Online Reputation Is Hard To Do

Symblized writes "A new article from InformationWeek argues that not only does the Web need ways to verify identity, it also needs better ways to measure reputation . The article uses Digg, Wikipedia, and eBay as examples and muses whether their models could be applied more widely. There's also a profile of Opinity, a company that tried to introduce a reputation system and didn't make it. Choice quote from a source in the article: 'The idea of a transferable, semantic reputation is identity nirvana.'"

Trust is the currency

[Raindance (680694)]

"Trust is the currency of the participation age." -Jonathan Schwartz

This is the $64,000 question. Building a reputation/trust system is very difficult. Honestly, Slashdot is one of the better examples of this (Slashdot's moderation system does alter the flow of the discussion but it does get a downright reasonable signal-to-noise ratio vs other online communities).

I'm volunteering at Citizendium, which is another possible datapoint. We're assuming that real names and respecting verifiable expertise will allow us to benefit in some fashion from existing scholarly reputation systems, and to build a more cohesive community.

Eventually, I think it'll be feasible to layer reputation and credentials (for sites that care) on top of a system like OpenID. People will be able to choose what reputation/credentials to share with which site. Information that you want to follow you (e.g., "I have a BA in Math from UCLA" or "I have excellent karma on Slashdot") will follow you across sites.

But yeah, it's a very difficult problem. Figuring it out is a big, potentially very lucrative issue.

And what do you buy with that currency?

[khasim (1285)]

It seems that everyone trying to "solve" this "problem" doesn't know what they're trying to achieve.

So what if you can make a perfect pseudonym identification system? What does that achieve for you? What do you accomplish beyond that?

Does it really matter to anyone else if your Slashdot 'nym can be verified to match your 'nym's on a dozen other boards? Who really cares if you have excellent karma on Slashdot?

Re:And what do you buy with that currency?

[gbjbaanb (229885)]

it matters because if you have good rep on slashdot, chances are you're not a complete mumpty. On the other hand, if you have a dreadful karma on slashdot, you'll be saying the same old pants on other sites too.

It really ensures that if you post good stuff somewhere you can be trusted to post good stuff on other sites too. What that means to a particular site depends on that site, for something like ebay that can matter quite a lot, at least it would allow good posters to be recognised as such, and then I think sites would start to implement policies on posting that restrict non-recognised 'nyms until they gain a good reputation.

Re:

[jlarocco (851450)]

I'm not convinced that's worthwhile. If I like trolling on web forums, how does that imply I wouldn't be a trustworthy seller on eBay? How does a good online reputation in any way guarantee that a person is qualified to write about a certain topic in Wikipedia? I don't see the connection.

Re:And what do you buy with that currency?

[Original Replica (908688)]

In this anonymous online world, this would be an attempt to establish character. So in the future, acting like an asshat for fun in formus would relfect on you elsewhere. Just like if you act like an asshat at the company picnic, it effects you back in the office and possibly gets back to your friends at home. And yes, I think if someone is a carebear in WoW then they are a more trustworthy eBay seller, and someone with intelligent /. posts is more likely to contribute intelligently to Wikipedia.

Re:And what do you buy with that currency?

[Sigma 7 (266129)]

In this anonymous online world, this would be an attempt to establish character. So in the future, acting like an asshat for fun in formus would relfect on you elsewhere.

I'll play devil's advocate here...

Let's say you comment on the theory concerning the use of demolition explosives on one of the world trade centers - pointing out that the collapse of the WTC doesn't look like other building demolitions [google.ca], or that the "symettric demolition" claim is incorrect.

However, the conspiracy theorists on the site are extremely fanatic about their theory (as opposed to a more moderate site that tries to investigate properly.) As a result, you receive a large quantity of negative feedback that attaches itself to your online reputation.

Other things that can affect you would be playing RTCW:ET, where you get kicked from a server for n00bism as you didn't dodge the three panzers that get fired into your local area (because another player thought you should have.)

And my personal favourite - just claim you support Bush. Your reputation would instantly tank.

Re:

[siriuskase (679431)]

A lot of the weightings would be personal, my favorite rating services would get higher ratings from me. My weighting may not even affect anyone else, or there might be a system where all who use a particular service have their scores aggregated somehow. Seems a lot like social networking to me, friends and friends of friends, netflix friends, myspace friends, etc.

Re:And what do you buy with that currency?

[Original Replica (908688)]

You don't think the fact that you occassionally like to "flame and act silly" or play "an annoying lowbie ganker" is telling ? It tells me that when you can hide behind the veil of Anonymous Coward, you don't have much respect for the people around you. Because let's face it, when you do those things you are causing real frustration for real people, and you do it for fun.

Don't be so gullible as to think someone's behavior is necessarily consistent no matter where they go on the internet.

This would be a case of adding "but ONLINE" and thinking it's something new and different. I don't think anyone's personality is 100% consistent as they go from one social setting to another, but it is all facets of the same actual person.

Re:And what do you buy with that currency?

[Simon80 (874052)]

Regardless of what kind of eBay seller you'd be, this system would let people shun you for being an asshat somewhere if you used an important identity to be an asshat with. This would relegate most asshattery to anonymous identities, which would mean that sites that want to eliminate asshattery would simply require that all participation come from an identity with a decent reputation. I'm not sure if this is a good thing or not.

Re:And what do you buy with that currency?

[Achromatic1978 (916097)]

You'll buy one. No, seriously. You'll see a whole host of forums, sites, etc, spring up where you either "have a good reputation with iDentify", or "Paypal/MC/Visa $15" for membership.

The merit of such a system is not particularly high. Neither is the probability of those sites making a profit.

And then you'll have reputation farms, like we now have link farms, that spammers will use to build reputation.

Re:

[mysidia (191772)]

For one thing, it says you are probably not a spammer; if you have a very good karma on slashdot. (You didn't just run by slashdot to post a piece of junk)

For the reputation system to really be useful for filtering purposes, a method needs to exist for your reputation to become "sullied" if you do spam somewhere, or abuse your reputation; in that case, your "reputation of good karma" on the pseudonym@SITE would need to have the bad part attached to it, I.E. if you spammed on some other site, and used

To clarify that ...

[khasim (1285)]

it matters because if you have good rep on slashdot, chances are you're not a complete mumpty.

So you're saying that it would help filter out a majority of the "complete mumpty".

That's a possibility. But it would be even easier to just use Slashdot's reputation/moderation system on your own site. That would solve the "complete mumpty" problem while also solving the problem of someone with excellent karma for his programming knowledge posting his conspiracy theories on your site.

And it automatically tunes itself to your audience.

It really ensures that if you post good stuff somewhere you can be trusted to post good stuff on other sites too.

Not really. Check back on the "creationism vs evolution" stories here.

What would be considered "good stuff" on one site (or even by one moderator) would be considered ignorant drivel on another site (or by a different moderator).

You achieve all the same benefits without the problems just by having your own reputation/moderation system.

Re:To clarify that ...

[dkf (304284)]

What would be considered "good stuff" on one site (or even by one moderator) would be considered ignorant drivel on another site (or by a different moderator).

You achieve all the same benefits without the problems just by having your own reputation/moderation system.

I suspect that there will be a lot of correlation between sites, as people who act like asses in one place are more likely to do so elsewhere. On the other hand, I also think that what will actually emerge is that the sites that correlate cluster in groups: if you have a good rep on site A, you're more likely to have a good rep on site B and a bad rep on site C, and you probably won't frequent D at all. Given all that, someone with a good search engine and a lot of cleverness will be able to start mapping out what these virtual communities actually look like and other sociological/anthropological stuff like that.

But will sharing reputation systems help sites? I think so, eventually, but not for many years yet. Until the reputation clusters have been found, sharing is as likely to introduce needless pollution of reputation systems as it is to enable reputations to be built up quickly. (Could there be a single reputation cluster? Maybe, but I suspect not; people are too inclined to divide the world into "us" and "them" for it to work out.)

One thing that might come out of reputation research is that it might become possible to use the reputation clusters to predict, from someone's interests and interactions, which sorts of sites they'd like to visit. OK, that does sound backwards, but it should guide people to where they won't want to make a total fool of themselves on a regular basis (yes, even the griefing pranksters; after all, when amongst the fools the foolish are sages and the wise foolish.) It may also eventually be possible to join the reputation clusters up, but using negative links (so reputations on sites for followers of Xenu who believe in ID and the supremacy of feng shui of placement of feeding bowls for their chihuahua will negatively reinforce reputations here) but I doubt that will help any time soon. There's a revolution waiting to happen here, but since it really involves lots of people, it'll take time to brew.

On the other hand, it is sensible to start working out what technological steps are required to enable specific bipartite reputation sharing, as well as looking at how to build sane single-site reputation systems. For example, slashdot's is pretty good in that it isn't easy to totally game the system while being mostly self-regulating, but can it be bettered without input of data from outside sites? If it can't be greatly improved, how difficult will it be to export the system to other sites? (It's late: I'm sure you can think of other aspects, but I can't right now.)

and...so what?

[Wabbit Wabbit (828630)]

I've got mod points, but I think I'd rather participate.

it matters because if you have good rep on slashdot, chances are you're not a complete mumpty. On the other hand, if you have a dreadful karma on slashdot, you'll be saying the same old pants on other sites too.

And so what? Is all of this really so important? I find it fascinating that so many people on so many sites care more about their "reputations" than what they post.

It really ensures that if you post good stuff somewhere you can be trusted to post good stuff on other sites too.

Does it? Sometimes I don't WANT my "good" reputation to follow me. I like acting like a goon on something awful and like a lolcat-loving ding-dong on fark and like a...well...never-you-mind-like-what on consumptionjunction and 4chan.

When (and where) I want to be serious, I am. Others see it quickly enough too. It doesn't take long at each site I join for people to realize that I'm a "good poster". Honestly, it isn't complicated. Stay on topic, write well, be helpful, and the rest follows. Such has been my pattern over the years at sitepoint, namepros, webhostingtalk, and even here.

\Perhaps it's because I'm old
\\And still use slashies
\\\(reversed because slashdot doesn't like 'em forward for some reason)

Exactly

[Moraelin (679338)]

I was going to post much the same thing, so it's refreshing to see someone else thinking that way.

The thing about Slashdot's karma is that it creates groupthink. As you've said, too many people care about it instead of just posting what they think. So they post what they perceive to be the popular opinion, even if that's not what they really think, or even if it's contrary to what they really think.

Frankly, I think groupthink is a bigger problem than even the goatse links. Groupthink is where rational information exchange dies. If you look at the worst bible-thumping communities, or at rabid theocracies, or at the worst excesses of history, and some of its biggest mistakes too, almost all were based on groupthink. Take a million people who individually think "jeez, X is stupid and evil" and put them in a big group where they think that everyone else is fundamentally and rabidly pro-X... and watch them all start chest-thumping for the very thing they secretly despise. Just to get brownie points with the rest of the gang.

When a whole village went and cheered about one of them being burned at the stake as a witch (for bonus points when everyone knew it's a bogus charge and the real reason is something like: widow without sons inherits some land, some rich guy wants her land), that was groupthink. "OMG, I can't let the other ones even think I'm not a rabid fundie. Why, my popularity would go down."

At the risk of tempting Goodwin's law (although it's not a comparison): when a few million Germans cheered about invading the USSR, that was groupthink too. "OMG, I can't let the others think I'm not patriotic."

And in our own times, when you look at such things as bible-thumping communities, or at the broken high-school culture where being smart is uncool and being an airhead is the apex of fashion... guess what? That's groupthink too. Once the ball got rolling, even kids who do understand that their future job does depend on it... still go and insult the nerd, because that's what brings them karma points with the rest of the group.

So, to cut a long story short, I actually _don't_ want that kind of global karma. I actually _want_ people to come forth and say what they think, and not what they think would be popular in that community. I want people to actually come forth and say stuff like "this war is bogus" or "the PATRIOT act is unconstitutional" and not devolve into sheep thinking "OMG, I can't have it follow me for the rest of my life that I'm not patriotic or that maybe I have something to hide". Even if it's something as unimportant as a games forum, I actually want people to come forth and tell me the bad parts about it, so I can make an informed decision. I don't want more of them to think "OMG, if I say anything bad, I'll come out as a troll." Etc.

Re:

[Kadin2048 (468275)]

Does it really matter to anyone else if your Slashdot 'nym can be verified to match your 'nym's on a dozen other boards? Who really cares if you have excellent karma on Slashdot?

It might. I think the best possible solution would be to let the destination site look at whatever pieces of reputation you choose to provide, and then weight them however it wants to.

E.g., let's say I set up a blog. I know most traffic is driven to it by people clicking on my site's URL in my Slashdot comments; therefore, it might

Re:

[JWSmythe (446288)]

Well, some of us have been lucky that we've managed to get our own names (or pseudonym in my case) almost everywhere. But some folks don't use quite as unique names.

I guess if there was a pseudonym reputation ranking facility somewhere, it would need to have every pseudonym for each resource listed. Ahhh, a tall order just got taller.

But, our pseudonym is such because we don't necessarily WANT everyone knowing who we are.

JWSmythe (my pseudonym) is kind of wel

Re:And what do you buy with that currency?

[Eivind (15695)]

Yes it matters. A lot.

Online, a lot of clues that are present in the real world are absent. We instinctively assign some level of trust to people we meet, for different purposes, based on a lot of variables, some of them we're aware of, others are subconscious.

You let your neighbour have your house-key to water the flower. But you wouldn't do that with *ANY* kind of neighbour.

You let someone babysite your kids. You let a friend borrow $50 'cos his credit-card is broken. You wouldn't to everyone, it's a matter of trust.

You trust someones judgement on some issue -- because you know that they are experts in the field and have a track-record of good judgement.

Being able to build trust in a pseudonym, and being able to prove that you are that pseudonym is very useful. It allows people to trust you who wouldn't otherwise.

To avoid abuse, it is nessecary that *you* have complete control over what aspects of your trust you share with which people and which companies.

So, what do you want to achieve ? World Domination offcourse ! *grin* No seriously, a million little small things, each of which may be unimportant, but the sum could be huge. Some examples used *today* include:

• If you've got excellent reputation, Ebay-buyers generally won't mind paying first, getting the item(s) afterwards. This would be quite risky -- except you know that the seller has sold 471 things before on similar terms, and -zero- of his customers complained.
• Hospitality-club use a trust-system to allow you to let complete strangers sleep over at your house, or vice versa, with a much reduced risk of any unwanted problems. Sure, *you* may not know this person, but it helps if 50 other people do -- especially if 5 of those are your friends.
• Slashdot use a trust-metric to let people with a track-record of sane comments be sligthly more visible.

In a universally networked world (which we're rapidly approaching anyway) with strong trust-systems, you could stop a complete stranger on the street and ask to borrow his car -- and he'd actually consider it. He wouldn't know *you* but, he'd be able to know a lot *about* you -- if you choose to share it with him.

Re:

[ajanp (1083247)]

Trust in an online world is a tricky thing. Despite how noble the intentions might be, any information you reveal about yourself always has the possibility of being exploited when you reveal it to such a large audience (what do you reveal so people can verify your credentials, yet so you can still remain anonymous enough that it can't be exploited). With increased exposure, you open yourself up to a lot of people who might use that information to do harm.

I remember somebody posting a comment on /. about

Re:Trust is the currency

[ralphdaugherty (225648)]

I have some nasty comments about this, but first let me switch to AC.

Re:Trust is the currency

[zCyl (14362)]

Honestly, Slashdot is one of the better examples of this (Slashdot's moderation system does alter the flow of the discussion but it does get a downright reasonable signal-to-noise ratio vs other online communities).

That's because Slashdot's system puts only minimal emphasis on individuals, and very high emphasis on selected adjectives of value. Comments do not simply get moderated up or down, but have to be moderated with a chosen adjective, such as "insightful", "informative", "funny", etc. This really helps keep people's heads on straight, especially with the presence of meta-moderation, because people then have to agree on what these words mean. The end result is that posts are usually moderated in close proximity to these labels.

The karma attribute is used only as an accessory to this content-based moderation, to provide some inertia to the community's character. It's not really a reputation centered system.

Poster identity vs Post identity

[kahei (466208)]

It's also worth noting that the identities of /. posters are very weak. People reply to the post, not to the poster, and relationships pretty much never last longer than the thread they are in. I can't actually name a single /. user name except my own.

I used to have a .sig saying: "If you recognize me at all, you probably recognize me by this .sig" and I think it was true.

Compare this to sites like Fark where rivalries and stereotypes rule. Hey, time for Bevets to post how we're all going to hell! Time

online resumes

[cashman73 (855518)]

As mentioned in the article, online resumes are one easy way of verifying credentials. But even that's not perfect, as they can be faked quite easily. Heck, people have been fudging information in their resumes even before the internet was invented!

Maybe somebody like Google can use their search engine technology to develop an improved algorithm that would perform multiple searches across multiple websites and databases to come up with some type of score rating an individual's credibility. But even this h

Wikipedia needs reputation system

[lawpoop (604919)]

I think Wikipedia is a site that really needs to somehow integrate the reputation of it's contributors into the articles. I haven't kept up with the structural changes they've made in the past couple years, but a lot of the editing work seems to be undoing trolling and vandalism, and also participating in edit and revision wars. I could be wrong at this point.

But if wikipedia had a reputation system ( other than just being banned or allowed ), they might automate contributions from reputable authors ( and check on the actual contributions later), while authors who are less reputable may have their contributions queued for review before they are published.

Furthermore, a casual user would be able to have a more savvy understanding of the reputability of any article or section of an article if it is tagged with the reputation of its' author.

Reputable authors might be able to also tag the contributions of others, such that the text or information itself gets a reputation. That would help users make a judgement about the validity of information on Wikipedia.

Instead of pushing the mechanics of the actual editing of articles behind the scenes, and just presenting a 'final' article to the end-user, let's formalize the process and enfranchise users into the process of judging the validity of articles.

Hear, hear!

[mangu (126918)]

I think Wikipedia is a site that really needs to somehow integrate the reputation of it's contributors into the articles.

Indeed! Here's my own anecdote on that: I recently tried editing an article on a certain Posada Carriles, a man whom the Cuban government and Wikipedia call a "terrorist".

I was browsing the Cuban government site Granma [granma.cu] where they had a list of what they called evidence against Posada. One item was an AK-47 rifle, another item was a box of 5.56mm ammo for that rifle. It doesn't take much of gun expertise to know that NATO ammo doesn't go into an AK-47, and I tried to put that in a paragraph criticizing the accusations against Posada. I don't know the guy, for all I know he could really be a terrorist, but you aren't going to convict anyone in a civilized court of law with that kind of "evidence".

I was thoroughly flamed by someone about that. It seems that Cuban government sympathizers are carefully patrolling any critical statements about the dictatorship. If Wikipedia had a reputation system, the commies would mod me down for presenting a balanced view in their rant against Posada, but I would recover my karma through my other contributions. OTOH, fanatics would find it too troublesome to fake an interest in subjects other than their favorite and their karma would suffer from that.

Re:

[Cyberax (705495)]

There ARE modifications of AK-47 and AK-74 for NATO ammo.

Hmm

[Seiruu (808321)]

The only reason online reputation is hard is because online identification is hard. Once you're past the identification and privacy issues you could go Google: your single/central/one point rated identity, linked with all your accounts from all over the place which should give you some sort of a global and more specified ranking (karma on ./, trustworthiness on ebay, whatever rating/googlerank on google/amazon) for people to search for.

Web design

[Hao Wu (652581)]

Companies will often try to maintain "reputation" by using a rigid, non-interactive web design. With Flash, for example, a website becomes just a commercial to sell the perception of quality, or the illusion of branding.

(Isn't that right, all you "Hubsters"?)

What about LinkedIn?

[Realistic_Dragon (655151)]

LinkedIn has a reputation model that works in a limited sense. It tells you the people on the chain between yourself and an individual, up to a certain length.

Since you know (by definition) the first person on the chain you can ask them to make enquiries along the chain about the person you want to know about. It lists up to 3rd degree associations, ie your friend knows them or your friend knows a friend of theirs. Surprisingly effective for finding out about someone you want to hire, in a general sense at

Re:

[crAckZ (1098479)]

that is a good idea. but one weak link will destroy the chain. what if one of those people gets hacked? malicous software is placed and then the whole chain gets it and it spreads. as of right now i see no viable way of doing this. there are to many factors and was to hide any identity or truth. if it was accomplished what if your information leaked? soemone signed you up for alot of questionable sites and your ID was trashed. then you have to take the time to rebuild and correct all that information.

Re:

[Phil Resch (447588)]

Regarding your P2P network of friends ... have you heard of WASTE? If I understand you correctly, it's more or less what you're suggesting. At any rate, its Wikipedia page is worth reading. It has some interesting information, and a lot of links to follow: http://en.wikipedia.org/wiki/WASTE [wikipedia.org]

Linking RL with the IL

[FoxNSox (998422)]

Even still, it is hard to rank someones reputation based on a numbers system. In alot of forums I post on, I am a regular poster with a high rank. However, alot of people have an issue with me because of my free speech (the beauty of the internet). Is there really a standardized way to determine reputation? It really has to do with the context. If you are on a programming forum, you may rank someone based on their aptitude for a specific language, or their problem-solving skills. Conversely, if you are on a political debate forum, ones reputation may be based on how fluently their opinions are expressed.

Re:

[DaleGlass (1068434)]

I run a reputation system on Second Life.

My solution to that was to make it a graph. Scores are calculated depending on who you are and who you're looking at. So Alice likes Bob, who likes Carol, who likes Dave. Alice builds a tree, and adds up all the paths leaving to the same person.

This works well for me, the only problem is that it's very resource intensive. Cost increases exponentially with depth.

On the other hand, it's very resistant to attempts to disrupt it. Simply getting extra accounts doesn't wor

Instant Mashed Repuation!

[rueger (210566)]

The problem is that everyone wants to know right now who is trustworthy and who is not.

Building a reputation takes time, often a lot of time. Amazon's reputation is built on several years of good service, good web design, and overwhelmingly positive customer experiences.

Facebook and Digg don't have that track record, and until they do will not enjoy the same level of trust.

Any system designed to give a stamp of approval needs only one mistake to become untrustworthy. Unless it can be nearly 100% foolproof it won't be effective. And given the number of supposedly trustworthy businesses who are anything but, I'd say that rating reputation is not likely to happen soon.

The First Law of Cyberspace

[Hobbex (41473)]

There is no such thing as negative trust.

(Once you accept that, the rest isn't so hard.)

heatware

[mscdex (774392)]

Heatware [heatware.com] Most frequently trusted on many For Sale/For Trade forums because of their strong stance on scammers.

What about well-prepared people?

[CPE1704TKS (995414)]

I haven't used my name for posting on the Internet since 1997 when I realized that dejanews.com would keep my newsgroup postings forever (even that was with a somewhat random e-mail address). I literally don't have any internet presence with my real name unless it's inadvertent (ie. a news release from my employer) but the good thing is that my name is so common I would be hard to find anyway.

So in it's place, I created a whole shitload of false identities that I post under, one of them about 10 years old now. Mainly on forums and newsgroups for work purposes, etc. If you searched for this particular identity, you would probably fine hundreds of posts (including many on slashdot) some of them truthful, some of them fake, with various opinions of topics.

Every few years I will discard an identity or create a new one, for various reasons. I even have a fake lj blog that I've created just for the purpose of having that sense of "credibility", just in case I need it. I usually update that every few weeks, with something that I read on someone else's blog, but changing the words around just enough so that I can't be googled and exposed as a fake. I make sure each identity has a different way of typing, different levels of typos or capitalization, etc. I don't think you would be able to properly gauge the "credibility" of this person at all.

I doubt I'm unique and there are probably scores of people doing the same thing. As internet users get more and more sophisticated, how will internet credibility really be gauged unless you actually meet someone face-to-face? I was even contemplating getting a pay-as-you-go cellphone with no traceability (paid with cash at a store in a different city than where I live) just in case I needed to talk with someone offline. I'm doubtful you can really establish credibility to the point where it's better to just assume that everyone is lying and be on the guard all the time.

Re:

[Tatisimo (1061320)]

Same here. I keep quite a few different characters, and shed the old ones in order to keep my privacy. Everybody I know does it to keep their past from haunting them. Funny how I look back on my old personalities and realize what a moron I was. It'd be horrible if people took the posts I made when I was 14 and use them as evidence against my character. People change in the real world, and the past is normally forgotten, but on teh interwebs, they stay the same, unless WE can help it. Also, it's great to see

Sucks to be you

[SuperKendall (25149)]

Some of us have posted under nothing but our real names for years, knowing that every post was only adding to our online metaprofile, and if the bulk of what we posted was helpful or useful or at least sensible, we were building up years of easily accessed credentials to help people understand they could rely on information from us a little more than Joe Q. Internet.

Why you would choose to be anon in a world where reputation is growing in importantance every day has always been beyond me.

RapLeaf

[AaronBrethorst (860210)]

What about RapLeaf [rapleaf.com]? Although it's centered around ratings for conducting transations, I have to believe their system would be pretty effective across a broad spectrum of reputation and ratings needs. Plus, they offer a set of APIs, which is always handy.

Advogato

[MSG (12810)]

Well, there's Advogato's Trust Metric [advogato.org] system.

I've been of the opinion for a while that a similar system could be devised using PGP or S/MIME certificates to combine identity verification with "web of trust" reputation evaluation. Under such a model, every user would import the public certificate of authorities that they trust. For example, consider a consumer review web site, where I decide to trust the site's admin. The admin trusts its editorial staff, and their certificates are signed by the admin. Any of the editorial staff may trust one of the site's frequent contributors, based on the quality of their work. That editor may sign the contributor's certificate. Now, my level of trust for that contributor can be established as a function of the proximity of that user to the admin in whom I placed trust. This differs from Advogato's system in that the "Master" certificates are simply those whom I've decided to trust.

The same thing can be applied to social networking sites, as well. I can trust my friends by accepting their certificates, and gain insight into social relationships by examining the signatures in their keys.

Re:

[DaleGlass (1068434)]

The problem with PGP is that it's too complicated to understand for normal people. Now, I love it, but even the Windows GUI versions of it are hard to explain, because the concepts of webs of trust, fingerprints, signatures, and security are alien to most people.

I implemented something web of trust-like in Second Life, but without signatures, and without a root. Instead the server has a big table of user1/user1/rating rows. You are the root, to find a score the server builds your tree and adds up all the pa

Reward and punishment

[iminplaya (723125)]

Online, and in real life, we reward bullying and punish honesty. How do you make a reputation in that environment?

Reputation vs. identity

[btempleton (149110)]

The article claims to be about reputation but mostly talks about the various "identity" efforts out there. Yes, a reputation is associated with an identity, but most of the identity systems being promoted focus on real identity rather than pseudonyms which you can choose to associate with yourself or not.

There is a paradox to those systems -- the easier they are to use, the more they will get used -- and demanded. We'll go from a web where most web sites can be used casually, with no "sign on" (single or otherwise) to a web where far more sites demand you use the single sign on and thus have an account, because it's easy for them to ask.

This paradox is described at http://ideas.4brad.com/paradox-identity-management [4brad.com]

Online reputation? All reputation is hard to do

[Colin Smith (2679)]

It's why we have exams, professional organisations, CVs, brands, social networking etc etc etc.

We use reputation all the time and no-one has come up with a single reliable, coherent way of measuring it. You just try to get a decent builder.

 

They're just blogs.

[Animats (122034)]

When I first saw the title, I thought this was about reputations for web sites or online businesses, but no, it's about reputations for, well, bloggers. Where it doesn't really matter all that much. It matters for eBay, but most of the sellers on eBay are businesses. It's been a long time since eBay was individual to individual.

Dating sites have struggled with this. True [true.com] wants to see an image of your driver's license. With the controversy over Myspace, we may see them going that way, at least for parents.

Wikipedia doesn't care much about identity, except as regards vandal blocking. Even admins and ArbComm members are anonymous. All Wikipedia needs is some way to slow down unlimited generation of new identities. I once suggested that one way to do that would be to require some easily available, no-cost, unique, verifiable physical token to register. Like an AOL disk.

One approach to identity verification, which I'd like to see used for domain registration, is simply mailing out a card by postal mail. When you register a domain, a letter should be sent to the address listed for the domain. When you get the letter, you type in the password printed in the letter postcard, and the domain registration completes. That would really improve WHOIS data quality and cut down on scams. The cost of sending out customized mailing pieces is under about US$0.50 each when you have a bulk mailing house do it, so it's quite feasible at current domain prices.

eBay's system doesn't work

[tekrat (242117)]

eBay's system of who you can trust and who you cannot doesn't work. Generally, even theives have a good feedback rating on ebay, and worst of all, the average joe who isn't an eBay powerseller or doesn't have his own ebay "store" is likely to get shafted because eBay only cares about fees, not feedback.

For example, a user with a feedback of 1 can buy something from a seller with a feedback of 450, and then complain to ebay. The user of with the feeback of 1 can have the seller's account suspended despite the vast chasm of difference between the seller's feedback and the buyers, and ebay makes NO distinction over which party has the better reputation.

It all comes down to who files the dispute first. Either that or eBay just assumes the seller is always at fault.

Ebay's dirty little secret is that you can create an account, buy something, and essentially get it for free from the seller because the only way the seller has to resolve the suspended account is to refund the payment. There is NO other recourse.

And "reputation" means nothing to ebay. You could have created the buyer's account a week ago, and take down a seller who has been a good seller on ebay for years.

And when Ebay gets wise to you, create a new email account on yahoo, start again, buy something, register a complaint and get it for free, because the seller has to refund your money.

So; how exactly does eBay's system "work"?

Reputation is easy

[richardtallent (309050)]

Identity is really the easiest part of the problem.

But reputation is easy as well. The problem with most proposals is that they are focused on organizational reputation rather than personal reputation.

Reputation, however, is relative and contextual. We don't need Slashdot vouching for us, we need people in our own address book / social network. Then we can vouch for our friends/family in various ways ("this person isn't a spammer", "this person knows a lot about cars", etc.).

But the real power of a personal reputation system is that it is transitive. If I trust that Alice is not a spammer, and Alice trusts that Bob is not a spammer, I can to some degree also trust Bob, and so can my friends, etc. A few degrees of Kevin Bacon there and you've got a real system.

Such a system allows for anonymity as well. I don't need to use my real name if I can generate some other identity and foster trust in some other community. As long as the identity token itself is secure, they don't need to know my name, they just need to know I'm not a troll, I'm insightful (hint hint), etc.

My vision of such a system would use SMTP as the transport mechanism for requesting and relaying trust between parties. Mail agents would handle the requests automatically, like calendar-enabled mail programs do now, and it is a fully-distributed system. Mail clients would also cache trust from their own "friends," like DNS, to better respond to requests.

This degrades well, since the emails can contain manual instructions for those whose mail clients don't have this feature. Or their Internet providers can help with server-based responses, so the mail client doesn't even need to be involved in most cases.

With such a system, spam would mostly be a thing of the past. I can limit incoming email to only people in my Address Book, people in theirs, etc. out to some limit of degree. Chances are, that will quickly encompass everyone likely to want to send me a legitimate email, and bounce away people with no legitimate friends (spammers). The system would self-correct when accounts are compromised or people unwittingly trust spammers, and if a friend of mine is too naive and adds spammers to his list constantly, I can stop trusting his list.

We really do need a ubiquitous identity-trust system, something that uses existing protocols to share trust and integrates with IM, email, online forums, auction sites, etc. But the problem itself isn't that hard.

Re:

[garbletext (669861)]

sloppy markup. that text has got an anchor tag around it with no href attribute.

Re:

[Ghworg (177484)]

The advantage of OpenID is not replacing typing in a username and password with a URL. It is not having to sign up with Joe Random's blog site in order to post a one line comment. I don't want to give out my email address to every site I want to contribute to. Sure I could make up fake info for the site, but most of the time even that's too much work to bother with.

OpenID has problems yes, but there are technical solutions for all the ones I know of, including the redirect/proxy one you highlight. I've