It’s not even “Incognito” (what a misnomer too), this is a Gecko-based browser

    • danprs@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 years ago

      Wouldn’t the better solution be to keep a log of previous client IPs, on the server side? Sure, VPN will circumvent it, but it’s much easier for me to clear a cookie 100 times then to connect to 100 different VPNs.

      • wander1236
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        IP blocking would be really bad if the poll is for students staying in dorms at a university or for people on the same cell carrier.

      • LufyCZ@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 years ago

        Not if you don’t know what cookies even are. Stops the regular Joe just fine

        • Katana314@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 years ago

          All it takes to swing a poll by 8,000 votes is one person that knows how to clear cookies. It’s not even about stopping regular joes.

            • Katana314@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              ·
              2 years ago

              50 votes in a browser would take an hour, but 5,000,000 votes in a browser’s dev tools would take an hour and fifteen minutes; it’s the kind of thing people can write a bit of code to do for them. (I’m a web dev, this doesn’t sound like a challenge to me if there’s no security)

      • Beliriel@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        2 years ago

        You need to track the user for a poll. Sessions don’t work since private browsing enables duplicate votes. Tracking the IP can block users from the same network/wifi. Cookies get auto-sent and browser storage is only clientside. Really not many more options aside from making an account on a site and logging in. I find it a pretty reasonable solution actually.

        • Milady@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          26
          ·
          2 years ago

          Cookies fall short just the same as sessions. you’re asking the user to pinkie promise they won’t clear their cookies / modify them.

          An account seems the most logical. You need to avoid duplicates ; it’s not really about privacy here. You’ll only make a tradeoff between accomplishing no duplicates and letting users do what they want.

      • JuxtaposedJaguar@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        It could be useful to prevent accidental duplicate votes. But definitely not sufficient for malicious actors.

        • slampisko@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 years ago

          Clearing cookies is super easy, barely an inconvenience. If someone wants to vote on something a lot and cookies are the only barrier, they might as well not be there