August 31, 2010: Become a mayor in 9 lines of code or less


If you haven't heard of Foursquare, it's a smartphone-based "game" that the New York Times recently wrote an article about. Foursquare (and its competitors GoWalla and Facebook Places) is an online service that allows you to use you fancy modern smartphone to tell the whole world exactly where you are right now. These 'checkin services' are increasingly patronized by young people as they scramble to be awarded virtual 'mayorships' of businesses, buildings, and even lost alleyways and companies use them to attract customers.

Mayank Lahiri, a PhD student in the Department of Computer Science posed the following question on August 18 on his website: "How many lines of code does it take to game Foursquare and become the virtual mayor of a place using nothing but Perl scripts?"

Mayank did it in 9 lines of Perl code.

Two days later tech news and blogs have picked up the story about a "researcher at the University of Illinois at Chicago" who "shows how easily Foursquare can be gamed" and have started a discussion on the security, privacy, and abuse of location services: Slashdot, Hacker News, Reddit,and others.

Martin Kou noticed a security flaw that Mayank's code has exposed, which forced Foursquare to change their authentication protocol (they promise to release the new version this week).

The Buzz Media ran a nice detailed story on it, too.

The end result is that a serious problem with location check-in services has been raised, a discussion has started, UIC CS got good publicity, Mayank's web page got 17,203 unique visits over the weekend, and we have proof that compbio.cs.uic.edu web server can withstand a decent amount of traffic.