A recent post on the Stack Overflow blog (Voter Fraud and You) states that the Stack Overflow team has implemented a voter fraud detection mechanism. I look at the user board and noticed at least one user took a major hit as a result. I'd like to know how it works. No, not so that I can better circumvent it, but I'd just like to know that it is fair.
4 Answers
Let's go over a couple of high-profile examples of people being affected by the potential voter fraud.
(Note: These are both well respected members of the community and no one thinks they personally had anything to do with fraud themselves. But there were some oddities in the voting patterns surrounding their accounts that may nonetheless lead to an artificially high rep count).
Konrad -6000 rep
As Jon Skeet points out in the blog comments Konrad lost nearly 6k rep. However, after investigating it a little further it is pointed out that Konrad has been reporting on UserVoice artificial rep increases on his account for some time. Any post he made with the C++ tag was being automatically upvoted and he thought it smelled of automation.
So while it definitely is sad to see a popular member take such a huge hit in rep, in this case even he himself admits that there may have been some automation going on with some of his upvotes.
Next,
Daok -5000 rep
Daok lost 5k from a total of 15k rep. Reading through the SO blog post comments it is clear Daok is upset about his reputation loss. However, if you read Jeff Atwood's posts concerning the votes deleted from Daoks account they do seem to be highly anomalous. Two users in particular seemed to affect Daok's reputation.
User #1:
daok - 234 upvotes
next user - 4 upvotes
next user - 3 upvotesUser #2:
daok - 230 upvotes
next user - 2 upvotes
next user - 2 upvotesSo while it is possible that two people naturally upvoted Daok 230 and 234 times respectively while only upvoting others 2 or 3 times, it seems far more likely that someone out there is manipulating upvotes of users they like with some form of automation.
-
6It's a shame for Konrad. Those artificial votes deny him the right to accumulate more points that day. I see Konrad is admirable!. I'm pretty sure he will recover very quickly from this, for his answers are very good. On the other hand, I've never voted for Daok. That all I will say from him.– OscarRyzCommented Dec 23, 2008 at 20:50
-
5Jon Skeet suggested that a "replaying" of all votes for those days in question be done so the votes they would of gotten naturally (after the 200 rep cap) be taken into consideration with these fake votes being removed. I don't know how hard that would be from a technical perspective.– mmcdoleCommented Dec 23, 2008 at 20:52
-
1If the detection deal works then the rep cap needs to go away. I believe the point of the rep cap was to help combat some of this.– NotMeCommented Dec 23, 2008 at 21:39
-
2The problem with the rep cap is that it can be gamed like anything else. Daok doesn't seem to understand that even without the recent clean-up, you could "deprive" others of rep by voting them up to the cap, then reversing those upvotes the next day. Commented Dec 24, 2008 at 15:04
-
9and why is this answer top voted when it makes no effort to answer the question– MidhatCommented Mar 18, 2010 at 11:29
In one of Jeff's comments in that blog post he says:
... I suspect you had some deleted questions/answers in the system. Remember that rep is lost from deleted questions/answers when rep is recalculated, which is a rare and almost manual process.
This probably explains why some people lost some random amount of rep overnight. The recalc would have affected everyone.
Think of any time you posted an answer on a subjective or controversial post where you were upvoted, but the question was later deleted. Those upvotes counted toward your rep - until now.
Well, if you are really, really worried that it isn't fair, and that is a show stopper for you, then a closed source site might not be the best solution for you. Even if one of the devs came here and explained it, how would you know they are telling the truth without seeing the code?
Read the thread that you linked to. Pay special attention to the posts by Jeff. From the original post and Jeff's replies you can get a good feeling for the sorts of queries that they are using. I would not expect them to release the detailed queries (and I don't think you want them to either).
-
2They may be worried that it isn't fair in the sense of being based on incorrect assumptions.– frankodwyerCommented Dec 23, 2008 at 17:38
-
I wouldn't say I was "worried", "curious" is probably a better word.– ravenCommented Dec 23, 2008 at 17:40
-
I understand that, but as I stated without seeing the actual queries used it is still taking the devs at their word (which I don't personally have a problem with).– EBGreenCommented Dec 23, 2008 at 17:41
I would actually prefer it stay "magic". Simply because there are people out there who would find out how they can get around the implemented methods.
-
12Just like all the security holes in Linux get exploited? An open system is more secure, not less. Commented Dec 23, 2008 at 18:00
-
1@Bill: Only when the transparency is matched by responsive maintenance. Since the source is not likely to be opened completely, it would fall to the admins to implement any suggested fixes. The suggestions are likely not to agree. SO doesn't have a change management process like Linux does.– ベレアー アダムCommented Dec 23, 2008 at 18:20
-
1@Adam: Of course, you're right. My mistake was the assumption that vulnerabilities flagged by the community would be fixed by the site developers. As you pointed out, this isn't a safe assumption. Commented Dec 23, 2008 at 18:50
-
...and without access to the source, you're basically pissing in the wind with regard to finding vulnerabilities.– Robert C. BarthCommented Dec 23, 2008 at 20:38