new | ask | show | jobs
ivanmontillam 4 hours ago  [ - ]

Adding to the 2nd point: It's one of the most watched APIs for suspicious activity ever.

Anything not from their vanilla app, the littlest dot on their charts will trigger severe alarms and actions.

Big correlation systems. The safest path used to be to automate the app itself, through mobile automation, but they even got too sensitive to that.

I don't doubt the whole app has a behavioural analysis component, full screen size, much like a big "I am not a robot" checkbox.

Also, it's very likely their private APIs are CSRF-protected or similar.

snovv_crash 3 hours ago  [ - ]

You can trigger their systems even by manually just following and unfollowing to drive account engagement. No automation required.

ryandrake 3 hours ago  [ - ]

This whole "You're not using the software the way we want you to use the software" regime can't end soon enough...