Controversy and stability: How wikis have productive conflict By Sunir Shah, with acknowledgments.
Copyright 2001 Sunir Shah. All rights reserved. Meatball Soft Security Safety in Numbers Sunir Shah...
-
Upload
cornelia-greene -
Category
Documents
-
view
221 -
download
0
Transcript of Copyright 2001 Sunir Shah. All rights reserved. Meatball Soft Security Safety in Numbers Sunir Shah...
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
Soft Security
Safety in Numbers
http://usemod.com/cgi-bin/mb.pl?SoftSecurity
Sunir Shah
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
“I think that security measures of a purely technological nature, such as guns and crypto, are of real value, but that the great bulk of our security . . . derives from intangible factors having to do with the social fabric. . . . Those who wish to use the Internet as a tool for enhancing security, freedom, and other good things might wish to turn their efforts away from purely technical fixes and try to develop some understanding of just what the social fabric is, how it works, and how the Internet could enhance it.”
Neal Stephenson, Computers Freedom and Privacy 2000 (Toronto)
http://usemod.com/cgi-bin/mb.pl?SoftSecurity
KEY OBSERVATION
Copyright 2001 Sunir Shah.All rights reserved.
MeatballPARANOIA
http://usemod.com/cgi-bin/mb.pl?DefendAgainstParanoia
SITE
ATTACKER
ATTACKER
ATTACKER
ATTACKER
ATTACKER
ATTACKER ATTACKER
ATTACKER
ATTACKER
ATTACKER
ATTACKER ATTACKER
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
SITE
ATTACKER
VANDAL
http://usemod.com/cgi-bin/mb.pl?AssumeGoodFaith
MORE GROUNDED . . .
USER
USER
KLUTZ
USER USER
USER
USER
USER
USER USER
transient
angry user
mistake
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
KLUTZ
SITE
VANDAL
http://usemod.com/cgi-bin/mb.pl?HardSecurity
HARD SECURITY
POLICE
POLICE
•Passwords•Trust metrics•Rating systems•Moderators•Kickban
Ignored userbase. . .
POLICE
POLICE
REALLY?!
ATTACKER
USER
REALLY?!
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
http://usemod.com/cgi-bin/mb.pl?QuebecCity
CYNICISM IS EASY...
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
SITE
ATTACKER
VANDAL
http://usemod.com/cgi-bin/mb.pl?MetcalfesLaw
SAFETY IN NUMBERS
USER
USER
KLUTZ
USER USER
USER
USER
USER
USER USER
Anyone can help! Even klutz (attacker?)...
Copyright 2001 Sunir Shah.All rights reserved.
MeatballWIKI
http://tavi.sourceforge.net/index.php?WhatIsAWiki
•First is Ward Cunningham’s WikiWikiWeb (http://c2.com/cgi/wiki)
•Anyone can edit any page (usually)
•You can and are encouraged to edit or delete words written by others.
•Special syntax like the LinkPattern.
•WikiNow: The Communal Estate vs . . .
•RecentChanges: The Active Commons.
Copyright 2001 Sunir Shah.All rights reserved.
MeatballSOFT SECURITY IS A SYSTEM
http://c2.com/cgi/wiki?PatternLanguage
Reversible Change
Peer Review
Audit Trail
Open Process
Plus many, many more Patterns.
I’ll only talk about those primarily peer to peer.
Copyright 2001 Sunir Shah.All rights reserved.
MeatballOPEN PROCESSDo things in public.•Secret actions aren’t accountable. (Peer Review)•Information vacuums disenfranchise users.
•New users need role models to learn the community expectations. Lurk before you leap.•Maybe enforce it technically. e.g. Audit Trail.•Online diaries give personal context to Internet.•The Case of Badvogato. Magic algorithms suck.
But
•Democracy moves slow. Without leadership, open processes encourage vehement debate.
http://usemod.com/cgi-bin/mb.pl?OpenProcess
Copyright 2001 Sunir Shah.All rights reserved.
MeatballREVERSIBLE CHANGE
http://usemod.com/cgi-bin/mb.pl?ReversibleChange
Anything that can be done can be undone.•It’s all in software. We control every bit. •White hats will fix damage by reversing it.•Doesn’t punish people. Maybe it was a klutz..?
But• Attackers also can revert legitimate changes.
•Have patience. More white hats than black.
•Bad feelings hard to reverse. (e.g. flame wars)•Some changes are irreversible. (Deleted pages.)
Copyright 2001 Sunir Shah.All rights reserved.
MeatballKURO5HIN HIDDEN COMMENTS
http://www.kuro5hin.org/comments/2001/4/4/51324/29511/50?showrate=1#50
Anything 1.0 is invisible
Reverted!
Audit Trail . . .
Copyright 2001 Sunir Shah.All rights reserved.
MeatballKEPT PAGESHow to prevent a vandal from damaging a wiki? •Naïve sol’n 1: Keep every version. (TWiki)
•Violates forgive and forget. (Flame wars.)•Naïve sol’n 2: Keep the last author’s version (WikiWiki)
•Make two changes (from different IPs/user names).
•Naïve sol’n 3: Keep N previous versions. (PHPWiki)
•Make N+1 changes. Also violates forgive and forget.
•Getting closer: Keep the last two weeks of changes.
•A change to an old page will delete/lose it!!•Solution: Keep only the last two weeks of changes, but start counting time when it is replaced. (UseModWiki)
•Page deletion easy via “DeletedPage”.
http://usemod.com/cgi-bin/mb.pl?KeptPages
Copyright 2001 Sunir Shah.All rights reserved.
MeatballKEPT PAGES EXAMPLE
http://usemod.com/cgi-bin/mb.pl?KeptPages
Spam . . . but revertible
Taken August 4, on the page “MeatballWiki”.
Replaced July 26, 2001, so not expired.
Klutz fixed it himself!
Audit Trail . . .
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
Accountability creates trust.•We can watch our neighbours.•Imperfect: black ski masks.
Online systems are under our control.•We can record who did what, when.•Use peer pressure to induce expectations.•Show what leaders do, create role models.
But •Violates privacy, forgive and forget. Expire logs.•Pseudonymity? Serial identity, IPs/domains
http://bankguys.homestead.com/
AUDIT TRAIL
http://usemod.com/cgi-bin/mb.pl?AuditTrail
Copyright 2001 Sunir Shah.All rights reserved.
MeatballRECENT CHANGES
http://usemod.com/cgi-bin/mb.pl?RecentChanges
Limited duration
Audit Trail User names don’t hide IPs/domains.<a href="mb.pl?SunirShah" title="ID 1003 from
cr824441-a.rchrd1.on.wave.home.com">...</a>
Copyright 2001 Sunir Shah.All rights reserved.
MeatballPEER REVIEWMany eyes, many hands.
•Peers make up for each other’s weaknesses.
•Be aggressive. Continuously maintain stability, quality, sanity through aggressive peer review.
•Couple with Reversible Change, Audit Trail.
•Message boxes are a must!
But
•Reviewers need review.
•Slashdot Metamoderation. Metameta(...)mod?
•Treat reviewers at same level as subjects.
http://usemod.com/cgi-bin/mb.pl?PeerReview
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
“The ITS machines had... the ‘spy’ feature, where anybody could watch what anyone else was doing. ... Tourists loved to spy, ... but ... if any tourist starts doing anything that causes trouble there's always somebody else watching him. ... His friends would get very mad because they would know that the continued existence of tourism depended on tourists being responsible. So usually there would be somebody who would know who the guy was, and we'd be able to let him leave us alone.” Richard Stallman,
Lecture at KTHhttp://www.gnu.org/philosophy/stallman-kth.html
INDIRECT PEER REVIEW
Copyright 2001 Sunir Shah.All rights reserved.
MeatballDIRECT PEER REVIEW
http://c2.com/cgi/wiki?WhatColorIsYourParachute
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
Edited
DIRECT PEER REVIEW (CONT’D)
http://c2.com/cgi/wiki?WhatColorIsYourParachute
Copyright 2001 Sunir Shah.All rights reserved.
MeatballFINAL WORDS
•Give power to your users.
•Fixing mistakes is better than punishing them.
•Allow everyone to pitch in: barn raising.
•Technology should enable not disable.
•Technology provides tools to white hats.
•No one technique works in isolation.
•There is much more to soft security than this.
Copyright 2001 Sunir Shah.All rights reserved.
Meatball
http://usemod.com/cgi-bin/mb.pl?SoftSecurity
ACKNOWLEDGMENTS
Everyone at MeatballWiki
Clifford Adams (UseModWiki)
Ward Cunningham (WikiWiki)
Rusty Foster (Kuro5hin)