Slashdot Mirror
Blogger Threatened For Publishing JS Hack
An anonymous reader writes "Internet radio station Atlanta Blue Skye LLC has warned a Romania-based technology enthusiast that his blog has been 'copied' and turned over to its lawyers. The issue stems from his posting of a widely known workaround for bypassing JavaScript functions that try to disable a mouse's right-click context menu functionality, and the radio stream information gathered from the Properties function of Windows Media Player."
the Atlanta Blue Skye LLC company are irreparably harmed financially when they are hit with the clue stick. There is NO way to suppress information on the Internet globally, and those who try to are more ignorant of the facts than should be believable.
Support NYCountryLawyer RIAA vs People
Maybe they should turn this over to their intrepid band of lawyers.
They copied his blog? That's copyright infringement - and that's against the law. It's no different to walking into a store and stealing a CD.
But the DMCA has other ideas:
http://www.eff.org/IP/Video/MPAA_DVD_cases/
Karma: Non-Heinous
The fact that he worked out a 'Javascript hack' wasn't the issue. The issue was that people actually wanted to listen to their radio stations ;)
Jumpstart the tartan drive.
My electricity, my computer, my browser, my choice. If I don't want my browser to disable the context menu then that's my decision. And some company disabling the browser's context menu without Law to back them up really pisses me off. In the IP gold rush the US initiated, people are trying to own every little facet of information that we used to just take for granted being free. Locking everything up may or may-not benefit the economy but it sure-as-hell prunes cultural-enjoyment (ie. a more limited musical taste due to finite resources to acquire content) and development (ie. remixes and interpretations) in the long-term.
Shh.
I don't know if there's anything more annoying then some shitty website that tries to block secondary mouse button clicks (maybe those shitty websites that use the word-highlighting advertising that pops up some fucking shit when your roll over the words). For all the cool stuff that JavaScript can enable, sometimes I think it might be worth it to get rid of it if we could wipe stupid fucking shit like this off the face of the planet.
Mr Radu-Cristian Fotescu appears to have licensed his work under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 license which would allow the radio station to copy his work.
However, it does not allow for commercial exploitation of his work so we enter a grey-area. Is the use of his work to prosecute a lawsuit for monetary damages a commercial exploitation of his work?
Ripping an new rectum in the fabric of spacetime.
The user is in control of web content or any code a website decides to run on the client, clueless bullshit like this isn't even funny.
In other news, the recent js dependent google.com facelift is less useful to me because I have javascript disabled. It seems that most sites expect users have javascript enabled these days, sad that google deliberately broke their site. If I don't know if I can even be bothered hacking a functional interface when there are other search engines that work perfectly.
The user is in control of their machine, not the web site!
I have a method for bypassing advertisements on all forms of television currently in existence:
When the commercials start: go to the bathroom, get a snack/drink, perform small errands, talk to other people in the room.
Be careful, not scrupulously watching every single advertisement makes you a criminal pirate thief.
Possibly the best thing to come out this will be the complainant's phrase "hacker calisthenics". Let's all use it!
Share and Enjoy: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
"Romania-based technology enthusiast"
;)
Is that what we're calling them now?
'Thats they exact same thing a banana wrench monkey.'
What year is this, 1998? Trying to block right clicking as a means of 'protection'? That puts you on par with Geocities members pre-2000, and about one minor step above using js to spoof the status bar or hide the address bar. I suppose next they'll be petitioning the ISPs for surveillance to see who's been viewing their page source, claiming it as violation of 'trade secrets'.
It's really too bad the blogger is taking this so personally, continuing to blog about it, and cannot spell. None of these make him a sympathetic defendant... and if it eventually gets to court that's going to matter a good deal. Like it or not, hackers have a bad public reputation, and if this punk gets in front of a jury and spouts off the way he has been on his blog, his case is sunk regardless of whether the written law is on his side. Each time he goes on a rant he gets closer to defamation and now it's a whole new ball game.
Word of advice to those who blog about corporate enterprises... if you get a notice from a company threatening suit for whatever you said, take it seriously and get some legal advice before you try the whole David and Goliath thing. Your conduct after the event in question is just as much at issue as whatever initially upset them. I'm not saying roll over and comply, but figure out how to best manage the situation to protect yourself and convince the corporate bully you're not some 22 year old idiot who is going to make the case ten times easier for them because you can't keep your mouth shut.
Only 120 characters... who can summarize their entire world understanding in 120 characters?!
View -> Page Source? I mean, that's the main thing they usually wanna block by blocking the context menu anyways. Or how about CTRL+U? Let's see you block that!
Or how about Tools -> Options -> Content -> JavaScript -> Advanced -> Disable or replace context menus? That's even a more direct way to stop it!
Of course this is Firefox. I'm sure none of the other major browsers such as IE7 (Page -> View Source / View -> Source) or Opera 9 (View -> Source / CTRL+F3) have easy ways around this, thus the cause for concern over the "hack".
Let's also not forget that any JavaScript is essentially open source, since it can't be compiled (obfuscated, maybe, but even then you can usually figure it out) and new JavaScript functionality can be added and existing functionality changed (or "hacked" as it is so ineloquently put) and tweaked to suit a user's needs through tools such as Greasemonkey.
Is that like one of those less known states in the USA?
[wainwright}
I'm so tired of America...
[/wainwright]
RS
Shoes for Industry. Shoes for the Dead.
All they have to do is use a URL that changes continuously. This is trivial with the RealServer.
But serving anything except warm air with MS products shows a serious lack of clue. Which is why they sue.
Not reflecting the views of any corporation, solely my personal viewpoint.
Your laws do not apply outside your borders.
this article is stupid. the kid rec'd an unsigned email. the email never uses the word lawsuit. it never uses the term reverse-engineering. nothing to see here folks, beyond the fevered imagination of some romanian kid who invents all manner of supposed motivation, places it in the minds of people he doesn't know for sure exist, and then explodes his own ego in a frenzy of scornful self-important superiority. bzzt. dipshit alert.
Sacred cows make the best burgers.
You mean opening Firefox's options, going to Content tab, clicking on Advanced for Javascript, an un-checking the third option (Allow scripts to: Disable or replace context menus)? There's something analogous in Konqueror, and probably lots of other browsers. I don't think IE has the specific feature but it's still damn easy to turn off scripting overall. The only reason people wouldn't do this is if they didn't know that it was a script trapping the right-click, and if people went through and checked all their settings whenever they got a new browser (or many other programs) they would have found the option anyway. Calling that a "hack" is almost worse than calling some script kiddie who breaks into an improperly secured machine a "hacker". I know the general public can't get the terminology right to save their life, but can we at least expect better from Slashdot? PLEASE?!?
Hell, this isn't even an extension like NoScript, let alone going into about:config or any such. Stuff of this nature is built right into the browser options, and anybody who knows about it can, will, and should use it. Suggesting that such knowledge makes makes one a hacker (presumably defined as somebody who hacks) is about as reasonable as trying to suppress the knowledge itself.
There's no place I could be, since I've found Serenity...
The original email message is posted here. The message headers are as follows:
The Text of the message:
This doesn't look like a legitimate email to me in the least - from the earthlink origination to the cheesy wording of the message. Sounds like Slashdot has either been blog-spammed, or this guy is another chicken little.
You'd think a station would be all for something that brings it more listeners and thus more advertising revenue.
:)
Are they completely out of their minds? If someone told me that the way my site is implemented prevented some people from listening, the FIRST thing I would do would be to fix my site, and the second would be to thank the person for getting me more listeners!
Idiots. Yet I'm still listening to their station, on my Mac, because they're actually playing pretty good music.
-Z
Lisp is actually doing quite well -- check out cliki.org, as well as the SBCL project.
It's not so obsolete a language as you seem to imply.
I do believe they've just admitted to copyright infringement, did they not?
They at least hid the actual embed in an iframe, so you can't just see the stream URL by selecting View Source (which doesn't need right-click at all!). Of course, the iframe URL is in the page source, so you can navigate to that page DIRECTLY and voila! there is your player (without any ads) and, of course, you can view source that page and see the embedded player's URL (again, without right-click, which is still disabled in IE). The URL for the player (128kbps) is http://www.atlantabluesky.com/jazz/DISPLAYS.html.
Ironically, the whole reason for the blogger posting this workaround and the URL streams in the first place is because he wasn't able to listen to them anymore in Linux/BSD, or in any browser except IE. I've confirmed that EVEN WITH the Windows Media Player extension for Firefox installed, the stream can't be played (haven't booted into Linux to try that, I'll take his word for it though). Ironically however, the right-click capture doesn't even work in Firefox, so you can right-click on the (non-connecting) player, select properties, and view the stream URL to your heart's content (and yes, this is with the ability for javascript to catch right-click enabled... their scripting is just that bad, I guess).
There's no place I could be, since I've found Serenity...
What's this "right mouse button" you speak of?
Sincerely,
Mac user
My browser by default blocks all scrips unless I tell it to unblock one in particular. By default, this 'feature' would be disabled and I could right-click all I wanted to. Additionally, disabling the right click feature is as old as the internet and I've been able to work around it since I was 12 years old.
The ability to suppress a script is common knowledge and easy to do. I can view a page however I see fit, not only that, if I truly wanted a piece of content off that page, I wouldn't even need my right mouse button to save that content right to my computer. Once the page is loaded and content cached, it is part of my computer and I may do with it as I please, despite whatever copyright has been placed on it.
When are they going to sue the wget developers?
Did you ever notice that *nix doesn't even cover Linux?
Atlanta Blue Skye LLC: "Your honor, we respectfully await your verdict." Judge: "After reviewing the evidence involved, I rule this case EL-OH-EL."
that stopped being funny a looooooooong time ago big guy
a radio station I listen to, the "play audio" link opens up a popup that uses a custom plugin to stream .wma files (windows media audio) and has a banner on the bottom. you couldn't right click either. but I just used wget to get the main page, looked at the source, saw the link to the .html page that loaded the stream plugin/popup thing, wget that, looked at the source for the link to the .wma file, and then just saved the .wma file w/ wget and opened it up and in it was the direct link to the .wmv stream, so I just pasted that into windows media player, and viola! no more ad banner, just the straight radio stream.
Does the name Pavlov ring a bell?
Ah, does anyone else think "the small radio" station does not have even one lawyer on staff?
I hate slashdot
C'mon, man, this is a marketing ploy be Atlanta Blue Sky.
/. ?
Look at the time his first blog was posted.
Look at the time stamp on the email he gets threatening a lawsuit.
Your gonna tell me that some relatively obscure blog is gonna be noticed THAT quickly? about a commonly known workaround? And lawsuit being threated????
Sheeesh, ABS is getting paind by adverts.
what better way to boost your unique hits than by having a reference on
Now that I've seen goatSHE i wish people would use it instead.
:D
Chick just ain't too bad
yes yes i know the point was to be annoying but hey i can dream
It certainly behaves that way.
In case it gets taken down :-) The "I want you..." poster is great. Lots of truth in that.
What?
When the commercials start: go to the bathroom, get a snack/drink, perform small errands, talk to other people in the room.
You're violating your contract, don'cha know?
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I can make (and actually have made) proprietary Perl scripts. I simply tag them "Copyright 2007 ALL RIGHTS RESERVED." In order to run this code, you must have the source code. (Yeah I could obfuscate it, but let's say I didn't.) While you may have the source code, you are not allowed to redistrbute it, you are not allowed to make derivative works from it (i.e. hack it), and you can not copy portions of it into your own work (another kind of derivative work). Practically speaking, you could, but legally you are not allowed to. And if I found out that you did, I could bring a whole world of legal hurt down upon you.
What am I allowed to do with your perl code then? Where do you specify that?
Where is it specified what I'm allowed to do with a piece of JavaScript stored on a publicly accessible HTTP server? At what point am I in violation of any inferred license? When I tune about:config to make the script less obnoxious? Running NoScript?
I'll grant you the redistribution aspect, because Copyright protects that, but Copyright doesn't say I can't add words to my copy of Alice in Wonderland. It doesn't say I can't add an extra control knob to my toaster.
Clearly you can negotiate a separate license for all of those things, but I think you have to do that in order to acquire the protections you're assuming.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
...used to be a good radio station that played stuff that you didn't hear on mainstream radio. That said, I hate that stupid anti-right-click Javascript code, and think that its use is the last refuge of scoundrels. I often use the right click context menu to go back or forward, and the stupid Javascript code impedes efficient navigation of a website.
If someone wants to copy your photos, HTML source code, or whatever, that won't stop them.
Sent from my iPhone
Yes, this is flamebait, and it comes from deep in my heart. Sincerely. If you are one of the 26% of Americans to whom this flamebait is addressed, I hope you get the message. I'll lose one kind of karma, but gain another.
You're playing right into their hands. Think about it.
Besides, now US laws apply everywhere.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
Isn't this kinda equivilent to the guy who received a DMCA notice for holding down the shift key while inserting a CD in order to not load the DRM installed on it?
Basically, there are no consequences to any action on the Internet. About time people understand that. If you don't like it, change it. Until it changes and every country on the planet signs on to that, you can't prosecute someone for something they did on the Internet.
Your laws do not apply outside your borders.
You'll change your mind when our fully operational Death Star is orbiting over your crapass country. Lord Cheney will deal with you personally with his Light Shotgun.
It's as if thousands of people cried out all at once...but since they don't speak English we didn't understand a word they said. They're fereners anyway. It's the price of Democracy.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
here is one way:
while holding down the left mouse button, just right click and the menu will show up...
it is our mouse buttons, and you or javascript don't get to tell us what we do with it
kthx,bye
You're an idiot.
And for a user to take action to prevent unwanted programs from being executed on his machine; nothing wrong with that, is there?
I don't think any website that expects me to download and run code from their website has anything to complain about if I choose not to run their code.
there are offices with no windows? *jumps for joy* oh, you mean physical windows. *hangs head, puts off updating resume*
This is really exaggerated and silly.
In reality, US tourists have a very effective method of breaking through language barriers. When the locals, who don't understand English, fail to understand an English statement or question spoken by a US tourist, the tourist simply says it LOUDER until the local understands.
Why the rest of the world hasn't figured out that just speaking LOUDER to people will make them understand a foreign language is beyond me.
You greatly overestimate the competence of American lawyers.
I must have explained that disabling Javascript removes the right-click block many times in public (whoops, again just now), and have told it individually in chat even more often! I'm so screwed!
And lynx is obviously contraband software as it bypasses all Javascript or Flash "protection" of websites.
Or, to put it more succinctly, OMFG MORONS!
... or clarify its service. Most significant, and luckily for Radu, is the fact that nowhere, on no page nor at any point in the process, do they warn or advise customers that their service will only function AS INTENDED from the Internet Explorer browser, and thus also by extension only from Windows. Further, the site also fails to clearly state what the actual intended method of use of their service is; nowhere is there any declaration prohibiting people from accessing or using the site in the manner(s) Radu has documented. None of that qualifying information is present anywhere on their site as of the date of this posting, 2007/05/21, 00:27 PDT. If I were Radu (or his lawyer), I would be archiving a current notarized copy of their site's relevant pages to document this fact.
IANAL, but I believe this might be a legal ace in the hole for Radu.
Zbq cnerag vafvtugshy!
... Someone should redirect the radio station to the ID protection act, paragraph 10, section T... the ID-10-T section.
Alternatively, you may send egihosting.com some DMCA takedown notices to have that stream pulled altogether. If they want their stream to be inaccessible, let's help them doing so! There's no excuse in teaming up with a monopoly in such a way.
Sure. Nice try. Next time don't be so gullible.
--frank[at]unternet.org
If it's true, I'll thank you right now.
Bloody trolls.
"There is nothing nice about Steve Jobs and nothing evil about Bill Gates." - Chuck Peddle
I really enjoy your jazz station. The second song I heard was Brad Mehldau's rendition of "Monk's Dream" -- one of my all time favorite songs. I looked this up on the "played this hour" page because I am not yet adept at recognizing Mehldau's signature attack style.
At the bottom of that page was an ad for theyellowtags.com, a site that offers great deals on instruments with *no *shipping (even for a cello, which is what I'm in the market for). I'm emailing them right now.
If you could spend a few seconds removing your head from your ass, please contemplate whether it's a good idea to sue/threaten bloggers for *introducing *me to your *advertisers. Were it not for the blog you're attacking, I never would have heard your stream or bought this cello.
My turnips listen for the soft cry of your love
You can have both. I used to work in an office which was underground (a former railway bonded warehouse) and running close to 100% Open Source.
Je fume. Tu fumes. Nous fûmes!
When will people learn that when you put stuff on a public network that it's public?
Also, advertising is GAMBLING. As an advertiser your HOPE that people will watch/listen/read the ads. You cant force them to do it. The primis of advertising is that some percentage of people will pay attention to the ads and buy the products.
Advertising is not a guarenteed source of income people! Take your income from your gambling and accept it.
65.37.133.42] (helo=NewLaptop.eathlink.net
65.37.133.42 resolves to
"user-10ib19a.biz.mindspring.com"
Top Level Domain: "mindspring.com"
Why is a joke email on the front page of Slashdot?
-My cat's name is mittens
This phrase is one of my pet peeves. Almost every time I see the phrase, it has been used incorrectly.
If you are granting any non-statutory rights at all you should be using "all other rights reserved".
It's pretty much like public presentations and white papers having "proprietary and confidential" in fine print at the bottom. It's obviously put on the documents without through or deliberation. If the person or company has freely distributed copies of white papers, or given presentations open to the public, I can only assume that the phrase does not have the plain meaning and ignore it every time and place I see you use it.
Again, if you are granting any non-statutory rights at all, you should list those right and use "all other rights reserved". Or just skip the latter phrase, since it's implied.
In the specific case here, if your web site instructs my browser to automatically get and execute a script, that's the normal and expected action (i.e. as described with formal or de facto standards), and it's published/served without password protection, I expect that I have the right to execute it. Thus your "all rights reserved" notice contradicts your explicit actions.
Whether a law in the United States applies to you or even an American outside the country or not depends predominately in how the law is worded; if the law is worded like "It is illegal for anyone in the United States to ..." you are probably ok to ignore the US law, if the law is worded "It is illegal for anyone to ..." (NOTE: the missing "in the United States" part) you should probably consider yourself fair game to the USG if you break the law and consider very carefull how much effort the US would put into running your sorry ass down, how much effort your willing to put into avoiding the run-down.
Apocalypse Cancelled, Sorry, No Ticket Refunds
There are a lot of people quoting American laws and the American constitution in regard to matters that have nothing to do with the US. I wish you were right, but you're not.
Please stop pretending you do.
Applies almost exclusively to interactions between states, not individuals, and for very good reason. We're not in any foreseeable future going to be able to agree to laws governing all people. Nor should we, such a monoculture would necessarily stagnate.
It would make far more sense to declare the internet as a form of "international waters", where only a few basic laws that everyone can agree upon apply.
A while (several years) ago, I wrote a post about how I think there are many parallels between firearms in the physical world, and circumventive/disruptive technologies in the informational world.
If you look at what the Second Amendment does, I don't think it's really that far of a leap. The function of the Second Amendment is to give people a powerful tool -- namely, weapons -- which can be used for good or ill, with the unspoken premise and assumption [1] that most people will use them responsibly. (And also that some people will use them irresponsibly, but that this is a fair price to pay, similar to the hypothetical 'guilty man' that you must let go free in order to ensure you're not condemning innocent ones by mistake.)
Similarly, there are many software tools which can be used in a variety of ways, many of them unproductively or outright harmfully. I don't think that the Constitution prohibits the Government from regulating actions, but I think there's ample evidence that there's a difference between making an action illegal, and making the tools which might be used to accomplish that action illegal. When you ban a tool, you're implicitly stating that you think people aren't responsible enough to be trusted with it, when I think it's clear that our country was supposed to operate -- succeed or fail -- on the opposite assumption.
Over the years, I think that this premise has been chipped away at to the point where it's virtually gone from our law or jurisprudence. [2] Perhaps such a culture of personal responsibility wouldn't have worked in the long run; maybe it would have proved impossible to scale. But if that's true, then I think it's ultimately a pretty damning indictment of democracy in general. If we're not ready to throw away the whole concept, I think you have to accept the number of people who will misuse tools when they are made freely available (despite whatever punishments you set out for the misuse; i.e. they are acting irrationally) as simply the cost of living in a free society. Personally, I think it's a small price to pay, given the alternative.
[1] I think you can argue quite readily that this assumption is pervasive in most, if not all, democratic systems: if you don't think that the majority of people are inherently good and responsible, then democracy in general just wouldn't seem like a very good idea.
[2] In addition to laws concerning weapons, which are the obvious example, you also have some of the broader "burglar's tools" laws that cover simple possession, or their extension to cans of paint, etc.; more recently you have the series of laws and regulations that led up to the DMCA, which began with satellite TV anti-descrambling laws and pretty much proceeded in a straight path from there to the disgrace we're currently dealing with.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
In firefox (don't have an IE to test it on at the moment)
Edit-->Preferences
Content
[ ] Enable JavaScript (uncheck)
Right-click allowed!
I wonder if there's a toolbar for firefox allowing you to disable/enable JS on certain sites, or perhaps one that allows you to disable certain JS calls (like the mouse-disabling ones). If not, maybe I'll write one.
I'm Canadian.
I know they don't apply here. From what I understood this is an American company, wherein American law does apply.
Karma: Non-Heinous