you are viewing a single comment's thread.

view the rest of the comments →

[–]magnora7 10 insightful - 1 fun10 insightful - 0 fun11 insightful - 1 fun -  (20 children)

For one I believe it is too easy for someone to make multiple alts to abuse the saidit voting system, being that there's no email verification or at least a way of limiting accounts made by users.

I agree but what's the solution without just creating artificial barriers like emails and phone numbers? I don't want to gather people's data

[–]d3rr 7 insightful - 1 fun7 insightful - 0 fun8 insightful - 1 fun -  (16 children)

the only solid ideas I have are one new account per ip address per day, and making registration take longer/be harder.

[–]magnora7 12 insightful - 1 fun12 insightful - 0 fun13 insightful - 1 fun -  (6 children)

I like both those ideas. Although the first idea could be a problem if like a university shares an IP and lots of people want to sign up, or something. Or a lot of people sharing a VPN.

Making registration harder makes a lot of sense. Maybe just a better capcha even. I have a feeling our captcha is easily solvable by bots these days. I almost wish the registration process actually took a couple minutes and was semi-difficult. So it would guarantee a human being would have to pay close attention for a couple minutes for the account to be created. If we could do that without making it too annoying to deter real users, and put up an explanation of why we are doing it, then I think it could limit bot and vote-manipulation activity without limiting actual users.

[–]d3rr 2 insightful - 2 fun2 insightful - 1 fun3 insightful - 2 fun -  (3 children)

maybe we can make people sit there and stare at a spinner and a YT video for two minutes, "Creating your account...". so it would theoretically work in browsers only. I don't think I've seen it before, maybe it's next level shit.

edit: or a bitcoin miner/POW thing to register

[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (2 children)

or a bitcoin miner/POW thing to register

That's an awesome and hilarious idea. And so is the spinner.

I worry that with passive timer things like this though, they're easy to bot. They can just open 10 tabs and have them overlapping until the timer is over.

Maybe it could be a little html5 video game and you have to beat a randomly-generated level that takes about 3 minutes? Then it might actually be fun instead of annoying

[–]d3rr 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

If it's taking into account ip address, then your 10 tab example will not work.

but yeah non passive sounds better. a game would be fun but that wouldn't be the main security measure since all we're gonna get is a 'user has finished game' signal. Maybe a series of continue buttons with a wait in between would do it.

[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

a game would be fun but that wouldn't be the main security measure since all we're gonna get is a 'user has finished game' signal.

We could engineer the game to have a series of checkpoints that each send a signal to the server, and the server has to get all 10 signals spaced apart in time correctly, for it to activate, or something like that

[–]zero8 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (1 child)

i think a better idea would be to automatically flag post that are getting upvotes from new accounts with 0 karma, if a post/comment gets a certain number of upvotes from new accounts with 0 karma it gets automatically hidden until an admin/mod approves it.

[–]magnora7 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Maybe, the good shills are good at using all their accounts though to make it look natural, so that would be a good protection some of the time but not all the time

[–]avena_sativa_3 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (8 children)

How does reddit do it?

[–]justcool393 3 insightful - 2 fun3 insightful - 1 fun4 insightful - 2 fun -  (1 child)

reddit limits account creation to 1 account/10 minutes per IP address. iirc there are some ways using the public code to get more info about voting for a specific post or comment, but most of the "bad votes" are thrown out automatically by reddit's code

(cc /u/d3rr)

[–]d3rr 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

helpful, thanks

[–]d3rr 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (0 children)

hell if i know. that code was too good to give to the plebs I guess.

[–][deleted] 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Browser fingerprinting.

[–]hajamieli 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Fingerprinting the fuck out of everything you do, and also basically allowing use of multiple accounts as long as they themselves are able to keep track of them.

[–][deleted] 1 insightful - 1 fun1 insightful - 0 fun2 insightful - 1 fun -  (2 children)

How does reddit do it?

Email verification and stalking

[–]avena_sativa_3 3 insightful - 1 fun3 insightful - 0 fun4 insightful - 1 fun -  (1 child)

I've never had to use an email to create new accounts and I always use a VPN.

[–]ABlueSkilttle 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

Perhaps there are data solutions to this that don't rely on gathering user data, but instead analyzing data trends. Purchasing votes, and websites do sell these services, might accumulate very quickly or with reliable time series. If possible, perhaps by analyzing the signal to noise ratio from regular upvotes versus artificial ones, catching them could be done.

This would, of course, require an elaborate set of data analytics combined with an ability to actually view correlations and trends in that data between users to suss out whether engagement is legitimate or not.

[–]discountmeat 2 insightful - 1 fun2 insightful - 0 fun3 insightful - 1 fun -  (0 children)

My idea is to make posting and commenting a privilege not a right. https://saidit.net/s/SaidIt/comments/5in3/paradigm_change_users_must_earn_the_right_to_post/

Another idea is shared blacklists.