|
|
Posted by Gordon Burditt on 11/01/06 13:10
>Is it possible to implement an accurate voting mechanism (think
>digg.com) that does not require users to sign in before voting?
"accurate" implies you've got some rule as to who gets to vote and
who gets to cast how many votes. For example, each shareholder
gets one vote per share they own, or perhaps each person gets one
vote per pound they weigh. In this situation, you have to accurately
know something about the person. Or, there's one-person-one-vote,
which still means you need to prevent them from voting twice. Or,
there's the convenient one-IP-one-vote or one-computer-one-vote.
What is your target rule for who votes and who doesn't?
Accurate votes are not easy. Look at how many ways electronic
voting machine vendors have blown it in the USA (and elsewhere).
>I think for many people registering is pain and thus they rarely give
>their votes online. Just look at digg and compare the number of votes to
>the number of people visiting their website.
>IOW what if somebody needs votes but cannot afford to bother users with
>registration process?
>I understand that just leaving it open for anybody is not really an
>option since any jerk can ruin other users' votes just by clicking like
>crazy with his mouse, but on the other hand somebody can register with
>100 different names and cause identical damage.
>- Limiting votes to an IP is also not perfect, since people are behind
>NATs quite often (or maybe your opinion is different?).
Not only NAT, but also web proxies. If I understand correctly,
"All of AOL" qualifies as "quite often". Plus people with dynamic
IPs can vote often.
You might discourage hacking by limiting the vote from an IP without
telling anyone. For example, if you get 9 votes from a single IP,
they each count as 1/9 of a vote.
>- I was thinking about email-based authentication (when you want to
>vote, system sends email which you have to confirm), where you would
>need to have many email accounts to manipulate votes, but isnt' it even
>bigger pain than registering?
Probably.
>- Maybe very long captchas? (that would require jerks to type a lot, but
>still...)
Captchas are good against bots, not against people. You can stop
users from voting a million times, but probably not stop a user
from voting a hundred times.
>- Some weird JavaScript setup that requires you to leave the site open
>for a while for the vote to become active? (nah)
What does "leave the site open" mean?
>So (and I don't need it to be perfect every time), do you have any idea
>on how to make it complicated enough that most of the jerks stay off and
> it's simpler/better than registering for the good users?
You could try a "I voted on this survey" cookie. If you insist that they
accept cookies before even SEEING the survey, this might work well enough
for your purposes. They are, however, easily defeatable.
Navigation:
[Reply to this message]
|