Lots of small stuff

1
Lots of small stuff

• How to change your address, if you are a cheater.
• How can you prove that you are human?
• How can we trust recommendations?

2
How does this relate to protocols?
3
Remember, protocols is not only math!

• Many communities reward parking stickers based on
  residency which is determined on having a local
  address.
• but one does not have to live somewhere in
  order to have ones mail forwarded from there!

4
Remember, protocols is not only math!

• Many mail order companies do not send things to
  PO Boxes to avoid fraud.
• but one can forward mail from a false address
  to a PO Box!

5
More abuses? And fixes?

• How can the USPS change their protocol to avoid
  these attacks?.
• How can service providers (parking authorities
  and mail order companies, for example) change
  their protocol both if the USPS changes, and
  if they do not?

6
Project suggestion

• Find real-life problems, devise clever (and not
  straightforward) abuses. Then propose ways to
  mend the system!
• But do not just describe what I said in more
  words expand, find other attacks, find other
  weaknesses, write letters to the post master,
  local lobbying groups, etc.

7
You are human? Prove it!
8
1950 Alan Turing proposes the Turing test
If a computer cant be distinguished from a
human, it is intelligent
9
1996 Moni Naor proposes the Reverse Turing Test
(RTT)
A computer tries to tell a human from a machine!
10
Possible implementation
Mark all the men!
11
Design goals

• Make it hard for the adversary to learn the
  dictionary need to generate new queries!
• Make it hard for a machine to answer a query
  base on known difficult AI problem.
• Make it easy for a (and any) human to answer a
  query.

12
Uses

• Avoid bots and agents
• Restrict resources (one free email account per
  person or two but not one million!)
• Avoid spam and dictionary attacks
• Combine with advertisement (make sure a human is
  paying attention!)

13
More reading

• CAPTCHA
• Moni Naors page on RTTs
• Avoiding dictionary attacks using RTTs

14
Financial Instruments in Recommendations
Mechanisms

• Or How to use cryptographic thinking to design
  a scheme with no cryptography in!

From Financial Crypto 02
15

16
Approach 1

• SURVIVAL OF THE FITTEST

How could a bad restaurant stay in business?
At least they have money to advertise

• brand-names beat Mom Pop brands
• perhaps they dont care about repeat business
  just
• to make a quick buck

17
Approach 2

• PERSONAL RECOMMENDATIONS

• Do your friends share your taste?
• How many people can you ask for recommendations?
• Do you trust a friend of a friend of etc?
• Who maintains the infrastructure? And who
  evaluates the
• recommendation?
• Problems with mutual overratings

18
Approach 3

• BETTER BUSINESS BUREAU

Tell us what is bad and what is good and we
will compile and evaluate.

• Can you trust the trustee?
• Can the trustee trust you? (and others.)
• Centralized approach to distributed problem
• What does it cost to run the service? Who pays?

19
Better
make people

• PUT THEIR MONEY
• WHERE THEIR MOUTH IS

Odds 5 to 1
Odds 20 to 1
20
I will buy the best horse for 1,000,000
and the second best for 500,000
Informal definition The system is
ABUSE-FREE, if the expected profit of cheating is
NEGATIVE.
21
Volatility/Timeliness
school bus
motorcycle
more
22
Futuresjust a legal form of betting
In three months my corn crop can be harvested
I wonder what the price of corn will be then
23
Futuresjust a legal form of betting
I think the corn harvest will be bad this year
the prices are bound to go up a lot
Go Long
but cannot deliver, so later cancel out by
going short
24
Terms Related to Futures

• Long (you think the price will go up or you
  want to obtain delivery)
• Short (opposite)
• Cancel a position
• Arbitrage (imposing a linear ordering)
• Open interest
• Earnest money (A deposit)
• Spread One long, One short
• Future options
• Delivery (potentially at infinity)

Go short
Distance shrunk
Go long
25
(promise something you dont necessarily have)
(undo the promise.)
26
Q What brand of bananas should I buy?
banana 2
banana 1
A Buy banana 2 !
27
Q What brand of bananas should I consider
for my niece?
old timer-opinion of banana 2
teenage- opinion of banana 1
old timer-opinion of banana 1
teenage-opinion of banana 2
A Buy banana 1 !
28
Making Investments

• Banana 1 is better than banana 2 0.33
• Banana 2 is better than banana 1 1.50
• See charts and trends

Buy
Buy
Info
29
Quantifying how good the recommendation is.

• Large open interest Good indicator

No contradictory trends Good indicator
Large trading volume Good
recently (if above holds)
30
The effect of investments
price drops as a result of the diminishing demand
price
people in general think that things are getting
worse
31
I believe service A is improving faster than
service B is
or
Rational investment spread Long A, Short B
32
The decision must be relative to the price, of
course
HmmB is badbut not that bad, soon people will
realize this.
Action Buy a Long-B position or a
Long-B-Short-A
33
I think the email service MSN provides is getting
better and better
Rational investment go long now, cancel out later
Can cash out by withdrawing from earnest money,
too.
34
Analysis attempt

• Assumption 1
• Eyeballs E c1x c2y

Assumption 2 Trading volume V d . E
35
Analysis attempt

• Assumption 3
• d J . e

Assumption 4 Rationality (maximize profit)
36
Cheaters loss L
L eVc e d E J e2 E J e2 (c1x
c2y)
Loss per customer L/X
1/100
1/10
Log (L/X)
1/2
Market share x/y
Under these assumptions more expensive to cheat
for small players
37
Problems

• good interfaces
• get large enough markets
• how do we quantify the quality of the
  recommendation?
• what is the right model for the cost of cheating?
  (improve analysis!)