Once you do the one-time work of pulling out the key, you can just add something... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		diminoten on March 16, 2017 \| parent \| context \| favorite \| on: Web Scraping: Bypassing “403 Forbidden,” captchas,... Once you do the one-time work of pulling out the key, you can just add something like, "secret_key=foobar" to your requests, and you're back to happily parsing JSON. If they keep changing it up, I'm sure you could automate the decompiling process. The reality is that this technique is security by obscurity at its core, and is therefore never going to succeed.

charlesdm on March 16, 2017 [–]

Skype is probably one example where it took developers 10+ years to figure out how the app worked.

JustSomeNobody on March 17, 2017 | [–]

Did it take that long to do it or did it take that long for someone to care to do it? I mean, it's Skype.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact