Why Digg is doomed, and why the wisdom of crowds is mob rule

Posted on July 3, 2006 by Ian Betteridge

Way back in the day – about two years ago, which feels like a decade in internet-time – there was a thing called "The Slashdot Effect". This was usually held to be the huge squeal made by a web server when any story on Slashdot.org point towards in, particularly on one of the more controversial subjects like open source, linux, or Apple.

I always disagreed with this definition. In fact, I think it’s more accurate to define "the Slashdot Effect" as the complete erosion of all value in a site as a set of zealots begin to dominate the conversation on it. And, I’m afraid, exactly the same thing is currently happening to Digg.

Take, as an example, the story on Digg about a New Trojan for Mac OS X. This links to a story on TechWeb which notes the announcement of a discovered Trojan for OS X by Symantec. This trojan uses a security flaw that Apple has already patched to escalate privs on a local account. And that’s pretty much all the story says, other than to add details of what Apple patched, and note that exploits are rare on OS X, but that this kind of post-patch day trojan is common on Windows.

And yet, despite the story’s simplicity, some of the Mac zealots that have infected Digg (more effectively than any virus has ever infected OS X) have marked the story as "may contain inaccuracy". There’s no discussion of this, no justification made of it (except a comment that says "marked inaccurate, of course". Nothing.

There’s no come-back possible for the original author, no attempt to debate the issue, and no way for others to either question the inaccuracy or revoke it. In fact, there’s no way at all I can see for ANYONE other than the site owner to revoke that status.

Anyone can mark a story as inaccurate, for any reason, and in this case it’s simply been marked as inaccurate because of the pro-Mac bias of the awful, juvenile wing of the Mac community. This is the wing that Fraser Speirs referred to in his post on how the Mac community had moved "from Anne Frank to Ariel Sharon".

Online, every community has its juvenile zealots (although I’m honestly yet to find any Windows Zealots). And these folk are the loudest voices whenever their community and its issues are discussed. And this is the fundamental problem with the whole "wisdom of crowds" approach. It makes the assumption that online debate is largely rational, when – in fact – an awful lot of it is simply emotional. There is very little quality debate on the open internet on any topic that attracts a large level of attention. Yes, there are small communities that remain coherant and reasoned – but these are rare.

I’m reminded of something that my beloved said to me over the weekend, when we were walking through the grounds of St Paul’s cathedral. Just outside St Paul’s, there is a statue of John Wesley, one of the founding fathers of Methodism. One of Wesley’s principles was that chapels should be small, consisting of no more than 150 congregants, because this was the limit on how big a community could get while everyone knew everyone else.

Perhaps this applies as much online as off.

This entry was posted in Macs. Bookmark the permalink.
  • http://www.dancres.org Dan Creswell

    And just think what the implications are for what software, methods, architecture approaches etc are selected – best of breed or those that attract the noisiest or blindest hoardes?????

  • http://www.alexhutton.com Alex Hutton

    Great post, and interesting stuff…

    As a mac “fanboy”, I’d agree – there’s way too much blind advocacy. As an Information Risk professional, those vocal masses chirping about the trojan happened to be right, but for all the wrong reasons.

    So how do you feel about Democracy vs. a Republic? I’ve heard arguments that, for reasons very similar to the ones you state, that true Democracy is a really bad idea. Especially with uneducated, easily manipulated masses.

    If the Internet is as close to an efficient Democracy of ideas as we can get, (and let me state that blogging and, to an extent Digg are very refreshing vs. the oligarchy of old media) what’s the compromise? What’s the happy medium?

  • http://technovia.typepad.com Ian Betteridge

    The phrase “tyranny of the majority” pops into mind. The truth – and what is right – is not something that’s decided by majority vote.

    Representative democracy is still the best system yet devised, but if you go to the extreme of MPs ONLY doing what they think will be popular with the voters, you end up in the same situation as that which caused the death of the Roman Republic – an endless cycle of increasingly populist measures as the political class fights to out-do each other for the people’s affections.

    Sadly, I think that’s what we’re seeing, both in the US and UK, as politicians shirk the responsibility of telling people they can’t have what they want in favour of more and more “bread and circuses”. The speed of the internet adds to this.

  • http://www.jonathanbaldwin.co.uk Jonathan

    Re: democracy v republic, I recently began reading JS Mill’s ‘On Liberty’ which addresses some questions that ‘citizen democracy’ brings up, and finished ‘American Gospel’ which has one of the most lucid explanations of the US system of checks and balances which, though a bit odd and frustrating to us in the UK, has the effect of stopping mad presidents or congresses passing mad laws. (Er…)

    I’ve become more of a fan of the House of Lords recently, as its lack of ‘accountability’ means it is less likely to bow to what de Tocqueville called ‘the tyranny of the majority’, or what we now call opinion polls. It’s often proven itself a centre of intellectual debate (just don’t fall in to the trap of thinking the Chamber is where it happens!)

    On another note, Ian, I think you should write this up for the Guardian, or get it to Emily Bell there for possible discussion on their next MediaTalk podcast (which is well worth subscribing to in iTunes.

  • George

    Nice post. This ridiculous polarization and everything being a war (OS wars, religious wars, cultural wars) has degenerated discourse to nothing more than a shouting match. Perhaps the really lean years for Apple created so much defensiveness that many adherents started confusing personal choice of computing platforms with ideology. That and watching too much television ;-)

  • http://www.rodgerson.ca/ Super Dave

    As a Mac user who surfs all over the Mac web, I can certainly understand your point about over zealous fan boys (and girls). However, in all humility I think you chose a poor instance to point it out. The article in question can (and in my opinion) should be labelled inaccurate. As I posted at Digg (following reading your article):

    “It is inaccurate because a trojan by virtue of its etymology of the Greek ‘Trojan Horse’ is something that appears benign by nature, but is in fact malicious. The exploit in question is not malicious, but rather a proof of concept.”

    In addition since it is labeled as an exploit, it does not appear benign even in the first place.

    I believe the reason that a lot of articles upset Mac users is that we can not tell the difference between genuine (poor) attempts at journalism and plain old trolls http://www.scripting.com/2006/06/09.html#When:10:38:44PM

    I honestly think that this “Trojan” digg article was meant innocently enough, but a number of other articles on the same topic are just FUD. It’s hard to weed through.

  • Trevor

    Hi Ian,

    Thank you for the article. I believe that the “may contain inaccuracy” marking is because there is actually no Trojan in the wild. More information is available (for a short period of time) at MacFixit here:

    http://www.macfixit.com/article.php?story=20060630141843699

    MacFixit says in part:

    ———-

    “The problem is there is no such “trojan” in the wild, nor has anyone’s machine been exploited. In fact, Symantec’s “discovery” of this vulnerability only came about because Apple released Mac OS X 10.4.7, which precludes the exploit by patching the Mac OS X launchd process.”

    ———-

    So “may contain inaccuracy” is an accurate marking, and it not really true that

    “in this case it’s simply been marked as inaccurate because of the pro-Mac bias of the awful, juvenile wing of the Mac community.”

    Trevor

  • http://technovia.typepad.com Ian Betteridge

    Not to criticise MacFixIt, but I don’t see any citations there. I don’t see any attempt to talk to Symantec and find out the truth. In short, all I see is Ted’s opinion, not any real journalism. I’m not blaming him for that – MacFixIt’s focus isn’t investigative news.

    But worse, the story that Digg links to is still accurate, even if you accept Ted’s report as correct. Nowhere does it claim that there is a trojan in the wild (Symantec doesn’t claim this either: it’s page on the trojan is very bare-bones). Take a look at the story.

  • Zato

    Ian wrote: “Nowhere does it claim that there is a trojan in the wild”

    Here is what the story says:

    Just days after Apple Computer patched its Mac OS X for five vulnerabilities, a security firm Friday warned that an exploit against one of the fixed flaws has appeared.

    Appeared??? where? Just saying “appeared” clearly suggests a virus in the “wild”. This is a lie.

    Ian wrote:

    “Not to criticise MacFixIt, but I don’t see any citations there. I don’t see any attempt to talk to Symantec and find out the truth. In short, all I see is Ted’s opinion, not any real journalism.”

    And where in your story is the evidence that you made any attempt to talk to Symantec or Apple or the creator of the proof -of-concept virus.

    For instance, does Symantec have a copy of the virus? If so, how did they get it? It would likely be impossible to protect a computer or remove a virus infection from one with anti-virus software unless you had a sample of the code. Yet they seem to suggest that Norton Anti-Virus software will.

  • Ex2bot

    While any reasonable person would admit some of the wacko comments made by Mac owners are out of line, there are puhlenty of “Windows Fanboys”, if by fanboy you mean someone who extoles the virtues of one platform while bashing another, truth be damned. Read comment posts to articles about Apple products on ZDNet, Slashdot, c|Net, etc.

    In fact, with Windows’ market share, I’m sure there are MANY more fanboys than on any other platform.

    Mac owners have had to put up with myriad bizarre web and print articles about Apple for years and years. Examples below. No wonder so many Mac owners flock to websites to complain about questionable content.

    Examples of bizarre, if not malicious articles I’ve read over the years:

    “iPod killer”– dozens and dozens of these starting maybe 2002, petering out in maybe 2005. But they’re back!! Microsoft has an iPod killer coming soon!!! Can’t wait. Human ear edition 2007, probably.

    “Beleagured company” – Every article written about Apple from 1993 to 2003 contained the word “beleagured.” Admittedly, Apple was very much beleagured from, say 1993 to 1998 or 99. But when a company is making a profit and has billions in the bank . . .

    “Malware threat increasing on OS X” – Read the stuff Intego and McAffee have written about OS X in the last several months. Yes, I know, two worms. A couple trojans. Wow. No one seems to have a good idea how many spyware apps are floating around out there. One commercial keylogger that I know of. Massive. Nothing that can infect Macs automatically across the net for sure.

    Ian, if you want to see Windows fanboys, read Jim Louderbeck’s recent articles, Kim Kommando’s review of the old “lamp shade” iMac (she uses her machines only for “Business”), Rob Enderly, Thurott, etc. Also check out Macsurfer.com, which lists web articles that mention Apple.

    Bot

  • http://mildlydiverting.blogspot.com/ beloved

    The John Wesley 150 rule is discussed at length in The Tipping Point. It’s an idea from anthropology about ideal maximum tribe size, which tends to 150 – it’s called Dunbar’s Number.

    http://en.wikipedia.org/wiki/Dunbar's_number

    The reason seems to be that 150 is the biggest number of people that any one given person can ‘relate’ to; both in keeping track of their relationships with each, but additionaly keeping track of the relationships between others within the group. It’s a function of physical brain capacity.

    There’s a useful summary of the Tipping Point here.

    http://radio.weblogs.com/0107127/stories/2003/01/01/tippingPointNetVersion.html

    Here’s an article about Dunbar Number and Ultima Online guilds.

    http://www.lifewithalacrity.com/2004/03/the_dunbar_numb.html

  • http://mildlydiverting.blogspot.com/ beloved
  • StarX

    The title of the linked article is “New Trojan Takes on Mac OS X”

    Sorry but this is an inaccurate title, or at best misleading.

    If you see the title: “New Trojan Takes on Windows XP” what will everyone assume? That a new XP Trojan is currently in the wild and doing damage.

    We rarely hear about benign proof of concept malware for Windows, and especially with a title like this.

    When the majority of people reads “New Trojan Takes on Mac OS X”, they think a Trojan affecting OS X is in the wild and is causing damage.

    And this is not what’s happening at all, hence it’s inaccurate and misleading.

    It’s not about hiding facts, it’s preventing the misuse of facts.

    If there was a real threat and that Mac users were really affected, Apple “fanboys” wouldn’t have dugg down this article.

  • http://technovia.typepad.com Ian Betteridge

    StarX, there’s no such thing as benign malware, proof of concept or otherwise. As for the headline, it is, indeed, a new trojan. It does, indeed, take on Mac OS X, which is the only affected operating system. I’m reading the words – you’re interpreting them as something far, far different from what they actually mean.

    There is no misuse of facts here. The story is accurate. The fact that you’re reading it the way you are comes from your automatic defensive “everyone hates the Mac in the media” stance, not from what’s in the story.

    What’s more, I’ve yet to read anything that actually shows the malware isn’t out in the wild. Symantec haven’t said that. The only report that claims it isn’t in the wild is one on MacFixIt, that cites no sources and simply makes a statement.

  • http://technovia.typepad.com Ian Betteridge

    Zato: “And where in your story is the evidence that you made any attempt to talk to Symantec or Apple or the creator of the proof -of-concept virus.”

    I haven’t written any story, so I’m not sure what you’re talking about. What’s more, I’m not making any claim that it either is or isn’t in the wild: I’m simply saying that I’ve seen no evidence that it ISN’T in the wild. It’s not my job to do MacFixIt or TechWeb’s jobs for them, sorry.

  • http://technovia.typepad.com Ian Betteridge

    Ex2Bot:”if by fanboy you mean someone who extoles the virtues of one platform while bashing another, truth be damned. Read comment posts to articles about Apple products on ZDNet, Slashdot, c|Net, etc.”

    I think mostly those are people who react to the sneering, hectoring tone of Apple Zealots (has Apple trademarked that yet?) by posting crap back.

    Most of the examples you cite are out of date. “iPod killer” is usually used either in quotes (where someone from Creative etc has said it) or in comment pieces – which aren’t news stories, despite what you might think. “Beleagured company” hasn’t been used for quite a few years by anyone who isn’t trolling (I think even Dvorak doesn’t use it anymore) and, as you point out, for many years Apple *was* beleaguered.

    Now, as for the “malware threat increasing”… I’d like to see a link to that one please.

    As for the “Windows fanboys”, I know for a fact that Jim L uses a Mac. Thurrott is positively *gushing* about the Mac these days. Kim K’s review is from, when, 2002? And Enderle rarely writes anything except positives about Apple these days. So basically what you’re saying is that lots of people used to write bad things about Apple… when Apple itself wasn’t doing that well.

    (On the subject of the lampshade iMac, it was, in sales terms, a disaster compared to the previous model. Check the figures out for yourself)

  • zato

    Here is the original story about the origin of the “launchd trojan”:

    from C-Net…

    (This story was linked to by MacSurfer}

    Update Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday, increasing the urgency to patch.

    [Edited: Please don't post whole articles, as this is a violation of CNet's copyright. The article, if you want to read it, is at http://news.com.com/Attack+code+out+for+Apple+flaw/2100-1002_3-6089630.html. - Ian.]

    This is how I, and many others who visit MacSurfer, know that Launchd is a proof-of-concept, not malware in the wild.

    The person who wrote the story for TechWeb knows this too. His article is intentionally misleading, it’s black PR. Most people reading it will believe that the Mac is as vulnerable as the PC, which is the purpose of the article. It slows down the “switching”.

    The article was repeated in todays PCworld, and will be reprinted in newspapers all over the country. I believe that are $$ incentives for running these articles in the form of ad buys. What are you doing defending black PR, Ian??

  • http://technovia.typepad.com Ian Betteridge

    Yes, of course it’s “black PR”. CNet, TechWeb and the rest are in the pay of Microsoft. Oh, and those black helicopters? Ignore them. Instead watch the contrails – it’s the government trying to control out minds.

    The fact that you believe in some half-baked conspiracy where TechWeb is trying to stop people switching to the Mac means you have precisely zero credibility, I’m afraid.

    So answer me this: if TechWeb is the pay of “the man” (whoever that is), why does it end its piece with “it’s common in the Windows world for attack code to pop up within days of Microsoft releasing security fixes”. Sounds like anti-Windows FUD to me! Must be looking for Apple’s ad dollars!

    As for the “in the wild” bit, what part of “Update Attack code that exploits a flaw in Apple Computer’s Mac OS X was publicly released Wednesday” do you not understand? If something is publically released, it is, by definition in the wild. That it’s not being used, and isn’t widespread, doesn’t matter.

    So again, the CNet story – and the TechWeb short story – are both completely factually accurate. The only way you could think otherwise is if you buy in to the Apple victim culture that some Mac fans seem to like.

  • James Bailey

    There is no evidence at all that this is in the wild. You making the claim to the contrary does not make it true. You always seem to want to push the most negative of all possibilities in regards to Mac malware. We’ve had this conversation in the past and to date, there is still no dangerous malware for OS X. Your desire to see it, does not make it real.

    The code was published as proof of concept. Not a single copy has been found in the wild. None. It isn’t in the wild. It may be in the future but I doubt anyone will bother since it is patched. And since most OS X users get patches automatically, the number of vulnerable machines is very low (given the already relatively low number of OS X machines in the first place.)

    For the sake of argument, would you agree that if this trojan is not in the wild, the article headline is inaccurate?

  • http://technovia.typepad.com Ian Betteridge

    I’m not making the claim to the contrary, James, I was saying that I hadn’t seen anything that showed it was either in the wild or not in the wild. But if “the code is released” then it’s out in the wild. It might not be being actively distributed, but that’s another matter.

    And given the general pedantry of Mac Zealots on the matter (“it’s not a virus, it’s a trojan!”) I think we should be accurate about these things – don’t you?

    But to answer your question, no, even if it was simply demonstration code that someone had on their machine and wasn’t distributing, I think the headline is accurate. It’s “New Trojan Takes On Mac OS X” – which is exactly what it is, and exactly what it does.

    I’m glad you’re finally acknowledging that low numbers mean it’s less likely anyone will bother creating/distributing malware for a platform – I seem to remember you arguing the opposite a while back! :)

  • http://technovia.typepad.com Ian Betteridge

    James:

    “You always seem to want to push the most negative of all possibilities in regards to Mac malware. We’ve had this conversation in the past and to date, there is still no dangerous malware for OS X. Your desire to see it, does not make it real.”

    Not at all. I have no desire to see any malware ever appear on what is, after all, my platform of choice. I don’t have any virus checking software installed, although I do take better-than-average security precautions over and above the default out-of-box configuration.

    However, there are two things that I’m always prepared to argue about. The first is arguing with people who believe that the Mac is somehow immune from malware. It is not. It is more secure than Windows XP, largely because of the privs system that it adopts, and this is reinforced by the relatively small target that Macs represent. It is not, however, bullet proof and it’s not immune to the main method of attack that modern malware uses – social engineering, NOT vulnerabilities in the OS.

    Secondly, I want to push Mac users to take security seriously, and not just rely on Apple for their safety. The most dangerous piece of malware is called “User Complacency”, and it can affect any platform.

  • Jon

    Have you read the Wisdom of Crowds? Digg doesn’t meet the criteria the author defines. Specifically, it fails the neutrality test.

    As an example, if you let people guess the number of marbles in a jar and they have no knowledge of other people’s guesses, the average of the crowd’s guesses will be very accurate.

    But if you display the guessed values as they are made, the final average will NOT be very accurate. The results are skewed by a kind of peer pressure. Digg is the latter, not the former, hence the mob mentality.