Shakedown Social

Kevin Karhan :verified:<a href="https://toot.cat/@riley" class="u-url mention" rel="nofollow noopener" target="_blank">@riley</a> <a href="https://digipres.club/@foone" class="u-url mention" rel="nofollow noopener" target="_blank">@foone</a> they already do with unacceptable "<a href="https://infosec.space/tags/ToS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ToS</a>" and laws that criminalize said <a href="https://infosec.space/tags/API0" class="mention hashtag" rel="nofollow noopener" target="_blank">#API0</a>... <ul><li>And I'm <a href="https://infosec.space/@kkarhan/114862595629371002" rel="nofollow noopener" target="_blank">millimeters away from snapping!</a></li></ul>

Kevin Karhan :verified:<a href="https://swecyb.com/@troed" class="u-url mention" rel="nofollow noopener" target="_blank">@troed</a> <a href="https://toots.ch/@dalai" class="u-url mention" rel="nofollow noopener" target="_blank">@dalai</a> <a href="https://digipres.club/@foone" class="u-url mention" rel="nofollow noopener" target="_blank">@foone</a> The problem will be that one will have to reimplement the "<a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#API</a>" as <a href="https://infosec.space/tags/api0" class="mention hashtag" rel="nofollow noopener" target="_blank">#api0</a> from scratch by running inspectors in browsers all the time...<ul><li>Remember: The platforms that run these <a href="https://digipres.club/@foone/112685441496803574" rel="nofollow noopener" target="_blank">are hostile</a> to the very <a href="https://infosec.space/@kkarhan/114862595629371002" rel="nofollow noopener" target="_blank">idea</a> of said phat client.</li></ul>It'll necessitate all <code>api 0</code> calls to come from the same <a href="https://infosec.space/tags/IPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv4</a> and/or <a href="https://infosec.space/tags/IPv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv6</a> as the end-user and hide itself with a fake <a href="https://infosec.space/tags/UserAgent" class="mention hashtag" rel="nofollow noopener" target="_blank">#UserAgent</a> to prevent countermeasures like <a href="https://infosec.space/tags/RateLimiting" class="mention hashtag" rel="nofollow noopener" target="_blank">#RateLimiting</a> and <a href="https://infosec.space/tags/blocking" class="mention hashtag" rel="nofollow noopener" target="_blank">#blocking</a>.

Kevin Karhan :verified:<a href="https://swecyb.com/@troed" class="u-url mention" rel="nofollow noopener" target="_blank">@troed</a> <a href="https://toots.ch/@dalai" class="u-url mention" rel="nofollow noopener" target="_blank">@dalai</a> yes, you did misunderstood it as it's <a href="https://infosec.space/@kkarhan/114862595629371002" rel="nofollow noopener" target="_blank">still some shitty bridging</a> which runs a way higher risk of getting blocked by <a href="https://infosec.space/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#API</a> changes instead of a *"cleanroom" implementation that parses the webinterface and web API with a regular <a href="https://infosec.space/tags/UserAgent" class="mention hashtag" rel="nofollow noopener" target="_blank">#UserAgent</a> like a <a href="https://infosec.space/tags/Browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#Browser</a>. Or as <a href="https://digipres.club/@foone" class="u-url mention" rel="nofollow noopener" target="_blank">@foone</a> <a href="https://digipres.club/@foone/112685423773959519" rel="nofollow noopener" target="_blank">said</a>: "<a href="https://infosec.space/tags/api0" class="mention hashtag" rel="nofollow noopener" target="_blank">#api0</a>"<ul><li>It should be broken down to something that is not dependent on centralized infrastructure to work!</li></ul>

Kevin Karhan :verified:I mean, these ain't like in the old days where a few Megabytes got you <a href="https://infosec.space/tags/Pidgin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pidgin</a> and other <a href="https://en.wikipedia.org/wiki/Comparison_of_cross-platform_instant_messaging_clients" rel="nofollow noopener" target="_blank">Multi-Protocol Clients</a> of the old days where everyone had to implement bespoke, custom and incompatible and often completely undocumented, proprietary protocols like <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICQ</a>, <a href="https://infosec.space/tags/AIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#AIM</a>, <a href="https://infosec.space/tags/SIPE" class="mention hashtag" rel="nofollow noopener" target="_blank">#SIPE</a>, etc.<ul><li>Nowadays all these do have some kind of <a href="https://infosec.space/tags/WebApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebApp</a> or Web Interface one can just login (because none of them do proper <a href="https://infosec.space/tags/E2EE" class="mention hashtag" rel="nofollow noopener" target="_blank">#E2EE</a> with <a href="https://infosec.space/tags/SelfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#SelfCustody</a> of all the keys!) so this should be way easier these days: </li><li>All they do is do HTTP(S) GET/POST so the most critical part is to attain credentials like a <a href="https://infosec.space/tags/Login" class="mention hashtag" rel="nofollow noopener" target="_blank">#Login</a> <a href="https://infosec.space/tags/cookie" class="mention hashtag" rel="nofollow noopener" target="_blank">#cookie</a> and to basically run a console on i.e. <a href="https://infosec.space/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#Firefox</a> to reverse-engineer the "<a href="https://infosec.space/tags/API0" class="mention hashtag" rel="nofollow noopener" target="_blank">#API0</a>"...</li></ul>

Kevin Karhan :verified:One thing that really pisses me off personally is the <a href="https://infosec.space/tags/regression" class="mention hashtag" rel="nofollow noopener" target="_blank">#regression</a> in terms of <a href="https://infosec.space/tags/Messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#Messenger</a> <a href="https://infosec.space/tags/Apps" class="mention hashtag" rel="nofollow noopener" target="_blank">#Apps</a>. My personal distaste and dislike for <a href="https://infosec.space/tags/proprietary" class="mention hashtag" rel="nofollow noopener" target="_blank">#proprietary</a>, <a href="https://infosec.space/tags/SingleVendor" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingleVendor</a> & <a href="https://infosec.space/tags/SingleProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#SingleProvider</a> <a href="https://infosec.space/tags/services" class="mention hashtag" rel="nofollow noopener" target="_blank">#services</a> like <a href="https://infosec.space/tags/Signal" class="mention hashtag" rel="nofollow noopener" target="_blank">#Signal</a> <a href="https://infosec.space/@kkarhan/114234551915193036" rel="nofollow noopener" target="_blank">¹</a>, <a href="https://infosec.space/tags/Telegram" class="mention hashtag" rel="nofollow noopener" target="_blank">#Telegram</a>, <a href="https://infosec.space/tags/Discord" class="mention hashtag" rel="nofollow noopener" target="_blank">#Discord</a> <a href="https://infosec.space/@kkarhan/114865723904157014" rel="nofollow noopener" target="_blank">²</a>, <a href="https://infosec.space/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#WhatsApp</a> <a href="https://infosec.space/@kkarhan/114873895410403238" rel="nofollow noopener" target="_blank">³</a>, <a href="https://infosec.space/tags/Slack" class="mention hashtag" rel="nofollow noopener" target="_blank">#Slack</a>, <a href="https://infosec.space/tags/MicrosoftTeams" class="mention hashtag" rel="nofollow noopener" target="_blank">#MicrosoftTeams</a>, etc. aside: <ul><li>WHY is there no <a href="https://infosec.space/tags/CrossProvider" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrossProvider</a> <a href="https://infosec.space/tags/Messenger" class="mention hashtag" rel="nofollow noopener" target="_blank">#Messenger</a> to handle that shite?</li><li>WHY does everyone of these shitty providers think people want to download their <a href="https://infosec.space/tags/bloated" class="mention hashtag" rel="nofollow noopener" target="_blank">#bloated</a> <a href="https://infosec.space/tags/WebApp" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebApp</a> that takes up triple digit Megabytes if not entire Gigabytes and will gobble up all the <a href="https://infosec.space/tags/RAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#RAM</a> and <a href="https://infosec.space/tags/CPU" class="mention hashtag" rel="nofollow noopener" target="_blank">#CPU</a> each of them can??</li></ul>This problem ain't new and already got <a href="https://infosec.space/@kkarhan/114862619013462466" rel="nofollow noopener" target="_blank">solved for corporate social media</a> ages ago! (Not to mention actually good messengers!) <ul><li>And no, <a href="https://toots.ch/@dalai/114862754556459439" rel="nofollow noopener" target="_blank">bridges</a> <a href="https://swecyb.com/@troed/114862774972645542" rel="nofollow noopener" target="_blank">don't</a> count! </li><li>I mean <code>API 0</code> - <a href="https://digipres.club/@foone/112685423773959519" rel="nofollow noopener" target="_blank">style</a> access because obviously <a href="https://digipres.club/@foone/112685414638522984" rel="nofollow noopener" target="_blank">none of the platforms</a> will allow, endorse or support such an endeavour and <a href="https://digipres.club/@foone/112685441496803574" rel="nofollow noopener" target="_blank">actively fight the developers and users</a> !</li></ul>So yeah, consider this a call for a <a href="https://fosstodon.org/@gajim" class="u-url mention" rel="nofollow noopener" target="_blank">@gajim</a> / <a href="https://infosec.space/tags/Gajim" class="mention hashtag" rel="nofollow noopener" target="_blank">#Gajim</a> or <a href="https://fosstodon.org/@pidgin" class="u-url mention" rel="nofollow noopener" target="_blank">@pidgin</a> / <a href="https://infosec.space/tags/Pidgin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pidgin</a> for garbage platforms!<ul><li>Cuz back in the day we had way worse messengers yet people actually made <a href="https://infosec.space/tags/AIM" class="mention hashtag" rel="nofollow noopener" target="_blank">#AIM</a>, <a href="https://infosec.space/tags/ICQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#ICQ</a>, <a href="https://infosec.space/tags/MSN" class="mention hashtag" rel="nofollow noopener" target="_blank">#MSN</a>, <a href="https://infosec.space/tags/QQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#QQ</a>, <a href="https://infosec.space/tags/IRC" class="mention hashtag" rel="nofollow noopener" target="_blank">#IRC</a> & <a href="https://infosec.space/tags/XMPP" class="mention hashtag" rel="nofollow noopener" target="_blank">#XMPP</a> work just fine from one single "phat" client!</li><li>Can we please get that back?</li></ul><a href="https://infosec.space/tags/api0" class="mention hashtag" rel="nofollow noopener" target="_blank">#api0</a> <a href="https://infosec.space/tags/Enshittification" class="mention hashtag" rel="nofollow noopener" target="_blank">#Enshittification</a>

Recent searches

Search options

Administered by:

Server stats:

#api0