Posted by Steve on 11/06/06 16:46

"Not here Not Now" <"Not here Not Now"@nospamnospam.com> wrote in message
news:AZe3h.4340$Qn2.681@tornado.texas.rr.com...
| Carfax is using Data One Software they use some code and pass it to them
| and then write back to the user.
|
| There is only one problem with attempting to hack or link to there page
| and write a wrapper, Data One Software checks the requesting ip.
|
| So that will only work till they find it hand that does not last long.

data one may very well check the requesting ip, however carfax does not. ;^)
their vin lookup form uses lazy methods for validating requests and is
highly prone to being unwittingly hacked. all that is required on your part
is to discover what i'm talking about, exploit it, and build a fairly sound
parsing agent to pull the vin info out of their returned html. the only
thing not so legal about this is trying to replicate carfax's functionality
as your own - particularly when consideration for your "services" are
concerned. that too, limits how you can use what you've gleaned from their
inqueries.

vin numbers are highly outdated in methodology. they need to be rethought
and demystified. the *only* data that should be hard-coded into them is the
country and manufacturer. the remaining data should be nothing less than an
identifier for a record describing an individual car. each manufacturer
should provide an interface for querying that identifier. the returned
values should tell the year/make/model/series/plant/etc. about the vehicle.
much the same way that google maps return data (i.e. a map) when you pass
them a lat/long.

either that, or suddenly they should become very uniform in how they try to
encode all that info into a vin in the first place.

but, that's just my 0.02 usd. ;^)

[Back to original message]