Where does the authorization token come from? I notice it appears in quite a few projects on e.g. GitHub.

https://github.com/zedeus/nitter/blob/8836cf51e8a6b385e1ac0a...

The project is cool. The de-crapified interface is nice (no weird JavaScript loading, no nags to login, t.co). But that also makes me think that the hosted version (nitter.net) is pretty doomed, since it directly undermines Twitter commercially.

IIRC it was leaked from some older version of the app, and they haven’t/won’t revoke it.

now THIS is something I'd love to see a HN or blog post about...

edit: A google search brings me to this. https://www.blackhatworld.com/seo/my-bot-has-stopped-working...

Seems it is from twimg, which I believe is the image host used for tweets with images attached? I wonder why they can't revoke this.

And interestingly, the js file linked in that forum post is still alive... https://abs.twimg.com/k/en/init.en.37d4e85afd8ede9741dd.js

There's this lovely browser extension, Invidition[0], which does Twitter to Nitter redirecting (as well as Youtube to Invidious).

[0]: https://codeberg.org/Booteille/Invidition

Looks great...

I've been using a different extension "Redirector", and setting my own rules. But this should cover most of them!

Take a look at Request Control, it’s more complex but it can do pretty much anything (from removing utm parameters to skipping redirects)

https://addons.mozilla.org/en-US/firefox/addon/requestcontro...

Start with the rule “[hostname=nitter.net]” for twitter.com requests

Another one I add to Redirector is reddit.com to old.reddit.com :)

If you're logged into reddit you can just set old reddit in your account's preferences.

If you're not logged in you're only seeing the cesspool of default reddits... I would recommend avoiding that

If anyone from Nitter is currently around, pure curiosity question -- what are the hosting costs/usage numbers for the current public instance?

Whenever I see projects like this that are just public, and designed to be available across large regions, I'm always curious what the logistics behind them are. Big companies talk about their infrastructure, and tiny blogs talk about their infrastructure. I don't hear a lot from people in the middle.

I mean, I see the installation instructions, but is this just running on a single VPS? Are you setting up multiple servers and trying to load-balance between them or anything?

It doesn't take much to run Nitter really, the nitter.net instance is currently sitting at 310 MB of memory and the CPU requirements aren't too bad. It's running off my dedicated home server with fairly low specs (i3-8100) tunnelled through a cheap VPS to bypass firewall restrictions. It hasn't crashed or (to my knowledge) experienced severe slowdowns despite the huge traffic increase today. Invidious's story is a bit different as the main instance load balances between 10 VPS instances.

Regarding usage stats I don't have any accurate numbers, but the database that stores preferences has 30k rows.

nice to see a nim lang app in production. its a great language and this project looks nifty.

Definitely on my list for the holidays. Look at this project's Dockerfile, it's a build, then run tiny binary. Done.

Very compelling stuff.

That was a whole lot faster than the original!

Cool.

But to tweet, you need a Twitter account. And as I recall, Twitter pretty much demands verification through a mobile account. Do virtual mobile accounts typically work for it?

I've used Twilio numbers for this purpose in the recent past. Those work 100% of the time so far (assuming the number hasn't already been used).

Many services seem to run checking on whether a number is really a mobile number or not. VK (the Russian social network) for one example is a zealot about that and won't let any Twilio numbers through. And Instagram is a lot tighter (better at fake account creation detection) on authentication than Twitter but you can still sign up for Instagram with just an email account in most cases.

Interestingly enough, Twilio provides an API just for this purpose: https://www.twilio.com/docs/lookup/api

Are twilio numbers pseudonymous or can they be reverse-looked-up? or does twilio give or sell this information out?

To get the individual user information for a Twilio number, given the short duration they might be attached to a given account, I highly suspect you have to go through Twilio for that info. That is, Twilio is likely to be the sole source for information on which account is attached to what number at a point in time. Obviously any consequential government authority in the US can then get that from Twilio, assuming the required judicial merchandise is presented.

I'd be curious though to know if eg Twitter security sends a request over to Twilio (perhaps in a case of an account abuse investigation), if they'd cough up information very willingly. That I don't know. It's a certainty the government can get at it, however. The best bet is to do nothing illegal using a Twilio number, and to assume if a big external service provider (Twitter, Facebook, et al.) needs to get details for some legal reason, they will.

They will restore the account without a number if you raise a support ticket.

Huh. Didn't know that. Thanks. Maybe I'll try it.

Presumably this project is for just reading?

Yes, but I do have some far future plans about utilizing the "Login with Twitter" authentication method to let people use the API on their behalf, which would allow making tweets etc.

That would be very cool.

The horrible interface is probably the main reason why I never got into Twitter. It's very hard to follow stuff, bercause it gets sorted in (for me) useless ways. Plus the fact that even generally interesting people retweet (or even tweet) some cringeworthy stuff.

OK. But it seems like lots of work for just reading.

And maybe I don't read enough to trigger roadblocks. Or maybe I just block enough stuff.

If change/remove User-Agent header and disable Javascript, then can read single tweets and threads easily at mobile.twitter.com. No need to block anything.

interesting that it’s automatically translating http://2fb.me links to use Nitter instead of twitter.com

There must be some specific logic to translate twitter links over

https://nitter.net/search?f=tweets&q=2fb.me&since=&until=&ne...

For me this is much slower than the native-app-like speed of the actual mobile twitter website.

How much longer is this anti-JS ideology going to dominate HN?

Can I actually see tweets from the people I follow, or only really look at specific profiles?

Does anyone know what this might mean?

> Unofficial API (no rate limits or developer account required)

It sounds brittle.

Given Twitter's history of support towards their official API, the unofficial one is likely less brittle.

It essentially emulates browser requests, "unofficial API" is just a fancy term for web scraping + using required parts of the public API where guest tokens work (ie. fetching video info, cards and polls).

Are the Republican political account names randomly generated?

When it shows who retweeted something on a political thread they had comical derogatory names. Is that something you actually spent time on or is that user generated content

No content gets edited by Nitter except links being expanded and twitter/youtube links getting replaced (unless the user disables that)

Yes there are various themes to pick from if you go to the settings menu, click the cog icon on the top right

Thanks.

Suggestion: put a screenshot of the regular theme in the read me as well.