News

Latest

Archive

Community news
 
Articles

C++

Communities and Content

Databases

Editorials

Emacs

General

HTML

Java

Notices

PHP

XML
 
Links

Apache

C++

Database

General

HTML

Java

Javascript

Linux

Object oriented programming

Open source

Perl

PHP

Python

Ruby

SOAP

XML

Suggest a link
 
About

Advertise on zez

Contribute

Contact us

About zez
 


Ballot Stuffing

Author: Bård Farstad/Paul K Egell-Johnsen

Publishing date: 20.11.2000 14:14

As some of you probably have noticed, last week's poll have been a close race between Linux and Windows NT among our users. Never since the 2000 presidential election in Florida has a race been this close.

Or was the race that close? Our investigative team have uncovered a dark and henious plot...without reverting to court room antics.

We present for you photographic evidence of ballot stuffing in our poll. Someone voted many times for the Windows NT alternative, because he could. We left ourselves totally open for this.

Our problem is this, we could either authenticate the voters by keeping track of their cookies or by keeping track of their IPs. We chose cookies.

The choice was based on the fact that in organizations using firewalls only one IP may be exposed to the rest of the net, thus a group of users behind that wall would get only one vote. By using cookies each user could get his own vote.

Unfortunately people who turned cookies off could vote several times. Which leads us to our problem.

In the image below you can see the results as they appeared on our website when we closed the poll:

A close race between our Windows NT friends and Linux comrades. A guy named Guillaume was good enough to point out that he had voted twice.

Now, even though we didn't use IP checks, we did log which IPs people voted from. The picture below shows the result of the vote (and how you will find it in our archives.):

It's pretty obvious that some people found the loop hole, though only one person got greedy and tried to vote about 170 times for Windows NT...

We've changed the rules for our future polls, we will now disallow multiple votes from the same IP. If you feel that you know a better method than our one IP one vote policy, we're happy to receive your ideas.

I don't want to extrapolate the numbers more, I will just note that some platforms didn't enjoy ballot stuffing at all. Do they have more honest users, or less explorative users?

It might be that we now know who's telling the truth and who's lying.

Paul K Egell-Johnsen


| Printer-friendly page |

Comment List

Topic: Author:
Time:
Checking votes David Newman 07.12.2000 21:12

Send a test cookie to the user as soon as they look at the voting form.

When they submit the form, check for the test cookie. If you cannot see it, they have cookies turned off.

If they have cookies turned off, only accept the first vote from an IP address. The second time, warn them they need to accept cookies.

Mind you, that is not proof against deliberate ballot stuffing. For that you need a voter registration system,
like that at
http://www.sztaki.hu/services/voting/


Login
User name:
Password:

Forgot your password?

Register a new user
 
Poll
What is your database of choice?
MySQL
PostgreSQL
ORACLE
Informix
Sybase
Ingres
I like Microsoft products

Results

Polls