background preloader

Reference

Facebook Twitter

Martin Fowler. Stack Overflow. How Not to Conduct an Online Poll. Inside the Precision Hack is a great read. It's all about how the Time Magazine World's Most Influential People poll was gamed. But the actual hack itself is somewhat less impressive when you start digging into the details. Here's the voting UI for the Time poll in question. Casting a vote submits a HTTP GET in the form of: ? Where id is a number associated with the person being voted for, and rating is how influential you think that person is from 1 to 100.

In early stages of the poll, Time.com didn't have any authentication or validation -- the door was wide open to any client that wanted to stuff the ballot box. The outcome of the 2009 Time 100 World's Most Influential People poll isn't that important in the big scheme of things, but it's difficult to understand why a high profile website would conduct an anonymous worldwide poll without even the most basic of safeguards in place. So-called secret poorly hidden on the client: check!

The Beauty of Internet: 4Chan Founder Sweeps Time's Most Influen. The Internet has different rules. The folks at Time just learned about it in a very amusing way, as their third annual poll for the world's most influential person was topped by moot A.K.A. Christopher Poole, founder of the legendary memebreeding forum 4chan. And, though the results of the poll are obviously skewed, the list is now official nonetheless. Remember, it's not Barack Obama, not Oprah Winfrey, not Pope Benedict XVI, but moot. He received 16,794,368 votes and an average influence rating of 90 (out of a possible 100).

Epic win. One can easily argue that 4chan is one of the most influential sites on the Internet; in the world of odd memes, obscure anime images and bizarre photoshops - and these make a very large and important portion of the entity we refer to as "the Internet" - moot is king. However, the results of the vote have nothing to do with influence. It's surprising, thus, that Time pretends that everything is alright. Erm, extinguish? Inside the precision hack. There’s a scene toward the end of the book Contact by Carl Sagan, where the protagonist Ellie Arroway finds a Message embedded deep in the digits of PI. The Message is perhaps an artifact of an extremely advanced intelligence that apparently manipulated one of the fundamental constants of the universe as a testament to their power as they wove space and time.

I’m reminded of this scene by the Time.com 100 Poll where millions have voted on who are the world’s most influential people in government, science, technology and the arts. Just as Ellie found a Message embedded in PI, we find a Message embedded in the results of this poll. Looking at the first letters of each of the top 21 leading names in the poll we find the message “marblecake, also the game”.

At 4AM this morning I received an email inviting me to an IRC chatroom where someone would explain to me exactly how the Time.com 100 Poll was precision hacked. The Beginning ? Like this: Coding Horror. Byte-order mark. The byte order mark (BOM) is a Unicode character used to signal the endianness (byte order) of a text file or stream. It is encoded at U+FEFF byte order mark (BOM).

BOM use is optional, and, if used, should appear at the start of the text stream. Beyond its specific use as a byte-order indicator, the BOM character may also indicate which of the several Unicode representations the text is encoded in.[1] Because Unicode can be encoded as 16-bit or 32-bit integers, a computer receiving these encodings from arbitrary sources needs to know which byte order the integers are encoded in. The BOM gives the producer of the text a way to describe the text stream's endianness to the consumer of the text without requiring some contract or metadata outside of the text stream itself. Once the receiving computer has consumed the text stream, it presumably processes the characters in its own native byte order and no longer needs the BOM.

Usage[edit] UTF-8[edit] UTF-16[edit] UTF-32[edit] See also[edit] Pedram Rezaei's Ramblings : WCF error handling and some bes. I put together the following brief description of WCF Error Handling and some possible best practices for a customer. You may also find it useful: There are 4 sets of errors that clients can expect: Invalid configuration: when bindings, behaviors or any other configs are in conflict with some other settings. Communication errors: These are the usual errors caused as the result of network communication issues such as incorrect or unreachable addresses and the unavailability of a network connection.

Service faults: By default all service side exceptions are sent to the client as FaultException. Proxy or channel state errors: These types of errors are raised when the channel or the proxy is not in a correct state to allow for communications. Why Faults instead of Exceptions? As you are aware, WCF mainly deals with SOAP Faults instead of Exception. In short, a SOAP Fault provides an adequate mapping between service exceptions and their equivalent on the client. For per-call services: try You can.