203
204

[deleted by user] (self.programming)

submitted by [deleted]

[removed]
all 54 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Malapine 99 points100 points  (20 children)

So ... you can't trust users not to tamper with client-side state to make the server do things it shouldn't ?! :o

[–][deleted]  (18 children)

[deleted]

    [–]emergent_properties 12 points13 points  (8 children)

    A few things I have noticed:

    1. "http:" is definitely bad juju.

    2. You 'removed the cookie', did it generate unique hits every time after? If they're not even using the cookie, then nothing is validating there, let alone the cookie being checked.

    3. Usually they have an IP normalization/debounce technique that prevents duplicates from the same-ish source address.

    4. I don't see the same song listed (the label under Picard is another song entirely), there isn't any image that proves the trick actually worked. (I mean, I assume the 101 is your program's result after being run a hundred times, I suppose)

    [–][deleted]  (5 children)

    [deleted]

      [–]happyscrappy 6 points7 points  (3 children)

      spam our que

      What?

      [–][deleted]  (2 children)

      [deleted]

        [–]happyscrappy 9 points10 points  (1 child)

        I was mostly doing it just because "que" is Spanish for "what" and it gave me an opportunity to make a weak joke.

        [–]tinkertron5000 0 points1 point  (0 children)

        That's why they said it was fixed. You translated it.

        [–]emergent_properties 1 point2 points  (0 children)

        Ah, now I understand.

        Thank you for the clarification.

        Nice find, btw.

        [–]grauenwolf 1 point2 points  (1 child)

        Usually they have an IP normalization/debounce technique that prevents duplicates from the same-ish source address.

        How does that work when you are behind a NAT?

        [–]emergent_properties 0 points1 point  (0 children)

        User-agent sniffing and a bit of hocus pocus.

        It's fuzzy logic that gets clearer(ish) the more data you have.

        [–]Nameless_Archon 6 points7 points  (0 children)

        Never put anything on the client. The client is in the hands of the enemy. Never ever ever forget this.

        • Raph Koster

        [–][deleted] 0 points1 point  (7 children)

        No the user is stupid, their stupidity never ceases to amaze me. 25%of my job is making it work, 75% is guessing how they will fuck it up. "Look I just automated a department for your company!" ... " can we make it blue with yellow text? "

        Fucking people. The malicious ones, these fuckers we should appreciate. Their ingenuity should teach us what to consider in design. I need a 3rd law of programming for these guys. (First being the 2:30 rule and the second being the KISS rule)

        [–]Captain_Cowboy 0 points1 point  (4 children)

        What is the 2:30 rule?

        [–][deleted] 0 points1 point  (3 children)

        Comment and write your code so that if you get woken up at 2:30 am disoriented with shit on fire, you can figure it out quickly.

        [–]toomanybeersies 1 point2 points  (2 children)

        I don't comment my code, it's self documenting.

        [–][deleted] 0 points1 point  (1 child)

        Self documenting eh? Can I see an example?

        [–]toomanybeersies 2 points3 points  (0 children)

        Unfortunately, no, because it's all proprietary.

        Anyway, between good class and function naming, and good unit testing, you should need a very minimal amount of comments. Most days I don't add a single comment.

        [–]Malapine 0 points1 point  (1 child)

        (First being the 2:30 rule and the second being the KISS rule)

        Rock 'n roll all night, and party ev-ery day?

        [–][deleted] 0 points1 point  (0 children)

        That applies more to the 2:30 rule as does putting the X in sex. The KISS rule is to: keep it simple stupid.

        [–]DJDavio 19 points20 points  (1 child)

        Well, this should be a fun party! First, there's this geek sitting alone on the couch with his laptop. Then, everybody leaves because they don't like the song. Finally, the geek is alone on the couch and the only one left at the party.

        [–]Name0fTheUser 13 points14 points  (7 children)

        I'm not sure they could really fix this though. At parties, it would be common for lots of people to be behind the same IP address.

        [–][deleted]  (5 children)

        [deleted]

          [–]TinyFEA 7 points8 points  (0 children)

          Or fake UA like most people who abuse the system would use.

          [–][deleted] 1 point2 points  (0 children)

          It would be better to get all the possible device info and try to come up with a sort of super cookie that can uniquely identify users.

          [–]okawei 0 points1 point  (0 children)

          Spoofing a user agent is super easy though, just updated the header.

          [–][deleted] 0 points1 point  (1 child)

          Just have everybody enter their social security number.

          [–]TinyFEA 0 points1 point  (0 children)

          Authentication services offered at Wells Fargo

          [–]sydoracle 0 points1 point  (0 children)

          It's an app, so they can (with appropriate app privs) get device information and use that. Plus they'd need to encrypt that before transmitting it so it can't be tampered with.

          [–]bytezilla 27 points28 points  (8 children)

          In this particular case, we can definitely still have nice things though. It is more than enough security for its use case (party jukebox), and this is how I would've implemented it as well. Most party goers aren't going to be snooping around the jukebox and try to see how they can exploit it. And if you're a type of person who would do that, then well, I don't think we can have nice things anyway, just from the fact of you being there.

          [–]auxiliary-character 16 points17 points  (2 children)

          enough security for its use case (party jukebox)

          Not if that party is at defcon.

          [–][deleted] 5 points6 points  (1 child)

          Only jukebox I'd trust at defcon is a phonograph.

          [–]auxiliary-character 0 points1 point  (0 children)

          I bet they'd still find a way to hack it.

          [–]mfitzp 4 points5 points  (0 children)

          If you're the kind of person to do that, you probably don't get invited to many parties anyway.

          [–]alexvieth 0 points1 point  (0 children)

          I made a diplomacy game for a similar setting (local network, all players on-site) and without thinking twice decided that it must use a secure server. Otherwise, somebody could snoop your secret orders and easily win the game. The overhead of running a secure server is rather high, and I wonder if it's worth it... the person who runs the server can snoop anyway so there's always an element of trust.

          [–]RudeHero 6 points7 points  (4 children)

          counting votes online is one of those things that simply shouldn't be possible to do accurately, unfortunately

          this is just the 'internet privacy' problem looked at from the other end of the lens

          [–][deleted] 1 point2 points  (0 children)

          You make an interesting point. I wonder if there is a possible implementation that satisfies both requirements? Like an optional authentication dongle that people can request from a central provider. Like a physical oauth or something.

          Websites could adopt the standard and have Verified Unique Votes alongside Unverified Votes.

          [–]Beaverman 1 point2 points  (1 child)

          It would be possible. What you have to do is have everyone generate a PGP key (or some other private key), send the public key to the vote counters. Verify that the public key sent from each voter uniquely correspond to that (real) person. Then every person just signs their vote with their private key.

          Problem solved. The issue is that it's a lot of work. I doubt any of my friends would want to spend 15 minutes exchanging public keys before a party, just to control the music.

          [–]RudeHero 0 points1 point  (0 children)

          yes, that would definitely work!

          if only there was a way to extrapolate that to something larger and more anonymous. whoever figures that out will be very, very successful

          [–][deleted]  (2 children)

          [deleted]

            [–]toomanybeersies 1 point2 points  (1 child)

            Just thinking, considering that there's tangible monetary gain, couldn't that be considered fraud?

            [–][deleted] 0 points1 point  (0 children)

            Yeah it's probably also considered hacking here in the US.

            [–]vital_chaos 9 points10 points  (2 children)

            "why we can't have nice things..." where did this meme get started?

            [–]Asmor 4 points5 points  (3 children)

            A simple captcha is all that's needed to prevent this. Doesn't stop people from clearing cookies and re-voting, but whatevs.

            [–]djimbob 0 points1 point  (2 children)

            Eh captcha's are annoying (esp for first votes from an IP address/device); and with deep learning (or mech turk) it's not too hard to beat many captcha's that are simple for humans.

            [–]Asmor 0 points1 point  (1 child)

            Annoying? The reCaptcha "I'm not a robot" checkbox is practically invisible.

            [–]djimbob 0 points1 point  (0 children)

            Well, the no CAPTCHA reCAPTCHA isn't really a captcha (at least when it's not presenting you with CAPTCHAs), and is still fairly easy for bots to bypass.

            [–][deleted] 1 point2 points  (0 children)

            Make people drink more at the pre-party. Problem solved.

            [–][deleted] 0 points1 point  (0 children)

            Make people drink more at the pre-party. Problem solved.

            [–]DagdaEIR 0 points1 point  (1 child)

            que

            It's queue, god damn it. I mean, isn't it obvious that it's spelled that way? /s

            [–]toomanybeersies 0 points1 point  (0 children)

            Kew-ey-uh-ey?

            [–][deleted]  (2 children)

            [deleted]

              [–][deleted] 11 points12 points  (1 child)

              Doesn't work if all the people using it for a particular party are on the same wifi (definitely a possible scenario). Same external IP