TikTok uses a custom virtual machine (VM) as part of its obfuscation and security layers. This project includes tools to:
Deobfuscate webmssdk.js that has the virtual machine.
Decompile TikTok’s virtual machine instructions into readable form.
Script Inject Replace webmssdk.js with the deobfuscated VM injector.
Sign URLs Generate signed URLs which can be used to perform auth-based requests eg. Post comments.
Still, I had no idea. This is really taking JS obfuscation to the next level.
One kind of wonders, what is the purpose of that level of obfuscation? The naive take is that obfuscation is usually to protect intellectual property... but this is client-side code that wouldn't give away anything about their secret sauce algorithm.
HN takes that text and turns it into a comment. I’ve seen it happen before.
The unfortunate outcome of that IMO is that sometimes text that makes sense as a description of a submission feels a bit out of place as a comment due to how they are worded. And these comments sometimes then end up getting downvoted.
I wouldn’t be completely sure it was not human written. Even though it feels a bit weird to read it as a comment.
Yeah, this is exactly what happened, but I decided to keep it rather than delete and filled it out more with the synopsis from the repo.
Looking back at it, it really does look like an AI bulleted summary. I probably should have noted that the last part was indeed a quotation.