Python View Projects
The Web framework for perfectionists with deadlines.Project mention: Is FastAPI going anywhere or just being discontinued? | reddit.com/r/FastAPI | 2021-12-02
Youtube autolike and autosubs scriptProject mention: Why mimicking a device is becoming almost impossible | news.ycombinator.com | 2021-06-28
It's a very significant increase indeed. The increase is (or was) large enough to entirely wipe out most adversaries and restructure the battlefield in ways very advantageous to those playing defense. At least, in the social web space. It's something of a secret weapon to those who know about it: because so many developers assume it can't work the companies that master it have a large competitive advantage.
Source: About a decade ago I created Google's main "device detection" platform, as this article calls it (not Picasso, the thing that executes Picasso). It's actually more like an automation detection platform, as it's not a fingerprinting or device tracker, it just tries to separate human operated from automated clients. These days I'm told there's a large-ish team that maintains it full time and has ported the concepts to other platforms like Android.
It started as a 20% project because at that time almost nobody at Google took the idea seriously. Fortunately, my manager was happy to support my experiments. People had the same common (but incorrect) intuition you're displaying here, that any sort of client integrity technique is so easy to work around it's hardly worth the bother. Actually even I believed this to a large extent, just less so than the others. This turned out to be wrong for some not entirely obvious reasons related to the structure of the spam industry:
1. Most spammers are either not programmers at all, or are extremely poor programmers compared to a typical tech firm employee. They can in fact be out-coded.
2. This is because spamming is usually not all that profitable, so programmers who get good can find better and steadier money in the white market. The ones who remain are typically those who live in places without any local software opportunities (e.g. developing countries).
3. Because of this mounting even a not very strong defense is sufficient to corral your adversaries into a shallow economic pyramid, in which a small number of "skilled" people produce tools and services they sell the others, who then run the individual campaigns. This means you are probably not fighting as many people as you think you are. Screwing with the supply chain is an excellent way to wreak havoc on spammers.
At that point the seller gave up, as presumably paying for the development of all these bots was quite expensive relative to the margins involved. This in turn nuked all the resellers that had been relying on that guy, and blew a hole in the entire Google-oriented spam ecosystem. Spammers had to start phone verifying accounts en-masse, and for most of them it just wasn't worth it (a few switched to using stolen accounts instead of creating them). I haven't been there for years so don't know what the current state of play is, but you do still see public threads crop up from time to time where spammers say they tried to beat the system and couldn't, like this one:
If you want some insights into the minds of the typical newbie spammer when faced with this system, try this search and flick through some of the results:
Run Linux Software Faster and Safer than Linux with Unikernels.
Are you hiring? Post a new remote job listing for free.