>It doesn't strike me as a very difficult task to create a few thousand profiles and have them vote for each other (and also give you a ton of votes to random people to hide better), and then use the collected power for SEO spam.
I have to disagree. I bet this kind of abuse is well studied by any major site relying on a reputation system/user content. I can't point to anything specific, but off the top of my head discovering that kind of abuse seems exactly like finding strongly connected components: http://en.wikipedia.org/wiki/Strongly_connected_component
So you could probably prevent this algorithmically, but even if you couldn't... the site is heavily moderated. Bad questions and answers are down voted or closed. In my experience, getting lots of reputation on SO actually requires a lot of persistent effort. I have just over 1000 rep myself and it felt like it took forever to get there. Even if you could get lots of upvotes, you'd still be looking at daily reputation limits. And finally, you'd waste all that on one or two spam links only to get perma-banned and have all your links deleted?
A combination of high reputation + an initial nofollow time period (to allow spam links to be discovered) seems like it would be pretty effective.
While I agree that it would be possible to get these networks exposed, it is still non-trivial effort. That's really the point I am making. Personally, I'd rather see them allocate more resources towards making developer QA even better, than chasing protective features.
My 1781 reputation was not that hard to come by - it happened organically with me trying to help out in the Google App Engine section. I'm not a developer by trade, just a hobbyist.
Based on that experience, I'd imagine there to be areas that are much more obscure, with little moderation oversight, being decent sources of easy reputation points...