After thinking about this "spam" issue, I realized that there's really no accurate way of circumnavigating this issue. As you say, people can very easily change their IP address, therefore I changed my mind and I don't think this is a very useful feature anymore.
Thanks for making things more clear for me. On Tue, May 29, 2012 at 8:40 AM, Luca Matteis <[email protected]> wrote: > Yes, people could get around the voting by simply using a proxy server > or logging in from somewhere else. But the idea is that it makes it > *harder* for people to vote based on their IP address. > > Also there's an issue that I'm having with my Couchapp which is that > it's extremely easy for users to create new accounts, > programmatically. All they need to do is: i=0; while(1) { > put_doc_in_users_db(i++) } > > I know this is also solved by putting some sort of firewall before > Couch. But these are little fixes and little things that could really > make writing couchapps a lot better. > > On Tue, May 29, 2012 at 8:28 AM, Jens Alfke <[email protected]> wrote: >> >> On May 28, 2012, at 2:26 PM, Luca Matteis wrote: >> >> contained in the request), so why not give the IP address of the >> request as well? This would allow the creation of even more powerful >> Couchapps. >> >> The IP address is not very useful for what you're trying to do. Given the >> prevalence of NAT (even by ISPs and cell carriers), multiple different users >> can appear to be at the same IP address; and given dynamic addressing and >> mobile devices, a single user can appear at multiple IP addresses over time. >> >> In other words, if you do this it will offend some of your users who will be >> accused unfairly of cheating simply because they're behind a NAT, and it'll >> still be pretty easy for people to hack around by just voting from home, >> from work, and from a cafe. >> >> Basically any system with disposable easily-created anonymous accounts will >> run into issues like these. There isn't any way around them without making >> the accounts stickier. But that's off-topic for this list. >> >> —Jens
