- or – “I told you it was in Alpha”
I’ve rolled out an experimental TwitBlock feature designed to reduce “false positives” for legitimate accounts that are being blocked. Whitelist entries are now subtracted from blocks. i.e. accounts marked as “not spam” will have their blocks counteracted on a 1:1 basis. If this feature is abused, it will be removed. It survives on the premise that the spam bots are not capable of whitelisting each other.
Here’s the full story:
Read more…
As we approach 3,000 TwitBlock users, we know of over 100,000 blocks and have stored 20,000 profile pic checksums. I figured it was time to start crunching some numbers.
The first of many reports shows the top 20 most duplicated avatars that we know about.
Many spam accounts use identical avatars across hundreds of accounts. TwitBlock uses this fact as an indicator of a likely spam account. This report just shows the top 20 that we’ve identified, but there are many more.
This indicator is one of the best ways Twitter could prevent spam accounts from signing up in the first place. Clearly bots have been developed that continually generate new accounts and Twitter does not seem able to prevent this despite the most prolific accounts displaying such identical properties. With a tiny 0.01% of Twitter accounts authenticated with TwitBlock one can only imagine how many of these accounts are out there.
The list of Twitter accounts below all have something in common – They all have an identical profile image, which looks like this:
At the time of writing none of these accounts have been suspended. Whether they are breaking any laws or not I don’t know, but it is clearly a syndicate whichever way you look at it. The profiles all point to a Korean-registered “Cash generator” website, which [I would hazard a guess] is a con.
TwitBlock unearthed this statistic from a list of only 18,000 100,000 blocked accounts provided by under 400 3,000 TwitBlock users . When you consider the size and growth of Twitter, you can well imagine that there are far more than 120 288 profiles in this syndicate. You also have to wonder how much of Twitter’s growth figures can be attributed to this junk.
[ UPDATE: 18 Aug ]
Many of these accounts have been suspended, but TwitBlock is discovering new ones each day – currently 248 accounts known with this image.
[ UPDATE 19 Aug ]
I’ve produced a report of the top 20 most duplicated profile pics identified by TwitBlock
Read more…
A detailed explanation of the scoring mechanism used by TwitBlock.
Some people have complained that they get a high spam score and point out that they are not spammers. There are a number of important things to note about this.
- This software is in alpha – these indicators and the scoring mechanisms attached to them will change.
- As the system gathers data it will rely less on heuristics and more on cross-referencing (e.g. how many people have blocked an account)
- Some of these tests are only indicators of automation, not specifically of malicious behaviour.
- The spam rating has no limit – Scoring 40 may be high for a “legimate” account, but in a list with real spammers scoring 300+ you’ll be way down the bottom.
- If you display characteristics of a spammer then perhaps this amounts to the same thing as being a spammer. Most normal users score zero.
Roughly in order of accuracy, here are the 8 tests currently performed in the standard TwitBlock scan.
The day a thousand apps stool still
I noticed some weeks ago that Twitter’s OAuth implementation didn’t appear to be verifying signatures. I knew this because I purposefully set an invalid access token which was accepted unconditionally. I thought this was odd, but as a newbie to OAuth I was just happy that my app was working, so I filed the problem at the back of my mind under “deal with it if it becomes a problem”. Today (the week I release by beloved TwitBlock app) it very suddenly became a problem.
Read more…
A bulk blocking and spam filter tool for Twitter
www.twitblock.org
I’ve finally got round to building the Twitter app I’ve been thinking about for months. While everyone else is preoccupied with making fun, or cool apps, I’ve been thinking about the increasing problem of spam and junk followers on Twitter. I won’t go into why I think this is such a problem right now, plenty of time for that later.
This is just a quick announcement to say that I’ve released an early alpha version of a tool that I hope to develop into something genuinely useful. Currently it’s a simple scanner that analyses your followers for signs of “spammy” behaviour. I’ll post more details about these indicators soon, and I’ll also share some of the interesting discoveries I’ve been making about Twitter spam as I go on my mission.
UPDATE: I have posted about these indicators
Read more…
If you know about the Qwitter service, then you may also know what people say about it – that it plain doesn’t work. So for my first Twitter app, I decided to make one that does.
I have been made aware since then that there is also Twitdiff, although I haven’t tried it at time of writing.
If you don’t know about Qwitter, it’s a service that monitors your Twitter followers and emails you if someone unfollows you. My app currently tweets the notification instead, so everyone will know you’ve been qwit.
I’m not offering my app as a public service [yet] I knocked it up in 2 hours and if you know what you’re doing with a LAMP set-up you can download it and run it yourself.
» Download qwitter 0.1.2
Requires PHP >= 5.2.x + json extension, MySQL >= 5.0.45
I’ve knocked up a really simple command line tool for interacting with the bit.ly API.
It’s simple because:
- The output is currently pretty raw
- The bit.ly API doesn’t actually do very much
» Download version 0.1.1
Requires PHP >= 5.2.x + json extension
I’m not one to make predictions, but this one has been at the back of my mind for a while and the evidence is starting to rack up. In my usual style, I shall make my point through an unnecessary number of dodgy anecdotes and opinions rather than through citations and serious research. I hope you enjoy them.
Anecdote #1 – URLs in advertising
Over the past year or so, I have noticed a trend in television advertising where the viewer is prompted to search for a phrase, rather than given a URL to remember. This week I saw a billboard (for Streetcar, a primarily web-based business) that did not display a URL at all. Obviously relying on brand recognition alone to prompt people to Google “street car“, which of course they will. And rather than their analytics showing a load of “direct hit” entries. They will have richer metrics showing how people searched and found the business.
I’ve spent this morning trying to get ASDoc to generate code documentation for the JASPA APIs, with mixed results.
Read more…