I don't see any reason why Liberapay couldn't deploy a recurring donation system like Patreon's.

They don't allow donations on content publication like patreon does, because it can be seen as a purchase.

They only allow reccuring donations.

It's their choice to not compete with Patreon. See FAQ: https://en.liberapay.com/about/faq

"What are the differences between Liberapay and other recurrent crowdfunding platforms like Patreon?

1. Liberapay is only for donations, meaning that transactions must not be linked to a contract nor a promise of recompense."

They do. It's in the title of the article.

What do you mean?? Liberapay supports solely recurring donations.

>Twitter’s statuses lookup API endpoint allows for a total of 1,200 API calls every 15 minutes. Each call allows the user to pass 100 ids for a total of 120,000 id requests every 15 minutes using both APP auth [...]

Use the secret consumer keys from Twitter to bypass these limits: https://gist.github.com/shobotch/5160017

I can't imagine these will last long now that they've been posted in a comment on a front page HN story.

These are hardcoded in the apps. If they disable a key, they would need to release a new version of the app (ok), and all users would need to update (infeasible).

Wouldn't they just enforce the limit with those keys as well?

They explicitly want to cripple third-party apps to push users to use their (awful) official clients, and their way of doing so is to enforce unreasonably low limits.

If they were to do the same with their official clients they'd become unusable.

Sounds like a solid reason to not build around a platform that can arbitrarily kill your project or business. ActivityPub seems to be gaining traction, w/o the beholden to a single entity issue.

A platform that can arbitrarily take down your business like a mobile app on iPhone or Android?

The Twitter for Android key and secret is at least 8 years old

https://twitter.com/kevinriggle/status/23932444186

I've been using them for years now.

You can do the same for the Reddit API, change the agent header and then you have unlimited API calls.

Just be careful about how much you change it, since you could get banned. You might be able to get away with changing the app ID or version, but even that's risky.

> NEVER lie about your user-agent. This includes spoofing popular browsers and spoofing other bots. We will ban liars with extreme prejudice.

https://github.com/reddit-archive/reddit/wiki/API

How would that work, I couldn't find much on the web?

Same problem as the mobile app for Twitter, they can't block people that are not logged in the mobile app so they don't rate limit them.

How come they can block people on the web again?

Probably by doing a mitm attack on the mobile app and using the headers used there.

Seems like a good way to get your IP blacklisted

I worked with a company in the past that abused the twitter api to an unimaginable level from a single IP address.

That was a few years ago but at the time I’m pretty sure their blacklisting was between inexistent and pathetic.

It’s sad that you think this somehow reflects badly on Twitter. I appreciate a company that will opt to be conservative rather than ban-hammer innocent people on accident just to stop a single idiot.

I don’t think it reflects badly on Twitter, it was simply a remark on the state of their blacklisting at the time. I’m sure they could’ve done a lot better if they chose to. Sorry I didn’t expressed myself better.

> It’s sad that you think this somehow reflects badly on Twitter. I appreciate a company that will opt to be conservative rather than ban-hammer innocent people on accident just to stop a single idiot.

Off-topic but reminds me of ~2004 where we had a particularly pervasive cheater in our dedicated game server and the end decision of the admin was to just ban the entire IP range of said cheaters' ISP. Not particularly conservative - very effective.

Using these keys?

No. Different strategy.

Seems like a good way to get an angry e-mail from your ISP, or Twitter's lawyer.

Can we use them to get the streaming API back? I think the apps still use something like that.