alt Hacker NewsNothing prevents scraper from creating a free account and sending auth token in API requests.
I'm not saying the API changes are pointless, but still, what's the catch?
Nothing prevents scraper from creating a free account and sending auth token in API requests.
I'm not saying the API changes are pointless, but still, what's the catch?
It's much easier to detect a single account abusing your API and ban them/require payment. Trying to police an endpoint open to the internet is like playing g whackamole