I talked about how there is a contest at work to name the conference rooms. Once the voting started, they created a web form that accepted one’s name and their vote. Of course, one could fill in any name you like.
On the last day of voting, an email come out with big bold red letters. “REMEMBER YOU MUST ONLY VOTE ONCE ELSE YOUR CHOICES WILL BE IGNORED (even tho [sic] the website will allow you to vote more times)”
The first problem that comes to mind is based on the fact that one can enter their name. This shouldn’t be possible or necessary. Each person within the bank has a global unique ID that can be dragged down since every person within the bank has logged into the bank’s AD domain controller. This can be done through the magical power of a web server. If one doesn’t trust this, or wants to do something even stronger, they can use the global challenge-response web-based authentication system to get a secure identification token.
The second problem that comes to mind is that one can enter any name. Want to rig the competition? Just fill in the name of all of your coworkers. Know somebody that is voting against the candidate you want to win? Just enter their name and vote again. The vote is now disqualified.
I know, this is just a silly little contest for a bottle of champagne and a few dollars, but the point is that this is being run by an IT group — it should set a standard of how something should be done. Yes, instead of taking 13 seconds to implement, it’s going to take 20 minutes to think out the problem, provide a clean implementation, test it, and try to break it. Instead, at least that much time will be spent tabulating votes, performing recounts, eliminating duplicates, trying to analyze logs to figure out who voted different names from the same IP. Election Scandal ‘05 … ok, so it’s not that serious of a situation. We’re not doing any important or confidential work here … but what sort of example does this send for the rest of the work we do?