On Thu, May 7, 2009 at 4:43 PM, xor <xor at gmx.li> wrote: > On Thursday 07 May 2009 11:23:51 Evan Daniel wrote: >> On Thu, May 7, 2009 at 4:00 AM, xor <xor at gmx.li> wrote: >> > On Thursday 07 May 2009 00:02:11 Evan Daniel wrote: >> >> The WoT documentation claims it is based upon the Advogato trust >> >> metric. ?(Brief discussion: http://www.advogato.org/trust-metric.html >> >> Full paper: http://www.levien.com/thesis/compact.pdf ) ?I think this >> >> is wonderful, as I think there is much to recommend the Advogato >> >> metric (and I pushed for it early on in the WoT discussions). >> >> However, my understanding of the paper and what is actually >> >> implemented is that the WoT code does not actually implement it. >> > >> > I must admit that I do not know whether its claim that it implements >> > Advogato is right or not. I have refactored the code but I have not >> > modified the trust calculation logic and have not checked whether it is >> > Advogato or not. Someone should probably do that. >> > >> >> I don't have any specific ideas for how to choose whether to ignore >> >> identities, but I think you're making the problem much harder than it >> >> needs to be. >> > >> > Why exactly? Your post is nice but I do not see how it answers my >> > question. The general problem my post is about: New identities are >> > obtained by taking them from trust lists of known identities. An attacker >> > therefore could put 1000000 identities in his trust list to fill up your >> > database and slow down WoT. Therefore, an decision has to be made when to >> > NOT import new identities from someone's trust list. In the current >> > implementation, it is when he has a negative score. >> > >> > As I've pointed out, in the future there will be MULTIPLE webs of trust, >> > for different contexts - Freetalk, Filesharing, Identity-Introduction >> > (you can get a trust value from someone in that context when you solve a >> > captcha he has published), so the question now is: Which context(s) shall >> > be used to decide when to NOT import new identity's from someones trust >> > list anymore? >> >> I have not examined the WoT code. ?However, the Advogato metric has >> two attributes that I don't think the current WoT method has: no >> negative trust behavior (if there is a trust rating Bob can assign to >> Carol such that Alice will trust Carol less than if Bob had not >> assigned a rating, that's a negative trust behavior), and a >> mathematical proof as to the upper limit on the quantity of spammer >> nodes that get trusted. >> >> The Advogato metric is *specifically* designed to handle the case of >> the attacker creating millions of accounts. ?In that case, his success >> is bounded (linear with modest constant) by the number of confused >> nodes -- that is, legitimate nodes that have (incorrectly) marked his >> accounts as legitimate. ?If you look at the flow computation, it >> follows that for nodes for which the computed trust value is zero, you >> don't have to bother downloading their trust lists, so the number of >> such lists you download is similarly well controlled. >> > > Well I'm no mathematician, I cannot comment on that. I think toads argument > sounds reasonable though: That there must be a way to distrust someone if the > original person who trusted him disappears. > > I do not plan to change the trust logic on my own, I consider myself more as a > programmer who can implement things than a designer of algorithms etc.
All the more reason to use Advogato (or some other metric with useful provable properties) :) The current WoT is entirely black magic alchemy. Maybe it works, maybe it doesn't, but us non-mathematicians have trouble saying anything conclusive. Alchemy is to be avoided; if you have the ability to show why it works, it ceases to be alchemy. Advogato is certainly not perfect, but its limits are well defined (spammer identities are linearly bounded by the trust granted to confused legitimate identities) and imho acceptable -- if you've forced the spammer to do manual work linearly proportional (with a sane constant) to the amount of spam he wants to send, you've won. Evan Daniel
