The Twitter bot situation only seems to have got worse since they shut down free API access. LLM engagement farming bots everywhere in replies, hordes of scam bots replying if you use certain keywords, porn bots following and DMing everyone non-stop...
Evidently the people running the bots don't really care whether or not you give them an API to work with.
I think that coincided with them removing phone number verification for accounts. Probably due to my browser looking unusual (content blocker, linux user-agent string, other addons) any time I set up a new account and used it for a few minutes a few years ago, it'd lock the account and redirect every logged in page to one demanding SMS verification to unlock the account.
I would usually get support to manually unlock it after a few days by emailing them and mentioning why I didn't want to give them a phone number. Now the process only involves solving captchas. (and maybe some hidden waiting)
Check out bluesky's "labeling services", I think it will be a very simple matter to crowdsource lists of obvious bots and prevent their having any reach. You can create bots that make as many posts as you want, but bots aren't entitled to being included in any feed. It comes down to the posts that the relay choose to aggregate, and what the appview chooses to display according to user preferences.
One of the nice things that make Bluesky different is that there isn't really a single central algorithm that everyone is forced to use. This combined with the many novel moderations tools like feeds and labellers mean it's pretty trivial to filter out entire categories of spam/botting.
As an example my feed is completely free of US politics, allowing me to curate an experience where I can go to enjoy myself instead of constantly being exposed to ragebait.
