Drexel students hijack online poll, get underwear

A few weeks ago I saw that students at my alma mater organized a small botnet to push Drexel to the front of the queue for Victoria's Secret's line of university branded underwear. It took a brief remark from a blog I frequent to make me realize that there is actually a small computer security story here. Bruce Schneier, when commenting on this story, stated that preventing ballot stuffing in online polls is relatively hard. While running a perfect poll would involve somewhat sophisticated engineering, mitigating the effects of online ballot stuffing isn't too impossible. Rate limiting by IP address, requiring a CAPTCHA, or running the poll in an environment that provides a higher level of identity management such as Facebook are all options.

Creating a poll with a minimum of security provisions actually benefits the poll taker from a marketing perspective in many ways. No one is interested in a contest whose outcome is predetermined purely by the size of the matriculating class. Having a university known for its engineering programs with a majority male student body win its own line of women's underwear does make news, however.

Go Dragons!