Deep Thoughts – nathan's open ideals

How Dungeons & Dragons Can Help Twitter Fight Trolls

One of the core problems of Twitter with regards to trolling and bullying, is that all users are created equally. While the various follow, filter and block features allow you to craft the version of the Twitter feed that you want to see, it doesn’t stop someone from spreading misinformation about you, spreading actual information (doxing), impersonating you or otherwise causing trouble. When users are banned or blocked, it is easy enough for someone to create a new account, under a new pseudonym, and continue their harassment. Blocking IP addresses or requiring “real name registration” are not the solutions, and we are left with the targets of the attacks often choosing to leave Twitter instead.

Ironically, given recent events, I believe traditional table-top role-playing games (RPGs) offer some insight to a solution to the problem that Twitter and other users face. Game dynamics have often been used to predict outcomes of real-world events, and inversely they can be used to provide constructive frameworks for people to interact in complex ways. At this point, Twitter, and Facebook, as well, have very rudimentary systems to deal with harassment and trolling, and instead, need a great deal more complexity within their own systems for monitoring and managing, as well as in the tools and capabilities users have to shape their feeds.

Here are some possibly unoriginal thoughts (would love to hear about other online community systems who might have D&D inspired reputation systems) about how to address that, and no, you won’t need a twenty-sided die to implement them…

Leveling Up

RPGs: When you roll a new character in role-playing games, you start at Level 0 with no weapons or armor. This means you better not piss anyone off, or your characters life-span will be quite short. Mostly you stay in town, do basic jobs, and try to get some gold. The goal is to level up, add some points to various skills, and get some leather skins and a workable weapon.

Twitter: If your account falls under a certain threshold of followers or tweets, you should be considered a provisional user, and any @ tweet message you send mentioning another user should be shown publicly or at least in the timeline of the targeted user. If your message is flagged a small amount of times, your account is instantly shutdown for review. You should be able to build some reputation by tweeting useful, interesting, unique content that others will want to follow. One you have shown you have something useful to add to Twitter, you can graduate past the provisional phase.

Building Alliances

RPGs: One quick way to improve the power and longevity of your character is to team up with other characters, join groups, guilds or armies. This way you can begin joining quests that you otherwise may not be equipped to survive. If your group contains a mage, you can even benefit from healing spells.

Twitter: Getting put onto Twitter lists that have a strong percentage of users with many follows and high-quality tweets should reflect well on your account, and build resistance to being flagged or blocked. Anyone who places you on a list, can endorse you, as someone worth following.

Exposing Your Alignment

RPGs: There is no right or wrong in RPGs, and in fact there is a whole range of acceptable alignments, from good to evil, lawful to chaotic, with a variety of interesting combinations. This is all part of how the game works, and everyone plays their roles. That said, if you are a chaotic evil thief, don’t expect the a holy citadel full of lawful clerics to give you shelter.

Twitter: Who you follow, what you retweet, what you say, and the topics you discuss, all should have an impact on the perception of what kind of user of Twitter you are. There is not necessarily right or wrong on Twitter, and there shouldn’t be blanket censorship or bans, but your behavior on Twitter should allows others to avoid or block you en masse, and not just at the account level.

Character Classes

RPGs: Warrior, mage, thief, cleric, ranger, paladin… when you choose the type of character you wish to be, you say something about who you are, what you bring to the game, and what type of activities you want to participate in. Each class has certain skills and capabilities, not everyone can do everything, and this builds useful dependencies between people that require trust building and negotiation. If you are a warrior entering a dungeon, you better have a cleric with you who can heal, a mage that can open spell-bound chests, and a thief that can detect traps. Any quest requires this type of cooperation.

Twitter: Twitter provides a very limited, free form manner in which to indicate who you are, and why you are, on Twitter, and what you have to bring to the table. Your short bio, ollowers, “Follow Friday” tweets and hashtags, all provide a limited mechanism for indicating your expertise, and otherwise, it is general based on what you tweet that people decide whether to listen or ignore. Twitter would be greatly enhanced if you could more strongly indicate your alliances and affiliations, your background and your skill, that qualifies you to discuss a topic or provide insight. Tweets might show a special power-up symbol if you are tweeting about a topic you have been indicated as an expert in, or shown to have a google or linked history related to.

Strength, Constitution, Intelligence, Wisdom, Dexterity, Charisma….

RPGs: The strength or weakness of any attribute in your character plays a huge role in your value to a quest, guild or party. You don’t need to have huge numbers for all of them, but if you are a thief with great dexterity and speed, then you will be in great demand. Similarly, a warrior with excellent strength but low intelligence and wisdom, should be treated like the hulk they are, and a mage, a chaotic-nuetral one at that, with high intelligence and charisma perhaps should not be trusted at self-serving junctures. All of these factors contribute to interaction with everyone else in the game, and the success of your character in the realm.

Twitter: Twitter has metrics like follows, following, tweets, re-tweets, time since you joined, and perhaps a few other hidden ones as well. There is data behind your account that could be used to better indicate to others whether they should follow, interact or spend any time at all with you. If you follow relatively few people in ratio to who you follows you, then it is likely that your tweets are one-sided and you aren’t that interest in listening. If you have join a long time ago, and have highly re-tweeted tweets posted now and then, then you have good things to say, but tend to keep to yourself. All of this data could be summed up in a manner that helps people and/or Twitter decide how visible your tweets are, and how much benefit of the doubt you are given when others start to flag or block your account.

Back to the Future

I first played Dungeons and Dragons when I was about six years old. These gaming concepts are not new, and the larger notion of game mechanics and dynamics is a huge field of study way beyond my own comprehension. However, it seems the design teams behind Twitter, Facebook and other sites have implemented the minimal viable systems for managing users, and then left all the rest of it up to chance or binary choices. Facebook has a bad history of allowing groups of people to team up to flag users unfairly and unjustly, as well as leaving decisions about users and acceptable content up to an army of editors who decided on issues like nudity without any concept of the users or community they are a part of. More to the point of this post, Twitter is facing a huge reputation problem itself, as it is becoming literally overrun with trolls, not to mention orcs, goblings and kobolds. Users and botnets are already gaming these system for their own advantages and ends, be it financial, political, cultural or purely for amusement. Why not make the rules of the game then more complex, and more tuned for a better experience for all? Otherwise, no amount of spells of fire or healing will be able to fight off evil or heal these services in the long run.

Thoughts on Four Mesh-y Roles

These are four roles to play in the lightweight mesh concept I have been hacking on, under the name Gilgamesh. The roles are Leader, Lurker, Repeater and Notary. The goal is to provide varying levels of risk, find ways to extend the range of message distribution, and to add a layer of reputation and verification into the system.

These roles map to existing systems like Twitter in a fairly easy manner. Leader is someone who tweets, a Lurker is someone who reads tweets (mostly), a Repeater is someone who retweets, and a Notary is the “verified account” feature.

In the case of a crisis situation, or where apps are not viable, these roles can all be implemented manually, by humans, using the Bluetooth protocol and settings built into their phone directly. However, the plan is to implement these in the Gilgamesh app itself, to really take advantage of the dynamics expressed below, in a seamless user experience.

Leader (Read/Write): In this mode, you are communicating information by using your device radio to broadcast updates and information to all who will listen. This is the highest risk, highest visibility role to play in the mesh. There is also an idea of a Trusted Leader, who is one that you have paired or verified your device with, or been verified by a Notary “Numbers Station” (see below).

Lurker (Read Only): In this mode, the radios on your device are not broadcasting anything, but only set in receive or “discovery” mode. You can receive messages from leaders, but you cannot send anything. It is the lowest risk, least visible role in the mesh. Most people in the crowd, and new users of the app, will be lurkers. Switching to a Leader mode on your device is as easy as entering in a status update.

Repeater (Read/Write): A repeater listens for messages for known (paired/bonded/verified) Leaders and rebroadcasts anything they say, to anyone who will listen. Repeaters can be positioned in central fixed locations, or they can move through out a large area, to really extend the range of the mesh. The last set of received messages from a Leader are repeatedly broadcast on a regular basis, and if any new Leaders come in range, the Repeater will share any messages with them that have not been sent to them before. Repeaters can also be set to only repeat messages from Trusted Leaders.

Notary (Write Only): A notary, or “Numbers Station” is a device, managed by a trustworthy human, that Leaders can add their device ID to through pairing, to spread the device IDs of verified, trusted devices. If you are a Lurker or Leader, and you encounter a trusted Notary, then your device can accept any of the device IDs that are being broadcast by it, as trustworthy.

Feedback and thoughts are welcome here, or on the Github project tracker: https://github.com/n8fr8/gilgamesh

Engaging in Process over Product with Software for Social Change

In the last week, I experienced two completely opposite reactions, from two different partner organizations, to what was nearly the same discussion about how to proceed with the research and design of a mobile solution for a real-world human rights and internet freedom context. I wanted to reflect on these here, as I prepare to head west to Non-Profit Technology Conference in San Francisco to accept the 2012 Antonio Pizzigati Prize for Software in the Public Interest. I wish I had the chance to know Tony Pizzigati, but in lieu of that, I’ll do my best to represent the spirit in which his family honors him through this award. I also think that we would have gotten a long well, both as precocious kids hacking on neat problems at an early age, and as young adults eager to make an impact on the world.

What is most important to state is that the vast majority of what I have been able to accomplish in my efforts to apply technology solutions to social change needs, was due to relationships built, trust earned, support requested and problems presented, by real people in need of help to solve real problems. While some might see my work with the Guardian Project as the realm of myopic, open-source hackers locked away in a room trying to realize a crypto-anarchic nirvana, the truth is far from it. In truth, we have spent as much time talking with people, working through problems, proposing and testing solutions and dealing with the true drudgery of real progress, over the last two years, as we have in front of our keyboards and screens.

standing on the roof of the world, with a mobile gadget in hand

For now, back to our previously mentioned partners. The first partner, after working on a variety of projects and proposals with them for the last year, clearly enunciated back to me, the exact view I hold on how the relationship between a non-profit and a software tool developer, should work. They said, and I paraphrase, “You see what we are doing here, together, is a process, trying to understand what it is that should be done, and for who, before we do it, and we need to communicate that to our larger community.” In this context, driven mostly by our partner, we were trying to understand the type of mobile technology available to their target community, and the existing interests people had in using mobile technology. It should be noted that this community is spread around the planet, separated by various cultural issues and dialects.

The other partner, an admittedly much newer acquaintance, was extremely confused when my team and I proposed a “phase 0” that would help us begin the collaborative process that we saw the entire partnership engagement becoming. Instead, we were told that this would not work, and that we were the experts, and should provide a full specification of what we proposed to build, and they would review and hopefully approve that, and then we would build it. As long as the spec was approved, and we built to it, the partnership would be determined to be a success.

I share these two extremes because they will help demonstrate to me a few points about the difference between developing software in a non-profit, social change context, versus a corporate, commercial or traditional software consultancy.

To some, especially those used to working in a typical client-consultant environment, the example of the first partner sounds like a disaster waiting to happen. Unclear goals, extended periods of open-ended discussions, too many stakeholders, and what is essentially a long “spec” phase. Even for those used to working in a non-profit environment, where budgets are traditionally tight, there is rarely the luxury to spend too much time engaging in this way. Still others might see the first partner as an easy gig, someone to milk money out of, while not really delivering anything substantial.

The second situation, might alternatively seem like an ideal one, where you have full reign to implement a nearly turn-key solution, based on existing components, and drive the process to maximum advantage and benefit. The less you are told by them, the better, because this is an opportunity to fund your vision for what you think they need. If the partner, truly just a client in this manner, has any issues, they should have raised them at the beginning, and it will cost dearly for any change to the plan down the road.

It may surprise you then, or it might already be obvious, that from my perspective, the first partner is the ideal one to work with in a social change context, while the latter is a much greater challenge. This is because our goal is to actual make change happen, and not just complete the client engagement successfully. Our duty is to determine if technology can plan a role in addressing a need, and if not, to walk away. The best way to work is to constantly revise what you are building, based on the latest information, feedback from the ground, and to constantantly iterate and tweak what you are supposed to be building. The second partner mostly just wants you to deliver on a contract, and when that is done, perhaps there will be an additional support contract for bug fixes, or another RFP to respond to.

Even more importantly, the partner, the people in need, should feel like they have a share in ownership of the process, and that the resulting product is as much theirs as yours. Rarely will the first version of what you develop be the big breakout hit or complete solution you expect it to be. All must be prepared to continue on a road map that includes multiple releases over a decent amount of time, that takes in account time it will take for users to adopt and share the tool. This could be a few months, or a couple of years. To support this, the partner should engage in the effort with the willingness to commit to ongoing support of not just the financial commitment, but the spirit of the project. If the effort is a core part of their plan, their campaigns and their process, the likelihood of adoption and overall success will be much higher.

Underlying all of this, is that, when you are doing this work as freely licensed, open-source software, the solutions you implement need to be more than just opaque, black-box products. To be truly open, and not just a dump of source code, they must be designed in a modular way that promotes re-use, be well documented, properly licensed, and shared in an easy to access public site. They should, when at all possible, make use of existing code from other projects, such that you work more efficiently, and support efforts of other tool developers and non-profits who support them. There should be some attempt to engage a community of developers and users around the code base, such that sustaining the work extends further than just the amount of money you can pay someone to bug fix it. Again, this is all perhaps counter-intuitive to a traditional consultant model, where investing time and energy into code you are going to give away for free, while also re-using other peoples code to reduce the amount you have to charge, does not always compute financially.

I will wrap this up by making a request to all of those eager hackers, developers, designers, consultants, companies and corporations out there, who have in the last few years begun to realize that doing work that does some good, can be a good thing for their businesses and reputation. Even if you come to this world of social change with the best of intentions, the process you may engage in may not be compatible or mutual beneficial to those you are trying to help. Please take a step back, and think about your goals, commitments, and the ability for the work to be sustained beyond this one hackathon, camp, event, or pro-bono engagement, before you promise to change the world.

Many thanks to the Pizzigati family for their support of my own personal attempt to change the world, slowly, one mobile phone at a time.

Mobile Security Audit Icons v1

I’ve been thinking about some ways to improve a user’s understand or perception of what an app or service does or does not provide in the way of security, privacy or protection. This work is inspired by other efforts, including Mozilla’s Privacy Icons and the television and video game labeling standards. I think it is time that developers come up with a way to accurately communicate the benefits and risks their app brings, especially one it comes to personal or sensitive information, or users in high risk situations.

I began by breaking down the areas of possible concerns into three groups: User Identity (including location), Network Connectivity, and Data Storage & Access. These represent, collectively, who and where you are, how and when you are connecting and what you are accessing or sharing. I came up with a brief description of the positive and negative impact an app or service could have in each area. I then designed a basic icon for each, came up with a color scheme and a matching positive or negative charge indicator.

The goal of the icon design below is to indicate whether an app or service deals with these three areas of possible concern in a positive (go green!) or negative (warning yellow!) way. Very rarely will an app address all three, though sometimes used in combination a
solution can be made to do so. In some cases, an app might provide a benefit in one area,
while proving detrimental in another. We might also include one or two more icons to indicate how the security of the app was verified, a + meaning open-source, fully commercially audited, and a – meaning it only has a “trust us” model for security.

I hope to begin using these to label the apps and libraries provided by the Guardian Project to help better educate our users. If there are similar existing ways to label apps out there, we would be happy to consider them. Otherwise, please provide feedback below, or steal our cc-licensed SVG file, and make your own variations.

Mobile App Audit Icons SVG

Another Excellent Event: Open Video Conference, This Week in NYC

News from my work on The Guardian Project:

Nathan Freitas will be on a panel at the 2nd annual Open Video Conference in New York this Friday and Saturday. He will be on the panel entitled “Cameras Everywhere” led by our partners at Witness, on Saturday at 3pm.

Summary: Cameras Everywhere: Human Rights and Web Video – (2:45 PM – 3:30 PM)

Description: Once upon a time, video cameras were rare. Now they are ubiquitous—as are the opportunities to share, use, and re-use video. What are the limits and possibilities of an ethics of openness when it comes to human rights footage?

Videos (particularly mobile and online video) make it possible to document and publicize human rights struggles – from monks marching for freedom in Rangoon and Lhasa, and the election protestors in Tehran, to individual voices speaking out against injustice on YouTube and other online spaces. But despite the growing circulation of images of human rights violations, of victims and survivors, there is limited discussion of crucial safety, consent and ethical concerns – particularly for people who are filmed.

Issues around consent, representation and re-victimization and retaliation have emerged even more clearly in an open and networked online environment, as have concerns about intentionality and authenticity. Video is being reworked, remixed and recirculated by many more people. New possibilities for action by a global citizenry have arisen, but these carry with them substantial challenges, opportunities and dangers.

Presenters:
Sam Gregory — WITNESS
Gabriella Coleman — NYU
Nathan Freitas — The Guardian Project
Steve Grove – News and Politics, YouTube

Following the panel, there will be an open workshop, to continue the discussion and brainstorm new approaches and tools to address the issues raised. This feedback will be gathered and fed into the OVC Hackday, held at NYU ITP on Sunday. Team Guardian will join in with whoever shows up at the hackday, take the ideas from the previous day, and build prototyped mobile video solutions in response to them.

You can get more information and register for the hackday here: http://www.openvideoconference.org/hacklabs/

OVC hack labs: Sunday, October 3

Join us at NYU’s Interactive Telecommunications Program for an all-day open space gathering for innovators of all stripes. Meet and collaborate with conference attendees, HTML5 developers, transmedia storytelling experts, and more. Among the planned activities:

Make interactive HTML5 video using WebMadeMovies technology like popcorn.js
Map out a transmedia strategy for your content
Build a custom HTML5 player for your site
Create robust video sites using the free+open source Kaltura CE 2.0 self-hosted software stack
or just grab a room and hack on your project!

OVC hack labs are free and open to the public.