Blog

In order to be useful, a system like WOT needs an extensive database of website reputations. It's crucial that we know as much of the web as possible. Thanks to our trusted sources and early testers, we already have reputations for more than 10 million websites in our database. However, domain names being hierarchical, calculating the total number of known sites is not that simple.

As the technically-oriented of you already know, the Domain Name System (DNS) forms a tree. Once you purchase a right to single node of the tree, known as a domain name, you control the entire subtree below your reserved name. For example, Google owns the domain name google.com and therefore, controls all its subdomains. This means that the reputation of a node should propagate down the DNS tree. If you trust google.com, you probably at least somewhat trust earth.google.com too.

However, there are some sites that give control of their subdomains to other people, a prominent example being blogging sites, such as LiveJournal. They choose not to oversee what content their subdomains contain, well, as long as it's not blatantly illegal anyway. This means that livejournal.com might have several subdomains with untrustworthy content that are controlled by someone else. If we think about it, this makes livejournal.com seem less trustworthy. In our minds, the reputation of a subdomain also affects the reputation of the parent domain, and thereby, the reputations of all other subdomains. Hosting your blog in a bad neighbourhood is bad for your reputation.

Taking the hierarchical nature of domain names into account, WOT can estimate the reputation of a previously unknown site based on its position in the DNS tree. If you create a new blog hosted on, say, blogspot.com, we won't have any data of its trustworthiness yet. Theregore, we show you a reputation estimate for your blog based on its surroundings. We sort of know what to expect. Should you prove us wrong for better or worse, our users will of course correct your reputation.

So when people ask us how many sites WOT knows, this is why it's hard to say an exact number.

How can a system where all the data comes from users respond to threats quickly? Doesn't it mean that someone must visit that scam website before others can learn about it? Yes, it does. That's why WOT combines evidence collected from multiple sources when computing reputations.

While our primary source of knowledge is testimonies from our users, in order to respond to phishing and other threats immediately, we need more information. Currently, WOT looks for reputation data in nearly one hundred carefully chosen trusted sources. Each trusted source is assigned a reputation of its own and its output is filtered through the same algorithm we use for user testimonies. This makes it possible for us to give you an early warning of new threats as they happen, before anyone has to fall for the scam.

In other words, trusted sources give us an automated, more advanced version of a regular phishing protection you will soon find in most browsers. However, unlike your normal anti-phishing where information flows in only one direction, WOT allows users to have their say. If you think the reputations you are seeing are wrong, you can change them.

Learning from users also makes it possible to measure things that cannot be determined automatically. For example, only people can reliably tell if a site is spewing lies or contains truthful information. Or if the shopping site delivered the goods after payment. This is why we have worked hard to make it as easy as possible for you to share your opinion.

Normally, when you want to give your vote in a democratic election, you are required to register as a voter and to identify yourself before allowing to cast a vote. This is done in order to prevent fraud: everyone should be able to vote only once. In real life, you trust the people running the election to not disclose your vote. Or even if they do, it might not really be such a big deal as the elections are rare and your vote might not reveal anything you wouldn't want to share with others anyway.

In an online environment, such as WOT, where you regularly vote for websites, your votes can potentially contain information that you might not care to disclose. While we do our best to protect your privacy, you shouldn't have to take our word for it. Therefore, we have built WOT so you don't have to register in order to vote. In fact, we don't expect you to tell us anything about yourself.

As you can see, this creates a problem for our small election that plagues most online polls: how can we prevent fraud? What's there to stop anyone from stuffing our ballot with fraudulent votes? Nothing! And that's where the math comes in.

Instead of your regular democracy, where everyone has one vote, what we have in WOT can be called a meritocracy. In our system, all votes are evaluated by their merit. Unlike in a typical meritocracy, we don't know anything about you, your social status, or your skills, but we do know how you have voted in the past. Using a number of statistical algorithms, we compare your voting behavior with that of other users, and determine exactly how much we can trust you.

If a user's voting behavior is completely erratic, or we notice an actual attempt to manipulate reputations, we simply don't trust that user's votes as much anymore. In WOT, trust has to be earned.

Welcome to the WOT blog. While this is our first post we have, quite astonishingly, been working on this project for almost a year already. And now we are finally taking the next step, and publishing the fruits and results of our work. These are interesting times we are living.

Our idea for WOT is quite simple. Or, it can also be a complex one, it depends on how you think about it and how deep into detail you want to go. We want the Internet to be a safer place for everyone, we want it to be more democratic, and to give everyone a chance to contribute to this objective.

How will we achieve this? Our idea is to form a reputation for websites based on user votes, or testimonies, as we like to call them. The concept is very simple, yet brilliant. Why a website would need a reputation, you may wonder. Think again.

There is a huge number of websites. Over 40 million active domain names according to some estimates. Clearly it is impossible to visit all of them. Most people have probably never even heard of most of them. When you surf to a new site, it is always hard to tell if the content of the site can be trusted. Nowadays, you may think that a site is trustworthy if it looks professional. Appearances do matter. But it is very easy to create the looks, or just copy a good layout from somebody else. The thing is, only when we use the services the website provides, we can find out if the site is trustworthy. "Oh, they did not send the goods I ordered? What can I do now?" This is learning the hard way. It does not sound very nice and you may lose a lot of money, too.

Eventually, these problems will lead to a web, where only the biggest and the most well-known sites are used. But this is not the way it should be. For example, there are thousands of web shops, which are perfectly honest but the occasional user can not know this and will buy only from the big players.

Brief history of WOT

How did we think to come up with WOT? Well, our company was founded by two university post-graduates from Finland, working earlier as researchers in the field of computer security and data mining. During our research we came up with the thought of creating a reputation system for the web.

Before rushing on to implement anything, we gave a lot of thought to different types of reputation systems. Quite thorough research was conducted; mainly by reading scientific articles but also by exploring the web. Most of the current possibilities for computing reputations are quite simple, but maybe not so efficient. Others are mathematically beautiful, but not very plausible to implement on this scale.

Finally, we formed the structure of our service. It consists of an add-on to a web browser and a centralized database for the reputations of websites. Using the browser add-on, users can easily give their testimony and also see the reputation right away in their browser. The testimony is then stored in the database, where the site's reputation is computed based on the testimonies. We use complex algorithms for calculating the reputation, and also some other mathematical stuff to make it all work together. However, the user does not have to think of all this, as we aimed to make the user interface very simple.

We believe that by using our service people can form their own opinion of websites based on real information and informed decision making, not just appearances. This hopefully encourages you to explore the web more widely and allows you to have more confidence on the content of that unknown website you just found. On the other hand, you get a warning if the site should not be trusted. However, our service only gives you advice, you still have to make your own decisions. The beauty of our service is that the users form the reputation of a site, not some automated system or an untouchable authority.

Testing WOT

Almost a year has passed since we made the decision to make a prototype of the service. Ever since the first version was completed, we have tested WOT diligently and developed it iteratively. No shortcuts to success have been taken. On the contrary, we have put in lots of hard work and thought into this.

Finally today, we are ready to publish the beta version of our service. We hope web users all over the world will find it useful. Please download our extension for Mozilla Firefox and let WOT make your web safer.