note
arhuman
I think the monastery use an IP based system,<br>
but it's not foolproof and you will block all the people
behind the same router<br> (in the case of lan doing NAT behind a router )<br>
after the first vote...<br>
<br>
Forget cookies or UserAgent or referers...(too easy to delete/fake IMHO)<br>
<br>
A possible way could be to have a <b>challenge</b> with one part computed by the client (java class?)<br> <b>with client hardware's info as part of the computation to ensure uniqueness</b><br>
I've never went into this although, I was just wondering...<br>
<br>
<B>UPDATE :</B>
To step away from theory, and give more details :<br>
<ul>
<li> Don't forget to store somewhere those who have already voted
<li> A challenge to prevent replay attacks
<li> using client hardware's info (MAC address,CPU ID in some case,DMPI/BIOS info...) for uniqueness
<li> Java class for client side (and WEAK obfuscation)
</ul>
<br>"<b>O</b>nly <b>B</b>ad <b>C</b>oders <b>C</b>ode <b>B</b>adly <b>I</b>n <b>P</b>erl" (OBC2BIP)<br>
135682
135682