Show HN: Amtrak.js – A JavaScript library to interact with Amtrak's tracking API
25 points by piemadd 3 years ago | 6 comments- koolba 3 years agoNice project! There's a number of government and quasi-government agencies that I wish had end user accessible APIS.
AES encrypted responses from Amtrak's API all encrypted with the same constant hard coded IV:
https://github.com/pieromqwerty/amtrak/blob/master/src/amtra...
https://github.com/pieromqwerty/amtrak/blob/e0bc815f7ff73484...
What a waste of time and tax payer money. Might as well just make the API public and add some CORS headers. Or require an API key and have the website dynamically generate them internally with a short expiration.
The encryption dance being performed here is all theater and the acting sucks.
- piemadd 3 years agoSome people have theorized it wasn't Amtrak who wanted the bs encryption (also probably why the keys haven't changed in 3 years and they've made no effort to prevent people from grabbing this data) but actually some sort of National Security jargon.
- piemadd 3 years ago
- reustle 3 years agoThis is fabulous. I tried to do this a few years ago while I was building https://Amtrak.io and failed to sort out their obfuscation.
- piemadd 3 years agoI actually came across an old hackernews thread where you mentioned you built the site, I guess you have a library to do it for you now lol
- piemadd 3 years ago
- galaxyLogic 3 years agoInteresting. But couldn't this data be loaded just with REST too?
- piemadd 3 years agoNope. Go to https://maps.amtrak.com/services/MapDataService/trains/getTr... and let me know how readable the data is lol, though I have also made an API based off of this library (and integrated it into the library) which you can read on the docs: https://api.amtrak.piemadd.com/docs
- piemadd 3 years ago