
Play CTF: How would you exploit HN without being detected? - benologist
I&#x27;m curious because of a site called upvotes.club that was on the front page last week (https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=13676362).<p>YC said HN now gets 350,000 daily users, a lot of companies and people thought it was worth trying to spam&#x2F;shill here several years ago so it must be worth trying much harder now.  If upvotes.club had a reliable enough system to charge money for manipulating us others may have something that works or something in the works too.<p>The challenge:<p>1) stay invisible to dang and his team<p>2) stay unnoticed by all of us in the community<p>3) take something of value<p>4) be able to do it again, not necessarily often but on demand<p>What&#x27;s your perfect heist?
======
benologist
I would target email addresses, and would collect them by doing Show HN
launches for content that is very easy to make, like curated and aggregated
lists/links, newsletters that never get written, or services that are a thin
layer over an API. Stuff that could be created within a day.

When they were submitted I would wait until someone legitimately upvoted it.
If it does get a real vote I would arrange an additional upvote from a HN
user. At that point it will probably climb into the bottom 20 of the front
page at least for a little while.

I would use a different product, domain, submitter account and helpful upvoter
each time.

------
savethefuture
You want me to explain how I would do it or just do it?

~~~
benologist
Explain lol. My hope is it becomes harder to manipulate what links we're
clicking any given day, or easier for dang etc to do their work.

