Saturday, September 22, 2007

Free identity, or, how to combat the griefing (maybe)

I'd like to preface this post with an illustration.

This is an instance of what would be considered a crime in real life - in other words, disrupting the flow of life of other identities.

There are several ways to address this problem.

One of them is to turn off the scripting. Whatsoever. Will work for a short time, even though one could script the things on the client side - so it is not a measure at all - besides, it will degrade quite a lot the quality of the environment itself.

Another way is to stop the free registrations. Could somewhat work, but with the advent of the throwaway credit cards and such, a determined miscreant can still get in without any problem.

Yet another way is an identity verification - an attempt to tie a RL identity to an SL identity. I would not even write on why this is going to be an ineffective and dangerous utter nonsense.
All that would be achieved is one more source of information leaks about those who "behave". The only sensible reason to introduce this from LL I can see is to cover their butt from the colleagues of Benjamin Duranske who would wonder why they "did not do anything". Yeah, now they did something. Check. Is it going to work ? No-check.

On the other hand, I think the solution is simple. You do not need to ban the free logins. You do not need to tie these logins to RL identities. You just need to make it hard for the freely available new identities to cause a damage.

There is a very similar problem which has been already solved in PGP - the distribution of the public keys.

There is a very vivid analogy IRL - yourself. Your identity is what your "connections" are with the rest of the world. You can relatively easily change the identity, but that means a lot of painful overhead of reestablishing all the ties you have. Think even what a pain it is to just change the phone number or email address.

Therefore, a reputation system based on the web of trust is in my opinion the best way to address the issue of identity.

The new identity appears as a "kid" which has very limited privileges in interaction with others - including the limited script support across the whole grid in the case of SL. In order to be granted those privileges, someone (preferrably more than one) should "bootstrap" this identity by declaring that they take part of the responsibility for this identity's actions.

This will create the barrier for the miscreants, at the same time not putting the barrier for the "good" identities and requiring them to reveal too much of the information.

And, again, by making these "connections" transparent, one could affect positively the behaviour of the whole crowd.

There is absolutely no reason to link the RL identity with virtual identity - they can be totally separate. It's just that the virtual identity needs to be made always precious enough, so that noone would just trash it in order to do something "wrong".


dandellion Kimban said...

If I got it right, you suggest to restrict the permissions of the new residents until they get somebody who would trust them and , let's say, guarantee for them?
On the first thought I like the idea. I'll get back to it.

Dalien said...

yes, you restrict the rights everywhere except, say, sandboxes.