new | ask | show | jobs
thevinter 4 hours ago  [ - ]

I appreciate (and encourage) using real life problems as a pretext for researching new topics and developing new skills, but

1. I'm really curious as to what's the desired outcome here? A spambot to flood people's notifications?

2. I'll admit that I have absolutely no idea how Instagram's API layer (and protection) works but wouldn't capturing the HTTP calls a more appropriate and easier approach to take?

ssgodderidge 3 hours ago  [ - ]

> what's the desired outcome here?

I know agencies get paid to manage other business's instagram accounts, and want ways to post/comment/engage/etc with multiple business's accounts at once. You'd still have a human driving/scheduling/approving the activity, but you wouldn't have to jump between so many hoops to do so.

freeplay 3 hours ago  [ - ]

1. Social media accounts with lots of engagement and high follower counts are worth big money these days. However, it takes a ton of effort to build that up organically. It's not difficult to see possible motives for something like this.

2. Leveraging their private APIs will get you banned even quicker than OPs method.

ivanmontillam 3 hours ago  [ - ]

Adding to the 2nd point: It's one of the most watched APIs for suspicious activity ever.

Anything not from their vanilla app, the littlest dot on their charts will trigger severe alarms and actions.

Big correlation systems. The safest path used to be to automate the app itself, through mobile automation, but they even got too sensitive to that.

I don't doubt the whole app has a behavioural analysis component, full screen size, much like a big "I am not a robot" checkbox.

Also, it's very likely their private APIs are CSRF-protected or similar.

snovv_crash 3 hours ago  [ - ]

You can trigger their systems even by manually just following and unfollowing to drive account engagement. No automation required.

ryandrake 3 hours ago  [ - ]

This whole "You're not using the software the way we want you to use the software" regime can't end soon enough...

florianherrengt 2 hours ago  [ - ]

Yeah, it could definitely be used badly and there is a thin line between account management and growth-bot spam.

But that is part of what makes it interesting to me. Instagram has real anti-abuse systems, rate limits, weird UI states, etc. It's just a good place to experiment, everyone knows about it and it's something I was interested in.

I was totally expecting to get the account banned quickly.

Although I just added a disclaimer to make it clear.