book

now browsing by tag

 
 

Extra security, but not for security, but for “bots” _OR_ How I embraced the API and learned to love it

Oh Packt, Packt, Packt, why did you do it?

After troubleshooting a lot of issues that I was having with my login for Packt Publishing, I found something, that I found a little bit disturbing, and I would like to reach out to management at Packt Publishing just so that I can get an idea of why they did it.

But what did they do?

Packt recently added captcha’s to their website, in multiple locations to prevent automatic logins, scraping, and automated book downloads.

Why did they do it?

When a scenario like this occurs, there is usually 2 things happening. There is something happening that causes the owner of the website, and usually this means, the owner of the company, wants to prevent something from occurring.

On the other side, there is usually something happening at the user end, for this action to be occurring. Now, it can get tricky here, there are various reasons end-users or customers would use automation; that range from down right nefarious, to purely innocuous reasons.

On the nefarious side of things, a “bad guy” could be spamming forums, product reviews, and many other pieces of the website. I’d like to hear from Packt, to see if this was any sort of concern during the decision-making process to include captcha’s on their site.

On the innocuous side, there are people like me. I automate a login, and a form submission, so I can get Packt’s Free Learning Book of the Day. I also use a script, or a “bot” to download the books that I have either purchased, or acquired free from Packt, through their program, because doing that by hand, would literally take hours upon hours to complete, due to the mechanics of their website.

Irony

Ok, are you ready for it? This is where irony comes in. Packt sells multiple books (by multiple, I mean 30+) on automating tasks, or scripting, or literally on scraping websites using Python. Which is more-or-less what I’m doing.

Packt, please redeem yourself and become awesome at doing what you do

What does this mean? I think what I’m asking for, is Packt to remove the captcha’s from their website, open the site, as it was previously, to allow authenticated users to scrape the necessary info they are trying to get at, and embrace what their user’s or their customer’s want from them and their website.

Step 1

Remove the captcha’s from your website, or if you can somehow claim that they are for security reasons, put them in the exact spot, where you’re trying to stop the auto-posting bots; that is, move them from the login page, or from the Free Learning page, and move them to where the bots are potentially posting malicious information.

Step 2 (this is the whole extend part)

Make it _easier_ for users to get the data that they are after. Create an authenticated API to call up purchased books, and that they wish to download. Make it easier for users to — again, authenticate in — claim the Free Learning book of the day.

Extra Credit — The Challenge

What I want to see is a 3-month ledger on profits/costs, if this is implemented. I would be willing to bet, that profits would be up.

Packt, take the Open Organization challenge and open yourself up.

I’m going to attempt to contact someone at Packt to get these answers, and I will return later, in new posts, if Packt is kind enough to reach back to me, and answer those questions.

Free books, everyday from Packt Publishing

Source: Packt Publishing

I hopped on this one just a little bit late. A former co-worker had asked me to get him an idea of a collection of books I recently bought, and one of my visits included a visit to Packt Publishing, where I have bought several books.

I noticed that they were currently doing a promotion, where they are giving away a book a day, for 18 days. Today’s book, just happens to be Metasploit Penetration Testing Cookbook. I enjoy most Packt Publishing books, and now would be a great opportunity to get some free books.

FYI: This is not a paid/advertising post, my story is true, and I just happened across Packt Publishing’s website, researching some books for a former co-worker. I’m not getting paid for this post, although, I would happily accept it 😉