RE: Pull Request Submitted - Remove reputation protection from downvoted post hiding
Tim you do a lot of good work here which is why I feel safe saying this pull request is doing more harm than good.
Downvoting bots on authors with 65+ reputations ruin the spirit of what you are trying to do with this pull request. For example, I have a bot that follows me around and downvotes most every comment I make by the account name of @veryscamfield. See the downvotes at https://steemd.com/@veryscamfield. This is an account created by @berniesanders and @nextgencrypto that automatically downvotes most of my comments.
Fortunately the reputation protection blocks this downvoting bot from hiding any of my comments with its dust vote. Without this protection, one user could make a bot to automatically downvote any and all of our 65+ reputation authors and automatically hide comments on a huge scale. There is no reason any of us should be expected to setup a bot to then autovote our comments back up to counter what already is prevented.
Your pull request means at no reputation level are we free from a dust voting bot hiding our comments and that it should then be our responsibility to auto upvote our own comments or to do it manually to counter this.
There are pros and cons to the change. I am not dead set on it being made, but I lean more towards the pros outweighing the cons. Ultimately it will be up to Steemit, Inc. whether it is accepted or rejected.
A few questions:
Yes the problem is there for accounts less than 65 reputation which is good to catch users that are truly posting spam or comments that should be hidden. For users that are established in the community with over 65 reputation, no amount of downvotes should completely hide a comment because this user has proven themselves to our community a lot to get to 65. If that changes, repeated downvotes will eventually lower the reputation to below 65 and hide comments again.
We want to keep user protections available to authors contributing the most here especially when it comes to preventing abuse from bots. What we have in place with the 65 reputation limit for hiding posts is good because it provides that. There are almost no benefits to removing this protection while a huge annoyance is opened up to anyone over 65 being able to have comments hidden with even a dust downvote.
With the current system, having a downvote bot on someone over 65 is fairly pointless which is good because if someone has given enough here to earn a 65 reputation they should not be subject to having comments hidden by one dust bot autovote and expected to setup a bot or vote manually on their own comments to prevent this.
Authors with 65+ reputations are also more likely to be targeted than a user under 65 reputation simple due to popularity. As with me, more followers = more haters regardless of what I post. Should one account that has never posted or powered up any Steem be able to automatically hide all of your comments or mine? Absolutely not.
If this change goes through, one person would be able to automatically hide every author over 65's comments without having to buy any Steem power. That is a con that outweighs any pro for this change.
I see your concern and I don't disagree, but IMO users getting their accounts stolen through phishing is a bigger issue, even if it doesn't happen very often.
Another 66 reputation account was a victim of the recent phishing attack. Now there are 2 accounts that can post phishing links with little or no resistance. I've seen it take 2 - 15 days to recover an account. How fast can this spread if it is left unchecked.
While I agree this has pros and cons, unless you have another suggestion to stop the spread then I see this as a good temporary measure that could be reversed.
Why would a legitimate 65+ user automatically assume that a countering autovoting bot is needed? That's a bit confusing.
Tim's excellent idea would prevent misuse of stolen accounts and other malicious acts that can negatively impact Steemit.
Misuse of accounts and abuse from over 65 reputation is not that common whereas one person with a downvoting bot could hide every single comment by default on every 65+ reputation user if this update went through. After having a downvoting bot put on me, I see the need for anyone 65+ reputation to avoid having comments hidden by a bot.
I do see it from your perspective but, unsure if you're aware, a second 65+ account was just phished. What would happen if it's your account that's compromised and your reputation is on the line? One wrong click is all it takes man.
I don't see the difference between an account having rep 65+ and account having a rep lower than 65, hence I don't understand you are against removing the strange behaviour of Steemit. A more elaborative comment you can find here: https://steemit.com/abuse/@timcliff/pull-request-submitted-remove-reputation-protection-from-downvoted-post-hiding#@edje/re-timcliff-pull-request-submitted-remove-reputation-protection-from-downvoted-post-hiding-20171024t145903700z
Why protect 65+? Why don't protect 60+? Why don't protect 50+ or even 25+?
Another 66 reputation account was a victim of the recent phishing attack. Now there are 2 accounts that can post phishing links with little or no resistance. I've seen it take 2 - 15 days to recover an account. How fast can this spread if it is left unchecked.
While I agree this has pros and cons, unless you have another suggestion to stop the spread then I see this as a good temporary measure that could be reversed.