Is there a problem with just grabbing some numbers from random.org's generator and running the drawing yourself?
The drawing service at random.org makes sense, because in theory you could manipulate the drawing. random.org publishes the winners on their website.
Didn't Dave do it live on web cam last time? But still tricky, because the last digit on multimeter could be faked and live using random.org could be faked as well. The only trusted way to do it would be a independent 3rd party random number, which everyone can see, like some national lottery, then hashing the values and using it mod number of EEVblog names to draw a winner, and publishing the EEVblog names prior to the lottery drawing (looks like a market niche for another webservice). But we trust Dave, so no problem with the last multimeter digit
Hmm, I was thinking it can't be done without a trusted 3rd party as well but then I had this idea:
When planing the contest Dave creates a secret message with the following contents:
* A large random number (much larger than the largest expected number of contestants)
* Some additional non random information: the date when the contest ends, rules, pictures etc.
Dave then hashes the message with a secure hash algorithm (sha-256 or whatever is considered secure at the time). The message is secret and is put in a sealed envelope and the safe (looks good on video
). When Dave announce the contest he also publish the message hash (but the message is still kept secret of course). He also has to set a strict final date of the competition.
(Now everyone else saves the hash on their local hard drive to be able to verify the result later.)
After the contest ends Dave remove any invalid entries, he now has a list of all valid entries in the order they signed up. He then opens the letter and reveal the message with the random number. He then calculates X = (R mod N) + 1 Where R is the random number and N is the number of entries in the list (i.e. valid contestants). The winner is th X:th entry in the list.
The nice thing is that everyone can check that the published message hashes to the same hash that Dave published when the contest began. That way everyone knows Dave hasn't changed the number R after the contest to manipulate the result. Also, although Dave knows R during the contest, since he can't control in which order people sign up or how many will be signing up (N) he can't tell someone to sign up as a certain number that he know will win since the winner will depend on how many sign up before the end date, N, as well as the order.
Some remarks:
* If Dave wants to extend the contest period, say a week, because there isn't enough contestants he could do so but in that case he should decide to do so long before the original end date so there's no suspicion he is trying to change the winner by inviting more contestants (and thereby changing N).
* The secret message need to contain non random information as well or else it would be relatively easy for Dave to select a new number that generates the same hash, some extra non-random information makes that practically impossible.
* Dave could try to manipulate the result when he decides which entries are valid and which are not (and thereby manipulate both the order and N). So he should also decide on some easily verifiable criteria before the contest so anyone can check that the resulting list of valid entries are fair. The signup tread is public so everyone should be able to generate the same list of valid contestants as Dave.
* If someone is selected that later turns out to be invalid for whatever reason it's not a problem (because that would be hard to predict and thus hard to manipulate). Just explain what happened, remove that person from the list and redo the calculation.
These things are tricky so i might have missed something but I believe it should work?