Vote for College Gameday to film a commercial here!

The poll was hosted on a site registered through GoDaddy, likely a throw-away. It didn't have anything to do with Facebook security.

 
It really does suck that one of our fans had to make a bot, tbh. We would have been pretty clearly the highest non-bot-affected total; we were behind only NC State yesterday with a pretty reasonable 50k votes.

 
tschu said:
It really does suck that one of our fans had to make a bot, tbh. We would have been pretty clearly the highest non-bot-affected total; we were behind only NC State yesterday with a pretty reasonable 50k votes.
Click to expand...
While I might agree with you, that's like saying it's too bad guns were used in World War II. "They" have guns (or bots, in this case) and they are going to use them. You can't bring a knife to a gunfight.

The onus, as always, lies with the idiots offering this vote. Someone will use a bot, it's nearly a guarantee, especially when you can do it so easily. There's simply no excuse for not bot-proofing your little vote, especially when you have the resources of an ESPN.

 
Computer security is hard though. And I'm serious. To make something truly secure you have to have vast resources like Amazon or the US Gov't, and even then you hear about breaches in security

Amazon wasn't a joke either - they have one of the most secure servers in the world

 
Last edited by a moderator:
knapplc said:
tschu said:
It really does suck that one of our fans had to make a bot, tbh. We would have been pretty clearly the highest non-bot-affected total; we were behind only NC State yesterday with a pretty reasonable 50k votes.
Click to expand...
While I might agree with you, that's like saying it's too bad guns were used in World War II. "They" have guns (or bots, in this case) and they are going to use them. You can't bring a knife to a gunfight.

The onus, as always, lies with the idiots offering this vote. Someone will use a bot, it's nearly a guarantee, especially when you can do it so easily. There's simply no excuse for not bot-proofing your little vote, especially when you have the resources of an ESPN.
Click to expand...
fictional-families-7.jpg


 
Blackshirts007 said:
knapplc said:
tschu said:
It really does suck that one of our fans had to make a bot, tbh. We would have been pretty clearly the highest non-bot-affected total; we were behind only NC State yesterday with a pretty reasonable 50k votes.
Click to expand...
While I might agree with you, that's like saying it's too bad guns were used in World War II. "They" have guns (or bots, in this case) and they are going to use them. You can't bring a knife to a gunfight.

The onus, as always, lies with the idiots offering this vote. Someone will use a bot, it's nearly a guarantee, especially when you can do it so easily. There's simply no excuse for not bot-proofing your little vote, especially when you have the resources of an ESPN.
Click to expand...
fictional-families-7.jpg
Click to expand...
No thanks, man. NTTAWWT. ;) :thumbs

 
tschu said:
Computer security is hard though. And I'm serious. To make something truly secure you have to have vast resources like Amazon or the US Gov't, and even then you hear about breaches in security

Amazon wasn't a joke either - they have one of the most secure servers in the world
Click to expand...
You don't need "true security." You need a level of security just high enough that the juice isn't worth the squeeze. If someone can cobble together a simple bot in ten minutes and beat your "security," you're not even trying.

You've got - literally - millions of dollars at your disposal if you're ESPN. You know you're going to be running these polls from time to time. Over the course of several years of running polls, you should have been able to figure out a level of security high enough that the average kid in computer science can't hack it without going to more trouble than it's worth. That's achievable, especially with the budget ESPN has.

 
It isn't "easy" - all you need is the motivation and the ability. And believe me, a lot more 26-year old programmers/part-time-hackers care more about college football than they do about hacking into the FBI. (Plus, you get in a lot less trouble by hacking an ESPN poll). The problem isn't blocking the ways you know hackers can get in - its blocking the ways that they'll come up with that you hadn't necessarily thought of. Its whack-a-mole, basically. Yes, though, hindsight says they should have done more.

 
Last edited by a moderator:
tschu said:
It isn't "easy" - all you need is the motivation and the ability. And believe me, a lot more 26-year old programmers/part-time-hackers care more about college football than they do about hacking into the FBI. (Plus, you get in a lot less trouble by hacking an ESPN poll). The problem isn't blocking the ways you know hackers can get in - its blocking the ways that they'll come up with that you hadn't necessarily thought of. Its whack-a-mole, basically. Yes, though, hindsight says they should have done more.
Click to expand...
I gotcha. I spent two years QA'ing a dotcom startup in the valley back in 1999-2001. I know what you're talking about. But if you're saying that it's not possible to tighten their security up some, you're totally dreaming. They don't just have inadequate security on their end, they have nothing. They have tissue paper where they could have iron bars. Can you break through iron bars? Sure. But it's better than tissue paper.

Heck, tschu, you're basically saying we should build the State Pen out of sod and a palisade because you can break anyone out of any prison. Of course you can get someone out of the Nebraska State Pen, but it's not easy. That's all I'm saying. Don't freakin' make it easy.

 
You must log in or register to reply here.
Back
Top