Gaming Foursquare With 9 Lines of Perl 84
caffeinemessiah writes "With the recent launch of Facebook Places, the rise to prominence of Foursquare and GoWalla, and articles in the New York Times about the increasing popularity of 'checking in' to locations using GPS-enabled mobile phones, a number of businesses are wondering how to reward frequent patrons. But exactly how susceptible are these 'location based services' to being abused? A researcher at the University of Illinois at Chicago shows how easily Foursquare can be gamed in 9 Perl statements, and invites readers to submit more succinct versions of the code to game the system."
An anonymous reader contributes a link to a similar article about spoofing Facebook Places to create an alibi.
SPHREAKING (Score:5, Interesting)
I am happy that this is taking off. It's the only way we can fight back against data hoarders.
I propose SOCIAL PHREAKING: We need a P2P client that pretends to be a user of a social network: twitter, facebook, linked in, whatever. The software will login periodically (each client does it at a different rate, in fact, they negotiate.)
The idea is, the various fake accounts form relationships with one another. Every now and then they create a new account and share passwords where they login and 'appear to login' to be from a different location. The growth should be such that it is not suspicious and not an abuse of service. It would make more sense for every node to have only 1 or 2 accounts at most, to simulate families with accounts per family member.
With enough privacy advocates on the phreaknet should be able to generate enough traffic and data to distort the demographics at least slightly. We could make poison the data hoarders to make them think that everyone loves a certain brand of ice cream and then it would become more popular.
We can restore the tip of knowledge and power to ourselves.
Easy golf: round one (Score:5, Interesting)
#!/usr/bin/perl -W
use IO::Socket;
srand;
sleep(rand()*600);
my $sock = IO::Socket::INET->new(PeerAddr=>'api.foursquare.com', PeerPort=>80,
Proto =>'tcp', Type=>SOCK_STREAM) or die;
$ARGV[1] += rand() * 0.0001 - 0.00005;
$ARGV[2] += rand() * 0.0001 - 0.00005;
my $str = "vid=$ARGV[0]&private=0&geolat=$ARGV[1]&geolong=$ARGV[2]";
print $sock "POST
length($str)+2, "\r\n\r\n$str\r\n";
$_=;
The author didn't really even try, so it'll be easy to shorten it. Shortening it a lot is left as further exercise. I'll just get rid of some low-hanging fruit. I'm sure Perlmonks [perlmonks.org] will pick up the challenge if they haven't already.
#!/usr/bin/perl -W
use IO::Socket;
sleep(rand()*600);
my $sock = IO::Socket::INET->new(PeerAddr=>'api.foursquare.com', PeerPort=>80,
Proto =>'tcp', Type=>SOCK_STREAM) or die;
my $str = "vid=$ARGV[0]&private=0&geolat=" . ($ARGV[1] += rand() * 0.0001 - 0.00005)
. "&geolong=" . ($ARGV[2] += rand() * 0.0001 - 0.00005);
print $sock "POST
. " Mozilla/5.0 (iPhone; U; CPU like Mac OS X; en) AppleWebKit/420+ "
length($str)+2, "\r\n\r\n$str\r\n";
Five logical lines. Actual display lines may of course be different depending upon several factors like attempting to break long lines for viewing and the vagaries of the textual mangling on Slashdot.
Re:SPHREAKING (Score:3, Interesting)
A very interesting idea, but I think spam shows us that whoever actually developed and implemented such systems would most likely use them to intentionally skew the data towards something they could profit from, rather than adding noise to degrade the data.
How much of your spam is not related to making money off you?
I imagine this massive and convincing network of fake people would suddenly discover that they all love Axe body spray...