This is a re-write of some older material published by my PR on some forum, which I'm too lazy to dig up. It's expanded, clarified, revised and so forth, so the old version is obsolete anyway. Normally this article would have included by way of example a private conversation, but meanwhile the other party dun scooped me, so you can read it there.
I. The Web of Trust is not, as the name would seem to imply, an oilfield in which trust plays the role of oil, and you deploy some apparatuses and other devices to extract the trust therewith.
Trust is not in the web, that or any other web. Trust is not in the wording, not on the paper, not in the symbols, or certificates, or seals. Trust is not in others and other things, but much like faith - for which it serves as a ready synonym - trust is within oneself.
The Web of Trust is "of trust" in the same exact manner the walk of shame is "of shame" : it's not in the clothes you wear, nor in your tussled up hair, nor in the eyes of random jocks passing by that notice these, nor in the memories of your friends that recall perfectly fine what you wore yesterday that shame lies. It's within you, if at all, if you're the amateur sort of slut who'd be shamed by something like this. All up to you.
The Web of Trust is merely the infrastructure upon which trust is built, by you, for your own use, within yourself. The same objective set of relations can result in drastically different trust in the eyes of drastically different third parties. The point of the WoT is not to make these judgements for you.
II. The WoT works by reducing the unknowns problem.i It allows the user - any user - to confidently identify the sources of information, both in the negative and in the positive. That is to say, if sources of information exist, the user may by the WoT find them, and safely assume that should no sources of information be thus found, no sources of information in fact exist. It further allows the user to judge the quality, reliability and precision of said sources, and this independent both of the direct source and of the counterparty he's examining.
III. How to use it. Let's understand what all this means with a simple example. Consider the village of Wotania, wherein there exist exactly 100 agentsii, all participating in the Wotania WoT, and wherein strong currencyiii is used for all transactions. Suppose Joe wants to buy a used car from Moe. While the currency he'd be paying Moe in is strong, the car he's buying is anything but, and so Joe would like to evaluate Moe before paying him. What's he to do ?
First off, he should evaluate Moe's relevancy. Obviously since there are 100 agents in total, the highest score any one agent could achieve in the WoT would be 990iv. This would reflect the situation where one particular citizen was considered as perfectly known by all other citizens.v Thus if Moe has accumulated a score of 33, this clearly shows that at least 4 of the agents know him, which roughly means one in 25. If Joe knows 80 agents personally, but none of the agents he knows rated Moe, this makes Moe suspect on the first pass.
Sure, it's possible that Moe is only known to the minority subgroup of 20 agents doing things with cars, and within that subgroup he's quite well known, whereas Joe is strictly a part of the Wotania web industry, and they walk everywhere. However, this is something that Joe can evaluate by himself, without having any need for Moe, and without needing to ask him anything. For instance, if the island has a total of 3 car manufacturers, and all of them are in Joe's 80, Moe's position suddenly became untenable. Sure, it's possible that used car salesmen are completely separated from car manufacturers in the manner car people are separated from web people. But it seems less likely (and the likeliness of it is, again, fully within Joe's estimative hands).
Leaving that aside, if the average rating in Joe's WoT is 3.14, whereas Moe has received his 33 trust from exactly 4 people, averaging thus 8.25, there's suddenly exposed a very strange divergence between the two groups. Sure, it is legitimately possible for Moe's subgroup to be much more tightly knit, and thus his friends much more familiar with him than is the case in Joe's group. This happens, but not without other consequences, which again add valuable information into the credibility equation.
Or suppose instead that Moe's rating of 33 was provided by 10 people, yet still none of them are in Joe's reach. Somehow it is possible that out of 10 different people, 10% of the population of Wotania, nobody had any dealings with the 80 people Joe knows. They live on the same island, they go about their daily business, yet no one's ever met. Possible, especially if one lives in the US, but also improbable, and in this improbability, informative. Because this is the point of the WoT : its factual information reduces to a pile of factually correct statements, which all work as probabilities, and it's trivial to calculate the likeliness of a fact that depends on a number of other facts with known likelinesses : you just need multiply. 0.2 here, 0.5 there, 0.66 and another 0.15 suddenly you're at 0.8% which may well be under your risk tolerance threshold.
But let's say that out of Moe's 10 raters, 3 are in Joe's WoT. One supplied 3 points, the others one point each. Joe directs his questions as to Moe to each of them :
Dear Sue, Hue, Lue :
I am considering buying a used car from Moe.
I see that you have rated him in the past. How did that go ?
To which the three are held to answer (and the treatment for non-answering is again an informative variable, whose treatment rests with Joe) in the canonical form :
I bought a pair of shocks from him April last. They were broken, but he refunded my payment without much hassle.
All the best, Sue.
I bought a car stereo from him. It had a big scratch on the side and some other misc damage, but he let it go real cheap.
All the best, Hue.
At this point, Joe knows, but quite exactly, what the story with Moe is : he's a small time car thief, and he's trying to make ends meet by selling whatever car parts he can get his hands on. Simple, really.
The important parts here are the easiest to overlook :
- All this was established with no input required from Moe. Sure, if you want to get fancy you could easily ask a few choice questions just to see how the guy answers. But at its core, simplest, most barebone functionality, the WoT does not require you to talk to your subject of interest, at all.
- The process works universally : If it worked you know it worked, and of what quality its results are. If it failed you know it failed, and why and how come. It has, in other words, exactly the opposite properties to those decried by Naggum in his Lisp advocacy misadventures piece.vii
- Especially considering the alternatives, this is mindbogglingly cheap. In fact, I am ready to argue that the savings this model brings are, both in aggregate and on a percent basis, more significant than the savings Bitcoin brings in payments, or provably-fair in gambling.
So why isn't it used more often ? Because people are stupid, in that many words, or should you prefer a longer version, because allowing citizenship to the US African-Americans and empowering the universal pretense of "democracy" and equality has come with its own Pandora's box of ills and curses. Chief among which, a very pernicious return to idolatry. People like to think their juicer is their happiness, and their diploma their competency and whatever seal their trust. Because it's easier, especially if you're lazy, or stupid, and even moreso if you're both.
None of this has anything to do with race, in any sense, of course. People of all races are slothful and dumb, especially if they're allowed to be. Let's not.———
- As observed with some regularity, there's a major difference between the unknowns we know we don't know, and the unknowns we don't know we don't know. [↩]
- Philosophical sense, entities capable of agency. [↩]
- This means irreversible. The GPG contracts article makes for good companionship reading at this juncture. [↩]
- Admiting the Wotania WoT is just like the Bitcoin WoT, which is to say, limited to a 10. [↩]
- It is important to remember that the score associated to a relationship does not mark the direct trust of the scorer for the scoree, but merely the scorer's confidence that the information he has about scoree is correct, accurate, relevant and complete. All four.
Let's also note that such a thing as "the direct trust" of X for Y can not even be noted down in the first place, it being entirely a subjective determination of X, and consequently wovon man nicht sprechen kann, darüber muss man schweigen applies. [↩]
- This sort of people also loves to bring up pirateat40, the 2012 Ponzi scammer, as some sort of proof or indicia that "the WoT doesn't work". Obviously, it doesn't work by itself. But to anyone paying attention, it was quite plainly clear what exactly the guy was doing, to the degree they could evaluate roughly a six months interval for the scheme's demise (my PR said "May to September", the thing croaked in August). [↩]
- For future generations :
Subject: Re: Lisp advocacy misadventures
From: Erik Naggum <firstname.lastname@example.org>
Date: 25 Oct 2002 22:56:26 +0000
* Tim Daly, Jr.
| I was talking with a friend of mine about Lisp. He said that people
| write things in C because of speed.
But this is incorrect. People use C because it /feels/ faster. Like, if you build a catapult strong enough that it can hurl a bathtub with someone crouching inside it from London to New York, it will feel /very/ fast both on take-off and landing, and probably durng the ride, too, while a comfortable seat in business class on a transatlantic airliner would probably take less time (except for getting to and from the actual plane, of course, what with all the "security"¹) but you would not /feel/ the speed nearly as much.
| I said that Lisp will not necessarily cause a program to be slow, and in
| fact, because it lets you write a better program, things may even get
| much faster. He said 'like what?'
Better algorithms and type systems are well known to produce better performance by people who actually study these things. It is often very hard to implement better algorithms correctly and efficiently in C because of the type poverty of that language. Yes, you get to tinker with the bits as fast as the machine can possibly tinker, but, and this is the catch, you get to tinker with the bits. If you are not super smart and exceptionally experienced, the compiler will produce code that is faster than yours. If this holds from assembly to C, it holds from C to Common Lisp, given that you want to do exactly the same thing.
The core problem is that C programmers think they can get away with doing much less than the Common Lisp programmer causes the computer to do. But this is actually wrong. Getting C programmers to understand that they cause the computer to do less than minimum is intractable. They would not /use/ C if they understood this point, so if you actually cause them to understand it in the course of a discussion, you will only make them miserable and hate their lives. People are pretty good at detecting that this is a likely outcome of thinking, and it takes conscious effort to brace yourself and get through such experiences. Most people are not willing even to /listen/ to arguments or information that could threaten their comfortable view of their own existence, much less think about it, so when you cannot answer a C programmer's "arguments" that his way of life is just great the way it is, it is a pretty good sign that you let him set the agenda once he realized that his way of life was under threat. Since you have nothing to defend, your self-preservation instinct will not activate hitherto unused parts of your brain to come up with reasons and rationalizations for what you have done, you will not be aware that you have been taken for a ride before it is over and you "lost".
If you deny people the opportunity to defend something they feel is under threat, however, some people go completely insane with rage and actually believe that you threaten them on purpose and that you willfully seek to destroy something very valuable to them. However, some of the time, you meet people who /think/ and who are able to deal with threats in a calm and rational way because they realize that the threat is all in their head and it will not go away just because they can play word games with people and stick their head in the sand. If it /is/ the threat they feel it is, they realize they had better pay some real attention to it instead of fighting off the messenger so they can feel good about themselves again.
Much of the New Jersey approach is about getting away with less than is necessary to get the /complete/ job done. E.g., perl, is all about doing as little as possible that can approximate the full solution, sort of the entertainment industry's special effects and make-believe works, which for all practical purposes /is/ the real thing. Regular expressions is a pretty good approximation to actually parsing the implicit language of the input, too, but the rub with all these 90% solutions is that you have /no/ idea when they return the wrong value because the approximation destroys any ability to determine correctness. Most of the time, however, the error is large enough to cause a crash of some sort, but there is no way to do transactions, either, so a crash usually causes a debugging and rescue session to recover the state prior to the crash. This is deemed acceptable in the New Jersery approach. The reason they think this also /should/ be acceptable is that they believe that getting it exactly right is more expensive than fixing things after crashes. Therefore, the whole language must be optimized for getting the first approximations run fast.
See how elegantly this forms a completely circular argument? But if you try to expose this circularity, you necessarily threaten the stabiliity of the whole house of cards and will therefore be met with incredible hostility and downright hatred, and you will not even hear about the worst fits of insane rage until years later when some moron thinks he can get back at you for "hurting" him only because his puny brain could not handle the information he got at the time.
| Well, I'm blinded by the very misconceptions that led me to this point,
| and I'm not sure what to tell him. Can you help me out?
Ask him why he thinks he should be able to get away with unsafe code, core dumps, viruses, buffer overruns, undetected errors, etc, just because he wants "speed".
Erik Naggum, Oslo, Norway
Act from reason, and failure makes you rethink and study harder.
Act from faith, and failure makes you blame someone and push harder.