How I Broke the Anti-Bot Behind Nike, Kick, and Twitch

20 points by vaguelytagged

bitshift

Interesting writeup. I'm surprised the anti-bot payload would be as big as 477 KB, but maybe I'm just not used to how bloated stuff on the web is these days. (Also, maybe it compresses well on the wire.)

I did this for the love of the game. [...] I hosted it on a server and sold access to a few people who were doing Twitch account generation

This seems… kind of sketchy? I'm usually pretty supportive of reverse engineering, whether it's for research, for education, or just for fun; besides, security by obscurity is destined to be defeated sooner or later. But if you're selling the solution, that feels less wholesome to me. Even if you lose money on it (as the author did), you're still encouraging others to violate terms of service, which feels like it's in a different category.

fleebee

Beyond the ToS violation, I don't see what non-malicious use there could be for creating a ton of Twitch accounts. I only ever see bot farms used to inflate viewer counts or to harass streamers.
kolja

This seems… kind of sketchy?

Yeah, it was all fun and games until I read that sentence. Not companies I would shed tears for, and still an accomplishment. But taking money puts this in another category.
alper

bloated stuff on the web is these days

It's kind of hard to care about it as much as some people do. Most of us outside of Germany are on broadband connections both at home and on the go.
gcupc

Twitch is, itself, sketchy enough that it's hard to care about this.
- addison
  
  Sure, it's sketchy, but people do use it (for personal and professional use). At the end of the day, scamming someone through a service that already scams is still scamming someone.
WilhelmVonWeiner

I don't shed a single tear for exploits in any of these large market cap companies' platforms. Sell them to the highest bidder. They won't pay you.

symgryph

The article suddenly changed. Now it just says that the CEO is cool