Oh yeah, you shouldn’t. But people do this for fingerprinting, bot detection, and other “adversarial” scenarios where you really don’t like the person executing your code. It’s somewhat plausible Google would use this technique to do something scummy like this (although that is not the case).
I’m out of the loop. What happened? Did someone decompile their code and find definitive proof of a throttle for Firefox?
some explanation
To be fair, they used setTimeout() and not thread.sleep() because the latter isn’t possible out of the box in JS ^^
Yeah let me turn off the adblocker just for having an even more suboptimal viewing due to ads. They’re lunatics.
Thanks for the explainer! Also, Google’s response is such a crock of shit.
JavaScript is an interpreted language, so no decompilation is necessary, although this is repeatable by using a Firefox user agent.
You can build a virtual machine in JavaScript and execute compiled code on it
Just because you can…
Oh yeah, you shouldn’t. But people do this for fingerprinting, bot detection, and other “adversarial” scenarios where you really don’t like the person executing your code. It’s somewhat plausible Google would use this technique to do something scummy like this (although that is not the case).
Relevant article and a great read: https://www.nullpt.rs/reverse-engineering-tiktok-vm-1
Neat