Spam Attack Immediately Follows Post on Brett Kimberlin

Meta

When people argue for robust "report spam" and "report abuse" tools on social media, I always have a reservation: those tools are inevitably abused by unprincipled people who want to silence speech they don't like.

Twitter is no different. The report function on Twitter is routinely abused in an effort to attack political opponents.1

In a mildly creative twist, some abusers flood opponents with huge numbers of spam followers. Then they report the opponent to Twitter. See, buying followers is a breach of terms of service, and flooding someone with spam followers makes it appear they have bought followers. If you want to protect yourself from this, the best way is to make your account private — which achieves the abuser's goal by reducing your audience.

Today Popehat's twitter account got hit with about 20,000 spam followers in the course of a couple of hours. That attack followed, by about an hour, my posting the Popehat Signal seeking help for bloggers sued by Brett Kimberlin. Some of the bloggers sued by Brett Kimberlin have also been attacked by surges of spam followers.

But I'm sure all that is just a coincidence.

Twitter makes this extremely difficult to deal with, because it is laborious to block spam followers one by one, and because Twitter forces you to contact support via form, and yet there is no suitable form for this situation.

  1. I offer no opinion on whether one "side" or group is more likely to do this. I don't have the facts, don't think it's a useful discussion, and don't want to get into it here.  

Last 5 posts by Ken White

53 Comments

51 Comments

  1. Utterly Clueless  •  Sep 17, 2013 @3:15 pm

    I'd say you got the guy's attention. Make sure you bring your local law enforcement folks up-do-date on the Popehat signal. He's probably swatted people before.

  2. slyde  •  Sep 17, 2013 @3:29 pm
  3. naught_for_naught  •  Sep 17, 2013 @3:31 pm

    So what is the mechanism for doing something like that? Do you have a bot creating email accounts that you use to support a bot creating twitter accounts that are managed with a 3rd bot?

  4. Anonymous Coward  •  Sep 17, 2013 @3:57 pm

    Jesus, what a bunch of assholes.

  5. Nathan  •  Sep 17, 2013 @4:04 pm

    If only he would catch /b/'s attention for something. I would bathe in that schadenfreude.

  6. Anonymous Lurker  •  Sep 17, 2013 @4:12 pm

    Ken – in addition to @support, you should tweet @safety and @delbius, the Twitter head of safety. That is what the other victims have done. Spambots can mass report you as a spammer, causing you to be suspended or banned.

  7. Dan Weber  •  Sep 17, 2013 @4:21 pm

    Kimberlin, if not the creator, is certainly the archetype of swatting.

    Remember, nothing is off-limits for your enemies!

  8. Lago  •  Sep 17, 2013 @4:52 pm

    I would contend that a reporting system that is so easily abused is not "robust." Maybe that's just me.

  9. Michael Donnelly  •  Sep 17, 2013 @5:31 pm

    That is very much not cool.

    Black hat will stay in the Old Glider Box for now, but the option is now on the table. Unless Putin jumps in, of course, and makes me look like an idiot.

  10. MTierce  •  Sep 17, 2013 @5:55 pm

    @naught

    You can purchase phantom followers in bulk from a variety of services. Try googling "purchase twitter followers"

    The posts here over the last few days make me glad I am not on Twitter.

  11. Jeff Johnson  •  Sep 17, 2013 @6:16 pm

    Ah, Brett Kimberlin. The bane of my firearm and conservative blogs. How didn't I know about Popehat until recently? Ken, you are a real-life superhero. Other than Patterico who seems popular here, this post at FrontPageMag and this one over at Michelle Malkin's blog have great details about Kimberlin's history, MO, and tactics.

  12. Roscoe  •  Sep 17, 2013 @6:28 pm

    Well, my wife told me to buy a new printer, and I am going to click on your Amazon link to do it. There, does that make you feel better? Even a little bit?

  13. Ancel De Lambert  •  Sep 17, 2013 @6:41 pm

    This is much the reason I don't play DOTA2 anymore, because the report system is massively abused by dipshits who don't realize they suck, and project their lameness on others.

  14. joshuaism  •  Sep 17, 2013 @6:43 pm

    This is just the golden rule of the free market at work. The man with the gold makes the rules. Best of luck battling the hordes of my sister's friends making $1364 every week using their own computer from home.

  15. suntzuanime  •  Sep 17, 2013 @6:45 pm

    What about the "report to Gawker" function on Twitter?

  16. ketchup  •  Sep 17, 2013 @6:51 pm

    Unfortunately your best bet for dealing with something like this is to get the tech media involved. If your problem with Twitter makes it to Slashdot, Ars Technica, etc, then suddenly a Twitter official will take a personal interest in your case. See, for example, PayPal's recent freezing, then thawing, crowd-funded game developer accounts.

    http://arstechnica.com/business/2013/09/paypal-scrambles-for-fix-after-freezing-two-more-crowdfunded-games/

    Is it fair that high-profile cases receive attention? No. But the publication of the high-profile cases eventually spurs the companies involved to seek an overall solution. In other words Ken, if you complain loudly enough, you can resolve your own case, and perhaps nudge Twitter a bit closer to implementing a better method of dealing with spam.

  17. Jonathan  •  Sep 17, 2013 @6:53 pm

    Well, wow. What a tool.

  18. Mike G.  •  Sep 17, 2013 @7:14 pm

    So I reckon that's why you did away with your tweet post button…that sucks.

    People of Kimberlin, Schmalfeldt and Rauhauser's ilk really need to feel the heat of a tar covered brush and the scintillating feeling of a bag of feathers descending over their tar covered bodies.

  19. Bob Brown  •  Sep 17, 2013 @7:44 pm

    My guess: Popehat brings more to Twitter than Twitter brings to Popehat.

    Repeat after me: "Chuck you, Farley; I'll take my traffic and go home."

  20. David  •  Sep 17, 2013 @8:41 pm

    Actually, we did away with our tweet post button because the plugin that provided it decided that the best way to monetize their plugin was to impose a non-dismissible, full-screen ad popup on folks viewing through smartphones.

    *plonk*

    And I've been too busy to bother to replace it (though doing so is on my list. I've got them all on my list!).

  21. Kevin  •  Sep 17, 2013 @9:14 pm

    So I was going to compose a brilliant, multi-thousand word response to this situation, but upon viewing the comments, I decided that my work was already done. As @Anonymous Coward said,

    Jesus, what a bunch of assholes.

    Yup. That about sums it up.

  22. En Passant  •  Sep 17, 2013 @10:38 pm

    I agree with Utterly Clueless on Sep 17, 2013 @3:15 pm. You've got his attention.

    The problematic part is getting the attention of the providers for your accounts (ie: twitter, etc.); and especially getting the attention of competent LEOs before he decides to start SWATting you.

    The guy is dangerous, and not just as a vexatious litigant. I recommend finding a lo cal LEO with savvy, preferably a detective or investigator, not a patrolman. Explain the situation and the guy's known tactics and history to him, before the guy escalates.

  23. DSU  •  Sep 17, 2013 @11:07 pm

    It takes about two hours to get an aggressive asshole shut down on twitter. It simply a matter of reporting them. Twitter will then send their bots and, if necessary, folks to deal with the situation.

    I realize that Libertarianism is little more then another word for folks who want special privileges, However, support is your friend here.

  24. Aaron S.  •  Sep 17, 2013 @11:20 pm

    When you say "20,000 spam followers on Twitter," aren't you just saying "20,000 Twitter followers"?

  25. Clark  •  Sep 18, 2013 @4:25 am

    @DSU:

    I realize that Libertarianism is little more then another word for folks who want special privileges, However, support is your friend here.

    What special privileges do you assert that libertarians want?

  26. ZarroTsu  •  Sep 18, 2013 @5:21 am

    Well Ken, you ought to thank Kimberlin formally for providing you with 20,000 mechanical taint snorters. And for free, no less!

  27. damon  •  Sep 18, 2013 @5:26 am

    Why am I not surprised at this coincidence?

  28. Bill  •  Sep 18, 2013 @5:42 am

    How does this guy get away with it? He was supposed to be in jail for a trillion years, he gets out, has tons of money, has every lame "frame the other guy" trick on earth (and some that aren't so lame) and nothing happens. I swear the Scientologists are going to take him out out of pure jealousy.

  29. Taliesyn  •  Sep 18, 2013 @6:16 am

    1) Let's keep politics out of this, folks! There are other discussion threads we can use to discuss the pros and cons of libertarianism.

    2) I would love to see that tool's site get introduced to the Low Orbit Ion Cannon. Or the goons. Either works.

  30. Daniel Taylor  •  Sep 18, 2013 @7:07 am

    So, how does one reliably deal with people like this who seem to have a knack for gaming the rules to their advantage?

  31. naught_for_naught  •  Sep 18, 2013 @8:25 am

    @MTierce — thanks for that.

  32. Evan  •  Sep 18, 2013 @9:21 am

    So has Twitter actually fallen for the spammers' plan, or is this just prospective at the moment?

  33. Buzz Killington  •  Sep 18, 2013 @10:05 am

    Ken, this may help… or something else like it from a search for mass block twitter script. Twitter's API lends itself to these sorts of problems.

    http://followersbegone.com/

  34. Agnelcow  •  Sep 18, 2013 @11:19 am

    Is there anyway to get unblocked? Totally get it, of course— I have a fake-sounding username, stock profile pic, and practically 0 tweets over the last few years— but I'd like to read your twitterings without the hassle of going to your profile.

  35. Joe Blow  •  Sep 18, 2013 @11:34 am

    It seems to me, Ken, that if he's going to bump up your traffic like that, you ought to figure out how to monetize the hit. 20k twitter followers – even if they are just the avatars of a convicted felon and alleged harasser – are nothing to sneeze at. Shoot dude, you oughtta make the Comments section automation friendly and encourage him to hit that for a while.

  36. Gen  •  Sep 18, 2013 @12:16 pm

    I've also heard good things about TwitBlock, which can do mass-blocking, but it requires access to your Twitter account of course: http://twitblock.org/info/privacy

  37. Dustin  •  Sep 18, 2013 @12:59 pm

    "Agnelcow • Sep 18, 2013 @11:19 am

    Is there anyway to get unblocked? Totally get it, of course— I have a fake-sounding username, stock profile pic, and practically 0 tweets over the last few years— but I'd like to read your twitterings without the hassle of going to your profile."

    I bet if you email Ken or whoever has blocked you and make enough sense that you sound human, you will be unblocked. False positives are one of the 'benefits' of this attack.

    Since Twitter is aware of this attack, I question how effective it is. But then, it could lead to some other kind of harassment I'm sure.

  38. Gus Bailey  •  Sep 18, 2013 @1:02 pm

    Was it Patton that said, "Once is a shame; twice, a coincidence; three times enemy action."? Ken you make the fourth (fifth) known target within this subject matter SOI. Not subtle are they?

  39. Tony J  •  Sep 18, 2013 @1:45 pm

    Thoroughly OT, but I'm confused. Or not understanding. IANAL. To the left of the Share Post buttons is the phrase "You are libel!" in bold type. I honestly don't recall seeing it before, and it's on all the blog entries now, or at least as far back as I have the patience to check.

    *headscratch*

  40. Sam  •  Sep 18, 2013 @2:29 pm

    @Tony J

    You are wrong and you are libel.

    This is a quote from colorful character Ken corresponded with a while back. Check out this post for the origin: http://www.popehat.com/2013/03/01/in-which-i-am-threatened-with-litigation-including-lengthy-dispositions/

    and this one for the meme: http://www.popehat.com/2013/03/06/ken-matherne-tells-techdirt-that-law-is-law-consequences-will-never-be-the-same/

  41. AlphaCentauri  •  Sep 18, 2013 @3:48 pm

    I would suggest getting a subpoena for the IP addresses used to register all accounts that began following you on that date/time (be sure to specify time zone/daylight time, or given the time as UT).

    Then, one of your friendly neighborhood security researchers could probably tell you how those IPs relate to each other (i.e., they are part of the xyz botnet running zyx malware). They could also tell you what other mischief they have been up to. They may have honeypots that are part of that botnet that could give you more information about where the activity may have originated.

    The botnet being used to prank your twitter account could be engaged in much more legally actionable activity, like draining people's bank accounts. The owners of those accounts, in turn, would be interested in sharing that information.

    Or, the dipwad may have used his home account for all 20K registrations. Whatever.

  42. AlphaCentauri  •  Sep 18, 2013 @4:26 pm

    Also, it's not a bad idea to contact your local law enforcement to see how knowledgeable they are about SWATting. A couple boxes of donuts and a short powerpoint presentation on SWATting for officers and 911 operators would make sure they're aware of the practice and also let them know what your voice sounds like.

  43. melK  •  Sep 18, 2013 @4:41 pm

    … you ought to figure out how to monetize the hit. 20k twitter followers – even if they are just the avatars of a convicted felon and alleged harasser – are nothing to sneeze at.

    Only a couple of problems with that…
    1) tantamount to click-fraud; advertisers would Not Be Amused.
    2) even so, your profits would be at the expense of the advertisers, not the alleged harasser. Even assuming you don't care about the advertisers, you aren't affecting the harasser. So not a weapon, either.
    3) anything that affected the 20k spam accounts would also affect the N "true" accounts. And the spam accounts wouldn't care. Were it a weapon, has collateral damage.

  44. Tony J  •  Sep 18, 2013 @5:55 pm

    @Sam

    Thanks. I had read those, but didn't make the connection, obvs. I understand now. I should go practice retaining what I read.

  45. Sami  •  Sep 18, 2013 @10:26 pm

    Why does every post now have a little thing that says "You are libel!" after it? Is it connected, somehow?

    I repudiate the assertion that I am libel wholeheartedly.

  46. ElSuerte  •  Sep 18, 2013 @10:49 pm

    First thanks for lighting the popehat signal to help those embattled bloggers, and for doing so in spite of harassment you'll get from Kimberlain's crowd. Don't forget that these guys were behind a bunch of swattings. Hopefully there is something you can do in advance with the police to mitigate swatting attempts.

    Second, doesn't this:
    "When people argue for robust "report spam" and "report abuse" tools on social media, I always have a reservation: those tools are inevitably abused by unprincipled people who want to silence speech they don't like. "

    fall under acceptable social consequences for speech? Rabble rousing to get someone's twitter account suspended is beyond the pale, but rabble rousing to get somebody fired for speech is ok?

  47. Dan Weber  •  Sep 19, 2013 @5:24 am

    @ElSuerte: I disagree with Ken on some of his "what are acceptable consequences for speech" posts, but there seems a significant difference between those two cases.

    It's not "Twitter, suspend this guy's account because he said something offensive." It's "Twitter, I framed this guy for a violation of your ToS, now terminate his account."

    (I don't like that first instance; I think both of those scenarios to ban someone's Twitter account should be verboten in decent society. But I have to see there is a difference between them, and admit someone who supports the first but not the second is not necessarily a hypocrite.)

  48. Sam  •  Sep 19, 2013 @6:56 am

    @Tony J

    Or the rest of us focus on silly quotes tangential to the point, haha.

    @Sami

    I think "You are libel" is experiencing a resurgence of popularity because it's a common shirt suggestion in the Just Tinkerin' and Thinkin' post.

  49. @cihangirb  •  Sep 19, 2013 @11:13 am

    Hi Ken, interesting writeup. I wanted to capture a more detailed version of the events. Could you direct message me at @cihangirb.
    Thank you!

  50. Ken White  •  Sep 19, 2013 @11:21 am

    I don't understand what you mean by "capture a more detailed version of the events." Feel free to email me.

  51. James Pollock  •  Sep 19, 2013 @1:02 pm

    "fall under acceptable social consequences for speech? Rabble rousing to get someone's twitter account suspended is beyond the pale, but rabble rousing to get somebody fired for speech is ok?"

    There's a difference. If you get fired because an angry mob is demanding your head on a pink slip, a person made the decision that you were more trouble than you're worth, and that person is the one with whom you have a complaint (if any). If an automated system decides to suspend or cancel your account because of complaints, there isn't a human intermediary. The complaint lies with the people who've manipulated the automated system.

2 Trackbacks