, and his results are easily reproduced by applying the same algorithms.
The subjectivity which you complain about may be the conclusions drawn from the results of the tests, which I think are distinct. Specifically, you cite his "intuition" as the origin of the conclusion.
I think the author's intuition is reliable because, like "real" scientists, he's an expert and speaks publicly about his work. Or at least he appears to be. Are you prepared to challenge him as an expert?
It seems to me that if you pull a bit of maths and technical magic out the normal skepticism the tech community melts away into a compliant bundle of gullibility.
If you can simply run filters until the suspicious area 'looks a bit different' and thats your success criteria, you haven't proven anything.
Anyhow, people have done lots of tests with lots of different tools to see what they report in different circumstances. So this isn't the first time that someone has used ELA or something. You will notice if you read past explanations that he always tries to find the exact manipulations done, rather than just running a tool and declaring something to have been Photoshopped.
I'm no expert, but I've read his blog for long enough to know that he knows an awful lot about the various quirks of many different image editing programs (Photoshop being by far the quirkiest). But if you still have questions, you can always email him. He was kind enough to reply with a lot of useful information when I asked him something a long time ago. Actually, I think he even blogged about it.
If you read that blog, you can find plenty of discussion of those limitations, for example, how the absence of markers of digital manipulation does not prove that an image is genuine. After all, there are plenty of staged photos out there, images that were framed in a misleading way, etc.
Much more interesting would be to find out what the techniques really show, which faking techniques show which signatures and what other natural occurrences mimic that.
He's quite up front about the fact that some tests give inconclusive results. I believe that he has discussed the limitations of the tests. But even a test that gives an inconclusive result half the time can be useful if it shows you which areas of the image need attention the rest of the time. That data is indeed useful. He has talked about it. And you could just politely email him if you wanted to know more.
And yes, it probably is hard to separate the success due to technique and skills. But it's hard to believe that he would be good at picking out fake images without understanding why he was good at picking them out.
I just tried it on a couple of my own images, the results are very interesting.
When it is time to verify the ticket, they simply send the serial number to the lottery central computer and that computer sends back the payout command (and invalidates that serial number from being paid by any other terminals.) The retailer is supposed to do some basic sanity checking for small prize amounts (is the ticket really on lottery paper, etc.) and obviously for larger prize amounts, there are several other methods to verify the authenticity of ticket stock that aren't public knowledge.
I'm not sure whether the has-this-ticket-won-anything machines phone home to check it against those records, or whether they just assume the ticket is authentic and leave the proper verification for when a prize is claimed.
That way they can also check with CCTV.
It's an interesting topic in database design because the link to the store may fail at any time (remember lotteries started years ago on dialup) and you must not have an issued-unrecorded ticket at any point in the process
Maybe it's due to lack of coordination between states? Or maybe they need to do fraud checking, etc. by watching CCTV footage from the point of sale?
> Unlike some multi-state or multi-country lotteries that have central offices, all Mega Millions duties are shared by member states as part of their membership in the game.
Each state handles their own tickets and they don't all use the same software systems to manage them.
Actually the major source of fraud in most lotteries is the store owner . For small wins the ticket is taken back to the store to scan it to check for a win, the store owner will tell the buyer that it lost, or that it only won a much smaller prize, pay that out of the till and then claim the prize.
Especially in poor/immigrant communities where many player may not speak English or have internet access.
There was a story on here about an analyst for an oil company who worked out the random number sequence for a lottery in Ontario. He also analysed the winning claims and discovered that certain stores where claiming a disproportionate number of middle wins.
I went to some talks about the database design for the UK lottery where they admitted they didn't think it would be so popular and so hadn't really considered sharding.
They also were surprised that the number weren't uniformly distributed. They assumed numbers would be picked totally randomly while the first win was all numbers that could be birthdays and so there was an unusual number of winners and it took several days to work out how many.
I've sold Washington State's "lotto" tickets, and you're entirely correct about the reliability of the system - if the device can't connect to servers in Olympia, tickets can't be sold.
CCTV is up to the retailers here, though it's entirely possible that CCTV is a requirement to be an eligible lottery vendor.
a really cool tool for EXIF http://www.sno.phy.queensu.ca/~phil/exiftool/