Hi, I read the twitter thread and also watched the video. The people are really awesome and creative!
I'm just learning about the codes and I did not understand some things, so I'd be very grateful if anyone helps me to understand these things...
1. The 1000x1000 image is the million checkboxes in 1000 rows x 1000 columns right?
2. Do they create the image directly with the checked and unchecked boxes, or we have to convert them to binary/ASCII etc to see the image?
3. The site can have only 1 1000x1000 image, right? So to make the image change, someone has to overwrite the present image with the help of another bot?
Did only one bot acted on the page at a time or multiple bots controlled the checkboxes at once when there were many small pics/elements to form the 1000x1000 image?
I meant to ask did multiple people draw on the canvas at the same time or it was only one person/bot at a time?
there were a bunch of bots run by different people, but for the most part they coordinated in the discord so that they weren't fighting over the same "territory"
at one point there was a group not in the discord trying to draw in the same place as the people in the discord, which lead to the bots constantly changing checkboxes to try two different images! but it was mostly cooperative
what was the technical nature of the bot, a local shell bash/python script running constantly to make curl-esque requests the clicks on defined parts of the grid? Or something on top of the browser like a chrome extension? I'm curious because I wonder what the defense would be against it (I'm naive to such things).
Most of the bots were in python or node afaik. Bash would be a little hard because you had to send data over a websocket.
They had some notion of the squares they were watching and what their values needed to be (to draw the images). And then they subscribed to the full state of the grid (which my API made really easy to do) and would respond by sending websocket requests to check boxes when they got toggled to the "wrong" value.
I'm sure people did other things - lots of people wrote scripts in the browser console. But I think the above is basically what people in the discord did.
I had some basic protections in place. There's some client-side rate limiting that prevents the really trivial "run the script in the console stuff" and then some server-side per-IP limiting to prevent really aggressive botting. Plus my server got slow at some points which inadvertently slowed people down.
The big difficulty with the server-side stuff is that you don't want to be too aggressive with IP based limiting because sometimes a large group of people resides behind a single IP (like at a school) and you want to make sure that all of those people can play. So it's a balancing act.
Maybe I am misunderstanding the question but it seems like there were/are various bots at work here, but in principle a "single" bot could do these things, and is certainly how they handled animation. But even a single bot could be running many times over, or be otherwise multi-threaded.
It does seem important that as far as the page was concerned you couldn't, say, check two boxes at the exact same time. So whatever work they did to coordinate the animations had to happen through tons of single requests.
I'm just learning about the codes and I did not understand some things, so I'd be very grateful if anyone helps me to understand these things...
1. The 1000x1000 image is the million checkboxes in 1000 rows x 1000 columns right?
2. Do they create the image directly with the checked and unchecked boxes, or we have to convert them to binary/ASCII etc to see the image?
3. The site can have only 1 1000x1000 image, right? So to make the image change, someone has to overwrite the present image with the help of another bot?