Slashdot Mirror
Firefox Extension for Applied Social Networking
wanderingstan writes "Outfoxed is my masters thesis project about trust. (Nutshell overview) The extension uses a social network for personalized searching, phishing/spyware protection, file/process validation and more. It's related to del.icio.us, StumbleUpon, and those Kevin Bacon things, but goes a lot further. Mathematically, it's based on the network behavior of small world networks (pdf). Built with Javascript, Python, SQL, and XSLT. 366 testers so far, but we need the network to grow!"
Another example is the state of Utah! Salt Lake City is the smallest city to have its own SEC office, and the state suffers from a high rate for people getting ripped off by people they know. This has been attributed by the close network of people within the LDS Church. Somebody who is intent on ripping someone off can join the church and instantly gain a large web of trust.
... but in practice, you open the door to increased risk... navigating bookmarks of someone you don't know could run you right into spyware/malware... there aren't enough filters in the world to keep up with what is put out there.
h tml ...
:/
Sadly, too, the concept of Monkey Sphere comes in, too...
http://www.pointlesswasteoftime.com/monkeysphere.
Though it will start small, it will eventually become just too big, if it survives... it will become just another random maze of links for people to click through at 3am when they should be coding for a project due at midnight the next day.
===
Sorry to be a drag, just being realistic
MoM++ - A Classic Expanded - [Master of Magic 1.5]
http://mompp.sourceforge.net/
Every file and process should have a chain of trust leading back to the user. Any file or process without such a chain is being taken on faith, and the user should be warned accordingly.
For example, every process run by a computer should have a chain that looks something like this:
wuauclt.exe [executed by] Windows Update [installed by] Windows OS [installed by] User [trusted by] Root User
matlabserver.exe [executed by] MatLab Application [installed by] User [trusted by] Root User
And similarly, every file should also have a chain:
desktopicon.ico [created by] FireFox Application [installed by] User [trusted by] Root User
mydocument.doc [created by] MS Word Application [installed by] Root User
Ideally, management of trust should be done at the lowest levels of computation: in the operating system or even in the microprocessor itself. This limits the ability of malicious software from disrupting the chain of trust back to the user. Outfoxed, because it is just an extension, has many vulnerabilities. Primary is the vulnerability of the locally stored trust database.
The next step would be to have trust storage implemented as a continuously running process that could be queried by other applications. [Note 22/03: The new version does this, using HTTP for queries.] So the browser, email client, and word processor could all draw trust information from the same source.
The best solution would be to have this process integrated into the operating system itself, so that the OS could also take advantage of the trust information by only running trusted applications. Trust managed at this level, combined with a good security methodology, would give us the ultimate trustworthy environment.
Your sig(k) has been stolen. There is a puff of smoke!
As another person mentioned, the people you entrust while using this system don't actually have to be people you know. For instance, if you take a look at someone's del.icio.us links page and there are tons of things that interest you, you would probably trust them to inform your browsing decisions.
This system looks like a good way of implementing spyware/adware prevention and the like based on trust, but I don't think it will do so well for general browsing as you point out. There are plenty of people I would trust to help me stay away from spyware who I wouldn't want pointing me to web sites to read, mainly because I read vastly different things on the Internet from many of my friends. A system tha would work for this is something like Amazon's recommendation system. Without fail, Amazon emails me stuff that I'm actually interested in based on things I've bought from them. If something could use my web browsing history and compare it with that of others to suggest sites to read, that would be awesome. There are tons of privacy issues there, but putting those aside, I think such a system would be very effective.
One thing that might break such a system would be spammers. Spammers like to break anything that's good on the Internet with advertising, and this would be no exception. I think it would be hard to replicate a normal browsing history while inserting a few ad links, and submit those histories on a large enough scale to make those sites show up as results.
Anyway, I've gone off on a bit of a tangent. My point is that trust works well for many of the stated goals, but not so much for what I really want: all the good information on the Internet pumped straight into my brain.
I think a hybrid approach between a social network and Amazon recommendations would be ideal. Based on bookmarks and preferences that you post to the server, an algorithm could reccomend other uses with similar tastes. I could then agree or disagree (on a 10 point scale) with the recommendation. That user would then enter my network, and I could browse other users in their network. You would be able to see their rating by other users. Additional ratings would refine the algorithm's ability to find new "friends" You would be notified when someone made you their "friend" so you could check them out and decide whether or not to reciprocate.
Free MacMini