Re: A vote of confidence for Sandy

[ichudov@algebra.com (Igor Chudov @ home)]

Greg Broiles wrote:
> 
> At 10:49 PM 1/10/97 -0800, Lucky Green wrote:
> >Yes. Igor's STUMP software seems like the way to go. The vast majority of
> >posters to this list are not a problem. Discussions amongst them may get
> >heated, but they have basic human decency and never even come close to the
> >level of abuse and bigotry we have seen from Vulis, aga, et al. 
> 
> I think that the move to human moderation is a good thing, and am pleased
> that Sandy will shortly begin to act as moderator.
> 
> However, I think that forming lists of "approved people" and "unapproved
> people" and treating them differently is likely to do more harm than good,
> even if we have nice software which does it very efficiently. I don't like
> it for several reasons:
> 
> 1.	Political. It's symbolically disturbing, and it tends to shift the focus
> of the group (and of the moderation process) away from messages, and
> towards the people who post them. I think it'd be tempting to turn it into
> some sort of bureaucratic system, with punishments (being on the bad list)
> and rewards and status changes and written warnings and all of the other
> features which frequently bring out the worst in people. I suspect that
> agreeing on "the 10 people who are clearly a problem" will turn out to be
> as difficult as finding any 10 things that cypherpunks can agree on, and
> then we've got to decide who decides who's a problem, and then we've got to
> decide how we decide things, and argue about whether or not John Gilmore is
> a good person, and [...]
> 
> 2.	Technical. It requires that the people on the "good list" authenticate
> their messages (otherwise people will post with the names of "good people"
> to avoid moderation), which imports a lot of hassle with different
> platforms and signing and certification and key distribution and [...]
> which we don't have good solutions for yet.
> 
> 3.	 Conceptual. It's a complex problem technically and politically, which
> means that it's difficult to understand or debug, and it's got a lot of
> points of failure. In general, complex solutions (which require many people
> to install and learn new software) are difficult to implement, take longer
> than anticipated, and are frequently avoided by the people they're
> supposedly helping. (See, e.g., RISKS Digest; both for how a
> human-moderated list can work nicely, and for examples of how complex
> technical solutions to problems often create more or worse problems than
> they solve.)
> 
> I think that the human moderator solution suffers less from these problems;
> in general, it's a well-tested solution to the "what about off-topic
> assholes?" problem. It's not perfect, but it does work, more or less; it's
> easy to understand, easy to implement, and requires no software changes on
> the users' end.

Greg brings up a number of very good points.

A small correction: robomod does not necessarily require authentication
of posters from the preapproved list. It is merely an option that can 
be turned on and off.

We should all understand that forgeries in the names of preapproved
people are only a SYMPTOM of a problem, not a problem in and of itself.
The true problem in such case would be that the forgers feel that they
are treated unfairly by moderators. Such people may think that the
purpose of moderation is to get rid of their persons altogether.

Therefore, if moderators face a problem of forgeries and perceive a need 
to turn this authentication option on, they should step back and this 
what THEY did wrong. Did they give the forgers an impression that 
moderators want to silence them? Do they treat everyone, including the
former "problem" people, fairly and equally?

I have a suggestion, actually. I can rewrite STUMP in such a way that
when moderators receive messages for moderation, they would not see any
header information indicating who wrote the message (this information 
would be in the packet that arrives to them, but it would be encrypted
with Internal Traffic Key). This way, a moderator would not know if the
message is, say, from Tim May or from Dr. Vulis, and would make their
decisions (including decisions to preapprove) based solely on the
message contents. That may give some way towards fairness.

Greg mentions several important and real dissadvantages of preapproved
lists, but the huge advantage that they give is a reduction in costs of
human moderation. Namely, human moderators do not have to work as hard,
and the latency (thanks, Rich!) of most posts is dramatically reduced.

DISADVANTAGES (Greg):

1) creates two "classes" of posters
2) somewhat arbitrary
3) possible forgeries require authentication and that's a pain

ADVANTAGES: 

1) reduces moderators' effort
2) reduces latency
3) depends on how you look at it -- required authentication may be "good".
4) for people like Eric Murray, who post on-topic articles, the list
   becomes essentially unmoderated, as it used to be.

Note that another important feature of STUMP that we seem to overlook was
designed specifically to address the problems of preapproved lists. This
feature is the presence of "bad words list". This is a set of regular
expressions, stored in a file, such that if incoming messages match
these expressions, they would be considered "suspicious" even if they
purport to be "From: " preapproved persons. That goes a long way towards
security and fairness because now nobody (including, say, Paul Bradley
along with Dr. Vulis or myself) would be able to call someone else
"cocksucker" without review by human moderators.

*If* moderators are fair, that would ensure that people are treated
equally even if some of them are preapproved and some are not.

	- Igor.