Andrei's blog

I will save the world from AI!

Warning/Edit: This post is nonsense, don't read it. I have learned a lot about the Indie Web and Cybersecurity since I wrote it, and it is very embarrassing in hindsight. TL;DR: A crypto currency for trust that inherits all the problems of Crypto.

In my last news post I mentioned a lot of disastrous ways to protecting humanity from AI that big companies came up with.

All of these approaches were proposed by the companies who can't even track down basic scammers and caused this entire AI mess in the first place.

But you don't need to worry, let me, very qualified internet savior, save the day with my genius proposal.

Trust system

Primary ways AIs disrupt social media:

First, let's define how secure we want the (anti AI) system to be.

Scammers and thieves have always existed since the ancient times, even when there were no AIs. Photoshopped images and fake news have existed and been a problem. AI is part of the issue but not the main issue.

"There is an overlap between the smartest bears and the stupidest tourists, so it is impossible to design something bear-proof that all humans can use."

I came up with own version of this quote: "There is a (huge) overlap between the most terrible scammers and the most harmless AIs, so you can't require more trust from an AI than you would from a stranger on the internet."

Yes, there are way less scammers than there are AIs, but there are black markets and identity theft which AI can be hidden under, there are hackers who can steal your best friend's account.

AIs are only adding to the already existing brew of problems, that themselves have existed for ages. The number of bad "people" on the internet has suddenly increased, so now we can't rely on probability and luck to trust people.

I believe that the solution lies in what makes humans trust each other in the first place.

We don't want to / shouldn't trust strangers, and we would prefer to ask every stranger we talk to, to "take out his papers" so we can take a photo of each of them to make sure he is who he says he is.

But when we are a stranger approaching someone, we would prefer to keep our IDs to ourselves. On the streets, even if you hide your name, your identity (face, height, appearance) is still there. This is one of the advantages of the internet, you can express yourself without getting it all marked onto your real identity.

Right now, we rely on the fact that most people are good people to stay safe on the internet, but as it changes, we might have to pull our documents out, and they have our names all over them. So we have 2 choices: keep an internet where every stranger is a scammer, or have an internet where your every move is stamped into your passport.

Solution

There is actually a key point in my last paragraph: Your passport has your name written on it. But what if it wasn't? You would still have your passport, and that passport would say that you are a real person, but the stranger doesn't necessarily need to know your name. And passports with your name on them might be not that bad of an idea.

When I say anonymous or private, I refer to an account that nobody else knows about. As opposed personal which could have a nickname, but your identity can still be traced back to you through your friends or photos you posted fairly easily. (You don't post photos on anonymous accounts because of facial recognition.)

My plan is heavily inspired by:

The Grand Plan

(I will be presenting it as if this system already exists.)

You can create accounts, but those accounts will be "guilty until proven innocent." (Untrusted until proven trustworthy) To prove an account innocent, you will have to go and ask your friends (in person) to add a "connection" to from their to your account, this "connection" is then stored in a database. (The initial verified accounts will belong to the creator of the database.)

A Connection passes part of your friend's credibility on to you. The more connections you have, the more credible you are. Any other person can check the public databases and calculate your credibility to decide whether to trust you.

The entire system relies on: You can trust a stranger on the internet, Because you trust the creator of the database who trusts his friends who trusts his friend's friend to only "connect" to people who can be trusted.

Types of databases, accounts, and connections.

Databases

There are multiple databases, multiple connections and multiple account types: every account is registered in multiple databases, and every person can decide for himself which databases, and which connections he trusts. If someone doesn't trust a particular database, he can ignore it in his calculations. You can trust whatever you want to trust.

The databases will be similar to DNS in terms of how you think about them. The database can be entirely public, or privately owned by a company. Governments might want to host databases that tie accounts to user's real identities, documents, etc..

Connections

There are different types of connections, and different types of connections can be calculated differently. Every connection has a backlink, everything your peers do reflects on your own reputation, this encourages users to be careful how and with which types of connections they link to others. Connections have a strength, and you pass part of your own reputation to the person you connect to, if you don't trust a person as much, you can set a weaker connection.

You can also make a negative connection. The more credible you are, the stronger negative connection you can make (this is basically a reporting system, the more credible you are, the more seriously your reports will be taken). This will use a part of your reputation to decrease someone else's reputation, this will allow a crowdsourced way to fight against scammers and bots. Everyone who is giving the scammer credibility might decide to retract their connections in order to keep their own reputation, discouraging connecting to people you don't trust.

Negative connection's can't be misused or used for bullying, because everyone decides for himself how to calculate a credibility score. If the person reporting is connected to some infamous database, those who care will disregard the report, not matter how serious it is claimed to be.

If you want to present your grandmother as someone credible (she won't lie to people), but you are worried about hackers stealing her identity and using (your reputation to boost) bot accounts (when the bot accounts get reported it will backlash to you), you can make a strong but shallow connection. This will pass a large amount of reputation to your grand mother, but declare she can't be pass it on to anyone else. Organizations can use the same method to rank it's members as trusted, but prevent anybody else from using it's name on bot accounts.

Accounts & Encryption

To make anonymous accounts possible, there has to be a way to create connections that can be verified without revealing the sender (and I know crypto currencies like Monero have protocols for that). But there also has to a way to reduce the reputation of the anonymous sender in case the anonymous account does some bad stuff. Anonymous accounts have to be expensive.

Potential Issues

This system would require lots of cryptography and fine-tuned protocols to work safely. People shouldn't be able to dig into databases and track all your friends that easily.

It would be necessary for a large amount of entangled databases to exist, all covered with layers of hashing and signatures. To prevent database creators/owners (which will probably be large companies) from misusing their authority.

Everybody would have to be aware of the protocols and actively monitor their friends, configure reputation calculations as shady databases are revealed and new databases show up, as well weaken/cut off connections when a scammer is identified.