So, in an effort to catch up on all my reading, I stumbled back upon MyBlogLog’s own blog to find that near the middle of December, the ubiquitous “Eric” (who is everyone’s “friend” when they start up on MBL) announced that MBL was having difficulties with “spammers”. Well, this is no surprise. Eric, welcome to the price of social software success.

MBL has been growing in leaps and bounds. In a post that never quite made it to being published (in some parts due to sheer laziness, and in others, because my laptop kept on shutting down before I got to save the article), I tried to note that one particular metric had actually been doubling every month, and that was the number of blogs that had included the reader roll that graces this very site (you know, the one with faces). That’s pretty impressive. Its also broken into the Alexa top 1000. Also, pretty impressive.

So, with the number of active MBL’ers doubling every month, and traffic going through the roof, coupled with its unique role in providing a superstantial network layer to blogs, it is no wonder that over the past month or so, I’ve noticed that MBL has been a victim of social software exploitation — or, “gaming”, as is popularly known to SEOs, and Digg fans.

And it got me thinking wherein I came up with a totally unscientific, totally unvalidated equation that might explain the factors which lead to a site being gamed — and there relationship therein.

Eric goes on to say about MBL;

A small percentage of our users try to drive traffic to their own communities (and eventually their own sites) by a) joining hundeds of communities, b) adding hundreds of contacts and/or c) sending out hundreds of messages asking people to check out their communities.

It’s interesting how people respond. Personnaly, I could care less if someone joins my communities or makes me a friend, but heaven forbid they send me an unsolicited message. For other people, it’s just the opposite — they’re fine with messages but they hate it if one of their only community members is an obvious plant.

However, most of these members are also the most engaged in MyBlogLog. When you look at their profiles and communities they have dozens of messages, almost all uniformly positive. People who click through seem to appreciate the attention and appear genuinely happy that somone took the time to interact with them.

So we’re at a loss. On the one hand, we have a vocal group of members asking us to stop letting people fish for traffic this way. These people who want us to ensure that only high-quality connections are let through, either by banning the users or restricting their ability to post or just changing the whole framework of the communities. Then there’s the other group that actually like the random requests.

Now, personally I haven’t been a victim of unsolicited requests to “check out” someone’s site all that often — but I can imagine that as MBL grows, the number of requests of me and mesages left behind onthe DJI community board will also grow. And it would be easy to see how unsolicited pestering (”spestering?”) will rise in a commensurate way as well. Folks have left behind some decent suggestions, including having a rating system for who can contact you, but it got me thinking WHY does this happen, and more importantly, under which circumstances can this happen.

First of all, gaming will only occur when there is something to be personally gained from it. Most social networks tend to be exploited so that they can be used to feed traffic to other websites or blogs. For example, my favourite punching bagg, Digg, represents is a massive fountain of traffic if one manages to get a submission to the front page — in the right circumstances 70-100K uniques in 24h; Reddit, and Netscape much less so. MySpace represents a similar opportunity to drive traffic to off-MySpace sites, even though it contravenes your terms of service. On the other hand, sites like Friendster, because of how they’re built, are not as amenable to driving traffic, and more have to do with personal, professional, or strategic networking.

Where does MBL fit in? Well, I think it certainly fulfills this criteria, as there is a way of identifying and creating blogging contacts who you might not otherwise know about — although its an inefficient system — and can easily send them unsolicited messages.

What’s the rest of the equation? Assuming that a site is amenable to being exploited for personal use, here goes:

And here’s the key:

G = potential to be gamed / exploitated
t = traffic
a = active users
n = number of potential points that can be exploited
m = level of actively committed moderation

While the relationship of these variables are totally untested, I thought I would toss this idea out there so that it can germinate and generate discussion. My thoughts are that the potential for any social network / software site to be gamed is a relationship between roughly three variables – the popularity of a site, the exploitability of that site, and the level of moderation of that site.

That is, as a popularity of a site (t *a ) grows, the chance that it will be exploited increases. No one will exploit something if no one knows about it, or there is no traffic to manipulate.

Another positive factor, (n) is the number of potential exploitable points. As this number increases, the chance that a site will be gamed will also go up, as it provides more opportunities and entry points for individuals to game a site.

As an aside I felt that “popularity” ought to be measured by both the product of traffic and active users. Traffic is an indication that people are going to and using a web tool. The number of active users denotes usage in a different way, and that is usage in terms of contribution. To use Digg as an example, traffic might reflect the number of people visiting the site, and using Digg as a tool to find news, articles, or videos of interest. But active users represent the number of Diggers actually submitting something. In MBL’s case, traffic might represent people clicking through on profiles, and visits to the MBL page; active users represents people who have signed up and installed widgets.

A factor with an inverse relationship, however, is the level of active and committed moderation (m) . If there are enough personnel, and they are accompanied by a managerial commitment to succeed, then this will act as a balancing factor to popularity and exploitable points. That is, as this goes up, the potential to be gamed goes down. An example here would be Netscape, and how they’ve put lots of money into hiring people to keep a close eye on submissions, comments, and content.

Now, you’ll note that I did not say anything about algorithms for moderation.

And that’s because the very notion of putting a software program to monitor ‘gaming’ and roles automatically puts it at odds against people who are looking for weaknesses to exploit. To moderate and control weaknesses require human recognition that something was wrong in the first place; if individuals are gaming a site, it means that there are circumstances that were not planned out for, and a set of rules that are being taken advantage of.

So where does this put MBL?

Given the fact that it is hugely popular now, and that the number of actively installed reader widgets is exploding, it sets the scene for exploitation.

How about the number of points that can be exploited? There are a handful. You can make someone a “contact” without their permission. You can contact contacts without any level of control on their behalf (i.e. “do not contact me”). You can make an unlimited number of contacts over any period of time. There doesn’t seem to be any algorithms to prevent bots from automatically registering and contacting people (no captcha’s for example).

On the other hand, it seems like Eric and his crew are definitely committed to keeping “spamming”, and exploitation of the system beyond its original intentions (whatever they may be), under close guard. He’s already instituted some privacy solutions, and has enabled a “this is spam” flag to messages you might get. A great start. On the other hand, like any startup, MBL probably has a limited amount of resources to devote to this, and time will tell if MBL has the will to keep up both in terms of the personnel needed to attend to the issue, and software solutions to help with that as well.

Is this equation correct? Almost certainly not. But I’m hoping that it does spark some discussion. Who knows, it may even have similarities with understanding how systems are vulnerable to spyware, viruses, and so on — and might reflect published understandings that already exist. Data security hounds — let me know what you think as well.

“Gaming” a system and exploiting its weaknesses for purposes that were not originally intended (and often for personal gain) has been a perennial issue with Digg, particularly as its grown in size and popularity. As Web2.0 runs its course, and other startups start to separate from the pack of also-rans, the phenomena of “gaming” will likely affect many, if not all of them to some degree or another. Since marketers will always look for an edge to grow their own clients or their own concerns, we should expect this issue of social media exploitation to continue throughout 2007.

What other independent factors could we introduce? How can we break up existing factors into more explainable factors? Is the relationship with popularity and number of exploitable points really a “power” relationship? As always, I’m open to your thoughts an opinions on “The Gaming Equation”.