Yep, I do this openly with obvious accounts to garner attention to how stupid sybil attacks are currently, how stupid easy it is to make accounts and game the Hot section, and the vote count. This is what the sybil section on my recent post (this one) was about. I want attention so that the devs make better ways to counter this. This is why I was hoping to get dev attention with my post, sybils are a problem. So thank you for giving this even more notice! Not everyone read my section on sybils.
I did this in previous posts to test my theory (if I could skyrocket up hot). You will notice I only tested on posts that I expected to trend anyway -- my photography is not that great, yet! :)
In my post, you can see my discussion on how miners have many accounts and wish to use all their Steem Power to upvote their own content, but this causes a sybil attack on Hot, which is unfortunate. How do I use my mining power? I earned it, can I not upvote my own content with my power?
It is a tough question, and you can see my suggestion in my post to have an official channel to do this (via vote proxies). I would much rather use an official channel.
Smooth also responded to my post with a great suggestion to remove the "vote count" or even the Hot section all together, and I agree with him.
Fair enough, but it would be more effective to sybil a post that explains the problem rather than a random Cheetah related post. Some posts like an exploit report that would hang on the top of the ranking for weeks is sure to push the message unambiguously.
I tested at first, and then I tried to talk about sybils in my latest post. In retrospect I agree, I should have been more clear that I was trying to break things -- e.g. just make a single post about sybils and push that one (not just as one of the 3 topics in my last post).
The more attention we get the better, at least, so we can fix the problem. See smooth's response as well for some more insight and how to fix it.
See also this newly created a Bug Report.
There is an on-going discussion on how to fix this issue with the steem Devs: https://github.com/steemit/steem/issues/233
You're worse than Dr. Gero! The work is appreciated however to help prevent future Dr. Gero's on here.
Great to have you on this @anyx
Absolutely! But more awareness needs to be raised on this. It essentially means that the number of people that have voted on a post is meaningless. Also as you pointed out in your article the hot algorithm is broken.
The average must be empowered to do the same e.g. create 90+ Bot accounts to vote for their own post to level the playing field.
I have acknowledged this in the above article and I am not saying it was done with malicious intent. It was however manipulating the vote count.
I would argue I am being outright malicious. I completely admit to it in my post:
On the other hand, I am actively trying to figure out how to break the system, and garner discussion on how to fix it, before too many people start breaking things.
I tried to raise awareness about sybils in my posts, but that topic did not get much attention, other than people suggesting NOT to limit accounts. So I hope your post gets attention.
This is why I really like smooth's response to a) Destroy the Hot section, and b) Do not display vote count, only 'stake' that a post has earned.
What a great response @anyx !
Probably this post this will not garner enough attention and it did not use Bots to upvote itself. Your post already had quite a few upvotes when you used your "attack" it would only increase the payout. Also the post itself was not only about your own attack. Neither your post nor this post might be enough to really make the problem obvious to everyone.
In my opinion more awareness needs to be raised.
For now I will propose to create a Bug report to see what the Devs say.
If the problem is ignored:
Well, let's get some attention. 150 votes aught to do it, eh? We're at the top of /hot already.
Created a Bug Report Here: https://github.com/steemit/steem/issues/233
Hola, disculpen todos.! Soy desarrollador de software y comprendo lo que hablan. Ademas que hice algo similiar pero con fb.com xD en 2014. Luego, aplicaron la verificación de cédula y teléfono por cuenta. En cuanto a steemit.com, tengamos en cuenta que es un proyecto de la ICO STEEM, y ellos proporcionan su código en un repositorio de forma publica https://github.com/steemit/devportal, para que otros desarrolladores haga su red social usando las mismas API, ¿Porque digo esto?, porque son interesantes sus intenciones, además que cobran de inmediato por el servicio prestado. Sin embargo, los invito a que interactúen directamente con ellos en https://steem.io, seguro los recompensan! Además, que no hay un control directo sobre los FRON-END en github con que ya se han desarrollado otras redes sociales. El tiempo es dinero y vida. El equipo de STEEM, con los datos que ustedes han recolectado. Ellos tienen que ver, si corrigen validando la base de datos o el BACK-END. y quizás les tome su tiempo. o nose. Pero no es necesario, armar tanta polémica. Es necesaria Obviamente para la evidencia, pero no esperen que el programador venga a ustedes. Si dicen que a ustedes tambien les interesa. Saludos.!
Nota: De mi parte, también he detectado errores y pronto los publicare. No los reporto directamente porque son temas dóciles, pero el de ustedes es muy importante.
Comento como si la publicación fuera de hoy, debido a veo a que aun falta que algunos conozcan estas opiniones y quizás a alguien le sirva.
¿Lo lograron resolver.? Me gustaria saber que paso luego de un año.
@anyx, can you try it with this post here?
Apart from getting you into the "hot" area, is there any other benefit? Can those bot accounts get you more money if they vote after something has trended?
Yes there is another benefit: Bait Dolphins and Whales to vote for you, because they assume high support from a lot of (poor) users. After all, the vote count is quite prominently placed below your post.
Both of these effects together will indirectly help you to increase your payout! This post would probably not have achieved this payout if @anyx had not upvoted it with his bot army.
So what is the solution?
Cg
My ideal solution is in my post. I encourage you guys to read my last post, especially the sybil section, if you have not already!
If there is an official channel to use all my VESTS, then I will have no need to vote explicitly with my mined accounts.
Again, note that I only did this on specific posts, to see if I can game the system.
Is this bad? Yep! Am I glad people are noticing? Absolutely!
yes, maybe
I've been trying for two weeks to get one pow, how are you getting so many pows. What's your hashrate?
Also i don't see any issue with what you're doing @anyx, If you're able to get out of the box and make your ends, good for you. Like what fiftee says "if they hate, then let 'em hate and watch the money pile up".
Hell yeah! But it is getting more bigger in 2018! Bot gaming
Hey @anyx $vote @lilkufalli