Well, after reading Semidoppel's post about Facebook "LIKE" and Text Votes Syndrome, I did realize that these kinds of system can really be faked. This does not apply to Facebook or Twitter but also includes all forms of web related voting system.
Non-techie people's way of faking it is by simply creating an account for different social networks and/or creating multiple of dummy emails that will be used to vote. What they don't know is that there is an easier way of doing this in the language of programming. Yup, this is the art of hacking.
Before continuing, let us start first by defining the word hacking since most people connotes this as something bad. Hacking is a way of breaking into a computer or computer networks with a specific reason. Goals can either be good, like for quality control, or something bad, like what crackers do. Crackers are usually the one who breaks into computer system or networks to destroy or gather information for profit. Never interchange the two terms, even if the though cracking is actually a form of hacking.
The Hacker's WayBack to the topic, there are different ways to hack a certain voting system depending on what is used in the contest.
The usual steps goes like this, the hacker looks into the form for voting. If it is an embedded flash, you can actually get and save the SWF file and decompress it. Make sure that you look into details of embedding, usually parameters are included in there like the session
Email confirmation system, wherein the user needs to enter his email, sends a confirmation response to his inbox to check the voter's validity. So what's the work around in here? Validation links usually have session keys or verification ids (or whatever they call it) and use this to check. Now by knowing this fact, a hacker can simply create a randomizer to help him find the right key for validation.
To be honest, I've seen one application that does this hack. A developer friend use that to win a certain popularity contest, and guess what? she won the free trip to Hong Kong. All she did is to look for valid email addresses (even without knowing the password to view it) and use this as dummy accounts to submit. The rest of the steps were the ones I said earlier about the verification ID.
Facebook and Twitter are harder to hack, I have developed an application before for Facebook and twitter that spams your wall and timeline. For that to happen, the user would need to grant permission for the application to do so. This prevents also the application to access the users information. But during my development, I actually read a lot of ways to do this without the user knowing that you have granted the apps with the said privileges, unfortunately, I forgot how to do it.
Well, Have you done this or do you have examples?First things first, I NEVER done nor tried hacking any voting system, I always believe on a 'fair fight'. What's the essence of a contest if you win it by cheating? Not unless, the contest itself is for hacking.
With that belief, I would rather not discuss any codes in here, you may ask Google instead. Besides, I am writing this article not for the purpose of showing how to hack but to analyze that these methods of voting are prone to hacking.
So Do You Still Think that On-line Voting is Not Good?All I can say is it all depends on the host of the contest. A good reason to do this is by the following ways:
- Voting via social networking sites creates more back-links for the site
The best way to maximize this benefit is to assure that the contestants are on the host's site. More 'Likes' and 'Tweets', means more back-links and traffic too.
We all know how social networking sites affect the SEO and popularity. With that in mind, tweets and likes would really be beneficial
- The Importance of Content of the contestant
For me every content is valuable, it's how every people see it that makes the difference. Sharing and tweeting this might advertise the content for people who see this article or post important or worthy. That means that you cannot judge the contestant's piece just because you think that it isn't worthy in your eyes.
- For Search Engine Optimization purposes
It's as simple as this, more back-links, more tweets, more share and likes means better SEO. That's all.
Again, it all depends on the hosts goal of implementing it. Still, contests like this adds more fun in my opinion.
How about you, what can you say?