Response to the question; Why is web3.0 more secure for a voting website than web2.0?

Web 2.0 is centralised, anyone can take control of the web2.0 resource and manipulate it, sometimes in undetectable ways. Web3.0 with a blockchain; this is immutable, the transactions are hashed and recorded onto the blockchain, it is almost impossible to manipulate this data.

I saw a great question in one of the communities I'm a part of;

What are some points, where a web2 voting system would not be very secure, compared to a web3 voting system?

I saw a couple of points straight away and thought I'd share on my usual waffle board.

IPFS + Blockchain

Manipulation

Web 2.0 is centralised, anyone can take control of the web2.0 resource and manipulate it, sometimes in undetectable ways (of course, someone taking control of a domain us usually in a noticed way (defacing a website for example), but this doesn't have to be the case).

Transparency

Further to this, there is typically little transparency within the web2.0 world. If the website claims there was 200 votes for X when in fact there were only 190, they could simply change this number by changing the data in an SQL table.

The tables may collect more than just the votes for X, Y or Z, there may be several tables connected, one recording where the user was, what IP, what time, but if you can get access to this database server, you can manipulate any of it. The frontend just displays what the backend is telling it.

Halfway (centralised + decentralised)

We could have a web2 frontend (a centralised site that can still be compromised) but it transacts with a blockchain, this data is immutable, the transactions are hashed and recorded onto the blockchain, it is almost impossible to manipulate this data, and depending on how quickly the blocks are created, it could be completely impossible, as in it's not easy to go back and change a block at all (to say this person voted for XY instead of YZ).

Of course if the transaction is recent, maybe it can be fudged before being entered onto the blockchain, but if there are already blocks that follow, then you cannot manipulate that data as the hash would not match for the transactions in that block and no one else in the network would believe the corrupt block.

IPFS (InterPlanetary Files System)

We can further build on this idea with something like IPFS, where the frontend is also decentralised. Taking control of one node to manipulate the frontend (so that it no longer accurately reflects what is on the secure blockchain as in a web2.0 frontend for a web3 backend), it would be impossible as the rest of the network would not trust the node that no longer has a correct version of the data.

TLDR; Web2.0 is not transparent, it is easy to manipulate, harder to detect manipulation. Web3.0 is transparent, immutable, any manipulation is easily detected and untrusted by the rest of the network.