Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Using Bots, Scripts To Lock Down Restaurant Reservations

Posted by Unknown on from the flaws-in-the-system dept.

Nerval's Lobster writes "Forget about hacking an app or database: for a small cadre of hackers in San Francisco, it's all about writing code that can score them a great table at a hot restaurant. According to the BBC, these developers and programmers have designed bots that scan restaurant Websites for open tables and reserve them. Diogo Mónica, a security engineer with e-commerce firm Square, is one of those programmers. A self-described foodie, he decided to get around his inability to score a table at the ultra-popular State Bird Provisions by writing a script that sent out an email every time the restaurant's reservation page changed. 'Once a reservation got canceled I would get an email and could quickly get it for myself,' he wrote in a blog posting. But soon he noticed something peculiar: 'As soon as reservations became available on the website (at 4am), all the good times were immediately taken and were gone by 4:01am.' He suspected it was automated 'reservation bots at work,' built by other programmers with a hankering for fine cuisine. 'After a while even cancellations started being taken immediately from under me,' he wrote. 'It started being common receiving an email alerting of a change, seeing an available time, and it being gone by the time the website loaded.' His solution was to build his own reservation bot, using Ruby, and post the code in the wild."

19 of 214 comments (clear)

  1. Or... by nitehawk214 · · Score: 5, Insightful

    Go to a casual local place and have a backup plan if it is busy. Restaurants with mile-long reservation lists and >$100 plates are almost universally overrated.

    --
    I'm a good cook. I'm a fantastic eater. - Steven Brust
    1. Re:Or... by war4peace · · Score: 4, Insightful

      It's the "Ode to my Stomach" syndrome.
      Personally, I found home made food much more rewarding. At least I know for sure what do I put in my mouth. No funny business.

      --
      ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
    2. Re:Or... by PPH · · Score: 5, Funny

      That place is so popular, nobody goes there anymore.

      - Yogi

      --
      Have gnu, will travel.
    3. Re:Or... by TechyImmigrant · · Score: 4, Interesting

      The most I ever paid for a meal was $700 per head for a 16 course tasting menu at a 3 star restaurant. I booked 6 weeks ahead. It was money well spent.

      My priorities may differ from yours.

      --
      I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  2. Cold Pizza by ebno-10db · · Score: 4, Funny

    Kids today. In my day programmers ate cold pizza and they liked it! Bonus points for pepperoni or sausage - there's nothing like cold congealed grease.

  3. On the other hand by xevioso · · Score: 5, Informative

    The reservation company specifically denies that this is happening or is possible.

    TFA:
    http://insidescoopsf.sfgate.com/blog/2013/07/25/are-automated-bots-are-making-hot-online-reservations-impossible/

    1. Re:On the other hand by xevioso · · Score: 4, Informative

      The important part, which I failed to quote:

      Update, 1:20pm: Urbanspoon has released a statement that reaffirms its earlier denial, and also refutes duplicate reservations and reservation fraud (though neither of those issues are technically in dispute):
      "Urbanspoon’s data on State Bird Provisions’ reservations do not support the findings reported in Diogo Mónica’s post. While we will not disclose data about specific customers, we currently have processes in place to prevent duplicate reservations and combat reservation fraud. Urbanspoon’s goal is to give real diners the opportunity to make reservations. We’ve noticed that many diners will stop at nothing to get a table at the hottest restaurants in town, like State Bird Provisions , so we are constantly working on improving the overall reservations process to give all diners an opportunity to secure a table."

    2. Re:On the other hand by gl4ss · · Score: 4, Insightful

      all bunch of blabla bla.

      you know what would work out? if the tables are really all reserved all the fucking time, make a reservation cost.
      then increase cost until you hit a spot. the restaurant should just charge more, if people want to pay a months rent to eat there then so be it.

      btw how the fuck could they make sure they don't get duplicate reservations? checking id's of people coming in to match the reservation? they can't really rely on cookies, ip addresses or anything like that for it. not even fb profile linking would do it, easy enough to have fake profiles...

      what urbanspoon cares about is that the tables are full, nothing else.

      --
      world was created 5 seconds before this post as it is.
    3. Re:On the other hand by ArcadeMan · · Score: 5, Funny

      Please, we're talking about fancy restaurants here. It's not just plain marketing bullshit. It's Lobster Thermidor aux crevettes with a Mornay sauce, garnished with truffle pâté, brandy and a fried egg on top and bullshit.

      --
      Get free satoshi (Bitcoin) and Dogecoins
    4. Re:On the other hand by blueg3 · · Score: 4, Interesting

      you know what would work out? if the tables are really all reserved all the fucking time, make a reservation cost.
      then increase cost until you hit a spot. the restaurant should just charge more, if people want to pay a months rent to eat there then so be it.

      It's easier to auction off reservations rather than continually adjust the price until you find a level that works. And this was suggested by many people on Twitter early this morning already.

    5. Re:On the other hand by Anonymous Coward · · Score: 4, Insightful

      you know what would work out? if the tables are really all reserved all the fucking time, make a reservation cost.
      then increase cost until you hit a spot. the restaurant should just charge more, if people want to pay a months rent to eat there then so be it.

      That works if you're just in it to make a profit, and don't care about who is able to come to the restaurant.

      Planet Money had a podcast about this in regard to concert tickets. They had Kid Rock talking about it, and pointed out that it would be super simple to keep jacking up the price until supply & demand balances out and it's no longer worth scalping tickets.

      However, selling tickets to the highest bidder greatly changes the tone of the audience you get. You no longer get people who are there because they want to enjoy the experience, you instead you get people there just to show off their affluence. (Kid Rock mentioned the bored-looking old guys in the front row who are obviously just there to impress half-their-age girlfriends.) You'd see that with increasing the price to restaurant reservations. You'll no longer get people going to the restaurant because they want to enjoy the food, you'd get people there because a table at State Bird Provisions is rare, and it will impress a girlfriend/business associate. As a chef, cooking for people who want to enjoy your food and cooking for people who are just there to show off are greatly different things, and you may be willing to reduce your profit if you can ensure the former.

  4. This isn't hacking by hypergreatthing · · Score: 5, Insightful

    This is just a html scraper. People have had the same thing going on ebay for years. Suddenly it's hacking? Give me a break.

  5. Re:I guess they never heard of CAPTCHA by 0123456 · · Score: 5, Insightful

    Yeah, but modern CAPTCHAs are so convoluted that computers can solve them more easily than I can.

  6. Abusing the system by Torodung · · Score: 5, Insightful

    This is abuse of the reservation system, plain and simple. It simply is not robust enough (too informal) to handle bots. I suspect it soon will become commonplace to require tortuous captchas for reservations. Great job, lazy hacktivists! You've ruined e-life for everyone.

    As for posting code for it in the wild so any script kiddy can do it. Good for you. That's called leveling the playing field. It's the proliferation of bots just to be shits to each other that rankles my ire, not the fact that everyone can now do it.

  7. self-described foodie by Gothmolly · · Score: 4, Funny

    Are there foodies who are NOT self-described?

    --
    I want to delete my account but Slashdot doesn't allow it.
  8. Ruby?? by happyhamster · · Score: 5, Funny

    Pfff, my soon-to-be-released Assembly program will put his slow ruby ass to shame, thus starting HFR (high frequency reservation) era and trading in reservation futures.

  9. Revenge of the Nerds by Alsee · · Score: 4, Funny

    One of the perks of dating a geek is that we are now the only ones who are ever going to take you to the hottest restaurant in town.
    Jocks need not apply.

    -

    --
    - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  10. Re:There must be something better to do with that by Natales · · Score: 4, Insightful

    Come on dude! It's so easy to be dismissive when you don't have a clue what are you talking about. Let me break your bubble: there are geeks that are hipsters, foodies and that just love the hedonistic pleasures of life. We all converge in this site at some point and share things that matter to all of us, but this is by no means all we are in life.

    I've had to learn to appreciate our differences with fellow geeks and nerds that have completely opposite political views for example without demonizing them, and in the process I've learned a thing or two. Don't fall in the "us" and "them" rhetoric and learn to respect people that care about different things.

  11. Re:Reservation fees? by whoever57 · · Score: 4, Insightful

    some place in NYC that cost $600 for dinner for two people after taxes, tip and whatever. i tried making reservations, but the place was booked solid for months in advance

    Face facts. The problem wasn't that the restaurant was booked, the problem was that you are not famous.

    --
    The real "Libtards" are the Libertarians!