

Ask HN: Can you make a voting/rating system without logins? - barmstrong

Posterous has done well eliminating the login hurdle.<p>Has anyone been able to do this for a voting/rating site?<p>I've been thinking about this for my site BuyersVote.com.  I let people do some actions (like start a new category) without logging in, but rating I haven't figured out how to avoid abuse without logins.  Offering logins with OpenID (and rpxnow.com) reduces the hurdle significantly since people don't have to create a new account, they can use an existing one, but it's a hurdle none the less.  Thanks for any tips!
======
dotBen
OK, I'll bite and say it...

...no you can't make a _credible_ voting or rating system without a login.

It's too easy to game the system to create repeat votes via cookie burning, ip
rotation, etc (see the other responses).

Forcing someone to be logged in and then only allowing one vote per poll helps
keep all but the most persistent griefers.

To that end, be aware account creation can be automated and unlimited unique
email addresses created from one domain.

However, the difference between gaming the system by creating lots of fake
accounts and gaming the system via cookie destroying/IP rotation is that the
former is easy noticed within your system - assuming you have built such
checks in place. It's also lets you easily remove the offending over-votes to
restore calm to your survey/poll/etc.

~~~
kapauldo
polldaddy and sodahead both allow voting without logins. i think it's a
probability game. yes, occasionally you get someone going overboard to cheat,
but you make up for it in non-annoyed one time spontaneous voters.

------
dageroth
You can use a fingerprint which consist of geolocation and Useragent. If you
use javascript you can enhance the fingerprint with further data like screen
resolution etc. It's not perfect, since some computers might generate the same
fingerprint, e.g. corporate networks where everyone uses the same system, but
then again, they are also using the same IP.

The fingerprint does not eliminate every attempt of cheating, but the method
does not rely on cookies and just changing your ip-adress by reconnecting is
also not helping, because you use the geolocation and not the IP. TOR, or just
changing Proxies would still work, as well as using different browsers.

Another method I can think of are flash cookies. Most users don't know about
them. Let users vote as often as they like, but only count them once. In order
to make sure they believe their votes count you can display the result
personally for them and include their additional votes, so they won't go
looking, how they are recognized.

And if a user does not know about flashcookies it's pretty much impossible to
cheat the system - and the flashcookie remains the same regardless of the
browser you use.

~~~
keefe
"TOR, or just changing Proxies would still work" it's worth noting that from
TOR, you are hitting their site from some exit node - which may very well
repeat

------
snokleby
At <http://tagdef.com> I let users both add content and vote without login in.
It uses IP-addresses for keeping track of votes.

This has all the flaws that other people here have pointed out (multiple users
behind same IP etc), but I feel that the advantage of being easy to use is
greater than these disadvantages. It serves it main purpose (most of the
time), of putting good content on top (see e.g. <http://tagdef.com/ff>) and
hiding bad content.

~~~
barmstrong
Yep it might be worth the tradeoff. Or incorporate the fingerprint mentioned
above, to mitigate the IP problem.

------
eli
Sure, but at some level you're going to have to limit on IP, which means that
people behind proxies or NAT are going to (unfairly) not have their votes
counted.

------
bestes
I've found openID to be far more painful. I decided that I just can't risk
making my Google account more powerful in case it gets suspended (for whatever
reason, valid or not). So, what a pain to research how to make it work, what
implications there will be, etc. I was very excited to try Stack Overflow's
software, but it requires an openID and I just haven't gotten around to
deciding what to do.

~~~
Sidnicious
This is easy to fix, just make your OpenID your own domain, or a subdomain of
it (<http://id.example.com/>). The OpenID standard lets your delegate to your
provider of choice with a couple of link tags. If it gets shut down or you
find a better one, just switch. The websites you authenticate to won't care.

------
easp
In addition to the things people have already mentioned, I'd suggest combining
all of them, and more, into a credibility score. If your application doesn't
involve a strict tallying/reporting of votes, they you can use the score to do
weighting, otherwise, you'd use it to discard votes below a certain threshold.

For the JavaScript fingerprinting, I wonder if there are ways to probe for
bugs that characterize different browser versions both for a richer
fingerprint and to detect spoofing of the useragent.

Other things that can fit into a credibility score: B computational JavaScript
payload to impose more costs on automated abusers. Elapsed time between when
the voting form was returned, and when the vote was submitted.

On the IP front, keep in mind the ability to correlate not just IP, but also
netblock.

------
genieyclo
An example of a site that doesn't require you to login to vote that's widely
used is PollDaddy.

Sadly, it's extremely easy to game it. See
<http://news.ycombinator.com/item?id=913966>

------
chrischen
Allow people to vote as many times as they want (allow them to click as many
times). Normalize voting patterns based on items of known qualities, and
account for the fact that people know you'll do this. Then let people click as
many times as they want and you just might get accurate results if done right.

Btw, I have not tested this. Use this at your own risk.

~~~
barmstrong
This seems like a confusing user experience. Even users who weren't trying to
game the system would see they could click it as many times as they want and
might try.

~~~
chrischen
I guess the idea is to account for the people who will try to game the system.
Hey, it may not be a good idea, but it's unique right?

At least theoretically speaking, if we can model and predict human behavior,
then the best way to do it is to let humans behave as naturally as possible,
and model a rating system based on that behavior.

------
warp
Do you do anything extra to verify an OpenID account? It's probably easy to
set up a bunch of domains with fake openid servers, so I would expect that to
be susceptible to abuse too unless you have some extra step to make sure the
voter is human.

~~~
barmstrong
Don't have anything in place right now, that is a good point.

------
jamesbritt
I've seen voting tools that apparently track by IP address. Not infallible,
but maybe no worse than using a unique account name, since accounts are
typically easy to acquire (unless you are track them by IP address as well :)
)

~~~
kapauldo
yeah but at least this requires work. at least you're putting the barrier up
of having to login over and over. if you do detect login abuse voting, you
simply ban the IP and throw up a message saying "you've been banned for..." my
experience is that fake account voting is way way less frequent than double IP
voting.

------
kapauldo
i've done this on Pikk, what i do is set a cookie as an identifier and then
without login, forbid double ip-addressed based voting. upon login, if there
is a cookie set, i go and harvest the votes and convert them to the logged in
user. so the table Votes has a user id and a cookie user id. hope this helps.
check out www.pikk.com and let me know if this is what you mean.

~~~
genieyclo
Actually, this is very easily gamed:

1\. Fire up Chromium in incognito, and once you've voted once, just close it
again and open it again to vote once more. Rinse and repeat.

2\. The ip choice is smart, but there are ways to get a dynamic ip every
[insert time interval].

One could perfect this to an art really. Get your ip to start changing, have
Chromium open on a hotkey, use ctrl+shift+n to go incognito (or just have it
auto-load in incognito), have the poll set as your homepage. You can clock
alot of votes this way.

Logins are best.

~~~
Zev
_One could perfect this to an art really. Get your ip to start changing, have
Chromium open on a hotkey, use ctrl+shift+n to go incognito (or just have it
auto-load in incognito), have the poll set as your homepage. You can clock
alot of votes this way._

If someone's willing to go to that far of an extreme to game a vote, I don't
think a login system would do much to stop them either. You can just as easily
create new accounts with the new IP and a fake email address.

~~~
barmstrong
Your're correct that it could be gamed with multiple email addresses as well.
It would just take a little longer. Going to click a confirmation link, a
captcha, etc.

~~~
genieyclo
Exactly.

