Any way to look under scratch off tickets without removing

If you don't win just return it, say you didn't want it.

They have to give you your money back

I thinks it on wired. there is a long form article about the guy who figured out how to beat scratch off tickets based on leaked information printed on the tickets. google is your friend.

>>1497359

No.

>>1497359
there was a guy who became obsessed with the thought that since there is an algorithm for a computer to make the tickets, that there -has- to be a pattern to find

sure as shit he found it. he tried to notify the lotto ticket company and they just ignored him.

he evenetually sent a letter to the ceo/boss with a note that said hes divided unscratched tickets into two piles, go ahead and scratch them off

one side was all winners, the other all losers. the tickets were removed from shelfs the next day

>>1497396
what an idiot... could have made himself rich.

>>1497404
read the article. he figured out how much he could make an hour and it wasnt enough to be worth it to him. he already had a nice job.

>>1497359
Yeah, you use an ultrasound x-ray machine. The scratch off stuff is metal ink, which creates an algorithm for the ultrasound to produce a picture of under the coating.

Most scratch offs let you just scan a barcode on them to determine if they are a winner or not. But you need to know the algorithm. That guy found a vulnerability in it. I don't remember if it was because they had no encryption, or poor encryption, but he found the pattern and showed it could be exploited.

Anyways. Ticket packs come shrink wrapped, and need to be manually activated. The tickets are literally just paper if they've haven't been activated, and can be deactivated if they get stolen, and at many stores are routinely deactivated when the store closes, and sometimes even during shift changes, Even if the paper says winner, you can bet you won't get anything out of them if they are stolen, or forged, and don't show up as legitimately purchased. As I recall, the contracts to sell lotto tickets make a store responsible for the payouts if tickets get turned in for winnings without actually being sold, but maybe that's changed. The cuts on tickets are extremely small, and the only reason a lot of places even stock them is because a lot of people coming in buy other shit won't go there if there aren't lotto tickets.

You'd have to find a store run by some seriously incompetent people to get away with stealing tickets, and returning tickets in huge quantities is going to attract a lot of attention. That's assuming you found a vulnerability to cheaply exploit in the first place.

>>1497404
State governments like their lotteries. It's a massive source of income. It wasn't really profitable for him anyways, but regardless of whether it was or not, lotteries have strong government connections. Someone would have made damn sure he got the long dick of the law in one fashion or another. Even if most of the charges were bullshit (and they'd throw enough shit at him that you can be absolutely sure of that), it would still take years, and hundreds of thousands of dollars to get away from.

Soak in lemon juice then blow dry and put in rice

>>1497361

Wouldn't that be the equivalent of returning a banana peel and saying you didn't want the banana?

>>1497359
there should be a way to, but not certain that it will not be more expensive than the prize you can win with it. for example let's say you can use some magnetic imagery to detect the ink through the paper, or maybe an x-ray machine and enhanced computer imaging algorithms. it would take forever to check all tickets and the machinery would be prohibitively expensive and also dangerous to use.

>>1497413
>Most scratch offs let you just scan a barcode on them to determine if they are a winner or not. But you need to know the algorithm.
this would be the easiest way if the algorithm is shit. anything cryptographically secure or pure database linked serial wouldn't yield a useful result.

>>1497359
https://www.engadget.com/2016/09/12/mit-reads-closed-books-with-radiation/

https://www.youtube.com/watch?v=6i25SuJzb0A

Saw this today and thought of this thread.

>>1498644
At this point all states that are members of the MUSL utilize scratchers with individualized barcodes which are printed under the paste-ink scratchy stuff. The barcode determines if it's a winner or not, and you can't see it until you scratch it.

The MUSL's rules for a numbers game ticket is an algorithm that creates a unique serial that is recorded. The serial itself records the numbers picked, the method of play, the date of play, time of play (to the millisecond,) print device, and a security hash that all ties up in one massive, individual serial. You might be able to hack it, but unless you can somehow upload the serial into the MUSL's DB, you don't have a winner.

>>1497413
he didnt find a vulnerability, he worked for months staring at scratched tickets until one day it basically just hit him in the face when he was looking at it still. google it, the code/formula is even explained and shown

>>1499232
You literally described a vulnerability. The fact that there was a pattern that wasn't properly obfuscated is a vulnerability.

>>1499268
i meant he didn't hack a database or glitch in one of their softwares/coding methods, but figured out a pattern he could physically see with a ticket in hand

your post seemed to be coming from a software based approach and how unscanned tickets are essentially valueless garbage etc

>>1500691
Physical encoding of digital data is a major security vector. Your security is only as strong as the weakest link. In this case, the physical representation/index of the data was not secure at all.

This isn't uncommon either. Back when I did pen testing, the number of companies that let me carry out sensitive records on slices of dead tree was astounding. Things like, I can't use flash drives, and the software is on a private network that doesn't physically have internet access so I can't email myself information, but I can print 2000 pages of source code without any issue. I scared the shit out of several hospitals in the region by walking into a board meetings in areas that I wasn't supposed to have access to, and slamming binders full of patient records on the table. Companies think that their electronic security is great because they have multiple layers of validation, meaning they don't have to worry about physical items, and then stupid shit happens.

All it takes is a weakness in one link in your chain, and your entire system breaks. Compartmentalization is hard. Uniform security is hard.