On Tuesday 26 May 2009 23:19:53 Evan Daniel wrote: > 2009/5/26 xor <xor at gmx.li>: > > On Tuesday 26 May 2009 22:02:37 xor wrote: > >> On Thursday 07 May 2009 11:23:51 Evan Daniel wrote: > >> > > Why exactly? Your post is nice but I do not see how it answers my > >> > > question. The general problem my post is about: New identities are > >> > > obtained by taking them from trust lists of known identities. An > >> > > attacker therefore could put 1000000 identities in his trust list to > >> > > fill up your database and slow down WoT. Therefore, an decision has > >> > > to be made when to NOT import new identities from someone's trust > >> > > list. In the current implementation, it is when he has a negative > >> > > score. > >> > >> [...] > >> > >> > I have not examined the WoT code. However, the Advogato metric has > >> > two attributes that I don't think the current WoT method has: no > >> > negative trust behavior (if there is a trust rating Bob can assign to > >> > Carol such that Alice will trust Carol less than if Bob had not > >> > assigned a rating, that's a negative trust behavior), and a > >> > mathematical proof as to the upper limit on the quantity of spammer > >> > nodes that get trusted. > >> > > >> > The Advogato metric is *specifically* designed to handle the case of > >> > the attacker creating millions of accounts. In that case, his success > >> > is bounded (linear with modest constant) by the number of confused > >> > nodes -- that is, legitimate nodes that have (incorrectly) marked his > >> > accounts as legitimate. If you look at the flow computation, it > >> > follows that for nodes for which the computed trust value is zero, you > >> > don't have to bother downloading their trust lists, so the number of > >> > such lists you download is similarly well controlled. > >> > >> I have read your messages again and all your new messages and you are so > >> convinced about advogato that I'd like to ask you more questions about > >> how it would work, I don't want you to feel like everyone is ignoring > >> you :) (- I am more of a programmer right now than a designer of > >> algorithms, I concentrate on spending most available time on > >> *implementing* WoT/FT because nobody else is doing it and it needs to > >> get done... so I have not talked much in this discussion) > >> > >> Consider the following case, using advogato and not the current FMS/WoT > >> alchemy: > >> > >> 1. Identity X is an occasional and trustworthy poster. X has received > >> many positive trust values from hundreds of identities because it has > >> posted hundreds of messages over the months, so it has a high score and > >> capacity to give trust values, and all newbies will know about the > >> identity and it's high score because it is well-integrated into the > >> trust graph. > >> > >> 2. Now a spammer gets a single identity Y onto the trust list of X by > >> solving a captcha, his score is very low because he has only solved a > >> captcha but the score is there. Therefore, any newbie will see Y because > >> X is well-integrated into the WoT > >> > >> 3. X is gone for quite some time due to inactivity, during that time Y > >> creates 500 spam identities on his trust list and starts to spam all > >> boards. X will not remove Y from his trust list because he is *away* for > >> weeks. > > > > Also consider the case that instead of 500 new identities he just posts > > 5000000 messages with his single identity Y. How do we get rid of Y? > > First, you rate limit messages. I'm having trouble coming up with a > case where I ever want my node downloading that many messages from one > identity.
And how to find a practical rate limit? Consider SVN/GIT/etc. log-bots: They post a single message for each commit to the repository. > > Second, after I read a few, I'll mark some as spam and the rest will > go away. From a practical standpoint, I don't really care about the > difference between 5 messages, 500, or 500000 -- I'll read one, or a > few, and then mark Y as a spammer. I'll never see the rest. Can a messaging system survive which will appear as "full of spam" to every newbie? Isn't it the core goal of the WoT to prevent *newbies* from seeing spam, to let the community design a set of ratings which prevents EVERYONE from having to manually mark spam/non spam, letting only a subset of the community doing the work and others can benefit from it? I think thats what any algorithm needs to be able to do: Provide a nice first usage experience. First usage = empty trust list. So this also applies to people who are to lazy to mark everything as spam which is spam. Which probably applies to > 50% of the users. So advogato would annoy >50% if I have not misunderstood it? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20090526/86c92eb8/attachment.pgp>