"Stacking the Deck" Attack on Software Updates: Solution by Distributed Recommendation of Testers

The discussed "Stacking the Deck" attack and our solution are relevant only to software controlled by loosely constituted communities. Developers can change their vision and abandon features that are essential for certain users. Moreover, well funded attackers can effectively take control of a project by orchestrating the transfer of the leadership of the developers to people that they control. We propose a mechanism to reduce the level of trust that users are required to have in the maintainers of free and open-source agent software. In fact, with the proposed method, it is sufficient for the user to trust that his constellation of independent testers are safe from attack, even as all testers may be subject to different attacks. Our solution inserts independent intermediaries (testers) between the developers and the end-users. To encourage independence of the testers, essential for the desired security, a distributed recommendation mechanism is employed, suggesting testers for end-users based on preferences of immediate connections, and on the frequency of usage of these testers in her neighborhood. Metrics of success and experiments for identifying promising parameters are reported.