views:

145

answers:

4

Inspired by this posting http://stackoverflow.com/questions/72394/what-should-a-developer-know-before-building-a-public-web-site, I wanted to know:

What should I know about user antisocial behavour? I know some users will try everything mentioned in that posting. Other users will spam others, write post to troll others. What are some things I should worry so I can design a way to revert these actions?

The website I plan to build is a user content site - such as YouTube, Wikipedia and SO :).

+3  A: 
  1. If there's any sort of reputation scheme, you should assume that the users will make every attempt to game the system in a myriad ways that you would not have dreamed of. Make sure you are logging and monitoring as much as possible, so that you can detect wayward activity and rectify things afterwards - and then ensure it doesn't happen again, and know that your logging and monitoring will spot it happening again if the fix doesn't work well enough. Repeat ad nauseam.

  2. If you have logins and passwords, allow as many characters as possible in the passwords - both in terms of length and character repertoire. Just make sure you don't get fooled into executing anything that is in the password. Similar rules might apply to logins; more likely, you'd do better to use an email address (relatively easy to validate) or something like OpenID.

  3. What they said...

Jonathan Leffler
One thing i was thinking about is if i should log subscriptions or favorites. Or something like remove their own notification msg (trigger when they subscribe to another person and that person adds new content). I also couldnt decide to log when a user flags another user since there is a threshold amount before an admin will see it. I notice all of these are button press and doesnt take in user input. Should i log those?
acidzombie24
My gut feel - coming from a database security background - is that you should log everything. At least at first. At first, the community will be smaller (so there is less to log), but it will also be easier to analyze. If you omit something, you can bet your bottom dollar (euro, yen, yuan, pound, ruble, rupee, ...) that will be what you need to resolve some issue. If/when things stabilize, you may be able to optimize by omitting some logging. But "premature optimization is the root of all evil" - "don't be evil".
Jonathan Leffler
ok cool, i'll log everything. An hour after i wrote that post i realize the way i was going to log everything was terrible which is why i didnt want to log everything. I would of done much more work then required. I was thinking of having a log table with Ids, dates, actionType and whatever else i needed (stupid! i know). I realize i could just add a date to everything and can generate a log through that.
acidzombie24
+2  A: 

One thing I learned that helps when dealing with obnoxious users is not to deal with them via a personal account.

If you put your own name on a post or something when dealing with a troll you're opening yourself to personal attacks, especially if it's in any way debatable. Much better to approach them as Staff or Admins than your own name.

Lone Coder
A: 

There is a way to troll almost anything on the internet if you have enough time to waste. Any attempt to limit anti-social behavior needs to be balanced by how it restricts other users. You don't want to scare away your good users. Since any community site on the net succeeds by attracting people, make sure your sensitive to how people respond to changes you make on the system.

I think a lot of patience is needed. I would also be cautious about "firing from the hip" in response to someone's actions. You don't want to let people provoke you into exhibiting anti-social behavior yourself.

ICodeForCoffee
+5  A: 

Banning people never works. Much easier to make offensive people's posts invisible to all but the offender. Trolls exhaust enormous amounts of energy trying to get a rise out of people, and its all for nothing since their hard work is perfectly invisible to the rest of us. I've found this technique of starving people of attention is orders of magnitude more successful than banning people outright.

Juliet
That is a fantastic idea. How do the technique work? After X amount of ppl flag it an admin checks it out and makes it invisible? or is it more complex (or even more simple?). Is there a place i an read about this more?
acidzombie24
I'll be brainstorming more technique to starve attention and anything else that may help.
acidzombie24