Instagram API

Dear Lazyweb, is there a reverse-engineered Instagram API that doesn't suck?

Instagram's official API has no mechanism for uploading photos, because YOU HAD ONE JOB. So if you want to automate anything, you head into the salt mines. Which of course I did: instagram-api.

But I am sick to death of playing whack-a-mole with their API changes. I do not enjoy this work. It brings me no joy. Current pain in the ass: I'm getting tripped up by their "unusual login" checks. This game of whack-a-mole is harder than, say, Youtube's, because some time in the last year mitmproxy stopped working against either iOS Instagram, or against Android Instagram running in an emulator, because why I don't know why.

So there's this other API, and it has two things to recommend it:

  1. It seems to mostly work, and
  2. I am not the maintainer.


  1. It's written in PHP, which makes me just kind of assume that it's also a rootkit;

  2. It has a list of dependencies as long as your arm (it's over 101,000 lines of code! Mine is like 2,500, WTF. That thing has like a hundred different "exception" classes alone.)

  3. Installing it requires this thing called "composer", which is apparently Yet Another Package Manager for PHP libraries, and it is, as far as I can tell, a literal rootkit. Here's how you can tell: it's installation instructions are to pipe a PHP URL into a root shell. So uh, no thanks.

I mean, I guess I could run it inside a virtualized host running on my colo machine or some shit, but that sounds hard and slow and I don't want to figure that crap out.

Are there any other options?

And if there aren't, are any of you using my script, and if so, can you just fucking fix it for me? Because aaauuugggghhhh I have better things to do than working around yet another stupid fucking lock-in-based business model.

Or, you know, other options include:

  1. Hire another full-time employee to manually do all the crap that I've already automated;
  2. Decide that it's cool for my business to have no social media presence.

In short, fuck you, Instagram, Facebook and Twitter. A pox on all your houses.

Previously, previously, previously, previously, previously, previously.

Tags: , , , ,

Share a memory!


Facebook is pushing that "share a memory" junk where they make custom videos out of your old photos to boost engagement and I just literally got shown a bunch of happy cartoon characters dancing on my mom's grave. 🤦‍♂️

Previously, previously, previously, previously, previously, previously.

Tags: , , ,

DNA Lounge: Wherein it's "Best Of" time again

It's time for The Guardian's Best of the Bay again, so go validate us, ok? Applicable categories include:

  • Best Late-Night Restaurant: DNA Pizza
  • Best Pizza: DNA Pizza
  • Best Overall Bar: DNA Lounge
  • Best Performance Space: DNA Lounge
  • Best Live Music Venue: DNA Lounge
  • Best Overall Nightlife Venue: DNA Lounge
  • Best Overall Dance Party: Bootie SF, So Stoked, Wasted...
  • Best Rock Club: DNA Lounge
  • Best Burlesque: Hubba Hubba Revue

As long as we're here, let me draw your attention to a few upcoming events:

And there are a whole bunch of photos from recent events, since it's been about a month since my last blog post...

Turbo Drive: Robert Parker + Starcadian
Turbo Drive: Phaserland
Turbo Drive: Timecop 1983
Acid Rain
Bootie: Glitter Party

Monday Hubba: Black Arts Matter
So Stoked: For Pride
Bootie: Lady Gaga & Madonna
Strawberry Girls

Drop Cvlt
Hubba Hubba: Warrior Women
Cocktail Robotics Grand Challenge
Monday Hubba
Pegboard Nerds

Protest Stencil

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , , , ,

Twerking Sausages

Previously, previously, previously, previously, previously, previously.

Tags: , , ,


Drew DeVault: I don't trust Signal:

I expect a tool which claims to be secure to actually be secure. I don't view "but that makes it harder for the average person" as an acceptable excuse. If Edward Snowden and Bruce Schneier are going to spout the virtues of the app, I expect it to actually be secure when it matters - when vulnerable people using it to encrypt sensitive communications are targeted by smart and powerful adversaries.

Making promises about security without explaining the tradeoffs you made in order to appeal to the average user is unethical. Tradeoffs are necessary - but self-serving tradeoffs are not, and it's your responsibility to clearly explain the drawbacks and advantages of the tradeoffs you make. If you make broad and inaccurate statements about your communications product being "secure", then when the political prisoners who believed you are being tortured and hanged, it's on you. The stakes are serious. Let me explain why I don't think Signal takes them seriously. [...]

Truly secure systems do not require you to trust the service provider. This is the point of end-to-end encryption. But we have to trust that Moxie is running the server software he says he is. We have to trust that he isn't writing down a list of people we've talked to, when, and how often. We have to trust not only that Moxie is trustworthy, but given that Open Whisper Systems is based in San Francisco we have to trust that he hasn't received a national security letter, too (by the way, Signal doesn't have a warrant canary). Moxie can tell us he doesn't store these things, but he could. Truly secure systems don't require trust. [...]

And here comes the truly despicable bit:

Moxie forbids you from distributing branded builds of the Signal app, and if you rebrand he forbids you from using the official Open Whisper servers. Because his servers don't federate, that means that users of Signal forks cannot talk to Signal users. This is a truly genius move. No fork of Signal to date has ever gained any traction, and never will, because you can't talk to any Signal users with them. In fact, there are no third-party applications which can interact with Signal users in any way. Moxie can write as many blog posts which appeal to wispy ideals and "moving ecosystems" as he wants, but those are all really convenient excuses for an argument which allows him to design systems which serve his own interests.

No doubt these are non-trivial problems to solve. But I have personally been involved in open source projects which have collectively solved similarly difficult problems a thousand times over with a combined budget on the order of tens of thousands of dollars.

What were you going to do with that 50 million dollars again?

It is clear from its design and behavior that Signal's priority is to be a social network first and an encryption tool second. Growth at any cost.

Last year I gave Signal a try and it immediately spammed all of my contacts with my non-public phone number. So I was already aware that Signal is sketchy as fuck.

But abusing Trademark law to circumvent the checks and balances that open source development normally provides is just appalling. They get to pretend that it is open source, get the bullet item on the pitch sheet, get the good press associated with that, while still maintaining absolute control. It's no less a vertically-integrated, untrustworthy data silo than any product from Facebook or Google.

Previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , , , , ,

Cuddle a Co-worker

"During the day co-workers will be required to cuddle each other in a variety of different positions."

Like many of our sessions, the event lasts an entire working day and involves co-workers cuddling in a 'relaxation tent' designed to reduce stress and encourage team bonding. Our cuddling sessions can accommodate from four people up to groups of 20 at a time. [...]

We've based each 'relaxation tent' on Moroccan and Indian relaxation practices, and there will be incense and oil lamp lighting, as well as large bean bags and relaxation beds for everyone in the group. During the day co-workers will be required to cuddle each other in a variety of different positions and will need to switch partners every two hours -- so that you have a chance to bond with everyone.

At the beginning of the day there will be a group admission session, where co-workers will talk about the negative traits of their colleagues [...]

We're also looking for professional 'cuddlers' to help us run the classes. Applicants must have experience in a similar role and will ideally have a psychology background or qualification. Successful applicants can expect to be paid upwards of £30 an hour and must be available to run up to four classes a week.

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , , ,

Clown Egg Register

Here's a book of clown faces painted onto eggs.

In the world of clownery, tradition has long dictated that a clown must never steal another clown's look. To that end, British clowns have developed a system that sits at the exact intersection of twee whimsy and nightmarish menace that makes clowns such an enduring fixture in both children's entertainment and horror movies.

To prevent the theft of a clown's face, members of Clowns International (a UK-based international group) must painstakingly paint their clown faces onto eggs (!), then enter those eggs into the Clown Egg Register (!!), housed in the Wookey Hole Clowns Gallery-Museum in Somerset (!!!), and I swear to god that all of the nouns I just listed actually do exist. [...]

But the book couldn't answer my most burning question, so I did the only reasonable thing I could. I wrote to the book's publisher and demanded to know, What the fuck, British clowns? Or, as I put it in my very professional email, "Is there anyone who can explain to me why ... eggs?"

Previously, previously, previously, previously, previously, previously, previously, previously, previously, previously.

Tags: , ,


Previously, previously, previously, previously, previously.

Tags: , , ,

ionnalee, queen of the elves

Tags: , , ,

  • Previously