Slashdot Mirror
Mac P2P Music Sharing with iTunes is Online
kraksmoka writes "Spymac.com has already found a way to take the new features of iTunes 4 to new heights. Today they opened up a new section on their site entitled Spymac Music, which is a database of shared iTunes libraries. Anyone who wants can submit their music library to be shared. Currently it sports a search engine capable of searching title, album and artist. " I wonder how long this will last.
... This is simpely an extension of what was provided by apple : You can have ANYONE with iTunes 4 stream your music over if you wish to, they only made an online DB with it... Guess it's time I finally afforded a mac...
In Canada, we don't fancy things like socks
There were already some posts about this here a few days back.
:)
I did try some other sites listed in those posts and I have to say that this is balancing on the dangerous zone. I could see the RIAA going after this specifically for that fact that there is little difference (if any), as far as they're concerned, with users 'broadcasting' stuff via iTunes vs. any other streamer.
I will not be suprised to see a few things happen:
1. all these public iTunes sharing sites will be shut down (or at least the biggest ones) via RIAA court orders
2. most of these public iTunes sites will simply turn off due to bandwidth limitations
3. Apple with either disable this feature in an update or publicly state that it is not meant for public sharing. Or some statement to that affect
That said, coupled with Rendezvous on a local lan, this is a pretty kick ass feature.
something else along these lines came out a few days ago
www.shareitunes.com
This is not P2P file sharing, it's not piracy, and it has already been discussed to death in the media over the past 2 weeks.
Shut up and eat your vegetables!!!
I hate Grammar Nazi's
Either to engage in, or to defend, litigation a large corporation would generally engage a law firm specialising in litigation, and probably one specialising in the particular type of litigation - employment, competition, IP, environmental, etc.
So the question should be "how big is apple's legal budget?".
## W.Finlay McWalter ## http://www.mcwalter.org ##
Most cable and DSL links have an upload speed cap of 20 to 30 k Bytes per second (kBps), not k bits per second (kbps). A single MP3 encoded at 128 kbps should fit through the pipe just fine.
The shared file feature only works for INTRANET LAN's using Rendezvous.
Not quite - the discovery of servers on the local net is done with Rendezvous, but you can "share" (i.e., stream) music between any two IP addresses (if you're behind a firewall, you need to open port 3689).
Nae bother
Repeat after me:
You can't copy this files. It's streaming. It's not sharing in the sense of sharing files, it's sharing in the sense of sharing music that can be listened to only while the person sharing is online.
You can NOT copy the files.
Got it? You're not sharing files, you're sharing a playlist of streamable music, that's it. Person turns off sharing or goes offline, you can't play them. You can't copy them to your local disk. You just can't.
You can NOT copy the files.
So please do a little research before you jump all over this as music piracy. It's not a bug, it's a feature that Apple has proudly advertised.
The shared file feature only works for INTRANET LAN's using Rendezvous.
Rendezvous is only for discovery - it essentially tells everyone on the local network "there's a service X running on this machine" (in this case DAAP). That doesn't stop others connecting, they just don't get the convienient discovery.
Slashdot looked deep within my soul and assigned
me a number based on the order in which I joined
Remember, the files are streamed and not copied to the client. There is no way within iTunes to copy music from a shared library to your own machine.
./'ers not think that Apple would have thoroughly investigated this before allowing sharing over the wider internet? "I know, lets negotiate with Universal, BMG, RIAA et al and then when we've got everything sorted, we'll really piss them off with a sharing feature!"
:-)
iTunes Music Sharing is limited to five concurrent clients, whether using Rendezvous or IP. I believe that this means it is exempt from the RIAA webcasting restrictions.
Tools such as Audio Hijack will allow you to record the audio stream to an AIFF in real time, but this isn't Apple's problem. Audio Hijack has many other legitimate uses.
Do
Think before posting
as long as the iTunes share is not passworded
... didnt do their home work
... ive done this from canada to the uk ... it defo works!
then yes you can dl the mp3's directly from iTunes
its basic but works ok and creates fully tagged mp3s
queue up files
google for "itunesdl" or "itdlgui"
anyone who thinks that you cant ALREADY do this with iTunes
for testing purposes only
[wink][tongue]
do acts of random kindness and senseless beauty
I read the license and did some research. I am not a lawyer.
However, it appears that the library sharing feature is legal. And there is precedent -- Microsoft's ThreeDegrees has a similar feature.
iTunes streaming does not appear to fall under the "webcasting" laws/tariffs as the potential audience is limited, it is not live, and the client has the full ability to browse the contents of the server.
I hope Apple patches this hole...
Actually, this is not a hole in Apple's software. It is an advertised feature. If you want to blame someone, blame Apple, not the people using their software in a way it was designed to be used.
SIGFAULT
well, you can load the other music directory to your ipod, then use a program like Podworks to put the music back into your private itunes library- a function that you cannot do with the stock ipod and itunes. This makes it very easy to steal music, still not one step, but it's not bad either!
and the software is only $8
Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains.
The files are streamed as standard mp3 files, over http. Because of this, you can capture them, just as you can capture a "mp3 radio" station.
Using ngrep (which compiles cleanly on OSX), you can watch the network traffic.
File order (ie, the XXX.mp3) appears to be keyed on Date-Added. If you add the Date added field to itunes, and then stream the files, you can see they continue almost sequencially.
The ID of the music is continuing (XXX.mp3) is continuing, nearly sequencially.
One thing to note is that in some cases, this order might be screwed up slightly. This is because if a song is deleted from the user's libraby, it appears to keep it's number reserved.
The other thing that can screw the order up is songs that were batch-imported in the same minute. It seems that iTunes only tracks down to the minute, so the order within that minute is arbitrary, as far as I can tell.
If, after determining the URL via ngrep, and taking the IP, you retrieve it using curl (or wget), you add it to iTunes, it retains the id3 information.
ie- wget "http://192.168.1.102:3689/databases/35/items/311
It would be an interesting test to see if iTunes is adding information to the file before streaming it. (for identification, as Pudge suggested)
This would be possible by doing a binary diff on the two files. I don't have two macs with iTunes 4 installed (yet!, but I intend to install iTunes on the others soon), so I can't test this theory. Any volunteers?
(Side note- It would be trivial to write a perl script that parsed the ngrep output, and fed it into wget automatically, to download any songs you double-click.
[similiar to http://streamripper.sourceforge.net/ ]
You wouldn't even need to listen to the entire song. Just start it playing, and iTunes will finish for you. I won't post mine, for reasons below.)
Side note redux-
Apple may have inadvertantly created a file-sharing utility rivaling Napster/Kazaa. This creates an interesting legal issue. This creates an interesting legal issue. Keep in mind that a student was recently sued for creating a software device that searched Network shares for mp3 files.
Given the RIAA's stance towards piracy, and that they want to work with apple, I suspect they would sue whomever wrote the 4 line perl script, rather than Apple. They are also likely to ask "index" sites like spymac to shut down, and send a cease-and-desist, or a lawsuit..
I sure hope this Anonymous Coward thing works. I don't want to be sued today. I've done enough other questionable things.
-Crutz
Very few of the people on SpyMac's list are going to be able to stream more than one or two MP3s/AACs at a time - most of these people have DSL or cable modems.
None of them are going to be able to serve more than five streams at one time. iTunes will only accept five connections at once.
So this is actually a very small-scale thing, not "mass-redistribution of music to anonymous strangers" at all.
Unlike Shoutcast, the user looks through your library and streams any song he wishes. In Shoutcast, the DJ decides what everyone listens to, kind of like a radio station one connects to. With this setup, the user is not restricted to the DJ's preference at the time.
iTunes is well aware of Shoutcast and even has a built-in Radio section that organizes Shoutcast stations.
Read the license. That is not what it says.
It says Remote access of copyrighted music is only provided for personal use or as otherwise legally permitted use only or when otherwise permitted by the law.
Some reflection would indicate that 'somestuff' in the URL
is not meant to be taken literally! I did not spell it out precisely because I don't condone the stealing of music.
e ssion_id=17934
e n you download (or stream) files to your heart's content.
http://your.mac.com:3689/somestuff/file.mp3
However, if you want to learn more, go to these two places:
pudge's journal
DAAP reverse-engineering project
A DAAP Wiki (collaborative webpage)
Briefly:
To just piggyback on iTunes:
Use tcpdump to watch for URLs of the form http://the.ip.address:3689/databases/32/233.mp3?s
Then use that URL with the web browser or download client of your choice to steal music.
To write your own client:
First you login with http://the.ip.address:3689/login
You parse the result for the session ID number
Then you do some logging in stuff
Then you ask for the contents of the iTunes database with http://the.ip.addrses:3689/databases/##/items
Th
four nine eighteen twenty-7 thirty-nine forty-7 fiftyeight sixty-nine seventy-9 eighty-8 one-hundred-and-nine one-twenty
You're limited to five streams, and the password is optional. The feature can also be turned off and on; by default it's off.