Hello, dear Habravchane!
Very often, we consider it quite natural to rely on the opinion of the majority (the so-called social proof
method), especially in evaluating content for modern web resources, for example, when viewing recommender services, social bookmarks and collective blogs. The owners of the services transfer to the users not only the creation of the content, but also its moderation - if it is like a critical mass of people, then, apparently, everyone else should like it.
However, collective moderation is a potential vulnerability of complex systems using crowdsourcing. A very recent example is the translation of the Facebook interface into Turkish. As a result of deliberate “plucking” in the Facebook interface, such pearls appeared as (translated from Turkish):"Your message could not be sent because you have a small penis
A total of 56 phrases from the Facebook interface, such as “Like” and “It’s offline”, and others were modified using offensive and offensive language. Such a project requires the communication of users, as a platform for which one Turkish forum was made
As other examples of “harmful” crowdsourcing, we recall the conclusion in the top of the question to the president about Cthulhu
and the victory of girls with unfashionable appearance in online beauty contests. Such a scheme can very easily be used to distribute malicious content — for example, a massive vote for an “article” containing a link to malicious code, in order to display an article in the top and infect as many visitors as possible.
Can crowdsourcing work for security? Yes, there are a lot of examples of this - various reputation databases, ranging from detecting spam and warning about phishing sites to generating information about accidents and criminal incidents by users.
Thus, crowdsourcing technology can be used, like any other, for the benefit and harm. However, the developers of online services that use the opinions of the majority for the formation of content, still need to provide some kind of control mechanisms. So, just in case.
Denis Bezkorovainy, Trend Micro technical consultant