Since the COVID-19 outbreak, electronic launches have become challenging. This is mainly because supply chain orders for chips decreased but rebounded, conflicting with pre-committed tech commitments (Vakil & Linton, 2021). Scalpers bought limited supplies of devices, pushing up prices as demand rose (Kan, 2020). Using bots, scalpers swarmed internet stores and resold for excessive prices. Stores can’t keep popular gadgets in stock. The Newegg shuffle may give temporary respite until supply networks can satisfy demand.
Newegg Shuffle Instead of buying goods, enter a drawing to win them. Some appear opposed, but I see a benefit. Raffles with restricted product places might reduce the chance of a scalper receiving one. If a shop uses first come first serve, a scalper’s chances of receiving a product are solely affected by bot detection. Defense in depth (EC-Council, n.d.) enables multilayer cybersecurity safeguards. This implies Newegg’s system works.
To determine whether something is well-designed, we must first identify the issue. Customers are exploiting the system to buy lots of devices. You can’t stop all buying abuse or scalpers. You can slow them down if they try to purchase legally. So, we merely need to fix the issue of automated system abuse.
Scalpers have been buying gadgets using bots. These bots perform automated online calls that impersonate people (Cloudflare, n.d.). There are many options. You may design a bot with a “head” that visits the GUI page and clicks using coordinates or computer vision. I’ve created bots that employ picture recognition to traverse GUI programs, allowing them to complete tasks even if the GUI is rearranged.
“Headless” bots are another option. This approach navigates websites using HTML (Smirnov, 2020). If the HTML hasn’t changed, your app can execute human duties. The lack of GUI human verification is negative. HTML element clicks depend on tight element routes, therefore the app may fail easily.
Direct HTTP/S calls are the final, less-used approach. You may record HTTP requests using the developer mode in most web browsers. Recording these calls might let someone repeat the same demands.
Now that I’ve outlined the problem and why Newegg’s Shuffle fixes it (but doesn’t eliminate it), let’s discuss what I imagine they’re also doing. Raffles are useless if they don’t offer further security.
Verify the buyer first. Here’s how:
- Need a mobile phone number, except Google Voice. Verify phone number to enhance application complexity (bot). Sending a photograph of a code will also prevent system misuse.
- Require debit or credit card purchases, limiting prepaid cards. Temporary card services like Privacy (although that would be unfortunate).
- Limit in-demand goods orders per family
According to several, bots may receive a new IP address to avoid IP limits and blocking. If you’ve ever attempted to set up a home e-mail server, you’ve seen this. Email providers filter based on IP categories for years. Email from a consumer IP address will likely be prohibited.
Online shops may prohibit access to cloud data centers and businesses. You don’t need to ban these IP addresses at the network firewall, although AWS servers seldom require GPUs. You may buy a GPU on your work network with your phone. This makes it harder for scalpers to bypass IP limitations.
If insiders can exploit the system, why play? Insiders might inject their pals to increase their landing likelihood. The only way around this is to provide the source code; even then, you must believe it’s being used.