1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Brexit Discussion - The new thread

Discussion in 'Speaker's Corner' started by Feek, Sep 5, 2019.

  1. Bounce

    Wise Guy

    Joined: Dec 22, 2011

    Posts: 1,241

    Location: Stoke-on-Trent

    What evidence you haven't shown me any?
     
  2. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    So are you saying you're unaware of how they guard against people signing it more than once by using another name and/or different email address?
     
  3. GizF1

    Gangster

    Joined: Jun 21, 2016

    Posts: 405

    Location: Worcestershire

    Lets say that 3 of the 4 million votes were 'botted'.

    Lets say that those 3 million votes came from 1000 dedicated leave (edited as it was quite a sensible idea so both remain and leave would have signed up) voters who wanted a second chance if the result was close.

    Each one would have had to set up and register 3000 email address and votes.

    Lets say each one takes 5 minutes.

    That would take each person 250 hours or 10 days of dedication.

    Is that realistic?
     
    Last edited: Sep 20, 2019
  4. DarkHorizon472

    Mobster

    Joined: May 16, 2007

    Posts: 3,164

    That would be my view as well, another referendum now with the three clearly defined deliverable options, no deal, the governments deal or no brexit.
     
  5. Bounce

    Wise Guy

    Joined: Dec 22, 2011

    Posts: 1,241

    Location: Stoke-on-Trent

    Just so you know you can sign a Petition twice off one email address.
     
  6. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    No you can't.
    Oh, and before you say it didn't always use to be like that it's irrelevant as duplicate email addresses were removed from petitions in the past.
     
  7. Mr Jack

    Capodecina

    Joined: May 19, 2004

    Posts: 17,447

    Location: Kiel, Germany

    It amazes me that on a computer forum people act like this stuff can't be easily automated.

    This is true, because the petitions site puts a fair amount of effort into minimising the number of fake votes, and removing them.
     
  8. Bounce

    Wise Guy

    Joined: Dec 22, 2011

    Posts: 1,241

    Location: Stoke-on-Trent

    Yes you can

    https://fullfact.org/europe/possible-repeatedly-sign-parliamentary-petition/

    Nothing stopping me or my partner, having 2 signatures each instead of 1 quite easily using the same e-mail address.

    'A House of Commons spokesperson told us “Many people share an email account with a partner or do not have access to email. To ensure that the petitions system is as accessible as possible, up to two people can sign from the same email address. An email address can only be used twice.'
     
  9. Bounce

    Wise Guy

    Joined: Dec 22, 2011

    Posts: 1,241

    Location: Stoke-on-Trent

    Also most people will have more than one email address, usually a personal email address and a work email address, so there would be nothing stopping me from putting 4 signatures on one petition.
     
  10. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    They act like that because it can't (see above link).
     
  11. Mr Jack

    Capodecina

    Joined: May 19, 2004

    Posts: 17,447

    Location: Kiel, Germany

    Yes, it can. It's harder than without email verification, but it's easy to write a script that automatically checks an email address and "clicks" on the verification links. It's easy to set up a domain so that any address of the form person@domain.com goes to the same email account, and it's easy to write a bot that automatically enters data into a webpage. None of this is particularly hard to do.
     
  12. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    Are you aware that the link you provided rebuts the implication that you've been making about people going to great effort just to be heard and that the petitions are full of duplicates?
    You also seem to have ignored that those email addresses are checked against postcodes, and i would assume the electoral register, that happens to record how many people actually live at the address.
     
  13. GordyR

    Soldato

    Joined: Dec 1, 2003

    Posts: 5,157

    Location: Essex

    Can you describe how you would do it?

    I run a software development company and the best I can think of is:

    - Parsing the email and looking for an HTML link or a string beginning with "http(s)://".
    - Extracting that link if found, and firing off an http request to trigger the petition to update it's database.

    That's easy enough to write... But the problem would be in getting this script attached to 1000's of email accounts.

    You would have to write custom software designed to receive emails from all of these accounts, and then fire the script upon receipt.

    Furthermore, each email address would need it's credentials to be input manually for this hypothetical software to be able to receive them.

    Doing so would require more work than checking each actual account and manually clicking the link, surely?

    Granted I've only given the above about 1 minutes thought, perhaps I'm missing something?
     
  14. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    So you disagree with those two security experts when they said that it is much harder and a bit of a pain?
     
  15. Mr Jack

    Capodecina

    Joined: May 19, 2004

    Posts: 17,447

    Location: Kiel, Germany

    This is where you're going wrong. You just need 1 email account, and a domain that transfers all email coming to that domain to that account. This is a standard feature of domain hosting, I use it for all my email so that I can give a different email address to every company I deal with.
     
  16. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    Well unless there's four people all living at the same address all with the same name then three or all of them would be removed, do you really think the extent of their security starts and ends at looking for duplicate email address?
     
  17. Mr Jack

    Capodecina

    Joined: May 19, 2004

    Posts: 17,447

    Location: Kiel, Germany

    Which two security experts are you referring to?

    And if they said that automatically verifying emails sent to automatically generated email addresses is hard then they're just plain wrong, so I suspect they actually said something a bit different to that.
     
  18. Murphy

    Mobster

    Joined: Sep 16, 2018

    Posts: 3,093

    The ones the BBC article that i linked to quoted.
    And
     
  19. GordyR

    Soldato

    Joined: Dec 1, 2003

    Posts: 5,157

    Location: Essex

    That's not correct surely. The emails from the petition site are being sent to each individually unique email address; not to a domain under your control.

    How are you proposing to set up all of these unique email addresses to automatically forward to a single account that has a script attached?

    Furthermore, we know that the petitions site tracks the IP addresses of the confirmation response, and weeds out foreign or duplicate ones, so you would have to custom write another IP spoofing layer surely?

    I get that all of this is technically doable. I'm just far from convinced that it would be even remotely time effective.

    Again, maybe i'm missing something.
     
  20. Mr Jack

    Capodecina

    Joined: May 19, 2004

    Posts: 17,447

    Location: Kiel, Germany

    Then they have, at the very least, overstated their case. This is not a hard problem to solve. Which is why, of course, the petitions website takes multiple steps to limit false signatories.