Slashdot Mirror

← Back to Stories (view on slashdot.org)

Skirting AOL Checksumming -- Legally?

Posted by ryuzaki0 on from the tough-to-fight-anyhow dept.

A less-than-anonymous coward pointed out an interesting story on NewsForge outlining a (hypothetical) system for avoiding AOL's occasional cutting-off of non-official clients. Whether this is particularly legal, or only hard to catch, is another question, but it sounds workable. Of course, wouldn't it be better to just use an actually open and extensible format instead?

13 of 149 comments (clear)

  1. Re:The Free Software Community is going too far... by jandrese · · Score: 3

    Er, have you tried the official AOL Linux client? Interoperablility is the reason poeple are writing these AIM clones. Quite frankly the official clients are so bad they are nearly unusable, and AOL has constantly degraded the service for those clients making them very unattractive.

    Worse, if all of your friends already use AIM it is nearly impossible to get them to switch. This leaves you with 3 choices:
    1. Stop using IMs altogether, or use a nearly completely broken "official" client. Both of these are about the same.
    2. Use a different IM, like Jabber and leave your friends behind. Unfortunatly IMing yourself isn't very fun, and this turns out to be like option 1.
    3. Use a non-offical "hack" and "steal" a free service from AOL. I don't think the offical Linux clients even display ads, so I'm still wondering what exactly you are stealing that they aren't already giving away. Isn't this kind of like stealing Linux source code by downloading it off of an FTP site?

    Of course I'm probably not the best person to be commenting on this as I use ICQ (as do all my friends).

    Down that path lies madness. On the other hand, the road to hell is paved with melting snowballs.

    --

    I read the internet for the articles.
  2. Hey, wait by Conor6 · · Score: 4

    You know, I hate to say this and all, AOL being the evil empire that it is... but has anyone thought that, given that AOL pays for the maintenance of the servers we all use, regardless of which client, then they should maybe get a little say in how they get used?
    ~Conor (The Odd One)

    --
    Conor
    Programmer, Consultant, Geek, CTYer.
  3. Why not use TOC? / "You don't have a right to AIM" by mcc · · Score: 3
    Please explain this: AOL, whether you know this or not, has two protocols with which to connect to their network. AOL is not banning third party clients from connecting over TOC. It is banning them from using OSCAR. AOL has been saying for years OSCAR is their public protocol, and TOC is their private one. The clients that have been banned are the ones that, for some reason, have chosen to leave their sandbox and use TOC.

    Why? Why not just take all the banned clients and switch them over to TOC?

    I'm not trying ot say they should; that's just an honest question. I'm curious. Why not use TOC? What is the reasoning here? AOL's request that people stick to the public TOC protocol and let AOL use their OSCAR protocol for official use seems completely reasonable to me; am i missing something? Please explain.

    I am a user of Mac OS X. Until the week after AOL banned all the IM clients, there was no official AOLIM client for mac os x and no way to run TCL/Tk scripts, so i-- everyone-- used a nifty little program called Fire. Fire is wonderful. Fire is usable. Fire is open source. Fire was blocked along with all the other TOC/OSCAR clients, and the AOLIM program that AOL finally released was so bad as to be literally unusable. I for one would occationally launch the thing to see if anyone really important was on, then quit it and go back to micq in terminal. Thankfully, a couple weeks ago, Fire switched to TOC, and i have had NO problems since then. Why don't the linux clients do the same? Jabber is staying away from TOC because they're afraid that if they use TOC AOL will ban TOC altogether (see the public statement on their website), thus ruining things for everyone. What is everyone else's excuse?

    By the way, Many people in this thread have suggested that we do not have a right to use AOL's service. This may be correct; I don't care. I am going to use AOL's servers. Capitalism is a nice thing, but capitalism does not often work as a system with the communications market, and does not work here at all. There are no market forces. I'll say this; If Southwestern Bell attempts to set unreasonable demands on my usage of their network, that's PERFECTLY FINE with me, because i can walk away at any time. I can, if i want, cancel my Southwestern Bell telephone service, and go to Birch. If both Birch and Southwestern Bell offer terms i am not happy with, that's fine too, because it is theoretically possible for me to go start my own telephone company. See? Capitalism. But meanwhile if i am NOT a Southwestern Bell customer, and they tell me that i can't dial IN to their network because i use a Primeco cellular phone, well, you can bet your ass that i for one am going to start breaking out the little yellow boxes. I will willingly break into SWBell's network if i have to (i don't) and i will willingly break into AOL's if i have to (i might eventually).And i don't care much if i am using expensive resources belonging to AOL or Ma Bell or whatever, i am not at all comfortable with any non-governmental entity having that kind of power. I'm not really comfortable with the government having it either, but at least as a voting citizen i have some tiny amount of control over what the government does, which means i am more comfortable with the government having split up the telephone network away from Ma Bell and making it open and would be more comfortable were the government to split up AOL and make their system open.

    I don't want to use AIM.
    I don't want to use their servers. I don't want to use their client. I am not given a choice. There are people on that network i need to talk to, and that is why i have suffered through dealing their awful bloated software for three years. (Over most of which time, i believe i rebooted more times because AIM had crashed than for all other reasons put together.) If i could get the people i know to switch to Jabber, i would be ecstatic. I can't. If you tell me that if i want to talk to those people i have to pay someone to use the network infrastructure, that's actually fine, sort of. But if i don't have a choice of who gets paid-- if i don't have the ability to walk away and change providers-- i am not ok with that. And if you are comparing communication networks, i don't think you can ever quite have that one single right, the right which the consumer has to have in order for capitalism to be capitalism. "You can go use the Jabber network but not talk to anyone there because AOL is specifically banning the Jabber network from communicating with theirs" Is not an alright situation to me, "you can't send e-mail to an aol user if you're using the linux sendmail server" is not an alright situation to me, and i am not going to pay much attention to what the law says in such a situation unless the police will come after me personally because i am trying to communicate with AOL users on my own terms. I doubt they will, and if they do i suspect the EFF will pay for everything anyway.

    --
    Irritable, left-wing and possibly humorous bumper stickers and t-shirts
  4. Give me a good reason.. by BilldaCat · · Score: 3

    why they should even open it, aside from the government telling them they should as a condition of the merger.

    It's THEIR program. THEIR R&D team, and the dollars to fund them, develop it. Who has the right to say that they have to make it open for everyone to interface with and freeload off of?

    I'd be pissed off if I developed a program, spent years on it, poured tons of cash into it, watched it become wildly successful, and then have people and the government DEMAND that I open it up to everyone else.

    It's THEIR program. if you don't like it, use something else! And if your friends don't want to, that's just TOO DAMN BAD. That's not a reason for them to open it up.

    Christ.

    --
    BilldaCat
  5. Problem with the checksum server by gregbaker · · Score: 3

    The "Second try" solution proposed in the article is having a checksum server. It seems to me that there's a fundamental legal problem with this.

    Suppose the checksum server will return the checksum of any part of the AIM.EXE file, which it would have to do in order to return the information needed by third-party clients. Suppose I write a script to ask for the checksum of the first byte, second byte and so on. I can compare each of these values against the checksums of the 256 distinct 8-bit values and reconstruct the AIM.EXE binary.

    So, wouldn't the checksum server be essentially redistributing the binary? It's not literally distributing it, but it's probably close enough to spend a long time dragging through the legal process.

    Greg

  6. So that's the definition of open standards! by stienman · · Score: 3

    If companies know that we can trivially and legally circumvent their "control" schemes, they won't bother with them in the first place. And that's what open standards are all about.

    So, essentially, the author is claiming that open standards exist only because any closed standard is going to be opened forcefully, and companies are just going to give in?

    Some minds are like cement - thoroughly mixed and permanently set.

    -Adam

    "Honk if you've never seen a bazooka fired out a car window."
    Web developer:
    Resume

  7. Why so complicated? by gotan · · Score: 3

    The problem was bundling the AIM.exe. Obviously there's no legal way to do that. But there is no need to either since there is an easy way out: let the people get AIM.exe themselves. This solution is even mentioned in the article but marked as "of dubious legality" because it relies on the AIM.exe to be present somewhere and being used in "unacceptable ways".

    Now any solution i can think of is relying, in one way or another, on gathering data "in unacceptable ways" on the AIM.exe. To cache all possible checksums (i don't know if they're limited in some way so i assume arbritrary byte-ranges) would mean to cache sufficient data to be able to reconstruct the executable. So even the proposed legal cover is of "dubious legality". In essence, once you start building a client that mimicks a proprietary client to the level of returning correct binary checksums you should ask a lawyer how to get yourself out of the hot water.

    I think it's safe to assume, that AOL won't go after the users themselves with lawsuits. So what is needed is to get a practicable solution out there which can't be attacked by getting at one person. The next thing we'll see is AOL using some cryptoscheme and however weak it is, we'll get the DeCSS story all over again. If it gets as complicated as Checksum servers etc. then why not go and set up alternative IM-servers?

    --
    "By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
  8. AOL should embrace open standards by eries · · Score: 4
    Many people have correctly pointed out on this thread that AOL is under no obligation to allow us access to their network. They own it. They paid for it. They continue to pay for its maintenance. That is why they are within their rights in blocking access by third-party clients.

    However, that is not the whole story. Members of various AIM-interoperability groups (most notably, Jabber) have repeatedly offered to work with AOL to find a mutually acceptable solution to this problem. People with legitimate AOL IM accounts want to access those accounts through non-AIM clients. AOL, though not legally required to, ought to work with them instead of fighting them. It is never good business sense (IMHO) to fight, sue, or otherwise harrass your customers.

    AOL is exploring the limits of their legal and technical abilities to exclude people from their network. They are within their rights. But we are also within our rights in exploring our legal and technical abilities to fight back. At the very least, we ought to find out what is and is not legal. And, more importantly, we should do whatever we can to make it clear to big corporations that they are better off working with us than against us.

    --
    Can your IM do this?
  9. AOL Didn't Pay for Their Servers... by krmt · · Score: 3

    I did! I'm a subscriber because my family shares an account for AOL. We have for years. It's the customers who pay for the servers, not the company. Why shouldn't I be able to use the client of my choice with the servers that I helped pay for? It's not costing AOL a thing since they get their $20 bucks a month out of my pocket to fund those servers? Why shouldn't people with totally legit AOL accounts be allowed to hook in to the servers through jabber, the same way we can hook in to AOL through a normal ISP? They're blocking me of the rights that I pay for with my subscription, and I'm none too pleased about it, since the Linux AIM client is shit and the full AOL app is nonexistent.

    "I may not have morals, but I have standards."

    --

    "I may not have morals, but I have standards."

  10. Opening up standards? by Steeltoe · · Score: 4

    "I don'st mean to pick on AOL in this article, except that it's the first big company (that I know of) to take the fight against open standards to this level. Because this system is implemented on top of Freenet, it should be trivial to extend it to other applications besides AIM. The point of implementing it is not just to beat AOL, but also to provide a real live deterrent to other companies contemplating the same thing. If companies know that we can trivially and legally circumvent their "control" schemes, they won't bother with them in the first place. And that's what open standards are all about. "

    Sorry, but you've lost me. If someone won't play ball with you, you should break into their network and take what you want? AOL is not ethical, but this is not any better. The last paragraph about "open standards" really smells badly in my nose. This is going to be a final solution, just like genocide was/is in all the wars. This is excactly how wars arise, and continue beyond the original participants' lifespans.

    Don't take me wrong on this. I respect your right to do as you think is right. It's sort of cool to hack things. However, instead of fighting this over with AOL I would leave AOL networks, and explain my friends why.

    - Steeltoe

    --
    http://www.debunkingskeptics.com/
  11. The Free Software Community is going too far... by alexhmit01 · · Score: 5

    The Open Source proponents of depliticizing the movement and making it open to business is failling. Everyone is coming off as a hippie communist looking to take stuff from others.

    This is beyond bizarre. AOL runs a group of expensive servers and has told you to use their client. You CAN'T even claim interoperability, there IS a Linux client, and there IS a Java Express Client, and the tickle client floating around.

    They have made every effort to have a compatible client available for you.

    The fact that you would prefer your own doesn't give you a right to their services.

    However, by showing that we won't respect the law nor attempts at technical limitations, you discredit all of us. For those of us trying to win adoption for Open Source tools and platforms, stuff like this is a huge step back.

    We're not sure if this is legal, but we think we might have finally found a loophole.

    Congratulations, you have violated ehd spirit of the law but not the letter. That doesn't make you a moral person.

    And immoral behavior is not acceptable because the victim is a corporation.

    1. Re:The Free Software Community is going too far... by dhamsaic · · Score: 4
      They have made every effort to have a compatible client available for you. -- Not really. The AIM *beta* for Linux is hardly functional. File transfer is not supported. Until recently, you couldn't change away messages. The beta hasn't been updated since December. It's usability is severely limited. As for the Java client, the same problems plague that, add Java's extreme resource requirements and you have a client that's not very useful on a number of not-so-out-of-date machines. Enter Gaim, my client of choice. It offers the TOC protocol as well as Oscar, and since I use TOC now, I'm on firm ground. But I used to use Oscar. Why? Because the TOC protocol is severely limited as well. There's no away message checking. File transfer is a hack job. AOL *could* change this, but they haven't. So please don't say that they've made every effort - they certainly have not.

      Add to that the fact that they're seemingly unwilling to have any talks about this, any negotiations about a new protocol, and your above referenced argument looks absurd.

      What it boils down to is that it's in AOL's best interest to support alternative operating systems, at the very least, by allowing us Linux and BeOS users to connect. If you're on Windows or Mac, use that client. I'll stick to Gaim. And increase the AIM userbase, so AOL can tell their advertisers "We have 30 zillion users." - I'm a part of that if I can connect. If I can't, I'm not.

      --
      Every once in a while I like to masturbate a new word into my vocabulary, even if I don't know what it means.
  12. A fourth option: SMTP, then Jabber by yerricde · · Score: 3

    2. Use a different IM, like Jabber and leave your friends behind. Unfortunatly IMing yourself isn't very fun, and this turns out to be like option 1.

    4. Use a different IM, like Jabber and bring your friends along. Send your buddies messages using SMTP (email, duh) that they should run Jabber alongside AIM (from now on, they'll need exactly two realtime messaging clients: Jabber and AIM), that you will be running Jabber, that your JID is foo@jabber.com, and that Jabber clients for a variety of platforms are available here (give a URI).

    5. Or just use email.

    --
    Will I retire or break 10K?