
Twitter Still Can't Keep Up with Its Flood of Junk Accounts, Study Finds - seapunk
https://www.wired.com/story/twitter-abusive-apps-machine-learning
======
YjSe2GMQ
This is humiliating to Twitter. The fact that someone can create a better spam
filter without having access to corporate private information (such as user
interaction signals, which are normally incredibly powerful) points to that
they simply don't want to kill the spam:

> _In fact, the paper 's two researchers write that with a machine learning
> approach they developed themselves, they could identify abusive accounts in
> far greater volumes and faster than Twitter does—often flagging the accounts
> months before Twitter spotted and banned them._

~~~
ForHackernews
Of course they don't want to kill the spam! Then they'd have to admit a huge
fraction of their user accounts are fake.

For all the attention it gets, Twitter is a niche product with many fewer real
human users than Instagram or even Snapchat.

~~~
phillipcarter
Bingo. Fake accounts and bots Make Number Go Up And To The Right, so why on
earth would they want to stop them?

------
salimmadjd
Geoff Goldberg (@geoffgolberg) [1] who is very vocal about this on twitter and
has done bunch of analysis about foreign bots, got his account suspended by
foreign trolls flagging him.

Presidential Candidate, Kamala Harris (@KamalaHarris) account was inflated by
millions of fake followers. There is an analysis of it here [2]

Which is if paid by the campaign, by law it should be reflected on their
campaign spending (however, it would violated twitter's rules and her account
could be suspended). Or paid by some PAC. Either way, if it's so easy to
detect, it's obvious twitter knows about these and are just not reacting to
them and only removing some accounts for PR purposes.

[1] [https://twitter.com/geoffgolberg](https://twitter.com/geoffgolberg)

[2]
[https://twitter.com/likingonline/status/1092643779402620928](https://twitter.com/likingonline/status/1092643779402620928)

~~~
ceejayoz
Don't discount the alternative possibility of an _opponent_ buying followers.
Someone pulled that on Roy Moore:

[https://www.nytimes.com/2018/12/19/us/alabama-senate-roy-
jon...](https://www.nytimes.com/2018/12/19/us/alabama-senate-roy-jones-
russia.html)

> It involved a scheme to link the Moore campaign to thousands of Russian
> accounts that suddenly began following the Republican candidate on Twitter,
> a development that drew national media attention.

> “We orchestrated an elaborate ‘false flag’ operation that planted the idea
> that the Moore campaign was amplified on social media by a Russian botnet,”
> the report says.

It's fairly common with Google AdSense, too - generate obvious click fraud on
a competitor's ads, watch them get suspended.

~~~
stingraycharles
This seems really difficult a problem to tackle for Google, Twitter etc.

Other than a victim trying to make a strong case that they are not
responsible, are there any elegant solutions to this problem?

~~~
Barrin92
why not tie twitter accounts to some strong real world identification? One
cent payment to twitter, national id or something of that sort?

Just push the bar up for people. The flipside is that people who want to stay
anonymous or people with privacy concerns will stay off the platform, but I
think fundamentally there is a price to be paid if you want an authentic
community.

~~~
tootahe45
Because Twitter would be exposed as 95% throwaway/inactive/bot accounts.

------
jpalomaki
”One drawback to the Iowa researchers' method was its rate of false positives:
They admit that about six percent of the apps their detection method flags as
malicious are in fact benign. But they argue that false positive rate is low
enough that Twitter could assign human staffers to review their algorithm's
results and catch mistakes. ”

If I understand right, out of 460k apps 170k were malicious. That should lead
to quite many manual reviews, if you don’t trust the algorithm. Also I’m not
sure if this would a task where humans are any better.

At these numbers 6% is quite much in absolute terms. That would mean quite
many legitimate apps getting blocked (unless I’m missing something here).

~~~
jonathankoren
It’s simply not worth the time and money to pay someone to review every app
created everywhere. Even with a 6% false positive rate, those app developers
will appeal if it’s worthwhile (which will probably be less than the full 6%),
and then they can be manually reviewed, and the false positive rate brought
down after some more iterations.

6% is 6%. The absolute number is meaningless. It’s just a crappy twitter
integration that no one really cares about. It’s not a human life.

------
rchaud
What is Twitter other than a way for celebrities and consumer brands to
advertise to their customers? I suppose with paid-for follows and retweets
from click farms, you can position yourself as an 'influencer' and get a gig
pitching slim tea, or testosterone gel or something out of a late night TV
infomercial.

The whole thing feels highly commercialized and yet, at the same time, very
gauche, like stepping into a neighbourhood where the only stores sell payday
loans, bail bonds and liquor. I follow ~12-15 people in my industry who are
knowledgeable about stuff, but honestly, that makes Twitter extremely boring.

I'm starting to realize that the drama and beefs (often manufactured) is what
keeps ordinary people coming to a medium where they aren't even the intended
customer.

~~~
abdullahkhalids
I use twitter to follow people (usually scientists or public intellectuals)
that tweet solid ideas or share essays with solid ideas. I only follow
accounts with high signal to noise ratio. Noise is empty tweets that have no
substance or buzzfeed like articles.

Here is a prime example of an account and tweet that has lots of substance
[https://twitter.com/michael_nielsen/status/10618244705564672...](https://twitter.com/michael_nielsen/status/1061824470556467200)

He also has lists of accounts on his profile that have high signal to noise
ratio.
[https://twitter.com/michael_nielsen/status/10810700446483988...](https://twitter.com/michael_nielsen/status/1081070044648398848)

Personally I would love to have the feature of following accounts for their
self-written tweets but not retweets. Definitely will help with signal to
noise. But that goes against Twitter's business model, so I doubt it will
happen.

------
snr
The authors conveniently forget to mention the false positive rate with their
approach.

------
rthomas6
Time for everyone to move to the Fediverse! Preferably small instances for
your irl social circle. I know it probably won't happen that easily, but a man
can dream.

~~~
thosakwe
Hot take: the Fediverse won’t catch on unless it gets a killer app of its own.
Every federated project I’ve seen is a clone of something else.

~~~
riffic
The killer app will be when journalists, public institutions, and community
orgs are contributing content to the fediverse on instances run by their
employers.

~~~
gevi99
Those are the last sections of society that usually adopt new tech though.

------
AJ007
The only spam in my Twitter feed is “people you follow also follow.” I’ve been
doing a lot of blocking.

------
ChrisLTD
Twitter should charge ~$1 for every new account. Since Twitter is no longer a
growing product, they are way past the stage where a nominal charge for _new_
accounts would hurt their KPIs.

~~~
chiefalchemist
I just moved and in order to file a change of address via the USPS website I
was able to give them a credit card and was charged a buck or two as some sort
of identity verification process. To your point, certainly reasonable must be
available to Twitter, __if__ they were truly interested in cleaning up their
act.

------
aboutruby
Seems like most spammers / scammers are finding out passwords of old accounts
instead of creating new ones (which are a pain to create due to the phone
number verification and the disposable phone numbers ban).

Twitter should probably scan their user passwords for obvious / most-used ones
and require their users to change their passwords.

~~~
overcast
Assuming they aren't using plain text, or simple hashes, how would Twitter do
that? Even a standard salted password against that many accounts is tens of
millions of cpu hours. Using something like bcrypt would be 10,000x slower
than that!

~~~
aboutruby
I mean, the account stealers can do it, and not Twitter itself? Which one has
the most ressources?

~~~
overcast
Account stealers aren't brute forcing passwords. They are trying common
passwords that dum dums often use, or circumventing by other means like email.

~~~
aboutruby
And then why couldn't Twitter itself do it?

~~~
overcast
Read my responses above.

------
GaryNumanVevo
Here's an honest question: Why not just let Twitter users pay to get more
followers?

The effect is two-fold. You're removing the grey market of fake bots for
padding follower numbers, and also make a paper trail for accounts

------
chiefalchemist
Can't keep up? Or doesn't really want to keep up? Not a month goes by where
there's not a HN post on this subject (or very similar). If they're making a
profit then there is - at least at this point in time - not enough incentive
for them to change.

The KPI we need to know is: As bot accounts increase what is the churn of real
accounts? Unless real accounts are falling, and it's because of bots / spam,
then Twitter is unlikely to do much about the problem; because to them it's
not really a problem.

------
mtnGoat
Maybe they don't want to fix the problem? Keeps numbers inflated for quarterly
reporting. Same reason why facebook hasn't closed a few of their holes, black
hat ad dollars keep the investors happy.

------
trumped
There's a bit of "can't" and a bit of "don't want to"... they just make more
money this way.

------
shanth
That's Justin sun in action.

------
gjsman-1000
Disable the API.

~~~
Implicated
That wouldn't stop them.

------
Zecar
Twitter has a perverse incentive to allow them because it is directly related
to their stock price

~~~
jonathankoren
Yes, but only up to a point. DAU and MAU is a reflection of advertising
audience size, and thus potential revenue. If company A has. 1M DAU, and The
grows it in 2M in a year, that’s good growth, revenue should double even with
everything staying the same. It’s stock price should _at least_ double,
probably more than that to price in future growth.

Compare that to Company B that has 500k DAU and flat. Not so good.

Now what happens if it turns out that Company A’s DAUs we’re actually bots?
Suddenly, the audience isn’t worth anything, because bots aren’t an advertiser
friendly audience. So now the stock should at least drop in accordance to the
real-DAU, and maybe even less to price in lack of confidence in the future.

------
ElijahLynn
I think that Twitter could but they care more about growth and err on the side
of caution and less aggressive account validation, otherwise the new account
sign ups would flatline and investors would be pissed. Capitalism.

