I don't believe it is possible to ever determine if some entity is trustworthy or not if there is no absolute way to identify them. Even if some entity was to appear trustworthy, add a few "sybils" and leave, you could never be sure the next entity to show up is really the original untrustworthy entity or not.
Now if you focus on the content the problem is the same. If you depend on some entity to say the content is good, you better make sure your "oracle" is trustworthy. Otherwise the "evil" entity could create a new identity and claim the content is good when it really isn't. It seems to me the only way to make this work is to have a cadre of trustworthy entities that rate each and every item placed in the system. Once it makes it past the "guardians" it can be viewed as good. C. On Tue, Jul 17, 2012 at 12:15 PM, Tony Arcieri <[email protected]>wrote: > On Mon, Jul 16, 2012 at 6:36 PM, James A. Donald <[email protected]>wrote: > >> To prevent the sybil attack, to prevent the attacker from creating very >> large numbers of sybils at low cost, it must be costly to create sybils. >> For it to be costly to create an identity allowed to contribute to the >> reputation system, that identity first needs to provide significant >> services to those already entitled to contribute to the reputation system >> before it is allowed to contribute to the reputation system. >> > > To actually trick a collaborative filtering algorithm that's looking for > self-similarity, a "Sybil" (I'm not even sue if that word makes sense in > this context) would need to participate in the network as a good-faith peer. > > After earning the network's faith, it could turn malicious, e.g. refuse to > participate in the DHT, or selectively block access to an ID it has gone > out of its way to cluster around. > > You might call that "the long con", and while I can't think of a defense > against it, that's a lot of effort to go through (and you'd have to farm > multiple Sybils around a particular ID in order to perpetrate an effective > DoS) > > -- > Tony Arcieri > > > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers > >
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
