Lottery Post Journal

IE6 users can get a performance boost right now

Microsoft release an update to its JavaScript engine ("JScript"), which will give a performance boost to any IE6 user.

Since Lottery Post relies upon lots and lots of JavaScript code, this should help every Lottery Post user who still uses IE6.

It will eventually be released as an automatic update through the Microsoft Update service, but you can download it right now if you don't want to wait.

Here's the blog post announcing the download:

The Tennessee Lottery strikes (out?) again

The Tennessee Lottery posted a video on their web site that demonstrates the security features of their computerized drawing system, and makes claims about the audit trail of the drawings. 

I hope everyone gets a chance to see that video, because it is a great example of how the Tennessee Lottery cannot, in any shape or fashion, show you the actual drawing as it takes place.  All the stuff in that video is a smoke screen, designed to draw your attention to other areas in which they feel they have a firm footing.

It's really wonderful that they have 12 billion video cameras, but can one of them actually capture the method used to select the winning numbers?  Of course not!  It happens inside a computer!

The lottery crows about the fact that each drawing supposedly takes one and a half hours to conduct, and how they use reams of paper to document the drawings.

How is that a good thing?  I thought the whole point was that computers make the process better and more efficient. 

Instead of a nimble, efficient drawing process, they seem to have created a laborious, wasteful, and inefficient slog, in which two employees are dedicated to ticking off dozens of pages of checklists several times a day, and adding nothing of value to the process. 

With all those checklists and pre-draw activities, how did they overlook a colossal error like no doubles and triples being drawn for more than three weeks?

And what happened to the drawings being "exciting", as stated in their first press release?

As I watched the video, I visibly cringed every time the announcer claimed with complete certainty that there was no way for the computer system to be penetrated.  Are they for real?  Don't they know that computers can be hacked?

Every security expert who is worth their salt knows that there is no 100% effective security method.  There are only degrees of safety.  The object is to create the least possible risk. 

Stating that there is no risk is just plain wrong, and highly misleading.  It is a disservice to every citizen of Tennessee.  If the announcer was a security expert he would be laughed out of the business.  He points to the modem line that directly connects the drawing computers with television stations and states that there is no possible way for the modem lines to be hacked.  Dope!

Just the fact that the drawing computers are directly connected to any outside computers is a very poor design!

Despite the announcer claiming to have the only computer system in the world that is incapable of being hacked, I want to show that not only is the statement misleading, but from what I can see, then system is not designed with the proper level of safety protocols.

The drawing computer's line of communications should be designed as follows:

  1. The sensitive drawing computer should only be connected to inside computers (internal network), and that inside network should only consist of the two drawing computers plus one dedicated controller computer.  The two drawing computers should not have any means of communicating directly with any other computer, other than the controller.
  2. The internal network is then connected to another communications computer, which is not on the internal drawing network.  It is a highly firewalled connection, with only a single open port, through which the results are sent (not pulled) from the internal network's controller computer to the communications computer.
  3. The communications computer can then dial up their TV stations to deliver the results.

The reason I am posting this level of detail is because I think it's important for me to back up the allegations I am making about the security weaknesses in their drawing system.

Let me show it to you in another way.

Here is a diagram of how their system currently appears to be connecting with TV stations to deliver the results:

TN Lottery connecting directly to TV stations - bad.

There are several ways that would be acceptable for communicating lottery results to TV stations, but their method is not one of them.

Here is a layout of one method that would be acceptable:

Acceptible method for the TN Lottery to communicate drawing results.

Again, my point in all of this is to show how ridiculous the statements made by the announcer are.  And if you can't trust the statements about one part, can you trust the statements about another part?

The attitude of "we cannot be hacked" and "we cannot be wrong" is the exact attitude that lead to a drawing error that festered at the lottery for more than three weeks in August.  Instead of learning their lesson, the lottery continues to claim they are super-human, and the regular laws of physics do not apply to them.

One last point I'd like to make. 

The video itself is a mistake. 

The lottery basically gave a tour of their security features to the world.  The level of detail shown in the video is a bad idea, because it gives hackers a very good feel for how to attack the system.  ("Attack vectors")

I know in the mind of Hargrove that the video is a pre-emptive strike against anything that might be said against them in the oversight meeting next month.  It's designed to shut down opposition to their massive mistake -- the computerized drawing system.

Earlier in the month when they released some over-inflated monetary numbers for converting back to real drawings, that was another pre-emptive strike.

Hargrove:  instead of these pre-emptive attacks, how about a real dialog with the players?  And when they tell you where to put your computerized drawings, perhaps you should take it to heart, instead of trying to force the players to like it.

Everyone makes mistakes, even you.  Admit this mistake, and correct it.  You will come out a hero if you do. 

Do you see yourself as the people's hero right now?

Link to video demonstration computerized drawing security 

Correction to my Firefox 3.0 beta post

Firefox 3.0 does in fact get installed side-by-side with Firefox 2.0, contrary to my last blog post.

I missed it because it replaced my shortcut, but 2.0 is still in my Start menu after installing 3.0 beta 1.

So anyone interested in checking out the lastest beta of Firefox 3.0 can do so without disturbing their existing 2.0 version installed.

Firefox 3.0 beta 1 is available for download

Firefox fans rejoice!  The first public beta of version 3  of the popular web browser is now available for anyone to download.

I'm using it right now to type this blog entry.

Everything seems to work as it should.  I don't see many visible changes from version 2, but there are some.

For one, you get one-click ability to add a bookmark by clicking a star symbol next to the browser address.

The browser replaces the version of Firefox you currently have installed, so if you rely upon third party plug-ins, it is probably better not to upgrade.  That's because most plug-ins are not compatible with the new  beta yet.

The public download page is:

Gadget mixup at Microsoft *finally* resolved

I've spent the last week trying to get the Lottery Results Gadget re-listed at the Microsoft gadget gallery.

You know why?  For the exact reason I referred to in a previous post -- there are some intensely jealous Lottery Post "competitors" out there (term is loosely used, since technically you'd need to be in the same league to compete) who immediately tried to get Microsoft to de-list the gadget.

These jerks try to act like regular users who have complaints.  Unfortunately, this is Microsoft's first time dealing with these morons, so they thought the people making complaints were on the up & up.

Can you believe what a bunch of sniveling &!^#$&!^%@'s these people are?  And some of you visit their web sites.  You know, web sites with names like "strategies" and "factor".  Think those people are nice?  Think again.  They have a guy who somehow bought or assumed control of the sites, and he is the worst of the worst.  An attacking, jealous you-know-what.  (He has wrote me theratening e-mails -- you literally would not believe the stuff he has threatened me with.)

Anyway, I could use some help again, now that the gadget is re-listed.

These jerks will surely go back to the Microsoft gallery page and post their negative reviews, so before that happens, if we could get as many people as possible to go there and give it 5-stars and a good review, that would be greatly appreciated.  Let's not allow these morons to gain any footing.

I really wish I didn't need to ask this, but unfortunately I do.  I need some help, if you can spare just a few minutes.

Here is the link:

If you already have a Microsoft Live account, you can just sign in and post a review.

(Don't forget to post the stars!)

If you don't have a Live account, it only takes a moment to create one.  After creating it, you activate it, just like you did with your Lottery Post account -- receive an e-mail, and click the link inside it.  Then you get full access and ability to review things.

By the way, while you're at Microsoft's site, be sure to check out their new Windows Live software, it's very cool.  I really like their new photo organizer, and you can get lots of other free software.  Plus, they have a brand new mail program that can integrate lots of different free e-mail accounts, like Yahoo, Google, Hotmail, etc. -- all in one program on your PC.

Thanks everyone for your help.

You can help

I am trying to get some positive reviews posted from people who are enjoying the new Lottery Results gadget.

If you would like to help, I would appreciate if you could take a few minutes of time to visit the following sites to register and post a positive review.  If you're looking to post "constructive criticism" I'd rather you posted it here in my blog, and keep reviews on the sites all-positive, 5-star reviews.

The reason is that people looking to download software don't take the time to carefully weigh your thoughts.  They just look at the stars posted and decide yes or no based on that.  So a nuanced review actually hurts the product, whereas a plainly-spoken positive review will help enormously.

Here are links to the places where 5-star reviews would be appreciated:

Your help is appreciated!

Don't forget....

.... to turn your clocks back tonight — no more daylight savings for the year.

(For most of us anyway.  Those in parts of Indiana, Arizona, and Hawaii don't have to deal with it tonight.)

Speaking of Windows Vista earlier, if you had Windows Vista, you would see a friendly message like this:

Daylight savings ending.

(This is a screen grab from my computer a few minutes ago.)

Don't you wish you had a computer this friendly?  You could if you upgrade to Vista.