I swear - it's like I'm in high school again. Check out the email I got on Sunday:
Hello my name is XXX and Im in the running for the last contestant on Mtv's the Real World. The competition is online voting and I was wondering if you knew anything about autovoters. Some of the contestants are using them and I would really like one to use. I just have no idea how to use them. If you could make me one that was be fantastic. We could come to some sort of agreement. The site is http://www.realworldcasting.comMy personal site is XXX
Please let me know! Thanks!
I'm hiding the name and his personal URL as I'm going to assume that maybe he is just worried about others beating him unfairly and he is just resorting to cheating as a last measure (although I will ping MTV - who wants to bet that I'll actually hear back). With that in mind though - it does bring up a good topic - securing online voting.
I'm pretty sure I've covered this in other blog posts, and I know its a common question. How would you prevent against auto-posting? About the only solution I know of would to be both a) require a unique email address for the vote and b) follow up with a confirmation link to finalize the vote.
One problem with this approach though is that it isn't terribly hard to generate fake email addresses. At gmail you can just add a -XXX to your address to add a new unique email address. If I were building such a voting system I'd add a rule just for gmail.
Another problem is that a lot of people probably won't bother to reply to a confirmation link. I'd be willing to bet you would lose close to half of the votes. Of course, that will be evenly distributed amongst all votes probably.
p.s. What we really need is a "Real World CF". Can you imagine a bunch of us ColdFusion bloggers in one house?!?!