Reputation Systems

From the WikiSpam workshop

== Reputation 2006-10-16 ==

(short version:)

• ebay
• Collecting existing systems?
• "I'm putting my ID on the line"
• identity system vs. reputation system
• single point of identity
• list of reputation systems that are working right now
• FOAF - addressing system
• what is proper behavior?
• Raymond King - rating people not pages
• automatic inference of reputation - mechanizing of reputation
• ''web of trust''
• identifying good guys, identifying bad guys
• short term vs. long term
• Omar Ismail - do it as friends, by hand, email
• Microsoft & Co. vs. FOAF/Free efforts
• Pre-2000 Sunir Shah - "good or bad?"
• scraping information from things already there?
• how do you lock users together?
• talking with the people in the other communities
• practical questions: "How does a person build a reputation?"

"How does the reputation grow."

• work identity, home identity, kids space identity
• web of trust: "white network"
• "scan wikis & see whos attacking & not attacking"
• "assuming an identity system" - Omar Ismail
• people must be in the loop
• "how automatic, direct/indirect, are our systems?"
• fear of centralization & abuse

(long version)

We talked first about ebay. Ebay has an existing reputation system. One approach is to simply collect existing systems (ebay, amazon, ...) We can scrape existing systems for information, and hook it together.

People care about how things go, because "I'm putting my ID on the line."

There is a difference between ''identity systems,'' and ''reputation systems.'' An identity system is a necessary predecessor, which simply secures: "The person who is writing is who they say they are." Reputation system is, ''on top of that,'' the idea: "We know this guy or gal from this group, and we trust him or her."

The identity creates a "single point" that you can attach information to. (Such as first name, such as last name, such as reputation information.)

We talked about reputation systems that are currently in place. Amazon, e-bay, Advogato, … unfortunately others, that I didn't write down.

'''FOAF''' is an important system. It's a specification on top of the Semantic Web that tells how you can describe ''people'' and ''organizations,'' and the connections between them. It is the system that has gained the most traction among Free & Open source software developers, and has had an active community around it for several years now. FOAF provides an ''addressing system'' that reputation information can (and is) attached to.

We talked about proper behavior: "What is proper behavior?" Every community has different standards for proper behavior, and people behave in different ways in different communities because there are different standards of behavior. A reputation system must be distributed, so that each community can do reputation in it's own way.

Raymond King notes that we are talking about rating people (identities,) not pages. Not just homepages, but people, wherever they may show up.

We talked about automatic inference of reputation information. We talked about mechanical methods vs. manual methods, advantages and disadvantages of each. Mechanical systems can be gamed, but do not require effort. Automatic & manual systems can be mixed.

We talked about the idea of a '''web of trust.''' That's a giant network of people who trust people who trust organizations who trust other people, by a variety of techniques, specifications. The web of trust makes it possible to trust someone else by proxy of someone else that you trust.

We refocused on the goal: The goal is to identify "the good guys" from "the bad guys." The meanings defer from community to community.

Most immediately, we want to answer the question: '''Are you a spammer?!''' We may make a very simple system based solely around just this question.

Omar Ismail said that we can do things as friends, by hand, just sending emails back and forth to one another. Others expressed interest in automation. Ward thinks there will be a mixture of the systems. Someone pointed out that "people must be in the loop," whatever system we have. Another asks "how direct or indirect is our system?"

Brandon says companies will step up and do reputation, if the free software community does not. "Do we really trust Microsoft & Co. to manage our reputations?" There is general fear of centralization & abuse. In a distributed system, we are much more accountable to one another, and a community can always form itself by itself.

Sunir Shah talks about the way things work in communities, pre-2000. If someone comes by and starts making trouble in a community, you simply go to the other communities where they came from, and say: "Hey! Will you control this person? He's causing trouble for us over here."

One person had two very practical questions:

• "How does a person build a reputation?"
• "How does that reputation grow?"

Answers: A person builds a reputation by hooking up with someone who has one. Their friend "opens the door" for them, into the community. We call this: "hooking the person into a web of trust." Once the person has their foot in the door, by excuse of someone with an established reputation, then they build their reputation simply by posting and participating over time.

We talked about the different types of identities people have. Ward said: We have an identity at home, an identity at work, an identity with our kids.

We talked about white lists, and how the web of trust is a "white ''network.''" Or a network of white lists.

We talked about scanning wikis and collecting information together to see who's attacking and who's not attacking.

Omar Ismail pointed out that we're ''assuming the existance of an identity system,'' and expressed some skepticism that we will see one soon.

Incomplete list of attendies: * Larry Freeman, Omar Ismail, Ward Cunningham, Raymond King, John Stanton, Sergei Golitsinki, Christoph Sauer, Sunir Shah, Helmut Leitner, Nahaboo Colas, Brandon Meyers, Lion Kimbro, Cristoph Sauer;

My apologies if I missed you or wrote your name down wrong; I couldn't see everybodies name tags.

Remembered afterwards: Ward had pointed out that trust changes over time. You need to have a renew system built in, and trust must be malleable. Sunir brought up an Advogato case of an esr impersonator.