Web Voting Flawed

At Tangler we got a little excited when we found out that we had been nominated for the WebWare100, in the category of Community. Very quickly, it was realized that clearing your cookies would enable you to submit multiple votes. I had my suspicions as to whether the voting service (hosted by Cnet), only defense against multiple votes, was cookie based. Surely a cookie based system would be easily circumvented with a simple script that fires off HTTP requests.

On further investigation I discovered it was possible to show the current vote count by tweaking the URL. The results for the category of Community show a site called Fark sitting on 52.3% of the vote, followed by Facebook at 9% and Digg at 8%. So clearly Fark have decided to do the wrong thing and rig the results, I don’t blame them, the door was left as good as open.

So what can we conclude from this, is web voting fatally flawed? An improved implementation might incorporate some form of IP address tracking. This approach wouldn’t be without problems as very often voters are hidden behind a NAT where their IP address is shared. Possibly placing an upper limit on the number of votes that are accepted from a single IP address might help.

The bottom line is that a web based vote, that has value bound to the outcome, will always be open to manipulation.

.