Using Python to Get Free Chicken Sandwiches - _fuch
======
6cd6beb
It's mildly interesting that ethics are flexible depending on the target, but
from a technical standpoint this project is not interesting. The code just
builds a proxy list, generates a random number, opens a page, and posts the
payload. I work with selenium and this isn't solving any interesting problems
whatsoever.

Posting it is unethical, and it's disappointing to find on the front page of
HN.

~~~
sametmax
30 years ago, on IRC, doing the same would have been considered a fun hack,
and a tongue-in-cheek motivational project for beginners.

Different generation I suppose.

~~~
ASalazarMX
Some people will try this exploit to get free stuff. in the 90s it would have
been a few dozen at most, now it would be thousands. It ceases to be tongue-
in-cheek when it becomes onerous.

~~~
sametmax
My guess is more than the anomally will be detected and the hack will be
blocked in 2 days.

Compared to the free phone hack with the cereal whistle that everybody though
was so cool...

------
nitsuaeekcm
This is hacking and is unethical at best and at worst, extremely illegal.
Congratulations, you found out a way to systematically steal other people’s
reward points and are helping others do the same. Should this really be on HN?

~~~
snek
they're not advocating that you do it (and I think stealing from Chick-fil-A
is probably ethical to a lot of people)

edit: for people not aware, the last part was in reference to pride month and
Chick-fil-A's "relationship" with the LGBT community. I'm not advocating one
way or another, just replying to the above comment.

~~~
i_am_nomad
I’d like to hear an explanation as to why stealing from Chik-Fil-A is a moral
act. The only one I can think of is that mass-produced chickens suffer
horribly, and so anything that hastens the demise of the company is a good
thing. But that makes a number of flimsy assumptions.

~~~
tdhz77
They donated to anti LGBTQ groups for years. Money given to Chik-Fil-A ended
up supporting policies of hatred and bigotry.

~~~
mrlatinos
Then don't patronize their business? Why do private opinions give you the
right to steal public earnings?

------
james_a_craig
What happened to responsible disclosure? I mean, fair enough demonstration of
how to do something like this, but at least give the company a chance to fix
it before publishing to the world.

------
the_narrator
This repo violates GitHub TOS, specifically it "contains or installs any
active malware or exploits"

[https://github.com/contact/report-
abuse?report=baileywj+%28u...](https://github.com/contact/report-
abuse?report=baileywj+%28user%29)

------
cyrix100
I’ve never seen a receipt survey in person so I did a google search.
Apparently they used to have authentication built into the redemption process
by requiring the original receipt [0]. However, it appears only the generated
QR code is required for the new process [1].

[0]:
[https://www.yelp.com/biz_photos/LI3vSjDZGxCTKs785eTkeQ?selec...](https://www.yelp.com/biz_photos/LI3vSjDZGxCTKs785eTkeQ?select=JnBJ8PFZl6EVrD9fPhJMuA&utm_source=ishare&utm_content=photo)

[1]:[https://i.redd.it/fzxy7rff0g211.jpg](https://i.redd.it/fzxy7rff0g211.jpg)

------
Nursie
On the one hand - awesome, free chicken sandwiches!

On the other, well, every little thing has to be thought through and secured
these days doesn't it? Can't have a nice little rewards program without some
asshole taking advantage of any perceived flaw in your armour...

~~~
epicide
Some people see it as a form of challenge. Sure, it might be fun to figure it
out on your own, but sharing it is a whole different question [0][1].

The challenge, especially for places that aren't really tech-first types,
kinda becomes stale (for me) since they inevitably have a flaw somewhere. It's
really just me pitting my free time against their threat model [2].

And yeah, ultimately, this is one reason why we can't have nice things.

[0]: I'm not saying publicly releasing flaws is always a bad thing. There's a
subtle etiquette (an art-form, even) to using publicity to pressure change.

[1]: There are different levels of publicizing. e.g. sharing (complete) code,
social media post about said code, etc.

[2]: This is also not meant as an insult to the OP.

------
grendelt
Could the last number be:

What you ordered?

Number of items you ordered?

------
1-6
Would Jesus want you to do this?

