I don't have serious problem with this... but ballot stuffing and fake account registration seems the domain of SEO/blackhats or Anon. This isn't a 'cute hack' worthy of praise -- it's just abuse of MIT and Dropbox systems for no great reason other than perhaps pride.
As noted below, MIT had a significantly higher target than any other school. The jump from 15 to 25 for MIT was ~50k points while NUS (26k students) got to 25 around 25k total points. Remember that by "not cheating" there are only ~10,000 MIT students (undergrad and grad), so the goal is impossible without cheating (there aren't that many faculty members and staff).
It wouldn't surprise me if they assumed it would be cheated, so this was an attempt to improve their fraud detection. After all, it's not like these extra 50,000 accounts actually cost much to Dropbox. They each will presumably have only the starting files in them which are all duped in every other account.
I think Drew, as an MIT alum, expected MIT to script the process anyway. In fact, I'll bet he's proud that his alma-mater by-passed dropbox's flagging filters. Also, now Dropbox can look to hire new potential MIT interns and employees.
> Dropbox’s founder and MIT Alum, Drew Houston, tried to lessen our emotional damage by creating a “United States Leaderboard” where we still held the #1 position
It's pretty funny how butthurt the MIT people are that the Singaporeans and Taiwanese managed to beat them. If you look at the leaderboard[0], Houston even put the "United States Leaderboard" above the "Global Leaderboard" so that people would think that MIT was in first place.
It's worth noting that MIT did get "punished" for cheating: the required number of points for the extra 25GB space was relatively much, much higher: http://i.imgur.com/QLJP5.jpg
It doesn't matter when you can create unlimited e-mail addresses, though.
The scaling for the number of points was set before the hack took place. Not sure why Dropbox made it so much harder for MIT vs CMU. Also, creating the mailing lists was actually one of the biggest bottlenecks and actually ended the progress, so its not exactly unlimited :)
I wouldn't say it's cheating per say. When you open this kind of event to the the world, you're definitely attracting going to attract alot of people who are good at tech stuff - and throw that in with human tendencies, creativity and competitiveness sets in.
Maybe it's because I play quite a bit of online games (so I don't find it too troubling. Since there's no real stakes in play in this DB Race) but most gamers are always looking to calculate (or exploit), pushing the boundaries and efficiency of their playing experience. The only difference is the various levels each party takes it to.
To me (as a outside audience), the boring way is to get real students to sign up. Creatives and non conformers (trying to win) will be the ones to watch for. Whether it's auto email generation and sign ups, poking at DB servers to do w/e, or even posing as another university and massively signing up and crashing the servers and getting them disqualified. Imagination and how far/risk you're willing to go is the limit.
(And this is even more common and evident in competitions, like cute Dog photos, where most likes/votes win something - and you get people generating fakes and voting. Kinda expected more 'action' with all these tech schools involved.)
And those crying foul at the US Leaderboard being at the top - I'm pretty sure it depends on your position/location cause I'm seeing Canada leaderboard. So let's all calm down :D
It seems like cheating/fraud to me. Dropbox provides a service that usually costs money. They're also offering to provide service for recruiting new users instead of charging money.
If you fake users, you're getting the service without fulfilling your side of the bargain (paying money or recruiting users). That seems like fraud to me.
That being said, I'm sure Dropbox expected some of this behavior and is still happy with the legitimate signups and overall press they're getting.
I imagine requiring your users to fake a MAC Address is a pretty effective captcha. For Dropbox, it's probably better to reduce the friction in the sign up flow than to prevent against these kinds of edge cases.
> I imagine requiring your users to fake a MAC Address is a pretty effective captcha.
I guess we disagree over the meaning of the term 'captcha' then. Besides that, it is also pretty trivial to spoof a MAC address.
> For Dropbox, it's probably better to reduce the friction in the sign up flow than to prevent against these kinds of edge cases.
Agreed. But there are smarter ways to do it. Take Gmail for example - it normally doesn't require you to pass a captcha. But if you fail a certain number of login attempts, it does. How hard can it be to start displaying a captcha after, say, 5 accounts get registered within 24 hours for the same IP address?
There's a certain mindset under which a) most contests are boring, b) there exists a metagame over all contests, and c) that metagame so fascinating that success in it is interesting irrespective of the details of the underlying contests.
I don't necessarily subscribe to that values system, but part of me understands the attraction.
