Facebook blocks/freezes accounts logged in via Frost

[proninyaroslav]

This is not the first time I have noticed this. At first I thought it was a coincidence, but when I logged into Facebook with Frost today, they blocked me again, allegedly for suspicious actions. There is no pattern when they can block, it can happen in a week or in a month. I've seen Frost change the client's user agent to mask the real device (for example, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.90 Safari/537.36 instead of Android user agent). Maybe the reason is this.

[Crono23]

Can confirm, I had the same issue. I was forced to change password about 5-6 times, because they thought "someone else is using your account". Then I switched to official FB app and the suspicion disappears. Really sucks that they're doing this.

[proninyaroslav]

Well, it happens again... @AllanWang sorry, but can you somehow contribute to fix it?

[AllanWang]

Not sure there's much I can do, aside from changing the user agent if it's outdated. It has to be different from your device because we need a desktop agent for things to load. I used to swap agents depending on the loaded screen, but that's no longer a thing. One session with Frost will have a consistent agent, and if they're starting to ban that, there's not much else that can fix it.

[proninyaroslav]

@AllanWang Maybe it's worth making a list of desktop user agents so that the user can change it? Or set up a timer to periodically close the session in order to login with a new user agent that will be selected randomly from the list?

[AllanWang]

I could make user agents configurable, but that can cause more problems than it resolves.

If Facebook is specifically denying agents like mine, I should update it to a newer one that another project is using. If you happen to know of one that works, feel free to post it here.

If this is just due to agents not matching the device info, it doesn't seem like there's much we can do. We simply do need a desktop agent for a lot of things to work, and if it gets to the point where we are all getting banned, then I'd have to significantly cut down on what is available in Frost.

The timer to close sessions is almost certainly going to create new bugs here saying to revert it. I know anecdotally as a user who only reads content that getting data with the current user agent seems fine. This could be another case where they are banning mismatched agents on post requests (ie when you create content or message). I can test that out on my dev account, but as of now updating the agent seems like the more realistic (potential) fix.

[proninyaroslav]

Block occurs immediately after entering the app. Usually as a reader, or I share post 1-2 days before blocking.

[proninyaroslav]

@AllanWang If it's important, I was blocked today after opening a photo in my news feed.

[AllanWang]

It's almost certainly the sharing part. I'm not sure what's prompting the login, though read only seems to be stable. Obviously not a great answer to a Facebook user, but I'm not sure what more can be done aside from me updating the agent.