Slashdot Mirror

← Back to Stories (view on slashdot.org)

My.MP3.com releases Beam-it Beta for Linux

Posted by Hemos on from the it's-like-dj-hernandez dept.

kurowski writes "My.MP3.com has released a Linux port of its Beam-it software. It relies on a closed-source library, but the (command-line) Beam-it front end comes with source and is GPLed. Way cool! (By the way it acutally works, too.) " We've been playing around with something similar in our office for a while - it's a lot of fun to have.

11 of 137 comments (clear)

  1. Beam-It is Great -- Enjoy it While You Can by rcade · · Score: 5

    Beam-It is software that reads the ID of audio CDs when you insert them in the drive and checks to see if that CD is present in MP3.Com's database. If it is, the tracks on that CD are added to your personal My.Mp3.Com account so you can listen to them in streaming MP3 and RealAudio format -- no file transfer is required, so you can "beam" a CD instantly. About 8 out of 10 CDs I own were known to Beam-It, so now I can listen to them anywhere through a Web browser.

    Another feature I tried out is Instant Listening. If you buy a CD from a company participating with Mp3.Com, it is added to My.Mp3.Com the moment you purchase it. Instant Listening is a great excuse to buy an album over the Net -- there's nothing like receiving instant gratification while shopping in your pajamas.

    The only downside to Instant Listening is that the MP3.Com partner I purchased from, Jungle Jeff, took 10 days to send the CD.

    Instead of suing MP3.Com, the RIAA should be looking at how My.MP3.Com facilitates impulse purchasing at online music stores. The recording industry already has a monopoly on the artists most people want to hear. They can reap even more rapacious profits on CDs sold electronically without the overhead of distribution, packaging, store promotion, and other brick and mortar costs.

    --
    Rogers Cadenhead (Web: http://www.cadenhead.org/workbench)
  2. Cool but good? by powerlord · · Score: 3

    Okay,
    I'll admit. Its cool to be able to go home, go through my CD collection and instantly have access to those same Songs at work (where I have a high speed connection). I do have a few problems with the service though:
    1) Why would I want some company to be able to catalog what CDs I have and which I don't? (I haven't seen their privacy policy yet... but should I expect direct mail asking if I want the "Latest CD from such and such"?)
    2) What about when I'm stuck behind a firewall somewhere and don't have easy access? I'd rather have a CD full of MP3's (I just finished burning one that had 15 CDs worth of music).
    3) Are small volume and no-name CDs going to be available? (or am I going to have to make my own MP3s of them if I want to carry them around?).
    4) How much bandwith is it actually going to take?
    They seem to have very little information available until you create an acount and give them your e-mail address. Something about that bothers me.

    --
    This space for rent. All reasonable inquiries will be entertained at proprietors discretion.
  3. Re:Reverse Engineer? by technos · · Score: 3

    Stay out of it.. The library is closed for a reason, namely keeping the RIAA off their back. (So far it hasn't worked, though) If we knew how it validated CD's, we could just throw random CD checksums at the server until it gave everything up. Instant piracy potential, and instant RIAA lawsuit..

    As for the DMCA and it's RE clause, thats for 'interoperability'. They've supplied a library to link against, so the interop argument is a short lived one.

    --
    .sig: Now legally binding!
  4. Vulnerabilities? by griffjon · · Score: 3

    As I understand it, beam-it reads your cd and sends an A-ok message to my.mp3.com saying that you have the ability and fair-use right to listen to said CD.

    Now, unless they're doing some good encryption inside the client, couldn't one just sniff one's local cablemodem neighborhood for connections going to the beam-it IP range and capture those packets, then send them out from your machine after a bit of modification and get rights to any CD your neighbors have rights to?

    Now, don't get me wrong--I'm all for a very powerful interpretation of what is fair use and what isn't; but MP3.com should take reasonable precautions.

    Side-note. What if, for every collection of unlicensed MP3s you downloaded by a particular artist, you send that artist a check for $10 directly, not through the record company.

    "Are you beginning to see the possibilities?" (Strange Days)

    --
    Returned Peace Corps IT Volunteer
    1. Re:Vulnerabilities? by dennisp · · Score: 3

      "couldn't one just sniff one's local cablemodem neighborhood for connections going to the beam-it IP range and capture those packets"

      I'll give you a cookie if you can find an MSO Cable provider who is this clueless. This is a major rumor that as far as I know, has never been true. The only major security hazard as such has been the allowance of broadcasts on the local network which allowed people to view network neighbourhood and other local network broadcasts. The vast majority of MSO's have fixed this problem within the last few years. Many modems also have encrypted communication from modem to cmts.

      I just wanted to clear that up. I am ignorant of my.mp3.com so I can not comment any further.

  5. Possible GPL misapplication? by BigGaute · · Score: 3
    As far as I can see, either the original poster is wrong when he uses the wording "library" or the choice of GPL is not appropriate.

    What I mean by that is that since the GNU GPL does not allow linking to proprietary libraries, unless the library in question is a core part of the os, (and then only if the GPLed app is not distributed with the os itself), it would seem that nobody except for the copyright owners are allowed to distribute this app.

    I did not check this out on the website myself, since they apparantly wanted me to register, which I will not do on principle. So could someone with less scruples than me go and check this out?

    The net effect of this could be that eg. Debian will not distribute Beam-It, in the same way that they will not / can not distribute KDE.

    I would like to stress again that I could not check this out for myself, so could someone else please do it? For all we know, the orginal poster simply expressed himself inaccurately. Thanks...

  6. MP3.com, Freedom Fighting by Hnice · · Score: 5

    I was wondering how long it was going to take for MP3.com to do this -- given the fact that the Linux community tends towards a more zealous and open defense of the manner in which Beam-It approaches the issue of ownership of information, it really behooves them to support the OS.

    Also, I'm amazed at what a bunch of bad-asses they're being. Lawuit filed, they didn't run and hide, they ramped up their advertising and encouraged people to sign up their friends. Sure, this is good for their business, but I'd like to believe that it also shows some sense of the politics of turning people onto the issues of ownership that this all raises.

    Maybe I'm giving them too much credit, but there seems to be a real understanding of the fact that their business is predicated on certain assumptions about who owns the music, and how they ought to be able to use it, that are pretty progressive.

    --

    god is just pretend.

  7. Re:What exactly is beam it? Live audio? by mwillis · · Score: 4
    I am liking this program. Linux version works fine; I installed it and went through a stack of CD's with repetitions of the command

    beamit -e userid -p mypass ; eject

    It's a lot easier than ripping a stack of CD's, that's for sure. As to what it does... you can download some of the source and have a look. There is a binary-only shared library, no code for that, but the beam-it user program, says:

    In addition to code written in-house, Beam-it uses code from the following software packages:

    o cdparanoia, by Monty http://xiph.org/paranoia/index.html
    o Grip, by Mike Oliphant http://www.nostatic.org/grip
    o libcdaudio, by Tony Arcieri

    It appears that usually "beaming" works really quickly, and occasionally it's really slow with lots of net activity. I wondered if it's doing some kind of distributed cd ripping activity when it finds an unidentified CD. But maybe cdparanoia is just working hard on one sector of my scratchy CD's.

    A quick look at the shared library shows some interesting things

    nm /usr/lib/libmsp.so
    /usr/lib/libmsp.so: no symbols

    strings /usr/lib/libmsp.so
    ...
    msppGetAttributeValue
    msppEncryptMD5
    MD5Init
    MD5Update
    MD5Final
    ...
    Software has expired, please update
    ...
  8. MP3.com and whining by Rambo · · Score: 5

    Never have I seen so much whining! A company puts its butt on the line, going up against the RIAA to provide this service. They provide huge amounts of bandwidth to accomodate full quality streaming (128kb/44KHz). Then they release a Linux client.

    And what do we hear? "Hey, they want my email address-- I won't use anything that requires an email address" "They released it under the GPL but kept a library closed-- I won't touch it!" And last but not least, "How can we crack it so we can pirate all these CDs?!"

    People, for once in your life stop looking a gift horse in the mouth and appreciate what someone has made available for you.

  9. Restoring Scratched CD's by Cycon · · Score: 4

    I may be somewhat off course here, but it sounds to me like this would be an excellent opportunity for someone like myself to get back all of CD's that I've lost in the past due to scratches.

    Essentially, as long as my CD's (which was of course bought legally) contents track is intact, I can add it to my database on mp3.com, and then capture the stream being sent to my harddrive, and voila, I have the mp3's. If I want, I can then just uncompress and write the files to my CD Burner.

    I'll definately have to give this a shot.

    --
    Your Brain + EEG + LEGO Robots = Brainstorms
  10. Re:Reverse Engineer? by ColPanic · · Score: 3

    We have been trying to do the reverse engineering here today. They seem to have a pretty good verification process. Heres what we have figured out.

    The client connects to a text command interface on cdver.mp3.com:8094.

    User authentication is done in two parts first

    HELO mail=email@ddr ver=1.00 cver=LINUX100 sern=XXXXX

    The server provides the sern number on connection.

    Then:
    AUTH meth=md5 pass=XXXXXXXX

    Presumably this is an md5'd password for the user.

    Then to lookup the ID of a CD in their database

    MDID time=cdlength tkof=list,of,track,offsets

    This information is available publicly from CDDB.
    The MDID command will return an "mdid" number, used to identify the CD.

    Now for the CD verification process

    VFCD mdid=mdidnumber

    This starts a verify for the CD
    The server will then send a list of of requested track data in the form

    331 bits=16 trk=11 chnl=stereo nsec=7 encd=pcm size=8232 rate=22050 sect=49855

    This request is repeated for a number of tracks, in apparently random order.

    The client then needs to get this information off the CD, and send it up.

    RVDT trk=11 sect=49855 nsec=7 rate=22050 chnl=stereo bits=16 size=8232 [followed by 8232 bytes of data]

    So it seems that the only way to authenticate the CD is to be able to answer any query about the data on the CD, which would mean that you aready have the CD....

    So after looking at this, I'm fairly convinced that MP3.com should not only win their lawsuit, but that they seem to be in the right, having taken due diligence to ensure that someone does in fact have the CD before handing over access to them.

    --
    -------- I dig Mobile Phones