2009/5/26 xor <xor at gmx.li>: > On Tuesday 26 May 2009 22:02:37 xor wrote: >> On Thursday 07 May 2009 11:23:51 Evan Daniel wrote: >> > > Why exactly? Your post is nice but I do not see how it answers my >> > > question. The general problem my post is about: New identities are >> > > obtained by taking them from trust lists of known identities. An >> > > attacker therefore could put 1000000 identities in his trust list to >> > > fill up your database and slow down WoT. Therefore, an decision has to >> > > be made when to NOT import new identities from someone's trust list. In >> > > the current implementation, it is when he has a negative score. >> >> [...] >> >> > I have not examined the WoT code. ?However, the Advogato metric has >> > two attributes that I don't think the current WoT method has: no >> > negative trust behavior (if there is a trust rating Bob can assign to >> > Carol such that Alice will trust Carol less than if Bob had not >> > assigned a rating, that's a negative trust behavior), and a >> > mathematical proof as to the upper limit on the quantity of spammer >> > nodes that get trusted. >> > >> > The Advogato metric is *specifically* designed to handle the case of >> > the attacker creating millions of accounts. ?In that case, his success >> > is bounded (linear with modest constant) by the number of confused >> > nodes -- that is, legitimate nodes that have (incorrectly) marked his >> > accounts as legitimate. ?If you look at the flow computation, it >> > follows that for nodes for which the computed trust value is zero, you >> > don't have to bother downloading their trust lists, so the number of >> > such lists you download is similarly well controlled. >> >> I have read your messages again and all your new messages and you are so >> convinced about advogato that I'd like to ask you more questions about how >> it would work, I don't want you to feel like everyone is ignoring you :) (- >> I am more of a programmer right now than a designer of algorithms, I >> concentrate on spending most available time on *implementing* WoT/FT >> because nobody else is doing it and it needs to get done... so I have not >> talked much in this discussion) >> >> Consider the following case, using advogato and not the current FMS/WoT >> alchemy: >> >> 1. Identity X is an occasional and trustworthy poster. X has received many >> positive trust values from hundreds of identities because it has posted >> hundreds of messages over the months, so it has a high score and capacity >> to give trust values, and all newbies will know about the identity and it's >> high score because it is well-integrated into the trust graph. >> >> 2. Now a spammer gets a single identity Y onto the trust list of X by >> solving a captcha, his score is very low because he has only solved a >> captcha but the score is there. Therefore, any newbie will see Y because X >> is well-integrated into the WoT >> >> 3. X is gone for quite some time due to inactivity, during that time Y >> creates 500 spam identities on his trust list and starts to spam all >> boards. X will not remove Y from his trust list because he is *away* for >> weeks. > > Also consider the case that instead of 500 new identities he just posts > 5000000 messages with his single identity Y. How do we get rid of Y?
First, you rate limit messages. I'm having trouble coming up with a case where I ever want my node downloading that many messages from one identity. Second, after I read a few, I'll mark some as spam and the rest will go away. From a practical standpoint, I don't really care about the difference between 5 messages, 500, or 500000 -- I'll read one, or a few, and then mark Y as a spammer. I'll never see the rest. Evan Daniel
