|
Top-level
 because I see a lot of people approaching automation from this attitude of "software/sites should have APIs so that users can write software to automate it!" We do not ask for access. We don't need to get permission to be able to automate our tasks. 17 comments
You see the point of this a lot in API design, where a company is like "okay we made an API but we limited it a bunch because we are scared about cheaters/bots/scrapers/whatever", while the things they limit are things a user clicking links can do in 2 seconds. like, if your API doesn't provide me a follow_user() call, but the user can follow anyone by clicking one link? Your lack of a follow_user() call is not going to stop me. I'm just going to click the link, automatically. And I think this is an under-discussed part of automation because it's associated with spammers and such, but they're only one possible user of this. By making it better known it can get used for more legitimate uses The basic philosophy of adversarial automation is that the software/website is the enemy. I'm talking less like "you're in a constant arms race with the people maintaining the official API as they try to stop your spamming" and more like "Your lab depends on this program from 1996 and there's no updates and no way to automate it" and the answer is really that of course you can automate it. Stick it in a VM, OCR the screens, inject your own DLLs, puppet the keyboard and mouse! my point is that every program, every website, DOES expose an API, you just need to know how to best use that API. That API being "the access they provide for humans" For websites this is forms and links. For desktop applications this is buttons and windows and keyboards. And I think (in part because it's affiliated with Bad Actors like spammers), a lot of programmers don't consider all their options in these areas. And that's really a shame. Computers should be used to automate things. We spend way too much time dealing with shitty sites and shitty programs because we have no choice and think we can't automate them away. well, that's wrong. We can absolutely automate them, it just takes a little more work and some different strategies I think of this as a short term vs long term thinking sort of problem. Like, a lot of programmers are stuck in the "should" part of thinking about programs and sites. Yes, the program SHOULD be open source, so you can just fix the UI. Yes, the website SHOULD have an extensive API so you can easily automate it. and if you want to automate it today, your only options are to be adversarial about it. It's the enemy, you pretend to be a human user and automate the interactions with the app/site. It's the only way.  @foone there is, of course, issues with the fact that a lot of people on the other side of the equation know about API 0. I remember when twitter started making The Changes, they also got REALLY strict with automation detection to the point where it was dinging the average user because it seemed like they MIGHT be trying to bypass the lack of an API |
Gregory's Server
There is always API 0: acting like a human/browser/user.
The first API is "fuck you I'm doing it anyway". Any additional API the program provides is merely a helpful shortcut