5

Is there a way to make a reasonably secure system to vote without having to login. I now use cookies to set if the person has voted yet and also insert the users ip in the database.

If that user removes his cookies, he will be able to vote again. That's why I do a check if the user's ip exists in the database and if that IP has voted in the last 30 seconds. That way he'll have to remove his cookies and change his IP address to vote again.

I know there's no 100% failproof solution to this, but is there a more secure way to do this?

Steven Dobbelaere
  • 211
  • 5
  • 16
  • 1
    Without a login, yes that's the best way IMHO. – fire Jun 27 '12 at 13:27
  • 1
    You may find some helpful information on [this question](http://ux.stackexchange.com/questions/1111/is-there-a-way-to-disallow-multiple-votes-from-one-user-without-forcing-authenti), but it seems you've got it about as secure as you can. – jeffjenx Jun 27 '12 at 13:30
  • Some good ideas and strategies in this question http://stackoverflow.com/questions/1042247/create-unique-poll-vote-survey-in-php. How Google prevents click-fraud (for their ads, but the same applies to polls) http://stackoverflow.com/questions/3578775/how-is-click-fraud-detected – Mike B Jun 27 '12 at 13:43
  • @MrSlayer I read the link you posted and from that I thought of a way to secure my method even more. I could store the useragent, flashversion and so on with the IP in the database and check on these variables. If these all match, the person will not be able to vote again. – Steven Dobbelaere Jun 27 '12 at 13:48

3 Answers3

4

There are two ways that could improve your results, but read and judge for yourself, if you need them:

More persistent cookies

There is the Evercookie project, which stores cookie-like information in a lot of places. It is much harder to delete than just normal cookies.

I personally think that this project should be considered a proof of concept and actually using it would be unethical

Better user recognition

Instead of just looking at the IP address in order to identify a returning visitor, you could use Browser fingerprinting. The EFF has shown with their Panopticlick project, that the combination of Browser version, OS version, installed add-ons etc. is often unique. The Piwik web analytics tool also uses this kind of user heuristics to tell visitors apart. I don't know the implementation, but it's FOSS and in PHP, so you should be able to find that part.

pixelistik
  • 7,541
  • 3
  • 32
  • 42
1

You can run with both of those solutions in unison - but it's still not very secure. You could go as far as blocking a subnet from voting (192.168.1.xxx) to prevent against dynamic IP changes, but then you're also blocking up to 254 people from voting - and it won't prevent against a proxy.

One method I've seen used quite a bit is making it look like you allow duplicate votes; i.e: show it on the end user's end that their duplicate vote has been counted, but don't actually count it in your own database.

But realistically, a login system is about the only relatively "secure" way of doing this - but if someone is determined enough, that can obviously be gamed too.

Hope this helps.

  • Eoghan
Eoghan
  • 1,720
  • 2
  • 17
  • 35
  • True. The reason I restrict voting from a certain IP for such a limited time is because I don't want to restrict other users from behind the same IP to vote. I don't mind if users are able to vote again after a certain time, but I just don't want to end up with a database with hundreds of votes from the same person. – Steven Dobbelaere Jun 27 '12 at 13:41
0

You could ad the User agent (on short periods there's often little chance that 2 surfers have exactly the same : https://panopticlick.eff.org/index.php?action=log&js=yes) But again ' if someone is determined enough, that can obviously be gamed too.'

Vincent Hsu
  • 11
  • 2