HackerTrans
TopNewTrendsCommentsPastAskShowJobs

tiagozip

no profile record

Submissions

Reverse-engineered Twitter API with full client impersonation

emusks.tiago.zip
3 points·by tiagozip·5 miesięcy temu·2 comments

Cap: Lightweight, modern open-source CAPTCHA alternative using proof-of-work

capjs.js.org
165 points·by tiagozip·w zeszłym roku·118 comments

comments

tiagozip
·5 miesięcy temu·discuss
emusks impersonates browser fingerprints by default (https://emusks.tiago.zip/getting-started/configuration.html#...). as for logging in, you can get a token from your active browser session.
tiagozip
·w zeszłym roku·discuss
feel free to make a pr to add a worker, currently not my first priority tho
tiagozip
·w zeszłym roku·discuss
> a blue hat is typically associated with law enforcement in the US

what it's literally just the default emoji for cap

> lack of acknowledgement on your site (until now)

i've added a note
tiagozip
·w zeszłym roku·discuss
btw no, cap does not contribute to any "fed botnet". you can build the WASM binaries yourself and compare the hashes. added a clarification about that to the docs.
tiagozip
·w zeszłym roku·discuss
even at a huge scale the emissions are still extremely small.
tiagozip
·w zeszłym roku·discuss
> Also users may be at a disadvantage as JS crypto would not be optimized for PoW (for example lack parallel crypto capabilities or context switching between calls).

JS crypto is only used as a fallback, Rust WASM is used for solving.
tiagozip
·w zeszłym roku·discuss
added a note saying that to the docs, should hopefully clarify stuff a bit!
tiagozip
·w zeszłym roku·discuss
Yes, the code is open-source for you to check
tiagozip
·w zeszłym roku·discuss
Cap does not send any of the calculated hashes ANYWHERE, the white paper just details a bit how proof-of-work works and I thought that it would be interesting to share.
tiagozip
·w zeszłym roku·discuss
you can compare the hashes of the wasm lmao the build script is very much public
tiagozip
·w zeszłym roku·discuss
> how much more CO2 this is going to produce extremely minimal emissions, you're only solving a small cryptographic challenge after all.
tiagozip
·w zeszłym roku·discuss
i wrote a bit about it here: https://capjs.js.org/guide/effectiveness.html
tiagozip
·w zeszłym roku·discuss
scrapers usually don't render a webpage, else their scraping wouldn't be efficient at all.
tiagozip
·w zeszłym roku·discuss
yeah i also recommend trying out the invisible mode
tiagozip
·w zeszłym roku·discuss
anubis is more like Cap's checkpoint, but still the implementation is very different.
tiagozip
·w zeszłym roku·discuss
no, it's not mining crypto.
tiagozip
·w zeszłym roku·discuss
too late to change now :)

also i like how it's a reference to both CAPtcha and "no cap"
tiagozip
·3 lata temu·discuss
Really interesting article
tiagozip
·3 lata temu·discuss
lol
tiagozip
·3 lata temu·discuss
Great idea!