Napster Adding "Protection Layer"

bluecalix writes "According to an article on sonicnet, 'In the new Napster, which the company says will be launched "as soon as possible," users will still be able to swap MP3 files ripped from their own CDs. But Napster will add a new "protection layer" to MP3s as they move from one user's computer to another, allowing the service to control what users do with the files they download, according to a statement from the company.'"

Laws are for the Lawless

They are trying to enforce copyright protection, but people that really want to steal and share songs will find a way to do it. This will only stop a few people. It will make life painful if their new format becomes popular, because it will make many other programs obsolete that can be used to play and record (possibly) MP3s. Proprietary formats are not a good thing, because they inhibit growth by removing the ability for other programmers to create editors and viewers. It sounds like it's time to move on from Napster.

Taking a lesson from the MPAA

My theory, is that they will simply add a registry entry to keep track of which files you downloaded, and just not allow you to share those. Pretty trivial to bypass.

However, as we have learned from the DeCSS case, all you have to do is *try* to protect your content, no matter how flimsy the protection.

Pretty clever of Napster, they could use the DMCA to shift the blame from themselves to the users...

Poisoning MP3

without knowing the exact methods that napster will employ to 'tag' these mp3's, would this not have the affect of spoiling the internet mp3 pool?

what I mean to say is, if after a period of time, there might not be any 'untainted' mp3's left...

this jibe's right with a theory I've had for over a year now, a theory explaining how RIAA might kill napster:

Spoil the mp3 format, or

make mp3 trading totally socially unacceptable, tantamount to narcotics or prostitution.

Oooo...

I predict that their new protection layer will stay unbroken for exactly 6.28 microseconds.

Any takers?

Re:Oooo...

[Goldberg's+Pants]

That long?

---

Re:Theory - MP3 bits

[volsung]

Heck yeah!

All my files are encoded with the keys 6, 5, 11, 4.

Re:Intermediate device drivers will not work.

[bmetz]

Why doesn't anyone EVER mention vmware when referring to methods of circumventing this technology? It seems pretty darn intuitive to me that once the data steam leaves vmware linux can have its way with it. There are plenty of loopback capture methods for linux.

Watermark != encryption

[cduffy]

An unwatermarked copy never exists in memory -- the samples go right out the speakers with the "inaudible" (yeah, right) watermark still in.

do your homework

[Sanity]

you really don't understand much about Freenet do you? I suggest you find out before exposing your ignorance again.

--

Re:HaHa!

[Mihg]

gnapster works just fine with OpenNap servers.
---
The Hotmail addres is my decoy account. I read it approximately once per year.

Re:Protection Layer vs. Bitrate

[evand]

Why don't they just limit the sound quality of the MP3s?

Because I'm not going to rip my CD collection at 24Kbps or really anything else than the settings I use now (using LAME with VBR). If I don't rip my CDs at 24Kbps, they won't be shared. Say goodbye to Napster's "customer" base once the only people who have files available for download are people who are willing to maintain a copy of their MP3 collection at a lower bitrate specifically for trading with Napster users.

Re:The "layer"

[dwlemon]

Thanks to new copyright law, the copy control measure doesn't really need to work.

It just needs to exist. Wether it works and is broken, or doesn't work and is broken isn't going to make a difference legally or in circumvent-ability.

Re:Theory - MP3 bits

[Skapare]

Will they be providing source patches for all open source free players?

Re:Easy solution...

[Skapare]

Or the voice in the mp3 file says "f t p colon slash slash tunes colon r i a a sucks at my dot leet dot host slash" ... when you play it backwards.

Yeah, but it doesn't need to....

[Napalm+Boy]

The simple fact of the matter is that no matter what kind of stuff Napster puts into the files, they're still music files...and copying just the music (and not the advertisements, if any) just involves capturing the stuff on the way to speakers....and if there are restrictions on the Napster-distributed files, it's solved the same way: record it on the way to the speakers, and make a new mp3 file. Easy, it's beend done before. Unless they come up with something brand new and creative....in which case, somebody smart out there will, too.

Re:Also important

[Sancho]

Don't you think the client would have to be able to unprotect the protection in order to, say, PLAY the mp3?

Re:Also important

[Sancho]

You're right... I was smoking crack and being overly optimistic.
However even in this scenario, it doesn't mean that the file can no longer be shared. It all depends on how they do the "protection." A form of public key encryption...yes, it would have to be able to remove the encryption. A new file format *could* still be shared, or could be restricted. It could even be done according to the copyright holder's preferences, in case they only want the songs to be downloaded from their own machines (in order to track usage, for example.)

Why does everyone shit on Ogg Vorbis?

[GuNgA-DiN]

It seems that everytime we get into the whole Napster/MP3/RIAA discussion we never really get anywhere. Millions of us like to rip and trade our music for free. We won't buy into any proprietary encryption schemes (ala Liquid Audio) and we always bring up Gnutella/OpenNap/Scour/etc..

But, what about Ogg Vorbis? Everytime this is brought up as a serious subject - people start to trash it: "the format sucks", "only geeks use it", "it will never work".. "blah blah blah". Someone else posted a message saying that one way the RIAA was going to try to kill MP3 is to piss in the pool. If they can flood the MP3 pool with garbage files, then the format will lose credibility and people will stop trading files.

So, rather than complain about Napster and MP3 why not work on alternative and completely open formats? If we all told Napster to go fuck themselves and started to develop Ogg Vorbis in earnest we could have a great alternative. Let the Army of Lusers (AOL) use the "Pay-per-listen" Napster that will be born. And the real traders who have been in the scene for awhile should start to switch formats.

Develop cool software that works well and has *all* the features we want. Develop hardware that plays it. And in the end we can have a truely OPEN format that goes head-to-head with MP3, Windows Media, Liquid Audio, and others. Why is everyone so attached to MP3 anyway? It's not the best format out there... in fact it kind of sucks.

So..

[mindstrm]

napster is going to modify the files on us. Hmm.
I think Napster has given up the holy 'cause' they were fighting for.. people can swap files anyway... so it's time we publicly, openly did something new to get attention away from Napster. They're just going to turn into another media whore.

Re:Hard to do, easy to overcome

[mindstrm]

No.. they could just issue updated clients, and make the servers only work wit updated cilents.
The flock will follow, and napster will get fat like the media whore they are.

Re:I'm working on just such a thing.

[WasterDave]

IMHO: Disaster. Somebody somewhere has to set up the servers, this is most likely going to have to be an ISP. ISP's hate this shit. They hate NNTP, but have to have it, really. They hate IRC, but have it because someone who works there thinks it's great and insists on keeping it up on some godforsaken P200. It's the mother of all security risks. It eats all their bandwidth when it shits it. In this case it'll attract lawyers faster than a hollywood divorce. Uck.

Strict peer-peer will save you. The ISP's will not be bothered by it because as far as they're concerned it's just more layer 3 traffic. Legally they would have a simple time claiming they had no way of policing it. If you're clever and use some encryption, they won't be able to police it.

Peer discovery and propgating queries are the hard bit. How do I know which machines are within (say) a dozen hops? How do I propogate a search? How does it scale.

Yes, it's hard. But a worthy goal, don't you think?

Dave

Re:HaHa!

[WasterDave]

None. It'll be done peer-peer.

Dave

Re:Yeah, this'll work

[WasterDave]

I doubt they'll take the time to develop a cryptographically secure system.

They don't need to: There are open source (BSD licence) cryptogtraphy toolkits that work perfectly well. The sword cuts both ways.

Dave

Green light to open source sharing.

[WasterDave]

The thing that Napster are forgetting is why it is they were so successful: It was a classic example of viral marketing. People used it because it was useful. Then more people used it because other people told them it was great - not because they'd seen a billboard advertising it. If they want to charge for napster, and the downloaded MP3's only work on that one machine - its not going to be useful is it?

So the message to those wishing to ego-pander by having (say) 100 million people using their software is simple: Go.

It has to work on Windows, like it or not, and it has to be simple. It has to be secure, it has to scale, it has to be able to search, and it would be damn handy to the lamer in the street if it could cut collections of MP3's to audio CD.

Obviously it has to be completely decentralised, cos RIAA are going to go nuts.

Go for it. Make it work. And do yourself a favour by not putting the letters 'GN' at the start of it's name.

Dave

Re:Green light to open source sharing.

[GregGardner]

Napster isn't forgetting why they were so successful; they painted themselves into a corner with their total disregard for copyright and the record labels' power. Now they are getting sued into oblivion and are being forced to re-implement their entire system. If Napster could continue what they are currently doing and keep all the viral marketing going, they certainly would. Unfortunately for them, the RIAA is holding a gun to their heads and it's a _really_ big gun.

Note: I'm not against Napster or rooting for the RIAA, just stating the facts.

Re:Theory - MP3 bits

[WasterDave]

Well, it won't be an MP3, will it? It'll be some proprietary Napster file format. Most likely your Napster client has a private key and a public key. When you get an MP3 from someone else, your client gives their client the public key, their box uses this key to encode the outgoing .mp3 as a .nap, then it can only be played on your box because only your box has the private key.

Piece of piss. How does it play in an MP3 player? It won't.

Dave

Re:Intermediate device drivers will not work.

[listen]

Maybe Microsoft would not sign any drivers that work under vmware? And then when vmware changes the card it emulates, DMCA them to death.

Re:Hard to do, easy to overcome

[karnal]

My main thought is that the opennap servers could still use the old clients and we'd all be happy as hell still.

Inevitably, Napster had to go legit

[Mdog]

This was destined to happen from day one. Napster is a business. Napster cannot be, in the long run, a free service that helps people pirate mp3s. (Yes, that is what it primarily does.)

Yes, I'll miss napster. Yes, this sucks. But I'm tired of people acting all hurt and betrayed....

Re:Inevitably, Napster had to go legit

[kikta]

I remeber back before Napster, when I had all the MP3's I wanted. We used to trade them (along with massive amounts of porn and software) on Carnegie Mellon's student network. The school basically had the stance of "See no evil, Hear no evil", and as long as there was a password on the shares, it was okay with them. So, everyone made their password "bob" and everyone was happy. All Napster did was provide search capabilites and make it easier to trade across domains. But, It's just like Dr. Touretzky's DeCSS page. Once the cat is out of the bag, people will find a way. Furthermore, the more they are offended by their antagonist (MPAA, record companies), the more they will work to find a better way to do it. While Gnutella is a massive bandwidth hog, their will be a better way invented soon. Bet on it. And the more laws and court ruling that are thrown in the way, the more the online community will dance around the letter of the law (until common sense breaks out).

Re:Inevitably, Napster had to go legit

[Rafajafar]

Actually, napster wasn't a business from day one. On day one it was some college pothead with computer knowledge (don't flame, I know its a tacky prog) who wanted to off the system by trading songe with his friends over the internet. Napster was founded on being a way to screw record companies out of money (not like I feel the least bit sorry for them). It wasn't really until litigation ensued that Napster was less of a project and more of a business (damn lawyers and their bills).

This should be interesting.

[Restil]

Winamp (and I imagine other programs) is capable of directing the output to a WAV file that can be burned to a CD with no difficulties whatsoever. And this is assuming you want an audio cd when you're finished. How exactly they expect to prevent me from copying files and burning them straight, I have no clue.

However, my best guess is that it will involve storing all mp3's inside a loopback type encrypted filesystem, and all mp3 playback will have to be through napster's program. Of course, this is far from foolproof. A couple days with a disassembler, and all this will be for naught.

Of course, I still say that none of this matters. Napster can be whatever it wants to be. I don't use it, never have used it and don't plan to start anytime soon. I can't keep up with the inflow of mp3's I'm getting now, why would I want to make the "problem" worse. :)

-Restil

What's wrong with analog outputs?

[leereyno]

Does anyone really think that they are losing fidelity by using analog outputs?

Dump the "secure audio" to a metal formula cassette tape (assuming you've got a deck that will actually use it well), a DAT tape, or an audio cd burner.

Seriously, you a lot of fidelity from the mp3 encoding process to begin with and virtually none from the analog output to your speakers. All it takes is one person with a DAT drive with line level inputs to supply everone else with an unencumbered version of anything at all.

Until someone comes up with a way to encrypt something up to the point that it reaches our ears then there will be no such thing as "secure audio."

Re:Gnutella Rulez

[schmack]

"Nuff said?" - not at all, chinless.

Gnutella will never pull the kind of critical mass needed. It's only a matter of a very small amount of time before it's shut down. There have been many documents written on the major lack of scalability in the Gnutella architecture - whereby single searches start to require gigabytes of bandwidth when you start to get respectable numbers of users on the system.

Try again.

--

So? They don't care. It satisifes the court.

[John+Thacker]

Napster is required to try to stop people from trading illegally, and to make a good faith effort. Do you think they really care if people bypass it? No, they don't. Napster's execs wanted and encouraged the various thefts. They just want to satisfy the court.

So, don't complain. Napster's thinking just like you are.

Re:OpenNap

[Stavr0]

Anyone know of a good windows client?

WinMX, AudioGNOME, RapIgator ... See for yourself
---

Re:Relax and lose.

[Anopheles]

I do not agree. Napster needs something to say "Hey look, we're controlling the content! So stop suing us!" This appears to be what they're doing here.

Do you think Napster would allow you to actually *see* the MP3? My guess is it will be encoded into some sort of super-large cache. And you will have no control over it. And there will be a game where Napster keeps on hiding the songs better and better. And the energy expended in this "game" could be better spent on OpenNap.

And why you're wrong, PhatKat, is because of this:
1. Napster is not platform independent. You can only run Napster on their pre-approved platforms.
2. It would be a mistake to assume that Napster is being careless here. They want to be a viable business much more than you want your free music.

Anyway, that's my two cents, take what you want from it...

Re:Relax!

[zzzeek]

Yes, its BS protection, its probably a cripple in the napster client. Easy enough to use a different Napster client. Unless the fed then shuts down the usage of alternate Napster clients in the same manner DeCSS is illegal. Then the precedents would be all around to begin the total systematic criminalization of any software that isnt produced by a big corporation.....Im sure MS will have quite a few many other usages for precedents like this.

Yeah, this'll work

[johnathan]

I'm sure this scheme will be cracked in short order... I doubt they'll take the time to develop a cryptographically secure system. Of course, the crack will be an illegal "circumvention device", but legality has never been much of a concern to Napster users (myself included, I must admit). Of course, a weak scheme could be just what Napster wants... then they'll at least be able to give some lip service to the music companies, while making copyright abuse just a bit less convenient for their users -- and, most importantly, shift the blame from themselves to the evil crackers. Maybe we'll soon the the gallery of Protection Layer removers on Dave Touretzky's page.

--

pretty laughable

[seanw]

either they have a really brilliant idea, or this is as silly as it seems. kinda sad, really.

Re:pretty laughable

[seanw]

and, to anyone who says that it's only giving lip service to the court ruling, and it's meant to be broken, I say that's even sadder

Re:Easy solution...

[Isomer]

This screams out to me, that if they 'reverse
engineered' this system, then it's a violation
of DMCA and they can be sued? The intent of this
system was to prevent people finding the information
contained within it. The intent of CSS was to
prevent people finding the information contained
within it.

Could be an excellent case for someone to trial :)

Re:This only goes for future downloads

[Isomer]

I remember hearing a long time ago when napster
was still quite young, that it had an off by one
buy where it would truncate the last byte off
every download. This didn't really have any
noticable effect on the an mp3, so the bug went
unnoticed. Except that files that were popular
ended up being many generations old and therefore
would have the last part of the song truncated.

It misses the point.....

[RallyDriver]

Regardless of posturing, piracy is the one and only raison d'etre of Napster. Regardless of what they implement or how effective it is, Napster is no more.

Um... no?

[solios]

Okay, back to ratioed FTP servers, where I was bagging full albums before Napster made lunch a bit more interesting.

This "protection layer" thing is both bullshit and a great way to alienate the user base- this, and it would be a bitch to implement on the Mac. [the Mac version of Napster sucks enough as it is.] If they're going to go through with making the experience shittier for everyone in order to assuage the greed of the record labels, the least they could to is actually, you know, IMPROVE THE QUALITY OF THE SERVICE at the same time. But I doubt we'll see, say, a useable search engine any time soon.

Re:Theory - MP3 bits

[Tackhead]

>Dumbass. That's in the frame headers, not the idiotic ID3 tags.

Whups. Thanks for the clue, deeznutsclan.

Moderators: He may have been inflammatory, but he was right. See table 2-1 in the O'Reilly chapter I linked to.

If the protection bit is on, then a checksum follows the header. They can do this in every frame of the file.

My original point still stands - a third-party utility can just as easily strip or reset the bits after downloading through the NewNapster client. But the bits are in the frame headers, not the ID3 tags. (Serves me right for taking the output of TinAMP seriously :)

Re:Is that a real MP3, or a Sears MP3???

[Tackhead]

>I really hate to see common extensions (.wav , .avi , etc) being non-standardized into different sub-types that may or may not work with my applications.

Paranoid theory: Maybe that's what RIAA's plan is.

Fact: Napster has a large userbase.
Fact: The new napster will also have a large userbase, at least for a period of time
Fact: Users trade MP3s offline
Fact: Newbies are often "compulsive upgraders"

Therefore, we can assume that when NewNapster says "You need to update your MP3 player" to play these MP3s-that-aren't-MP3s, they'll do it.

We can further assume that they'll share these files over other media.

We can conclude that if these files continue to be shared, that not everything that ends in ".mp3" will be playable in old-sk00l MP3 players (hardware or software).

Thus, the base of existing MP3s is sufficiently-contaminated that clued-in users no longer trust that a file ending in ".MP3" is playable, and they stop trading en masse and go back to trading amongst themselves, a few files at a time.

The widespread sharing of MP3 files is stopped. The USENET MP3 groups are also abandoned (think: flood of clueless n00bies with cable modems and NewNapsterized MP3s), and we go back to the dark ages.

I don't think it'll happen - but it's a possibility. All that has to happen is that NewNapster not suck as much as we think it will ;-)

Theory - MP3 bits

[Tackhead]

There are "Private:", "CRCs:", "Copyrighted", "Original", and "Emphasis" bits in my ID3 tags.

Betcha the "new" Napster simply flips these bits, and "asks you" to "upgrade" your MP3 player to something that honors those bits.

WTF else could they do and still have the downloaded files play in an MP3 player?

Re:Theory - MP3 bits

[jtdubs]

That is absolutely hilarious. They will use a bit in the file, the "Copyrighted" field for solving all their problems. Give me 5 minutes and I'll whip up a C util to unset that bit on all my mp3's. Seek, Read, And, Write. Hey, now none of my songs are copyrighted and I can trade them. Problem solved.

Justin Dubs

Re:Theory - MP3 bits

[GregGardner]

There was another article about this a while ago that I read. Don't remember the URL. Basically it said that their plan was to have the peer that is hosting the mp3 to come up with a secret key for each peer that requests the mp3 and then encrypts it on the fly as it is going over the wire after sharing the key with the peer. Then you can only play the mp3 inside Napster which has the key to decrypt the mp3.

Re:Theory - MP3 bits

[rfsayre]

WTF else could they do and still have the downloaded files play in an MP3 player?

Well, they could nurture a situation that appears to be similar to the "DeCSS situation". You know, whip up an equally weak .mpeg (layer 3) encryption format, then somehow leak the crack for it. Then they would be in a much more complex situation.

On the surface, it looks like they've "policed their premises" (a la Fonovisa), to the best of their ability. They've even attempted to control what the user does with the file after logging of Napster, after their knowledge of what goes on with the file is completely terminated. However, evil HaXoRs have somehow circumvented their efforts to ensure fair-use. So whose fault is it then?

Napster's best strategy is probably to push the idea of Napster being responsible for piracy to absurd extremes. This would mean that people would be applying clandestine third-party (open source?) patches to remove copy-protection. Isn't this like taping over the holes in a video-cassette, or ignoring an "FBI Warning"?

How many technological illegalities on the part of the user are required before it ceases to be Napster's fault? Isn't the critical step ripping from the CD-Audio? What if you have to apply 42 "patches" to make it work? When will the courts recognize that those 42 patches could be automated into one?

How about acknowledging the agency behind all of the action on Napster?
The users choose what to download and what to offer. Now Napster is trying to police what happens to the file after the user logs off. Where is the line between Napster knowing if copyright is being broken and MCI/Worldcom/ATT/Qwest knowing? If I recite a Snoop Doggy Dog song to a friend on the phone and he writes down, is that a problem? What if he records it while I play over the phone? Do I have a right to broadcast the filenames on my computer?

Re:Theory - MP3 bits

[Mike+McTernan]

May also mean that we don't have a Linux napster client either :(

Re:could it work?

[QuoteMstr]

Yes, they *could* do these things, *but* do they *want* to? Napster has just been beaten --- do you think they will willingly embrace their occupiers and do exactly as they command? NO! They will do as little as possible, just to give the appearance of compliance.

Re:HaHa!

[QuoteMstr]

Patch for GNapster:

-send_to_server("type=gnapster");
+send_to_server("type=BigBronapster");

Re:HaHa!

[QuoteMstr]

So capture the network traffic being sent to Napster and send it from gnapster. Classic replay attack. If worst comes to worst, you can extract the key from the client --- after all, if it encrypts something, it needs to have something to encrypt it with.

Encryption is *not* a pancea, it does not magically make everything unbreakable. Like any other tool, it is useful in places, but it's just that, a tool. It has limitations. Encryption does not allow you to trust the client --- *NOTHING* does.

Hard to do, easy to overcome

[{Hecubus}]

The way the system is set up now is that the mp3 itself never actually goes through napster. In order to somehow "add a layer" to the mp3, it would have to pass through napster at some point. Last time I checked 1,786,189 files were online. When each one is transferred, napster has to come in contact with it. This would take too much bandwidth to work properly.

This could be done at the client level, but would need to have everyone using the new client. This is time consuming and does not stop people from using the old client with something like opennap.

How could the new napster client be sure that the mp3 was from his/her own cd collection? As easily as new mp3's come with a new "protection layer", I can remove it.

Napster must realize this, and hopefully this is just a move to keep the RIAA at bay for a while because they're "doing something" to stop it, despite how easy it is to get around.

Hate the playa, not the game.

[cwhicks]

As we know and predicted, Napster is just like any other company. Money whores.
Here is rule 1 of Business 101 for those that don't know.
"Make money anyway you can. This includes screwing anyone that inhibits this including your own customers."
I think it is going to make it hard for people to continue to support Naps court battle now as things like this come out.
The fight is still crucially important, even though it helps a common whore like Napster.

Here is an article with more details

[GregGardner]

This article from inside.com has more details on how this "copy protection scheme" will work. Basically the peers share a secret key and then the mp3 is encrypted with the key on the fly. Then presumably the mp3 is kept encrypted and your Napster client is the only thing with the key to decrypt it, so you'd have to play the mp3's in the Napster client.

http://www.inside.com/jcs/Story?article_id=23794&p od_id=9

Re:Intermediate device drivers will not work.

[levendis]

ssssssssshhhhhhhhhhhhhhhhhhhhhhhh.... someone will use the DMCA to ban vmware :)

----

Disclaimer!!!

[kirwin]

If used properly, Napster will help reduce the risk of transmission of mp3's and many other internetly transmitted diseases

Re:HaHa!

[plague3106]

Just how the hell do they think they're gonna stop anyone from burning the mp3s they download? Encrypt them, and only be playable through the client? Hmm...speaker goes to line in...and there's aprogram recording on line in...

Re:yeah, and..

[plague3106]

Hook speaker out to line in...rerecord..

its easy..

Re:The "layer"

[plague3106]

Putting something in the ID tag wouldn't work...since most mp3s that get burned are done via burning software, not napster..besides, they are always converted to wavs beforehand...

Once upon a time...

[Jace+of+Fuse!]

Once upon a time
people traded MP3s
the did it with people
they knew in IRC,
and in ICQ,
and with FTP,
and in other ways
that the world wouldn't see.

"Everything you know is wrong. (And stupid.)"

First communication with the dolphins will be....

[SmokeyDP]

'So long and thanks for all the fish'

Re:First communication with the dolphins will be..

[SmokeyDP]

yeah yeah, so i put this under the wrong topic... =P

Relax!

[PhatKat]

Hey, don't worry about this! This is just an attempt to make napster seem to be keeping in line with the court's opinions. There's no way that they had enough bandwidth and processor power to do this themselves... do the mp3s ever get transferred directly through napster's servers in the first place? Even if this were possible, how could they make it platform independent? And if the layer gets added as it's being passed through, doesn't that mean it's already getting traded?

I'm convinced this is just an attempt to assuage the powers that be with some meaningless techno-spindoctoring. No worries here. Whatever it is, it sounds lame. And if it is as carelessly implemented as it sounds, it shouldn't be hard protection to sidestep.

Re:Relax!

[EthSoma]

It's possible if the client itself puts the copyright mark into the mp3 as it transfers it. I don't think there's any way a napster server could ever afford the bandwidth cost of transfering all files through it, and napster never really would need to. The solution is simple: the napster client you're using now works, so don't upgrade.

But of course how does the client (or the server) know if the song shouldn't get a copyright mark? Doesn't this mean that even if a song isn't copyrighted it will get a copyright mark once it gets transfered by a pro-riaa napster client? I guess napster has decided not to care so much about artists using their service to promote free material ..

Re:HaHa!

[JWW]

Knapster has napigator support.

can user friendly p2p piracy survive?

[brett42]

For a while it's been obvious that pretty much any kind of content that can be loaded into a computer is available somewhere on the internet if you know where to look. Then napster came along and made it really easy to download mp3s straight from other users. Now there are some clones, but all of the easy to use ones use an easy to find central server. Now it looks like courts are ruling against p2p file sharing and copyright holders are going be able to shut down the central servers. People with patience will still be able to get whatever they want for free, but many people who aren't familiar with other methods like gnutella, hotline, and FTP will have to pay for stuff (wow, paying for content, what an unusual idea), or do without. It looks like we're screwed. With the legal system ruling against napster and the RIAA sending threatening letters to opennap servers, does the central server/search engine type of file sharing have any serious chance at surviving?

Use a cross-platform framework to write this

[goingware]

It has to work on Windows...

Do yourself a favor and get the efficiency of native machine code without the headache of making your users get a Java virtual machine - or caring what version of the JVM is available for a given platform.

Apple has announced it has no plans to support a JVM later than 1.1.8 on the classic Mac OS so you can't use all those great collection classes in Java 1.2 and be cross platform! (See Apple's Java Developer page and scroll down to where it says "Mac OS Classic Java".)

Use a cross-platform application framework. That way you can program on Linux, Mac, BeOS, Windows or maybe even QNX and deliver for all those schoolkids running Windows ME on their parents' PC.

One such framework, for C++, is ZooLib. There are many others, as you can see from The GUI Toolkit, Framework Page.

Read about why it's important to write cross-platform code.

I'm most familiar with ZooLib, because I've been working with it on the products I write for my clients, and I helped ZooLib author Andy Green prepare it for open source release late last year under the MIT License.

ZooLib offers all of the following implemented as C++ classes:

• Multithreading, with cross-platform C++ thread classes and various kinds of locks (simple mutexes, reader/writer locks) - multithreading is important for something like a servent. For systems like the Mac OS that don't have preemptive threads it has a handrolled thread scheduler.
• GUI, with a uniquely flexible layout method. The widgets are rendered by platform appropriate renderers, and you can make custom widgets. There's a renderer that will call through to the Appearance Manager on the Mac OS, if it's running.
• platform-independent TCP networking, it's implemented in terms of sockets on Linux, WinSock on Windows, sockets on BeOS and MacTCP on Mac OS. I think Open Transport may be working too on the Mac, I'm not sure - but on all platforms you use the same C++ classes for your networking with no platform-specific client code needed.
• Thread-safe reference counted smart pointers, for quick, efficient memory management that's free of leaks.
• Extensive debugging support - assertions in core components and a debugging memory manager, handy macros for assertions and the like
• Single-file database format with C++ interface. Create ZDatabase objects with ZTables in them. Much zippier than SQL and more pleasing to the object-oriented soul.
• File objects - you instantiate a ZFile object from a ZFileRef object, then use its Open, Close, Read and Write methods
• Platform-specific file open and save dialogs with an API that's consistent with the rest of ZooLib. Filter by filetype on the Mac or filename three letter extension on windows. While ZooLib is cross-platform, it breaks out into platform specific code in cases like this where it's appropriate, in a way that's considered entirely sacreligious by the Java community.
• Streams that can be chained to provide filtering, somewhat like the iostreams classes in the C++ standard library but more appropriate for use with binary data. This is how you typically read or write to a file or network connection.
• Handy preprocessor macros to deal with platform specific code or selecting options like debug builds.
• Offscreen graphics buffers that may be manipulated directly via pointers or accessed in a manner that is transparent to the bit depth via GetPixel and SetPixel calls. All platforms have the same API that provide a wrapper around platform bitmap buffers. I believe there's a purely homegrown in-memory implementation, plus platform implementations bounds to the native GUI layer like GWorlds on the Mac OS.

However, ZooLib doesn't yet have everything it needs. Read about that here. But I think it will work fine for the application suggested here, and the needs given in that page are being addressed.

ZooLib 0.81 is known to build with MetroWerks CodeWarrior on Windows and Mac OS, gcc on Linux, and gcc on BeOS for Pentium.

If you use CodeWarrior you can cross-compile and cross-debug; check out Thursby Software for some filesharing solutions that work well for this. (Tip - on Windows, select the "MacBinarize" post-linker in the target linker prefs when building a Mac target - you also need to derez all your resource files and include them as Rez text source).

While it should ultimately work, there are known build problems with BSD, CodeWarrior for BeOS PowerPC and Visual C++ on Windows. These are all being worked on and full support for all these platforms is expected before long.

Other cross-platform frameworks I'd like to note are:

• The Adaptive Communications Environment for cross-platform networking
• GTK - yes, that's right, GTK! but you must forgo using XLib calls and POSIX calls that are not in the ANSI C Standard Library
• The Netscape Portable Runtime for the non-GUI aspects of cross-platform development
• The Mozilla XPToolkit for cross-platform GUI
• Mozilla Netlib for network and file stream access
• Mozilla XPInstall for cross-platform installation, packaging and updating.
• Also check out AbiWord, a great cross-platform WYSIWYG word processor that's open source, with an open file format. As far as I know the only product coded in AbiWord's XP framework is AbiWord itself, but it's worth looking into for another look at how people architect these things.

While there are undoubtably many powerful advantages to the Mozilla framework, it often receives a great deal of criticism for being heavyweight - hard to code to, slow, and hungry for memory.

People often mistake these problems for valid arguments that one should not do cross-platform development, or perhaps not render your own widgets when doing so but depend on platform specific ones (like AWT vs. Swing), but I think the lightweight, well architected, efficient and easy to use ZooLib answers those arguments very eloquently.

Help me teach the Free Software community to write quality code.

Mike

Re:Use a cross-platform framework to write this

[Trepalium]

wxWindows is another C++ GUI framework API that has been ported to a wide variety of platforms. It currently compiles for Windows, MacOS, Motif, and GTK (Motif or GTK known to compile on Linux, FreeBSD, Solaris, AIX, HP-UX, IRIX, SCO, DEC OSF/1 and OS/2) (a version for QT seems to be in-the-works, for all the KDE fans out there). wxWindows has been around since about 1992, although not exactly in it's current form. wxWindows is distributed under the GNU Lesser General Public License with a special allowance that allows you to link the wxWindows code to your executable despite what the LGPL says (it's reasonable for most/all purposes).

From what I can remember, wxWindows does most of the same things mentioned above, with the possible exception of 'single file database' support. wxWindows makes use of ODBC instead of using it's own database engine.

There's also support for virtual file systems, which allow you to use the wxFile to operate on http or ftp sources as if they were local. If that wasn't enough, you can also register your own virtual file systems at runtime. It supports a basic (very basic) HTML renderer, some IPC and printing classes, and an object for just about every widget or window type there is native support for on any platform.

The API seems fairly similar to MFC or QT, and chances are that programmers familiar with either of those would be fairly confortable using wxWindows.

Re:yeah, and..

[pope+nihil]

That won't work. They can force you to upgrade by detecting version numbers and disallowing connections from old clients.

Probably like eMusic's "technology"

[Mike+Gleason]

Wonder if eMusic patented the highly sophisticated technology of adding an ID3 comment. If you recall, eMusic threatened Napster with lawsuits based on users sharing files previously retrieved from eMusic.

> id3info "./01 - Greed.mp3"

*** Tag information for ./01 - Greed.mp3
=== TIT2 (Title/songname/content description): Greed
=== TALB (Album/Movie/Show title): Straight Ahead
=== TRCK (Track number/Position in set): 1
=== LINK (Linked information): frame
=== TPE1 (Lead performer(s)/Soloist(s)): Pennywise
=== COMM (Comments): (ID3v1 Comment)[XXX]: www.emusic.com/albums/2085/
=== TCON (Content type): (43)

Guess of Napster's new "Protection Layer".

• (1) For each file to be shared by the user, write the user's Napster username to the ID3.

• (2) As new files are downloaded, preserve the remote user's Napster username in the file, if present. If a username was detected, do not allow this file to be shared.

Of course, even casual pirates could run a utility to strip the comments from their downloads, but I wouldn't be surprised if Napster implements something this naive.

Re:ugh

[DarkSyd21]

Why would they set up servers to do that...when they could utilize your proccessing power for much less...

Re:Intermediate device drivers will not work.

[rakslice]

And, as we all know, everyone uses windows. =)

Which P2P will replace Napster?

[Nonesuch]

Okay, let's say I have a number of Unix systems, a couple of Windows machines, and an MP3 archive server on a relatively fast network connection.

What P2P 'file sharing' service should I install if I want to share my files with my friends, most of whom run Win95?

What P2P client should I install if I want to be able to download MP3s from random strangers? Which alternative to Napster has the biggest library?

Lastly, which service gives me the most 'protection' (anonymity, etc) against being sued by RIAA or raided by the FBI?

wow - this is useful!

[dpotter]

Maybe I just don't get it... what exactly are they trying to accomplish here?
"Hey all you record labels! Time to get happy! Call off your lawyers because we're still going to let our users pirate your songs, but they can only give them away if they actually bought your CD! Oh, sure they can still give away billions of copies - but those people can't pirate them! Until they crack our protection algorithm which we think they pretty much will, because if we change the file format too much then it breaks every MP3 player ever made. Oh, and even if they don't crack our file format, they sure as hell will Digital-Analog-Digital the songs and redistribute them that way."
My take on this: Napster ignores lawsuits until they have huge market. Napster gets huge market. Napster redefines onlines music from .MP3 to .NAP and licenses player technology. THEN (and only then) Napster takes steps to bill consumers for downloads in small-easy-to-swallow-prices and cuts profit-sharing deals with labels.

Re:Oh, that's wonderful

[VAXman]

Dude ... music is enormously expensive to record, and by not paying for music you asked for this. I have been warning people since the advent of Napster that not paying for music, would result in other ways of companies to make money which are much more intrusive than simply paying for pure music (such as advertsting).

And if you circumvent this, they will just put in more advertising, but integral to the music. The Boston Symphony will be required to modify the last few bars of Beethoven's Ninth to include the Coca-Cola jingle. Backstreet Boys will be comissioned by AT&T to sing about the wonders of 1-800-CALL-ATT in every song. Etc. Etc. Etc.

Why don't you just pay the artists so it doesn't have to come to this? I would much rather have pure music, than music diluted by advertsting.

A guess on how they'll do this..

[cheesyfru]

Based on what I'm reading in this article, it seems like they're going to do something to the mp3s that makes it impossible for traditional CD creation programs and MP3->WAV converters to do their job. This would have to involve a file format change. I'm guessing this:

You will need to upgrade your Napster client when this goes out. When someone requests a file from you that you've ripped from your own CDs, it will take this standard formatted MP3, add its own meta-info to the file, and send it to the other user. What results is an MP3 file in a non-standard format which is not playable by standard players, but is only playable with their nifty new inline player (which coincidently blasts ads from the major record labels at you while you use it).

This may not be as bad as it seems. Most importantly, there *will* be programs out within days that will convert their "protected" files to standard MP3s. However, it will probably be easier to find full albums on MP3 (which is hard right now). Of all of the proposals I've heard of how to make Napster more acceptable to the major labels, this is one of the only ones I might still use afterwards.
---
Josh Woodward

Re:main problem...

[smyle]

Whoa, I just corrected the Grammar Nazi.. isnt there a prize for that?

I hope so. I did it myself last week.
--

Re:Intermediate device drivers will not work.

[Trepalium]

Another work around would be to write a program that attaches itself to the napster client in the same way a debugger would and capture the unencrypted data before it hits the sound card. Or write a dummy audio driver that dumps the raw PCM data to a file (this can't be illegal under any sense of the DMCA). There's too many ways this could (will?) fail.

(if I take an MP3, turn it to wav and back again, do I lose info that survived the initial encoding into MP3?)

Definately. Even if you don't hear it, the decompression adds artifacts that the compresser will have to decide if it's audible or not. You'll end up taking away more and more correct sounds from the music and adding more and more artifacts.

Or if all else fails, move to Canada. Senator Orin Hatch doesn't work for our government. We don't have the DMCA or anything like it..... yet.

What about my band?!?

[zerocool^]

There are only two ways to make this work...

Either they create a master database that contains EVERY name of EVERY
copyrighted song ever (we're talking like 15 megs worth of text)

OR

Napster will add encryption to the songs that my band has written ( the Jeff Mullins Band ),
to which WE own the copyright, and THAT would PISS ME OFF!! We WANT
our stuff traded on napster!

Plus, isn't adding an encryption to something that i own and declare free use of illegal anyway?

~Zero


insert clever line here

Watch napster sink...

[swordgeek]

Something like this was bound to happen, and it's a bit of a surprise it took so long.

Napster is a centralised index and a company. That means there's ONE source to go after, ONE company to sue, and ONE entity to force changes on. Napster knuckles under, and here we are.

However, fewer people are going to use this new Napster, especially when other (better) systems are coming to maturity. This may be the push Gnutella needs for widespread legitimacy.

good bye napster

[ericdano]

Good bye Napster,
Good bye Napster,
Good bye Napster,
I won't be using you now.

I think it's time to uninstall it.

Maybe if Napster moved to Canada we could use it without all this crap.

Then of course the RIAA's song would be "Blame Canada".......
--

A 'protection layer'?

[DrEldarion]

What the hell? They're going to do this as the files are transferred too. Seems a little strange to me.

Anyways, there's no mention of what the protection layer will DO. Sure it will put restrictions on what it will do, but what are the details? Is it not going to let you play it? Or maybe only a certain number of times?

Anyways, it'll take about 2 milliseconds before someone makes a player that ignores the 'protection layer'.

-- Dr. Eldarion --

Ha!

[ibm1130]

As I sit here observing the back end of the P2P horse disappearing over the net.hill, I am left wondering just how long the record industry thinks they can stall the inevitable. Sure they may be able to have some sort of copy-protection scheme built into drive specs but I'm not sure they'll be able to count on it being universal. They might be able to persuade Willy Gates to include something in his OS but there are alternatives to that as well. I am also wondering whether the record industry has carefully thought through the implications of bringing up sales figures, profits and by extension their accounting practices in open court. Perhaps no one has explained to them that the net was designed to survive Armageddon and should ( with difficulty ) be able to survive lawyers just as well.

Just like a small dose of antibiotic

[Gefiltefish]

Judging by the huge demand for file-sharing that has been evident through Napster, this is not an activity that will soon fade out.

Rather, the RIAA's contribution to shutting Napster down or gimping it with ridiculous restrictions will ultimately work against those who wish to prohibit sharing of music and files.

It reminds me of what my doctor says about taking antibiotics, "Take them until they're gone. If you only take a few, you'll just kill off the weak bacteria and eventually create a stronger strain."

Well, this is exactly what will happen. Once a central server-based system like Napster goes down, we will see noncentralized systems like the Gnutella model increase in size and reliability. The RIAA will shoot itself in the foot by forcing file-sharing to become easier to use by consumers and increasingly untouchable by industry and government.

Re:Just like a small dose of antibiotic

[Hinten]

Don't be fooled by the 'huge demand'. Cigarettes experienced a huge demand as well but with a lot of money and social engineering you can actually change attitudes and usage.

�Gnutella alternative

[yerricde]

If you want to be nearly immune to RIAA lawsuits, set up a private OpenNap server and use Napigator to tap into it. No copyrighted information is flowing over your server (except perhaps trademarks such as BILLY JOEL® and *NSYNC® but those aren't the same as copyrights anyway).
All your hallucinogen are belong to us.

Centralized servers are points of failure.

[yerricde]

what if the mp3 is encrypted with a key that has to be checked out of a centralized server?

One word: OpenNap. OpenNap servers will use one well-known key. If you trade MP3s over OpenNap instead of Napster Inc's network, you already have the key to descramble them.

See also Pinocchio's comments on Napdot to see why a restricted Napster just won't work.

All your hallucinogen are belong to us.

The trusted client problem

[yerricde]

What if they where to the protection it locally on your PC?

It would not work, as clients cannot be trusted in a secure situation (e.g. Quake cheating). Fifty bucks says there will, within two days of the release, be either a patch that disables DRM encoding in the client or a clone client that doesn't even do DRM.

All your hallucinogen are belong to us.

Music isn't that expensive to make

[yerricde]

Dude ... music is enormously expensive to record

Bull. All you need to record techno are a computer, a tracker, a sample set (start with GM.dls that comes with recent Windows), a player that writes wav (Winamp), and a Vorbis encoder.

modify the last few bars of Beethoven's Ninth to include the Coca-Cola jingle

This is already happening. Witness "Summer Girls" by LFO (the "Abercrombie and Fitch" song). But jingles don't even have to mention the product name anymore; witness licensing of popular songs in commercials such as "Da Da Da" by Trio (used in a VW commercial) and various golden oldies used in Burger King commercials.

Why don't you just pay the artists so it doesn't have to come to this?

Because the labels don't provide an efficient way to buy the two good songs on the album without buying the ten filler songs.

All your hallucinogen are belong to us.

Intermediate device drivers will not work.

[yerricde]

if the idea is to keep people from burning MP3s to CDs, there's nothing to keep them from writing dummy device drivers as an intermediate step.

SBLive already has this (What-U-Hear); I'd think InterTrust (contracted by Napster to provide restrictions management) would have thought of this already. Anyway, Windows ME and Windows XP contain a Secure Audio Path that only drivers signed by Microsoft can use. And to be signed, a driver must disable all digital outputs (spdif, what-u-hear, write to .wav) when the Secure Audio Path is open.

All your hallucinogen are belong to us.

Re:Intermediate device drivers will not work.

[Irritant]

They'd better not have drivers for the SBLive or the Sound Blaster 16, then, becuase it's extremely easy to modify the cards to turn the data paths from the chipset to the Codec into a nice, clean (well, in the case of the SB16, anyway) SPDIF signal:
http://sascha.esrac.ele.tue.nl/~jeroens/tech/sb1 6- spdif.html

for the Live, just get the datasheet for the rear out DAC chip and go from there. Really any soundcard that has a separate Codec could be "comprimised" like this, and a quick search didn't turn up any info on an encrypted version of what most chips use now (AC97). Only the REALLY cheap cards don't have a separate Codec or converters.

This would be just for the consumer-grade soundcards, though. The pro stuff shouldn't be affected--after all, many/most pro cards have _only_ digital IO!

Re:Intermediate device drivers will not work.

[Frank+T.+Lofaro+Jr.]

2 workarounds:

1. Hack the code in either the client, the driver or the kernel. Or hack the hardware. Only needs to be done once, then the means to do so could be distributed. Illegal under the DMCA in the US. DMCA might be unconstitutional - but that often doesn't stop them.

2. Just get 2 sound cards and the best darn audio cable (high quality and shielded! Preferably with gold plated connecters, and as small as possible) you can get and feed the audio out of the secure card into the audio in of a non-secure card (which could be on another PC). And record that.

Digital to analog to digital conversion does far less harm to the signal than MP3 encoding does. Of source, re-encoding back into MP3 might hurt (if I take an MP3, turn it to wav and back again, do I lose info that survived the initial encoding into MP3?)

Maybe fair use, may be legal or illegal under the DMCA, but it is not really circumventing because the conversion from a protected format was done by authorized software - so the actual protection mechanism wasn't circumvented or bypassed - it was used as designed. You are intercepting a non-protected signal, and you might get off on that. Or might not. See a lawyer for advice. we all know of one judge would be convict you no matter how good of a case you make.

Re:Intermediate device drivers will not work.

[multipartmixed]

Or if all else fails, move to Canada. Senator Orin Hatch doesn't work for our government. We don't have the DMCA or anything like it..... yet.

Better yet, our new Copyright law (from Dec 97?) is quite good (search for "CD tax" or something). It basically says that a person may make copies of any music he wants to listen to, on any media he damn well pleases. The catch is that the person making the copies has to be the person doing the listening. Now THAT sounds like a good model for Napster. :)

--

Re:Just use the old version

[Therlin]

because their server will simply not let you connect with a version without the "enhancements"

playing these new "mp3" files

[Therlin]

Correct me if I am wrong, but if Napster adds an extra layer to these MP3 files they will either:

* Not be MP3 files anymore therefore you'll need special players to listen to the files, in which case people will just use a tool to remove the extra layer and convert them back to regular MP3 format

or

* Be playable with any regular player, therefore making this protection layer useless anyway.

And don't forget, once a file is burned on a CD as a regular audio track, it can be ripped again as a good old MP3.

yeah, and..

[crashnbur]

And people will just write programs to strip mp3s of these "protection layers."

Next!

(When will they learn?)

A cute little poem from the future.

[SlamboS]

It all ended on that day
When a few actually wanted to pay
And Napster gave in
To Big Brother's whim
That day Napster could no longer stay.
__________________________________________
The people that are willing to pay for napster are the people that don't know how to download MP3s from other sources. The reason for this is probably that they aren't exactly computer junkies. They probably don't spend much time on their computers and therefore don't get mp3s to play them on their computer. They get them to put them on CDs and play them in their car or whatever. Napster will kill themselves by becoming a slave to the music industry. Why would anyone pay for napster to get stupid songs that they can't play anywhere but their computer? After the first few months of their subscription service, subscribers will probably die down once they realize how stupid it is with a small user pool and altered songs.

I don't know how many costs they would have, but I don't see them making a huge amount of profit with this plan. They could even go bankrupt. They really only have two logical options: Close now or keep up the legal battles. It's obvious their only reasoning behind this move is to please the music industry, their enemy. Yes, Napster is a business, but this move doesn't look very businesslike - Napster is basically letting the music industry control them. Whatever they do, the music industry will be watching them. If napster doesn't go bankrupt, it will just turn into a place like cdnow.com, except you can't even get CDs from it. It's the napster self-destruction.

/whois John Galt

New, and...?

[SkulkCU]

the new Napster

Oh, so it'll be pretty much like the old Napster, except now nobody will like it.

Re:HaHa!

[Goldberg's+Pants]

There's a program on Freshmeat called "VSound" that sits patiently and records stuff bound for /dev/dsp... I've tested with recording a Realaudio stream and it works flawlessly.

---

Re:HaHa!

[Goldberg's+Pants]

Given the amount of users they'll have if they deploy all this, they could run it off a 286 with a 9600 baud modem... Hell, they could probably do without the modem...

---

Re:Oh, that's wonderful

[Goldberg's+Pants]

The nightmare that immediately jumped into my mind is that this "protection layer" could come to involve brief advertisements from our favorite corporations, prepended to the beginning of every song.

Not a problem. Activate the "record to wav" plugin or whatever, save it to wav, edit the wav, re-encode to MP3... Would probably take 10 minutes, if that.

---

Re:The "layer"

[Goldberg's+Pants]

Just a thought, but if you can only play it X times, it must have to write something to itself. Make it read only... Failing that, burn it to CD immediately. When you want to play it, copy it to the hard-drive...

---

Re:The "layer"

[Goldberg's+Pants]

You'd be screwed. The RIAA will love this since it nicely screws over the unsigned artist. People can't copy your song, despite what you want, thus limiting your exposure, leaving more interest for the crap the record companies ejaculate.

---

Re:When does it end???

[Goldberg's+Pants]

The problem is the clueless bastards at the RIAA have no idea. They think throwing lawyers at anything makes it go away. What they don't realise is they CANNOT stop Napster. Sure, they can shut down Napster itself, but like weeds, where 1 is killed, 3 more spring up... BTW, LOVE that last line. "This is a silly game, they should stop now." Love it...

---

Re:DMCA worries

[Frank+T.+Lofaro+Jr.]

Is the DMCA going to act as a legal cudgel for megacorps to screw over the public?

It already does.

Re:HaHa!

[elegant7x]

if(client.type != "BigBronapster"){
kill(connection);
}

or, something like that

Rate me on Picture-rate.com

Re:Oh my lord

[Eloquence]

Gnutella is working quite well again. Remember, the scalability problem doesn't mean that the network congests at a given size, it just means that you will only see a limited part of the network, which is really no big deal if that part is big enough.

Check out BearShare, it's one of the most powerful Gnutella clients around and works nicely here. Other than that, see infoAnarchy (sig) for news & updates on Napster alternatives, as well as a comprehensive list of them.

--

Re:Practice - MP3 bits

[f5426]

> Most likely your Napster client has a private key and a public key. When you get an MP3 from someone else, your client gives their client the public key, their box uses this key to encode the outgoing .mp3 as a .nap, then it can only be played on your box because only your box has the private key.

The private key have to be on the client to play the file. So, reverse engineering of .nap files is possible. And, if the underlying is a MP3 stream, then the original MP3 can be re-constructed.

Napster doing something like that is like putting a huge blinking neon, reading "hack me" on each napster copy.

Software copy protection is futile.

Cheers,

--fred

Re:HaHa!

[marick]

But what about open source napster clients? Can't they be hacked so as to NOT ADD the extra layer?

IF PAYMENT THEN NOT "COPYRIGHT ABUSE"

[sparkane]

Of course, a weak scheme could be just what Napster wants... then they'll at least be able to give some lip service to the music companies, while making copyright abuse just a bit less convenient for their users

LADIES AND GENTLEMEN: COPY CONTROL'S PRESENCE OR THE LACK OF IT WILL NOT MAKE NAPSTER MORE LEGAL. It will make it more agreeable to the major labels. PAYMENT of any kind WILL make use of Napster TOTALLY LEGAL. In other words "copyright abuse" of the kind the kind gentleman is referring to above will CEASE TO EXIST. Only the DMCA will make the breaking of copy control illegal, but, even more clearly than breaking CSS on DVDs, breaking Napster's copy control will be a matter of USE not of COPYING because the COPYING has already been paid for and allowed. Because you paid for that downloaded mp3, copying it falls under fair use (backup) and any tech measure which pervents you from exercising that fair use right may legally be broken, EVEN ACCORDING TO THE DMCA.

I CAN'T WAIT TO PAY FOR THE NEW NAPSTER AND LEGALLY CRACK THEIR COPY CONTROL.

Re:HaHa!

[SuperCujo]

I think the mp3 manipulation will be performed client-side. This, of course, will make it much easier to have a patch applied to remove this functionality.

Is there a Napster-clone client out there for connecting to OpenNap servers? I am currently using Napster + Napigator but I want to get rid of Napster altogether.

So what I can't burn an audio cd

[a-optic]

OK ... even if they did this .. it would take lots of bandwidth .. that is cool ... can't burn it onto a cd .. then ... that CD-MP3 player I have on hand would play my mp3s fine just not converted MP3 to audio ....... O well

Protection Layer vs. Bitrate

[oscill8]

Why don't they just limit the sound quality of the MP3s?

People could still trade files freely, and if they really liked a song, they would want to go buy the CD for the better quality. It would be good business for the record companies - people would still get exposed to artists they would otherwise not take the time to seek out. It would also be good for Napster assuming the RIAA went for it. Napster would retain a significant amount of it's appeal and "customer" base, and might get out of the hotseat in the process.

Any ideas on this? What bitrate? Why wouldn't this work, or how could it work?

Re:HaHa!

[child_of_mercy]

Easy enough for them to build encrypted authentication into the new napster version

um....

[loraksus]

Maybe you haven't heard, but the word on the proverbial street is that napster isn't going to be around much longer...
I heard from a source close to someone in the napster business that the service will be discontinued by the end of next month.
For napster, the proverbial shit has hit the equally proverbial fan.
They are just toying with stuff now, hoping to get patents on peer2peer file sharing encryption / authentication et al.

Oh.. one last thing - to the person who modded down my last message because of my sig.
Fuck you, you stupid asshole!

Since Dubya became president and commander in cheif, the US Military has killed more allies than civilians... Current count - 9 Japanese to 3 Iraquis

I have a shotgun, a shovel and 30 acres behind the barn.

Geeky solutions doesn't work for Napster targets

[Kjella]

Gnutella, OpenNap, Scour... geez. Don't you realize that most of the target group for Napster are complete computer idiots (sorry, but it's the truth), like my uncle and his son I actually had to install Napster for, because they were afraid of screwing up the setup and let others have access to their machine (as if Napster was Subseven 2)...

I can see people who would pay for Napster's services, quite a bit in fact. It's easily searchable, point-and-click, no real configuration to speak of (filling in an ip is hard, some people are still looking for the 'any' key).

What I don't think people will buy is the limitations.. "Why can't I burn a CD of this?", "Why can't I play this in my car/on my stereo/DVD-MP3 player/portable MP3 player/whatever????" not to mention why they can't give it to friends like they could with the old mp3 format.

They want to give a commercial service, both more expensive compared to the free one and providing less value. Which makes even less sense than the stock price of Amazon.com with the -1250 profit/earnings ratio they once had.... They're just begging for people to (re)discover newsgroups, ftp servers, irc fserves, sending cds, web servers, not to mention the new peer2peer services... Some won't figure it out but most will.

Kjella

The "layer"

[Fervent]

The example they gave was to prevent users from "recording the MP3s to CD, a popular practice". But when would this "layer" take effect? Is it permanent?

For example, say I download a song from Napster, then send to a friend using regular email. Can they burn it to a CD?

And even if the layer was placed on top of the MP3 (I'm thinking some text in the ID file), what would prevent a hacker from taking five minutes to remove the layer.

I swear. It doesn't seem like people are actually thinking here.

Re:The "layer"

[Cassivs]

And what if this song is one that I wrote, that I don't mind freely distributing, would they put the "layer" in anyways?

What if I owned the copyright to this hypothetical song, and forbade modifications to the file, would they be allowed to add this "protection layer?"

Just a couple more thoughts, other than the ease of getting past it.

Re:The "layer"

[AmigaAvenger]

For example, say I download a song from Napster, then send to a friend using regular email. Can they burn it to a CD? nope, the planned model is to use a method similar to windows media player content protection. You would have a key, only you could play the MP3, and it could be limited for the # of times. And even if the layer was placed on top of the MP3 (I'm thinking some text in the ID file), what would prevent a hacker from taking five minutes to remove the layer. Unless it encryptes the entire file, but I agree, it won't take long to crack it.

Something like those "Beware of dog" signs?

[doorbot.com]

Or maybe car alarms or the "ADT" (IIRC) sticker people put on their house windows to alert the bad people that they have a security system, when they don't.

This is all a bunch of fooey, for the benefit of the RIAA and the stupid users they hope will believe their smoke and mirrors.

"Beware of dog" signs might work for the casual criminal, but are they really going to stop someone who wants to break into your house? (By the way, DeCSS is the tool used to break into your house, did you know that?). They're going to realize real fast that the Beware of Dog sign is a fake, and that if you have a dog, it's been dead a long long time.

Good luck implementing this, Napster. Why don't you bring out your poster child and have him explain how a poor company like Napster is forced to do these horrible things by the RIAA.

Gnutella Rulez

[javaDragon]

Nuf Said.

Re:Gnutella Rulez

[EllisDees]

You obviously haven't tried it lately. The newer clients (limewire and bearshare, especially) are a giant improvement over the earlier ones. My search for 'Orbital' just turned up 1300 matches. Now, all we need is an encryption layer with some proxy features, and there will be no way to stop it. If you get a DMCA notice, deny it and your ISP must legally restore your connection - make them try and take a million people to court.

Secure Audio Path? Not gonna work...

[Entropius]

...just plug your line-out into your line-in, or into the line-in of another computer if the Secure Audio Path finds some way to mess up your ability to record while it's playing. The quality loss from running through the DAC is probably much less than the quality loss from the mp3 compression in the first place, so it's not a problem...

Re:Protection Layer?

[Entropius]

I want the convenience of downloadable music as much as anyone, but I am not willing to steal from artists just for my own convenience.

I don't like people stealing from the artists, either, which is why I don't like the RIAA.

No bandwidth problem for their servers!

[dstone]

Okay, so Napster's own servers will now be involved in each file transfer. Sound like a bottleneck? Not really. Remember, since they're proposing charging us for files we can't fully use, there's going to be like, what, 85 subscribers using the entire network? Their servers should be able to handle that, no problem!

mp3 to CD

[Raunch]

I personally, am sceptical about the whole thing. Keeping me from burning mp3's onto a cd? because all I'd need to do is write from winamp to .wav then re rip.

Re:InterTrust

[sulli]

I'd hate to imagine what happens to their stock if they fail.

I'm rather looking forward to it - when they fail! No reason to expect them to succeed where others haven't - for all the reasons that copy protection / DRM don't work. (i.e. people will always find some way to circumvent it.)

main problem...

[grammar+nazi]

it'll take about 2 milliseconds before someone makes a player that ignores the 'protection layer'.

I agree completely.

Here's the grammar nazi summary:
1. Napster is increasing the cost of their service (from $0 to ???).
2. Napster is removing 'value' from it's service by restricting the files that can be shared.

This is never a wise business model. Increasing price needs to accompany increasing 'percieved value'. The only way that I would pay for Napster's service is if they increased the value of their service. For free I have access to a lot of music. Why the hell would I pay to have access to less music.

I desperately hope that Gnutella or Freenet are ready by the time Napster decides to implement there new flawed business model.

Re:main problem...

[Thaelon]

Yes, they're increasing the cost of their service and decreasing it's value, but there is something you're misssing. The RIAA is driving force behind these changes and they would love to see Napster fade into obscurity. For that purpose this is an excellent buisness model.

This only goes for future downloads

[mirko]

Prerequisites:

• Napster will tag downloaded files on the fly...
• Any file, even Public Domain or "GNUArt'ed"
• Most Napster user download less and less stuff as they usually look for what they want, not "anything available"

So, concerning the first point, this only goes for future downloads, so, my current 24 CD full of MP3 stuff are not encrypted in any way, am I right ?
I also think this is the same with most people, so, statistically, who can say that:

• It won't be the same for current Napster addicts who have plenty of MP3 they can still share?
• There won't be somebody to just add some filtering on Napster client in order to just ignore "tagged" files?

So, yes, this won't change much except that only the "latest" songs will be available.
Now, I just wonder whether somebody actually tracked a Napster song in order to evaluates how many times it is actually downloaded? Maybe this information would just show the Napster people how useless (or useful ?) this is going to be...
Or maybe their forthcoming "tagging" will be a way for them to perform such statistics as their model is centralized.
Until then, I'll switch to GNUtella. ;-)
--

Re:This only goes for future downloads

[dachshund]

It won't be the same for current Napster addicts who have plenty of MP3 they can still share?

From what I understand, you'll be able to share either MP3s or Napster-specific files on your drive and Napster won't touch them. When somebody else downloads the file to their machine, however, it always becomes an encrypted file. So there's no way to filter out the encrypted files, as everything will come to your machine as an encrypted file.

Napster is worse than slashdot...

[Cerlyn]

...in terms of load put on a network. When allowed after midnight at my university, ping times that used to be 40-60 ms over multiple T1's reach well over 2000ms with corrupted return packets.

Seriously though, everyone clueless is downloading as much as possible right now. This is as if someone has yelled "fire" in the middle of a crowded theater. I hate to see what will happen when the smoke actually appears, and everyone starts trampling all over each other in search of alternative solutions.

Protection Layer

[naden]

Well that's fine and all I'll just remember to use my Protection Layer to stop me from using the new version.

alternative napster clients

[puck01]

I like these, but as far as I know teknap is the only one that runs on an OS other than windoz.

Audiognome
Winmx
Teknap

puck

Re:HaHa!

[AmigaAvenger]

Rapigator works 100x better than napster anyway, can connect to multiple servers (including napsters), and also allows you to limit incoming or outgoing bandwidth.

MP3.com

[jeffy210]

So is this going to work like my.mp3.com did, you can only download you own songs? granted you can swap, but at what expense? i think it's just to appease the RIAA
-------------------------------------------- -------------------

Re:MP3.com

[Iron+Webmaster]

Lessee

Napster provides a stupid "encryption" layer like CSS and does not persue infringement.

In fact Napster uses exactly the same method and hides behind it.

Or Napster says you can not add one bit as that is the encryption algorithm.

I love it. This can go on forever.

Re:specifically to the client-side "tagging

[Technician]

It also says "new format". This means they will no longer be MP3's. This also means they can't be played on your RIO or in dash CD/MP3 deck. This is a Death Blow to Napster. It is the end of the consumer base. I'll bet Napster is less than one tenth the size it is now in less than 6 months. Once the usability is gone, so are the clients which is just what the RIAA wanted.

Re:Oh, that's wonderful

[Eazy-N]

The nightmare that immediately jumped into my mind is that this "protection layer" could come to involve brief advertisements from our favorite corporations, prepended to the beginning of every song.

Two words:

Cool Edit.

www.audiogalaxy.com and www.imesh.com

[EdBrannin]

I desperately hope that Gnutella or Freenet are ready by the time Napster decides to implement there new flawed business model.

Personally, I never used napster. Tried it once, didn't work, scrapped it. I've seen/used it on my gf's computer, and I don't miss it - I use the AudioGalazy satellite. Granted, the search is VERY centralized (web-based, at their site) but it's waaay better than Napster in most other respects. Besides a search that can read ID3 and differentiate between Artist/Song name, The client hasn't fallen prey to creeping featureism - it's basically a current downloads list with menus and a button that takes you to the website. Oh, and did I mention it can resume transfers?

A friend of mine told me about iMesh today, too. It can resume as well, and deals with more formats than just mp3 (video and image and such). The only downsides, he said, are the pointless skin option (turn it off) and that it doens't always show extended mp3 info such as bitrate.

Re:HaHa!

[Cirvam]

So how are they going to 'upgrade' my Gnapster client?

Client Side Layer

[BigumD]

I'm trying to look where I saw this (if I find it I'll post a link), but Napster was planning to do the "protection layer" as a "feature" of the client. Therefore, the mp3's aren't being "tagged" through napster's servers, but at the end of a download on the client's machine. That alliviates the bandwidth issue of encoding "on the fly"

I guess that the big question there is where does Napster stop? Who's to say that once the file is downloaded, the "protection layer" won't allow it to be played outside of Napster? I mean, if they're planning to have a layer to stop it from being burned, what's to say that the downloaded file could then not be played in Winamp or XMMS?

(I'm sure that someone could write a plugin and/or that the "encrytion" would be broken in a week, so I'm not worried about it...)

Anyone else see the article that this was in? I think it might have been on Wired...

Here's one of the links....

[BigumD]

This is the story on Wired that I was talking about, but it doesn't talk specifically to the client-side "tagging".

Oh, that's wonderful

[xueexueg]

The nightmare that immediately jumped into my mind is that this "protection layer" could come to involve brief advertisements from our favorite corporations, prepended to the beginning of every song. Otherwise, this seems like not much of a problem or hindrance--if the idea is to keep people from burning MP3s to CDs, there's nothing to keep them from writing dummy device drivers as an intermediate step. More power to them.

DMCA worries

[kyz]

As many have pointed out, because the actual transfer of music is peer to peer, so it can just pretend to do 'protection'. I know that non US residents have a legal right to work out the new Napster protocol and write new, appearing-to-be-but-not-actually-compliant clients, but would an open-source Napster client count as a circumvention device in the US? Would the RIAA run to Judge Kaplan to sue those developers? Is the DMCA going to act as a legal cudgel for megacorps to screw over the public?

In a related /. article

[goodhell]

"So long, and thanks for all the fish."

Sorry, I just couldn't resist it.

A little application here don't ya think?

This is how I see it

[Veachian64]

I think my dad said it best when he said "GET THE CAR KEYS FOR ME". AHAHAAH! I HAVE GAS!

When does it end???

[RandomPeon]

OK, so how the hell is this gonna work? The MP3 format doesn't have content protection built in. I suppose they could "watermark" (degrade) the files. But the problems are immediate:

1) Someone will reverse-engineer the client as soon as they download it. Illegal in the US, possibly, (not that will stop some people) but there's always overseas users.

2) The decrypted contents of the watermark have to exist in memory. Big problem. If nothing else, an awful lot of sound cards produce digital output. Feed the output back in, endgame.

Why not just give up? Or move to the Cayman Islands? This is a silly game, they should stop now.

It's the bandwidth, stupid.

[gnookie]

Despite the fact that no one will be willing to pay for something they won't actually own, the new Napster won't fly because they've taken away the only thing that made it pseudo-scalable: bandwidth. I don't care how much money they have, if every one of the trades going on has to go through their servers, there is now way they'll have the bandwidth to handle *anywhere near* the amount of people using it now.

Don't they know that mp3's aren't web pages? This is big data, lots of it. I would say that I hope they realize this, but since their encryption idea sucks (for the consumer), I really couldn't care less. They'll go down either way.

Re:Are they stupid?

[acceleriter]

Don't they realize that there are a several programs on the market that allow you to capture ANY sound . . .

This is true at the moment for mainstream operating systems. However, Microsoft in particular is moving towards digitally signed audio drivers so that users won't be able to just pick off the PCM as it's being played a la Winamp .WAV output (which I understand has been removed in current versions), Total Recorder, and similar products.

Sure, people can some can work around that by patching the OS or other cute tricks.

What it comes down to is this: there's soon going to be a "new, improved, audio format" with "cool features" that you've "just gotta have" that's only going to work on operating systems with copy control features like Windows ME/XP. I hope consumers won't swallow it, and what happened to DivX gives me hope, but "trusted clients" is where the industry is headed.

The Unobvious Question

[Toxxy]

The obvious question would be "Well, how are they going to be able to do that?" but there's a better question at hand: "Where are my keys?"

Napster "protection layer" is completely useless

[Albinus]

The funny thing about all this is, Napster is a scapegoat for the peer-to-peer sharing community-- how many other programs are there like it? Dozens! I predict one of 2 things will happen:

1. Someone somewhere will be able to create a crack that removes the protection layer or...

2. People will simply migrate from Napster (leaving it high and dry) to another p2p client that doesn't add restrictions.

HaHa!

[clinko]

Ok, Can You imagine the bandwidth it would take to manipulate EVERY mp3 that goes through napster? That's hilarious.

Re:HaHa!

[scottmartinnet]

Ok, Can You imagine the bandwidth it would take to manipulate EVERY mp3 that goes through napster? That's hilarious.

They could probably run it off a 486 and cable modem, once they start both charging money and restricting the use of the files.

Is that a real MP3, or a Sears MP3???

[Roark451]

As a relatively amateur user (non-31337), the most annoying thing about this "protection layer" is that it would make Napster's mp3's a new type of mp3. I really hate to see common extensions (.wav , .avi , etc) being non-standardized into different sub-types that may or may not work with my applications. If you want to alter a standard file type in a significant way, at least have the decency to call it something different- that way, I won't have to wonder if a file I come across is an mp3 or an "mp3". I also find it interesting that I will have paid for a song, but won't own it "enough" to move it to a CD. Yay!

The Nightmare...

[Nick+Driver]

...that immediately jumped into my mind was that whatever "protection layer" they add to MP3s will be deemed to fall under DMCA and the same neverending story of "illegal circumvention devices" will rear its ugly head even higher.

OpenNap

[Beowulf_Boy]

Okay, Guess its time to completly switch to OpenNap. Anyone know of a good windows client?

Sure whatever it is can be cracked...

[sacremon]

I doubt anyone, including Napster and the RIAA, has any illusions about any control being crackable, and being done so in a matter of a day or less.

All they need to do is use that legal equivalent of a spiked basball bat, called DMCA, and sue anyone who publishes the crack, at least in the U.S.

This will soon be irrelevant...

[rebelcool]

Information wants to be free, and free it shall.

A truly viable alternative network hasnt arrived. Yet. Keep watch in a couple of weeks, i've got something really interesting thats just about ready for be publicly commented on, with some demo software...

I'm working on just such a thing.

[rebelcool]

Taking a queue from the network layout of IRC, it works in a similar fashion. users connect to servers still, but they're not congregated together in one place, or by one entity. Servers can easily talk to one another across the network, passing search requests on, pairing up users. The protocol spec will be ready within a week or two, and before committing to much software, i'm going to open the protocol itself to public commentary (this is something that is simply too big for one person to claim to have the "perfect" plan). Some demo software will be available too.

Why was this marked flamebait?

[rebelcool]

eh?

pure peer-to-peer does not work

[rebelcool]

If theres anything gnutella and the stats of freenet have shown, its that pure peer-to-peer distribution DOES NOT WORK. The current design of the internet makes it exponentially slow above a few thousand users. Thus, it is not effective, too slow, too hard to use and too unreliable.

It's not difficult putting users together, or even starting a search. Its difficult knowing WHEN to stop a search to prevent enormous bandwidth consumption..something that the pure peer's dont consider.

Anyway, an ISP does not have to setup the server. Thats absurd. I can run a webserver serving thousands of hits a day off a DSL line. A well written protocol and a server allows individuals to setup their own server (its easy to do..current test software ive got installs and configures in 10 minutes)

Second, understand this is NOT irc. I use the irc as an example because its servers interconnected to each other.

Scalability. As the network grows, so will users running servers. Thus, it self-scales.

Flexibility. Networks can be independent of one another..one could be a music trading, another devoted to movies. You could even setup your own private network for whatever purpose you desire.

Hell, it will be DeCSS all over again

[Faies]

By changing the mp3 file format, then we dont have an mp3, we have a Napster file. Such a file would have to be protected by encryption or some key, else Napster wouldn't be able to control what happened to a file unless they learn how to puppet Windows completely. What does this mean?

We get a monopoly on the file format. If Napster is determined to prevent its users from using their files elsewhere, then it won't give out the encryption to decode it and remove the protection. The only truly secure choice is to use a DVD style monopoly on media players. So much for quality. Heck, if they wanted to charge to use the files anywhere else besides the Napster client, money will flow to them one way or the other.

Just as in DeCSS, somebody will probably want their own DVD/mp3 player, and thus crack the encryption. All we're getting into here is the same old debate on whether it is legitimate to modify the files because it was distributed to you accordingly.

Re:Easy solution...

[Safety+Cap]

Each person could just share an .mp3 called "ftp://login:pass@hostname".

That's one way. Another is to ZIP your MP3s individually, then rename the *.zip to *.mp3 so Napster sees it.

How could the "encryptor" figure out how to crypt a zip? It couldn't.

same article

[Skavino]

this is the same topic same article i submitted a few days ago... and it was rejected. except my article was better, and actually had details of this supposed scheme they're coming up with...read it here.

http://www.inside.com/jcs/Story?article_id=23794&p od_id=9

bad link!!!!! real link here!

[Skavino]

http://www.inside.com/jcs/Story?article_id=23794&p od_id=9

How long....

[ShinyObjectsAndYarn]

How long is it before someone cracks it? Given the high profile of the case I imagine there will be a crack for it at some level within a week. Maybe less.

It'll take a while, but soon enough the crack will be mainstream. Napster's around for a bit longer.

Until they start charging me anyways.

-Jeff

All one year are belong to Napster.

[Darkwraith]

What are you talking about?Napster Inc. was formed IIRC in May of 1999 so that makes it only one year old.

Who Killed Napster?

[suwain_2]

Seems as if Napster just hung themself, at least among the Slashdot community.

There's been lots of discussion about whether or not Napster was going to be shut down. But now Napster seems to have taken a major step towards losing "customers". Gnutella, here I come!
_________________________________________________

could it work?

[robbason]

There are two issues here:

1. could they block alternative client tools?
2. could they keep people from removing the protection?

the answer to 1. is probably. Certainly they could sue anybody who is distributing alternative client tools ala deCSS and keep those tools out of the hands of most users. They could also have some kind of access mechanism that would change every couple of weeks that would be transparent to end users who would get automatic client updates to be able to use the new access mechanisms. Thus a determined hacker could get through the protection, but they would have to do it again every couple of weeks and couldn't reasonably distribute the hack to a wide enough user community to pose a threat to napster.

the answer to 2. is less clear. Obviously they couldn't change the way you access older napster files on your computer. They could encrypt them, which isn't terribly feasible in terms of having to be decrypted for every playback unless the encryption is weak (maybe I am wrong on this). What about having a funky scrambled format that changed regularly? then anyone cracking it would again have to distribute updates through illegal means, which is slow, whereas their software could remember the old formats and descramble based on the date of the file.

I guess my point is that they don't have make it impossible to decrypt mp3 files to win. They just have to make it impractical for users to do it on a wide scale.

Re:could it work?

[american+goon]

The answer to both questions is that of course it won't work, if 100% of the time or at all, and it doesn't really matter either way, they just need it to appear to work to convince judges, justices and maybe even certain unnamed evil information cartels to let them stay in business for just a little while longer.
Seriously, they have no rational incentive to actually make it work all of the time or police it on any scale if people figure out how to hack it. Right now, Napster's sole priority is just to stay in business in the short term, and they are willing to use whatever half-assed excuse they can to do so.

OpenNap targeted

[dachshund]

Napster servers will require you to use the new client, and the record companies are going to quickly target the existing OpenNap servers. That won't destroy OpenNap, but it's going to get a lot less convenient for most users. The only real question is whether they go ahead and kill Napster or let it live, probably the smartest thing they can do at this time.

InterTrust

[dachshund]

I agree with many of the posters that it's likely this copy protection will be easy to hack. I doubt that it will be on purpose, but napster just doesn't have the kind of resources or time it takes to play this kind of game.

Napster doesn't have the resources to do it right, but InterTrust does. If they're the ones hired to do this, it'll be their biggest project ever. Make-or-break. Of course it'll probably still get hacked, but if a Digital Right Management solution can work, they're the ones who'll do it.

I'd hate to imagine what happens to their stock if they fail.

Alternative servers and clients already exist!

[phooka.de]

Alternative servers and clients already exist, so why bother?

Actually, last time I checked, there were 6.000 users with 1.2 milloin files logged onto napster, while MusicCity.com had 16.000 users.

Who needs napster anyway?

well...

[El+Hooloovoo]

There was an arcticle about this in the last version of Newsweek as well, and it got me thinking - what's stopping people from bypassing those protection layers? All you would need to burn a CD/make a normal mp3/etc. of *ANY* audio file is a way of making a wav file of its playback, right? I mean, even if you can only use their player, you'd just need to take one of those male-male adapters and plug your speaker port into your mic jack, and POOF, suddenly I've violated the DMCA!

---------------------

Re:Also important

[PicassoJones]

I think that most likely, this scheme involves the use of a new non-standard format (undoubtedly called MP3) that will be playable by Napster software, but just garbage to other players. It probably will never get converted back to MP3 for playback. Yes, it will be read and decompressed into raw data sent out to the speakers, but on this level, it's unavoidable. What I was referring to was the actual undoing of the protection needed to re-protect with different permissions, not the decompression into usable audio.

How they might do this

[PicassoJones]

Here are my ideas:

• User A requests song.mp3 from User B... request is sent first to the server.
• Server looks through its databases to see how much User A is paying them. It also checks the random decryption key User A received when registering his accound. It uses these to calculate an appropriate encryption key.
• Server passes this request on to user B who complies
• User A now contains a song compressed and encrypted.

User A's software has the appropriate key to play song.mp3. Any other player does not recognize the format. Any other installation of Napster (because it has a different decryption key) does not recognize it either. Will software be developed that can decode these without knowing the clients decryption key? From what I understand about DeCSS, it was important to know decryption keys for various playeres to figure out the algorithm and all. Plus, this would have to deal with additional data describing what the user is allowed to do with this. Perhaps someone who knows more about encryption could provide some insight. I just find it ironic that the company telling us how good it is to share music is enslaving our music to their software.

Also important

[PicassoJones]

right now, if user A goes out and buys a new CD, and someone downloads it from him, the availability of this song on Napster doubles. Being that "protected" MP3s will not be available for download, the number of users you can download a given song from greatly decreases. Chain reaction: people who actually buy music have all their bandwidth taken, give up and continue buying music. People who don't buy music get frustrated that the honest people left and that there's no music left on Napster. Napster goes out of business. Of course, this all changes if we are allowed to download downloaded music. But then the client would actually contain code to undo the protection layer, making it just that much easier to crack. Plus, I'd imagine the RIAA wouldn't care for this too much, either.

Easy solution...

[Eigenray]

Each person could just share an .mp3 called "ftp://login:pass@hostname". Then, when a person sees that someone has the mp3 they want, they just connect to their ftp site and get the real thing. Napster is just a service for finding mp3s anyway; the actual transfer is peer to peer.

Protection Layer?

[qpt]

It sounds like a condom.

Seriously, though, this is what Napster needs to legitimize its service. For years, Napster has been the equivalent of a smuggler's hideout, filled with law-breaking malcontents. However, with the advent of content tracking and protection, Naspter can ally itself with the music industry instead of being perpetually at odds with it.

I want the convenience of downloadable music as much as anyone, but I am not willing to steal from artists just for my own convenience. I welcome any legitimacy and legality that Napster can bring to online music trading.

- qpt

Linux Napster

[iamroot]

What about open source programs like Gnapster? I'm assuming that they would use the Napster client to manipulate the MP3s, so if another client was used like the ones for Linux, or an alternate windows client, the MP3s wouldn't be changed. If Napster decides to do this, I'm sure that there will be some alternate client, or will they have something that checks to make sure that you are using the real client? Considering that they really don't want to do this(I hope), but feel that they have to, they might just go with adding some extra "features" to the Standard Windows client, which is what most people will use anyway, and not change anything else. If that is the case, the Linux version will remain unchanged, and the service will be the same for Linux users, or am I wrong about this, and Napster will add some stupid protection scheme?

Napster is gasping for breath

[sleeper0]

And this is just another example.

I agree with many of the posters that it's likely this copy protection will be easy to hack. I doubt that it will be on purpose, but napster just doesn't have the kind of resources or time it takes to play this kind of game. But I do think that it's a legitimate attempt. Napster investors and board members aren't looking to play cute tricks and sly wink-wink kind of routines with all the visibility this has in the country and on the hill. This is all about making their authorized subscription service, which seems like it at this point will have only one major contributor, Bertelsmann (and if other label showings are any indications, maybe only with a few hundred selected traffic)

The main issue is really the injunction. Once a reasonable rewrite is made, napster will be compelled to turn off file sharing. The injunction has nothing to do with appropriate copy protection. It will still be illegal to swap songs, even if you can't burn them.

So that leaves the high profile 1 billion dollar deal that is nothing more than a political stance, an effort to show good faith that napster wants to pay. Can you imagine as a record label taking $30 million a year to give a license to piracy?? Do you think any of the labels would take that deal from off-shore pirates? And a little honesty... Where does the $200 million a year that napster would have to produce come from? How much revenue did they book in '00 ? Probably no more than 10-20 million, and if they did that would put them at the top of the heap in private online music ventures.

The real truth of the matter is that no one, NO ONE, is doing well with online music. No one can beg borrow or steal licenses to deliver digital as the primary medium. What you're left with is a bunch of marginal online radio apps and places that offer a horrible cross-section of downloadables (emusic). Or deals where the right to stream is gotten buy buying in the correct brick and mortar store. It makes no difference, look around at the online music industry and everyone is laying off. It's simply a game of how much money you have left before you go under.

Napster is no different. The $50 million they got from Bertelsmann had heavy contingencies. If you had made an investment in napster, wouldn't you have been looking at the appeal results as to how you felt about following through with the investments.

They even hinted at doing napster for movies and games. Apparently they saw scour's unqualified success as a reason to run down that road. What on earth makes them think they can be successful against the MPAA when the RIAA has been so effective?

Napster's management has cracked like everyone else's, and they are desperately grasping at any business plan that hits their desks. It's quite interesting to watch, you can be sure it will continue to be entertaining.

Are they stupid?

[gpusmc.gov]

Is the RIAA stupid or am I missing something? Don't they realize that there are a several programs on the market that allow you to capture ANY sound coming through your sound card? So, logically, any scheme they could come up with is easily defeated as long as it's being played through a sound device on a pc. The whole issue is just ludicrous they should give up trying to control the content and just change their business model. OH JEE wait that would mean actually paying artists and not making nearly as much green. Can't have that now can we.

protection ???

[wALLe]

As long as I can play the mp3 file once I can copy it! Just loop my soundcard output to the input of the soundcard of my second pc ... I can record a non protected mp3 and spread it in any way I want to :) Probably a pc with 2 soundcards can do it too ... so buy yourself a second cheap 16bit soundcard and there is no protection in the world that can overcome copying.