Research into Twitter Bots

There are a lot of them.

In a world where the number of fans, friends, followers, and likers are social currency -- and where the number of reposts is a measure of popularity -- this kind of gaming the system is inevitable.

EDITED TO ADD (2/13): Here's the original paper.

Posted on January 27, 2017 at 6:18 AM • 16 Comments

Comments

ScottJanuary 27, 2017 8:25 AM

I think everyone knew it. but this is research and evidence. I get so many promoted tweets from an account created today, which has only tweeted once or twice, but has 100,000+ followers.

Angela CartwrongJanuary 27, 2017 10:32 AM

I am a little unsure how this got to be a research topic. We've been able to buy followers for every social media site for many years. I always assumed each company that sells followers only has a few real people controlling many thousands of bots.

moj0January 27, 2017 11:49 AM

Couple this with the DEFCON24 talk 'Weaponizing Data Science for Social Engineering' and it's easy to see the threat...

GeneralSmackoffJanuary 27, 2017 2:35 PM

I like the term "social currency." I helps convey the idea that Twitheads have simply overlayed some RPG meme on a communications network. Friends are not hitpoints. There is no battleaxe +30 vs socialites, unfortunately.

Privacy advocates laugh at this scenario but my Jedi powers tell me it is being used as a testing ground for something worse. The very nature of Twitter precludes the idea that it is a quality social network worth defending, however.

I have already entered a post-social network landscape. A world where people downplay its existence; only to make connections while understanding the security compromise and govt backdoor.

AnuraJanuary 27, 2017 3:20 PM

@GeneralSmackoff

Someone needs to design a distributed replacement for all social media right on top of RSS, fully end-to-end encrypted where no one can actually tell how many followers they have, and everyone can have full control over who gets the keys to their messages (via a simple encryption protocol similar to PGP but with a specification and code footprint that's about a tenth of the size and complexity).

albertJanuary 27, 2017 3:36 PM

This is terrible. That it could happen to such an important world-wide source of news and facts, is, at once, mind-boggling and depressing.

Oh, the humanity!

. .. . .. --- ....

GeneralSmackoffJanuary 27, 2017 3:45 PM

@Anura

I always thought RSS was dangerous and exploitable but I see where you are going. Social Networks have to be at least quasi-exposed and searchable but I never understood why there was never a security switch to hide your addies. You could search for people and companies, just not who they are friended with unless a public post was made. Facebook and Twitter is purposefully whored out for marketing research... and apparently character witness.

At this point, you code your own app with custom encrypted messages(prior to piping) thru TLS; but that clandestine approach scares people, not friendly, and the govt hates such a retort. It depends upon what you fear. I have no problems leaving my middle finger unencrypted.

My question is this: who clicks on the ad space?
Why social networks are almost inert:
[x] ad space and the cloud data sales going on in the background
[x] social battlefield
[x] govt backdoor
[x] habitual time suck
You can police the bots away and there are still three negatives. I would rather play a video game or something.

JPAJanuary 27, 2017 4:34 PM

If we look at life forms as data packets (genomes) encased in a package that allows them to replicate then digital information can be looked at similarly. Tweets are therefore akin to viruses, small data packets. Like viruses they have the ability to spread rapidly and mutate. Also like viruses they contain little useful information. At some point information scientists may find ways for tweets to pass helpful subpackets into more complex information systems, but right now we are really in need of a way to vaccinate ourselves to stop their spread.

DroneJanuary 28, 2017 4:38 AM

Anything that is dumb enough to get involved with Twitter - be it Man or Machine - is a "Bot".

rJanuary 28, 2017 7:34 AM

What I always enjoyed was the subcontracting out of captchas, Amazon Mechanical Turk style.

Bots are for children in their current form, the real money is in the Artificial Intelligence with it's own hidentity.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.