Every year, each of the games industry conferences have to pick between 100 and 300 talks and speakers, each of whom gets a free all-access ticket and usually free international travel, hotel, etc. The process is fairly straightforward: they put out a request for proposals about 6-9 months earlier, receive thousands of 1000-word abstracts, and select those that they think are interesting, novel, or will attract people enough to make them buy expensive tickets.
Often, the choices made baffle, frustrate, or infuriate people in the industry. The most common complaint is that each year the conferences a higher proportion of worthless talks on subjects that everyone with any experience already knows about, and contain no information you couldn’t have got from home just by using google for a couple of hours. A lot of conferences have a few near-identical talks each year, so that if you’ve been to one you needn’t bother with the rest – one conference even got a reputation for just recycling the talks given at other conferences already that year, which killed it. There are always slightly bitter rumours about the best way to get a talk accepted – “pay for some advertising with the company that owns the conference”, or “offer a favour to someone on the advisory board”. Certainly, the biggest games industry conference (owned by the same people who this year bought-out AGDC) – GDC – has had a substantial number of talks in the last few years that either blatantly broke the conference rules on talks “not being an advert for a product”, or which were of an extremely low quality / low in any actual content.
One man, one vote … maybe?
One problem – there’s no apparent rules restricting who votes. All you need is an email address (or gmail or mailinator) and a programmatic web browser, and you can choose who gets the free conference passes. I wouldn’t mind, but there’s a couple of talks I really want to go to myself which are on the voting list, and at least one of them isn’t going to get in – and I’ve little confidence right now that the ones that beat it will have done so by being the most popular with people who actually attend the conference.
“Write a program in a scripting language to automatically create accounts and vote for my talk”
- Use a free open-source library to make requests and post responses to the web server (libcurl)
- Use Firefox with the View Headers feature whilst surfing the site manually to see and record what you need to send and receive
- Create enough fake email addresses to swing the voting in your favour
- Don’t get detected
- Use the US census data to programmatically make email addresses using believable REAL names with a wide variety of different names – and in the right proportion to be all US citizens
- Don’t have them all registered from a single domain name
- Don’t have them all from a single IP address (assuming they save your IP address when you vote, which most such sites don’t bother to do until too late)
If you’re still worried about the organizers getting suspicious of all those 5/5 votes for one talk, just look at it this way:
“Identify the major competitor talks, and vote them down, instead of just voting yours up”
Easy enough to hide your skewing of the results in the sea of all the other, genuine, untraceable voters voting one way or another based on personal preference…
Finally, I just want to briefly look at the expected outcome of this, because it touches on a real-life problem with games security: it’s unlikely any individual will cheat, so it may seem it’s “mostly” OK … but with some systems (such as this one) it only requires one cheater to destroy everything. As soon as one person starts cheating, others will notice and will feel “forced” to cheat also – this is what happened with Diablo, when cheaters found a way to make their character able to attack in towns, where no-one was allowed to attack. Non-cheaters were forced to cheat just in order to become able to defend themselves – there was no other defence that would work.
Some people started promoting their talks on their blog, and others have now followed suit. The voting contest has become a contest of who has the biggest blog :). I’m sure this was intentional by the conference organizers – it’s an excellent way of getting more free publicity that specifically targets and promotes the individual talks rather than just the generic conference itself. Even better, it has a natural tendency to give the most publicity to the most popular talks-to-be, whereas the conference organizers have to second guess what they think will make people pay to come and listen.
I wonder why they decided to let anyone vote, rather than restricting it to people who had booked tickets? They could even have just taken a refundable deposit, up to a certain date, to force only people who were willing to stump up some cash to take part in the voting. That could have filtered out most of the “no intention of going to the conference” people (although it certainly wouldn’t have made the system secure from determined cheating).