voice of humanity: How to Build a Voice of Humanity on the Web - the short version    
 How to Build a Voice of Humanity on the Web - the short version8 comments
28 Aug 2003 @ 19:34, by Roger Eaton


Underlying a voice of humanity there must be a globally distributed database -- this article is about the overall operation and structure of that database. A separate article will deal with how we build the voice of humanity on top of the database.



Philosophy

Keep it easy. Python. Home-made simplified peer-to-peer and security logic. No java. No UML.


Basics

Hubs, items, users, categories, ratings and linkages with rules are the basics. Hubs are single InterMix instances, normally one per PC, each carrying many categories of item and servicing one or more users. Items are xml documents with both category meta-data and built-in meta-data, plus either item contents or a pointer to item contents. Users apply ratings to items. Users, hubs and categories are tracked as items themselves in the database. Meta-data is indexed along with ratings so that items may be retrieved efficiently in rating order using meta-data criteria within a category. Hub owners and other trusted users manually create long-term linkages between categories on a single hub or between pairs of hubs, specifying what items and ratings should be transferred, and how often. For each linkage, items may be exchanged in both directions, while ratings are always transferred in one direction only thus creating a hierarchy where the linked category that receives the ratings is above the hub/category that sends the ratings for that particular linkage.

A hub/category that receives ratings will tend to be collectors of items in that category, and so will have many feeder categories and many more items in the category than the hub that sends the ratings. The lower hub/category will want to download only a few of the most highly rated new items from the higher. The effect will be that highly rated items will rise in the hierarchy and be distributed back down to larger and larger domains.

It is important to realize that there is no requirement that the hierarchies all reach to a single global summit. There are bound to be semi-private enclaves that do not connect to the global level. Some categories of items will be too specialized to be wanted at global levels. Other categories of items will be proprietary and therefore not eligible for upload except within a particular sub-network.

To set the process in motion, InterMix software will have a number of hubs seeded in the database already at install time. A facility will be provided so that each hub that distributes the software can easily pre-load its own list of favorite hubs.

Privacy and Security

The purpose of security is 1) to prevent mass deception through manipulation of ratings and 2) to prevent mass theft of user meta-data, such as age, sex or email address. Rating and user data need to be encrypted on disk, and all hub to hub transmission needs to be secure.

Sections of the voice of humanity (voh) network may decide to use different security methods, or none at all. Security needs to be modular so that with the proper plug-in, any two hubs can connect.

There is a usable python encryption package, PyCrypto possibly accessed through ezPyCrypto. Rather than implementing open-ssl, which looks difficult, it should be possible to use the "How SSL Works" document at [link] to dummy up something for starters. Later, a more professional security layer can be implemented if needed.

Each InterMix version/operating system combination will have a known configuration, which it must prove as part of the handshake between hubs. There is nothing to stop a clever programmer from passing off the proof of authenticity from a hacked version to the real thing in order to get the needed password, but this safeguard will reduce incidences of amateur hacking and make it difficult or impossible for a concerted stealth campaign to replace large numbers of hub engines with bogus versions and nobody be the wiser.

Ratings will be accompanied by a level of confidence, depending on whether the rater was identified by simple trust, by email and password or by certificate. Furthermore, ratings will be sent up the hierarchy by multiple paths for extra security against interception, and a sample of ratings received by each higher level will be rechecked with the originating hub, so no one hub can distort the ratings systematically as they pass through. Finally, for important items and categories, an entirely separate system of verification akin to exit polling for elections will be needed -- to be added later.



[< Back] [voice of humanity]

Category:  

8 comments

29 Aug 2003 @ 18:19 by ming : Trust and Security
A question is how much digital identity is required to make this reliable. Nobody's come up with a real good open source digital identity system, but if somebody does, it would come in handy here. I.e. one could be sure that each person has only one identity, so one doesn't vote several times. And one could display the history of what a certain person has rated, which might be part of the equation of figuring out how trustworthy the ratings are. The security of the connection doesn't matter much unless we're pretty sure who people are.

Open-SSL is not very hard to implement, as it is well supported in libraries. I'm sure for Python too. One doesn't really have to worry much about the hairy details.

I guess a key thing to solve here is how to make sure nobody can fool the system, and create artificially high ratings for their own ideas, or low ratings for somebody else's ideas, by pretending to be a whole bunch of people doing ratings. I don't think that can be solved without a way of keeping track of identity somehow.  

30 Aug 2003 @ 12:15 by mre : re: Trust and Security
Well, certainly we must assume a hostile environment where some individuals or groups will want to thwart a voice of humanity. And I am sure you are right in your estimate of current identity systems, but I think there are couple methods that will handle the situation. Please let me know what you think. This issue could be a show stopper, so let's cover the ground here very carefully.

First, I think that if we can prevent an automated attack, then that will be sufficient. If someone wants to use several email addresses to manually cast several ratings for the same item, well, for now, we let them. On a world scale, they can't do any damage this way, and on a local scale, they may be found out and persuaded to ease up.

The real difficulty is that anyone with a linux box and some scripting capability can have a thousand email addresses, and with some hacking ability added in, these addresses could be all from different domains and tough to detect. But, check this out: if you go to networksolutions.com and click the whois link and enter a domain name and click search, you will be asked to verify an automatically generated number displayed with a crosshatch background difficult for an automated process to decipher. Why not add something similar to the voice of humanity login? Instead of ID and password, one must supply ID, password and proof of humanity. Seems appropriate, even! What do you think? Stopgap, but workable for starters in my judgment.

To lessen the impact of the person who logs in manually with multiple email addresses, I think we might give greater weight to ratings given by persons whose contributions have themselves been highly rated. Perhaps a square root function could underlie a tier system, with weights ranging modestly -- say 1 to 4. I like this global-brain type code because it keeps local groups more in alignment internally. For instance, conservatives will not thrive in a local progressive group and same thing the other way about. We might even consider that ratings by persons who do not contribute items are used only for improving search requests for that person and do not count towards the collective ratings. (Am I getting post-modern yet?!!)  

30 Aug 2003 @ 13:13 by ming : Ratings
A google type ranking mechanism would make sense. Ratings get higher weight from those who themselves get high ratings. And that in itself provides a certain tamper proof quality. You could tamper with google's ranking, but it would be a lot of work, to not only pretend to be a lot of different people, but also to make sure those people are being rated high.

The mechanism where one has to type in some characters from a graphic - yes, that's a good possible idea. Particularly if one only has to do it once in a while, and not for each rating.  

30 Aug 2003 @ 15:32 by mre : re: Ratings
Yes, a user will only have to identify the graphic once, at login time. After x number of minutes with no activity, the user will need to login again.

Ming, I am mindful of your original comment that "keeping track of identity" is a requirement to prevent serious distortion of the results. Are we ok to go forward? I think we need to consider this area still a weakness, but how bad is it, I wonder? I think there are a lot of people working on this problem. Perhaps it is not unreasonable to expect useful developments over the next few years.

I like your idea of being able to track what a person has rated -- not what rating given, but just the items rated. Good spoof-spotting tools would help deter the spoofer. Another similar tool would provide correlation coefficients for the ratings of any two raters.

Another idea would be to ask new registrants to provide some pointers to information about themselves on the web if that seems congenial, that is. I hope others who find this exchange will add their ideas. If it is significantly down the road, please email me at rogereaton@earthlink.net a notice that you have posted something here.  

31 Aug 2003 @ 12:14 by mre : identity question end run
Interesing point in {link:http://joi.ito.com/static/emergentdemocracy.html|"Emergent Democracy"} essay by Joichi Ito

"Yamagishi has conducted an experiment using an electronic market where participants buy and sell items from each other and the participants are able to lie about the quality of the items that they sell. In the closed market scenario where participants' reputations were tracked and they were unable to change their identities, the quality of the transactions are naturally high. In a completely anonymous system, the quality was low. When participants were allowed to change their identities and only negative reputation was tracked, the quality started high but diminished over time. When the participants were allowed to change their identities and only positive reputation was tracked, the quality started low but increased over time and approached the quality of transactions in the closed network.[38]"

In this essay, Ito is applying the concept to weblogs, but the principle seems to apply to raters and rated items as well. What if both positive and negative reputation are tracked, I wonder.

The article referenced by Ito is also online: {link:http://joi.ito.com/archives/papers/Yamagishi_ASQ1.pdf|Improving the Lemons Market with a Reputation System}. Here is an excerpt:

"The first issue concerns the free-riding problem in providing reputation (Avery, Resnick and Zeckhauser, in press; Resnick et al., 2000; Resnick and Zeckhauser, 2001). There is no incentive for online traders to share one’s own experience-based information with others. Shared reputation is a public good to which one can freely access. Contributing to its provision is not a condition for access. According to the “logic of collective action” (Olson, 1965), such a public good will eventually fail to be provided, or if provided at all, will be underprovided. Although Greif (1989; 1993) does not explicitly discuss the problem of insufficient incentives for the voluntary provision of reputation information in his analysis of Maghribi traders, we can imagine reasons why this was not a major problem with Maghribi traders. The provision of sanctioning is logically identical with the provision of a public good, which involves a second-order social dilemma problem (Yamagishi, 1986). In short, people who benefit from a sanctioning system are not willing to bear the cost for providing and maintaining the system. According to Axelrod (1986; see also Yamagishi and Takahashi, 1994), this problem can be resolved when people sanction those who do not sanction non-contributors to a public good. Applying this logic to the provision of a reputation system, the second-order problem can be resolved when those who do not share their personal experiences with others receive a negative reputation for that and are then treated in a similar manner as dishonest traders are treated. This could have been the case, although Greif (1989) is not explicit on this issue, among Maghribi traders, but definitely not the case for online traders. It is not common to give negative evaluations to someone who has failed to provide reputation information on the Internet auction market. Thus, the public good problem is expected to be more serious among online traders than among Maghribi traders.

"The second issue concerns the stability of identity. Online traders can have as many identities or handling names as they wish and can change their identities as often as they wish. An online trader who has accumulated negative reputations can shake them off by assuming a new identity with a new email address and thus pretending to be another person. As a result, the effectiveness of reputation as a solution to the problem of lemons can be greatly undermined among online traders. This problem is especially serious for negative reputation, which, according to research of trades on Ebay (Houser and Wooders, 2000; Lucking-Reiley et al., 2000; Resnick and Zeckhauser, 2001; Standifird, 2001) has a more powerful effect on price than positive reputation. Positive reputation, however, is free from this problem since online traders have every incentive to maintain the positive reputation that accompanies their identity. Positive reputation is a valuable asset, and traders who have acquired a high reputation will not voluntarily change their identities.

"The above discussion leads to the third issue: the existence of both positive and negative reputations. The effectiveness of a negative reputation system to contain the lemons problem is compromised to the degree that those who behave dishonestly have alternative markets to move into without paying exit and entrance costs. And, the extreme example of such a loose market is the online market, or more specifically, the Internet auction market such as eBay and Yahoo. A dishonest trader does not even need to exit from the market in which he has exploited others and has acquired a negative reputation. He can simply change his handling name and re-enter the same market as a different person. In addition, fear of retaliation prevents online traders to provide a negative evaluation to their trading partners (cf., Resnick and Zeckhauser, 2001). Thus, providing a solution to the lemons problem in the online market with a reputation system seems to be a hopeless endeavor. The reality, however, is much brighter than it appears (Kollock, 1999; Resnick and Zeckhauser, 2001). Reported frauds are rare and the reason for the low rate of dishonest behavior has been attributed to the reputation system used in the online market. Many researchers (e.g., Kollock, 1999; Resnick and Zeckhauser, 2001; Standifird, 2001) assert that the surprising power of reputation to contain dishonest behavior stems from the speed and low cost for disseminating information in online markets. They claim that the disadvantages of online markets for reputation are well offset by the sheer quantity of cheaply and quickly disseminated reputation information.

"Kollock (1999) proposes another possible reason for the theoretically unexpected strong effect of reputation in online trades. He argues that positive reputation rather than negative reputation should function as an effective solution to the lemons problem in the online market. He argues that the negative reputation system is doomed to failure in the online market due to the reasons summarized above. On the other hand, he continues, traders have incentives to maintain a positive reputation because a positive reputation is a valuable asset. The freedom to change identities will not affect the effectiveness of the positive reputation system since traders voluntarily keep their “brand name” once they have acquired a positive reputation. We agree with Kollock’s (1999) assessment of positive reputation. However, Kollock (1999) is missing an important theoretical issue. What is the mechanism with which the positive reputation keeps traders from dishonest behavior? In the case of negative reputation, it was the fear of losing trading partners who would provide opportunities for future profits. We will return to this important theoretical issue in the discussion section of this paper, after empirically examining if a positive reputation system is equally or more effective than a negative reputation system in the experimentally created online market."

An point to notice is that participants should be tracked and credited for giving ratings, and sanctioned for not giving ratings. I don't see quite how to sanction users for not rating items, tho. I wonder -- should the ratings given a user's items be discounted if the user does not rate other items? This discount would serve as a sanction, and would certainly greatly increase the amount of rating that occurs. But would users object -- vote with their feet? I.e. would a system be obnoxious if not-rating-others leads to reduction in one's own ratings received?  

16 Feb 2004 @ 12:36 by Roger Eaton @208.187.17.224 : spambots and antibot measures
Besides the problem of deceptive logins and ratings, there are socalled spambots that want to steal email addresses. Here is a good http://www.neilgunton.com/spambot_trap/ . An important point made at the spambot is that spambots will become smarter. In the context of the voice of humanity, the evolution of attack agents is also a likelihood. Moreover fooling spambots and ratingbots with antibot images for login, makes it impossible for blind people to participate.

Therefore, a requirement that users post a message and perhaps be certified by the hub host as human before their ratings count seems in order.

That said, there is a python AntiBot out there at http://www.vorras.com/products/antibot .  

10 Dec 2008 @ 05:24 by cheng @61.164.84.82 : Kitchen Cabinets, China Kitchen Cabinet
Kitchen Cabinets, China Kitchen Cabinets, Wardrobes, Bathroom Vanities, Closets, Kitchen Cabinet Doors, Kitchen Furnitures, Bathroom Cabinets, Armoires, European Cabinets, Italian Vanities, Kitchen Cabinetry by Mier Kitchen & Bathroom Cabinets



With over 15 years of experience, Ningbo Mier Kitchen & Bathrooms Co., Ltd. (Ningbo Modernday Kitchen Utensil Co.,Ltd) mainly manufactures superb high quality kitchen cabinets, bathroom vanities, wardrobes and Closets.
Our head office is located in Ningbo city, Zhejiang province, China. We have many distributors in over 20 different areas of China including Beijing, Shanghai, Hong Kong, Shenzhen and more. We currently export our products to Australia, Canada, the USA, Denmark,Europe, France, Italian, New Zealand, America, Japan, Scandinavia and others. Mier Kitchens & Bath has always proven to create innovative designs and has also been strongly focusing on the expansion of business cooperation abroad.
Our main aim is to satisfy all our customers and to build trust and confidence between our business relations. Mier Kitchens & Bath will always bring you something new and vibrant in kitchens and bathrooms. We guarantee only the best along with high quality, competitive pricing and customer satisfaction. With our highly advanced technologies, we have excelled amazingly in the kitchen and bathroom industry.
Mier Kitchens & Bath endeavors to continually use the latest technology in order to reach the optimum outcomes for our loyal customers. We sincerely look forward to cooperating with you in the near future.
Our Company wholesale and supply Kitchen Cabinet,China Kitchen Cabinets,Cloests,Kitchen Appliances,Custom Kitchen Cabinets,Bathroom Vanities,Kitchen Utensil,Wardrobes,Modern Closets,Kitchen Cabinet Doors,European Kitchen Cabinets,Italian Vanities,Kitchen Countertops,Kitchen Collection,Kitchen Furniture,Kitchen Designs,Kitchen Cabinet Accessories,Kitchen Cabinet Hardware, Modern and Traditional Kitchens,Kitchen & Bathroom News.Kitchen Island Design Ideas! Kitchen island plans, kitchen remodeling kitchen island.Information on kitchen design ideas, Kitchen cabinet photo,where to find suppliers of materials,kitchen styles,kitchen designers and kitchen plans.We sincerely hope to cooperate with customers form all over the world and supply you a good Kitchen Environment.Please contact us to inquiry .Our email address is cnkitchenware@gmail.com.  

8 Jun 2009 @ 06:08 by jewelry @218.19.53.159 : pearl
Read to exercise the brain.
Surround yourself with friends.  

Your Name:
Your URL: (or email)
Subject:       
Comment:
For verification, please type the word you see on the left:

Other entries in
24 Jun 2007 @ 23:17: Global Assembly now accepting sign ups
26 May 2007 @ 19:26: WiserEarth / Paul Hawken
18 Mar 2007 @ 23:19: Latest InterMix Design
30 Dec 2006 @ 17:53: A Nonviolent Service Arm for the Global Assembly
19 Nov 2006 @ 15:45: Global Assembly Dialog Progress Report
12 Oct 2006 @ 15:49: True Religion Creates Community
1 Oct 2006 @ 18:24: Voice of Humanity and the Information Commons?
24 Sep 2006 @ 22:12: The Outsider has a place in the Global Assembly Dialog
17 Sep 2006 @ 20:44: "Unity and Diversity" and "Unity in Diversity"
11 Aug 2006 @ 05:13: The Wedding of Humanity and Nonviolence


[< Back] [voice of humanity] [PermaLink]?