Can hackers trust their own reputation systems?

Add to my custom PDF

The Ecology of Trust among Hackers

Online offenders profit by cooperating with skilled associates to increase their capacity. However, collaboration is at odds with security as betrayal and dishonesty are common among offenders. Cooperation motivation mechanisms that are relied upon by co-offenders in physical spaces to establish trust, such as coercion by threats of violence are less effective or operate differently online. Consequently, it is very difficult to establish and maintain trust online. Hackers are often forced to rely on reputations when trusting others online. Online forums often have participant rating systems to allow users to self regulate and limit deceit. It is important to understand how trust functions in online criminal communities to better understand how offender groups work together.

Dupont et al. studied how and to what extent these reputation systems are used; if they are effective; what determines trustworthiness; and if these systems encourage trust. They looked at interactions between users on the biggest online discussion forum dedicated to hacking. Although illegal behaviour on the forum is explicitly discouraged, it is implicit in the activities conducted and topics discussed, such as expanding, managing and leasing botnets. The forum used a reputation system where members can give negative or positive ratings to other members. The forum follows a hierarchy where members climb ranks as they contribute to the community. They gain greater capacity to rate others as they increase in rank.

Software extracted nearly 450 000 ratings of 29 985 general and botnet hackers by over 9177 peers during the 2 & ¼ year period until December 2011. Each time a forum member rates another they can leave comments. Researchers selected 25 000 of these comments at random and categorized them by theme. This allowed them to look at how trust is expressed in words as well as numbers.

The existence of a reputation system does not mean that it will be used by all. If a large part of the community doesn’t contribute, the reputation system can be ineffective and irrelevant, as the reliability of a reputation system depends on the information it presents. Only a tiny fraction of the hacker forum membership (2.4%) participated in the vast majority (75%) of ‘trust exchanges.’ This imbalance creates large biases in the recorded reputations. The new and mid level hackers, perhaps fearful of retaliation or attracted to the hacker mystique, provided largely positive feedback. This positive outcropping of feedback does not necessarily reflect the true feelings of the group towards a participant, with the majority of the community not exposing their opinion with commentary. An assessment of the content of comments suggests that sarcastic, humorous, or arbitrary justifications for positive rating are more common than technical or business explanations. Even so, the positive nature of ratings still decreased over time suggesting that the reputation system did little to prevent forum trust from decaying.

The biases and imbalances identified on this forum suggest that reputation systems may be overrated as trust-building mechanisms for illicit communities.

Police interventions could be improved by focusing resources on the small number of hackers who contribute to reputation ratings, rather than relying on the ratings themselves.