Slashdot Mirror
Twitter Eyes Signatures To Kill Fake Followers
mask.of.sanity writes "Researchers have developed a signature system being examined by Twitter that hold promise to cut down on the amount of fake accounts used to deliver spam and malware.
The signatures were developed during a study into the semi-underground market of fake accounts and was subsequently used by Twitter to eliminate an impressive 95 percent of several million accounts identified in the research. It applied elements like account names, the timing of the account creation, and browser identifiers to identify fake accounts. The 10-month study found that the creation of fake accounts at its peak represented 60 percent of all new accounts. (Paper here.)"
Considering an incredibly similar article is listed like 5 articles down.
When the dust settles, the 50 people using twitter will be grateful that the bots have been kicked off their lawn.
FTFA:signatures built on elements like account names, the timing of the account creation and browser identifiers to identify fake accounts.
It would be wise for them to beta this tech first before actually implementing it full scale. For a $360M a year practice, there will be people who will find a way around it. Everyone thought Captcha was hackproof when it first came out and that has basically mutated into a system which can be used by neither human or machine.
Join the Slashcott! Feb 10 thru Feb 17!
It would be nice if online accounts like this had some sort of "longevity health" that was a function of how often they were updated (and when they were last updated). Every tweet, for example, would add some length of time onto the lifespan of an account, based on some kind of metric on how often people should be interacting with their stream (ie. 1/day or something like that).
When a user does not log into their account, a clock ticks down and when it hits zero, the account is archived and deactivated. The user can "reset" the countdown by logging into their account. And the more interacting they do while logged in the longer the countdown lasts while they are logged out.
May not be the best implementation, but it would just be nice to see some kind of auto-culling behavior on networks like these. Not just for spammers but for people who create an account, send three tweets about "what do I do on here?" and then never log in again. #namespacewaste
Various MMOs have tried this; logging, captchas, interactive buttons to push on the screen to ensure you're online and not a bot....
All that really happens is that a few lines get rewritten in a bot to make it click the right place on the screen, or log-in every 24 hours, etc.
I wonder what the false positive rate is for the signature system? The false negative rate is 5%. I would need to know more information before I could figure out the false positive rate and how many legitimate accounts are flagged by this system,.
The researchers obtained permission from Twitter to conduct the research but were denied by Google, Yahoo and Facebook to conduct an investigation into scam accounts over their respective networks.
So only Twitter cooperated with an independent researcher trying to identify fake accounts. There is conflict of interest here, big companies have no real incentive to crack down on fake accounts. We should really commend Twitter for being open.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
If you can get 10000 followers for a few bucks, why doesn't twitter set up fake accounts, pay the people to follow that account, then assume all followers are fake and delete those accounts. They could also determine the IPs and other identifiers around those accounts and block them in the future. If they have sweat shop people doing this, then the cost of creating accounts would be higher and likely not profitable.
Ninjas don't carry tic tacs