Hulu Munging HTML With JS To Protect Content

N!NJA writes "Hulu has started encoding the html that they send to people's browsers, and then decoding it using javascript before rendering it. [...] They then run the character stream through a series of javascript functions to convert it back into plain text before pushing it into your browser using DHTML. That's quite a lot of effort just for fun, so I assume that is to stop screen scrapers from parsing content." I really can't understand all this effort. Boxee displayed the Hulu advertising perfectly. I suspect Alec Baldwin is to blame.

what do you expect?

[antibryce]

they're aliens. that's how they roll.

Re:what do you expect?

[punkmanandy]

They are doing this to confuse, to better mush our brains.

Re:what do you expect?

[dreemernj]

Based on this story, I believe they have shifted their efforts towards munging our brains.

Re:what do you expect?

[ZorinLynx]

Sadly their marketing is so clever and hilarious I think it's making many of us forgive their stupid actions with regard to boxee and such.

I mean, come on. They're ALIENS.

Re:what do you expect?

[Firehed]

The ads are (more or less) built directly into the video stream. The issue is that the content producers take issue with people using media center appliances to put their internet content on a TV screen, despite being identical content to what's shown on TV (except that rather than skipping ALL the commercials with a TiVo, people sit through or ignore the single ad in Hulu streams).

Yes, they SHOULD do it that way. Lord knows that I'll never pay for a cable TV subscription (unless by the laws of retarded cable company economics, it lowers my internet bill), and to me it's all the same content regardless of the display medium. As it is, I'll usually just listen to the stream in the background while pretending to work, since Stewart and Colbert don't exactly rely too heavily on visuals.

But that's beside the point - so long as the content producers (NBC, FOX, etc) continue to have last-century business models, Hulu really has to cooperate with them. It's certainly in their best interest from an ad sales perspective to get the content in front of as many people as possible, regardless of the display device - CPM ads only care about the number of eyeballs. I'll happily go back to torrents if they make it hard to watch shows through Hulu, where they'll get exactly $0.00 per viewing.

Re:what do you expect?

[ZorinLynx]

Maybe content producers should start realizing that they're playing too many ads.

One of the things I like about the show Fringe is that FOX plays it with between one and three 30 second ads per break. This is actually tolerable. Other shows end up having 5-6 ads per break; by the end of the break you're going "WTF where's my show?"

Watching live TV (with ads included) would be a lot more tolerable with 1-2 ads per break. I think more people would watch to make up the difference.

With apologies to Shakespeare...

[Bieeanda]

It sounds like there's something ROT-13 in the state of Hawaii.

April Fools Day...

...ended at midday yesterday. Though I have to admit that this is far funnier than the "stories" that Slashdot ran at the time.

Re:April Fools Day...

[revoldub]

Don't worry, just visit Hulu via Internet Explorer 8.1 and you can view all the encoded server-side HTML and JS.

Cat & Mouse.

[0100010001010011]

The XBMC guys already made a plugin after the last hulu change. It'll take a few hours and a new one will be made.

Especially if you SEND the user all the info they need, how hard is it to decode functions? There are crackers out there that take decoded assembly to figure out how to bypass DRM, what makes Hulu think their implementation will be any more difficult?

Re:Cat & Mouse.

[C0vardeAn0nim0]

a marketing major or MBA course. that's what makes them think it'll be more dificult.

Re:Cat & Mouse.

[schmidt349]

Shut up! That's why.

Re:Cat & Mouse.

[v1]

It's probably more targeting people like me. I've already considered writing an app to scrape the pages, and download ALL their movies to a large hard drive or two.

I'm sure it's on a lot of other people's minds too with similar skills.

I do that from time to time for web archives of images too. Curse that 1000 hit limit on images.google.com!

Re:Cat & Mouse.

[pionzypher]

They've already worked around it.

In the OP link: 2.6.7: Changed Hulu code to deal with their new encoding of web pages. Note, this slows it down a fair bit, so UK-only users are advised to do a custom install to turn off US.

Re:Cat & Mouse.

[maxume]

Isn't it nice knowing that we evolved from rats?

Do you really believe that all of this content is going to get less available over time? Note that this would essentially contradict all of history.

Re:Cat & Mouse.

[jnetsurfer]

Even still, if they're using javascript to decode the HTML, they're not really protecting themselves. Your app can just run their javascript and still work perfectly.

Re:Cat & Mouse.

[koterica]

This is modded as funny, but it is rather insightful. The people who make business decisions (or what they think are business decisions) don't necessarily understand the things they are messing with. In this case, they obfuscate because they are worried about people pirating content.

Honestly? Hulu is a great service (if you live in the US) but its not a high priority target for piracy. Why go to the effort of ripping a stream with ads in it when the torrent is already out?

Re:Cat & Mouse.

[fprintf]

No, trust me, the freakin' programmers and IT people make it impossible. All us MBAs want to do is output a freakin graph, and you put us through all kinds of process steps, and gates and usability testing, and then decide it will cost $1Million just to make a simple change. No wonder nothing gets done without a multi million dollar budget.

Re:Cat & Mouse.

[tweek]

It has nothing to do with piracy. It has to do with revenue from cable company contracts. The problem the "content providers" had was that via Boxee and other set-top pcs, people could forgo cable all-together and that would be a huge chunk of lost revenue. Hulu is popular but the ad revenue from Hulu is nothing compared to the money the cable companies pay "content providers".

* I quote "content providers" because Hulu liked to use that phrase when Boxee was shut out. The fact of the matter is that Hulu is co-owned by two of these "content providers" so in essence, Hulu *IS* the "content provider"

Re:Cat & Mouse.

[kirbysuperstar]

Do you really believe that all of this content is going to get less available over time?

What about if your internet goes out and there's jack-crap on TV? Oh look, a HDD full of episodes/movies/whatever. Or.. well this one doesn't apply in this case, as Hulu is US only, but for people with low bandwidth/download quotas, streaming is a total waste. Hell, if I was to stream something, I'd nab a copy of it, just so I didn't feel I was wasting my quota.

Re:Cat & Mouse.

[Foolicious]

I do that from time to time for PORN too. Curse that 1000 hit limit on images.google.com!

There you go. Fixed that for you.

Re:Cat & Mouse.

[Zebedeu]

Do you really believe that all of this content is going to get less available over time? Note that this would essentially contradict all of history.

Yeah, don't bother making copies of those documents at the Great Library of Alexandria.

Re:Cat & Mouse.

[illumin8]

Do you really believe that all of this content is going to get less available over time? Note that this would essentially contradict all of history.

Actually, yes. Because Hulu is controlled by content owners, who seem to want to create tons of content and then keep honest viewers from ever watching it (see Fox scheduling sci-fi shows during the worst possible time slots), there have already been a lot of cases of Hulu removing content. The show It's Always Sunny in PA was pulled from Hulu by the content owners. Also, most shows only show a few episodes from the latest season, and when the season is over and a new season starts, the old seasons are removed.

There are a number of reasons why it might be nice to have an archival copy of the shows available on Hulu. Personally, I prefer to use a combination of Netflix + Handbrake/MetaX + iTunes + AppleTV for my video archival and streaming purposes. I get great quality with DVD rips encoded in H.264, and a nice menu system with cover art and tagging (thanks to MetaX) that works beautifully on my HDTV through the AppleTV. It's also a system so brain dead simple that normal people can use it.

Re:Cat & Mouse.

[Idiomatick]

The documents in Alexandria WERE copies. The reason the library was so great was that when people came to port the librarians would copy travelers' stuff. I think it would be kind of impressive if the riaa drmed some of their stuff and protected it so well that it dissapeared entirely... like top secret documents in the us gov.

Re:Cat & Mouse.

[MoonBuggy]

The fact of the matter is that Hulu is co-owned by two of these "content providers" so in essence, Hulu *IS* the "content provider"

I'd be interested to know where the division lies, actually. Their blog posts when Boxee was cut off had a distinctly irritable tone - they were very much making their point that the content providers don't understand the new marketplace they're operating in; basically, they were saying of the content providers the exact same thing most of the posts on this story are saying of them.

To me, that means they're autonomous to a reasonable degree but the studios have the final say. I would guess that the Hulu team themselves made all the relevant points about how this obfuscation won't work, and were overruled - just because their company is owned by the studios, doesn't mean the employees working there share the same ideas.

Re:Cat & Mouse.

[mapkinase]

I probably won't regret missing "Zenon and Hypatia making a porno" from that library

Re:Cat & Mouse.

[thesolo]

No, trust me, the freakin' programmers and IT people make it impossible.

Riiiiiight.

Sorry, but you're wrong. Honestly, we just want to get the code written and have you leave us alone. But we can't do that.

Instead, we have to follow the rules implemented by management, usually non-IT management. So while the code change itself might be all of 10 minutes, we have to follow Six Sigma, or have all changes go through 3 weeks of requirements gathering, or have to follow some horrible process workflow like the Waterfall model because they read about it in CEO Magazine.

It's management who make your life more difficult. And oddly enough, almost all of them have MBAs...

Re:Cat & Mouse.

[Maxo-Texas]

True story...

Three separate estimates for a project have determined that making a change will take about 1400 to 2800 hours. These were swag by a analyst with 8 years experience with the application, a formal 40 hour estimate by a different analyst with 9 years experience with the application, and an outside estimate by a contracting house (who wink/wink made it clear the 1400 hour estimate was really them lowering their billing rate to get some work- they would be working 20 hours a week unpaid to make the 1400 hour estimate).

The CIO came in and said "I don't see how this can be so hard", drew some boxes on a whiteboard as the "high level design" and said, "this should take 400 hours". (This was after the three estimates kept disagreeing with her wishes)

And *every* VP and senior director in the room, nodded in agreement and didn't say a god damned thing.

One of the ways planned to meet this goal is to assume testing will find no defects and take one week less than normal. That's just one -- there were more.

In the current environment- IT people are seeing some really bizarre behavior by the business types (I have friends at three other companies that report similar experiences).

Re:Cat & Mouse.

[Bigjeff5]

A month, a friggin month to unplug from a 100mb switch port and plug into a 1gb switch port.

5 minute change if you include the exhaustive checks, and double checks, and tripple checks to make sure there is not a problem.

Change Management at its finest!

Re:Cat & Mouse.

[hondo77]

Me: I estimate this will take four months.

Director of IT (former sysadmin): This should only take four weeks.

Want to guess who got blamed when the project took four months?

Re:Cat & Mouse.

[hondo77]

What about if your internet goes out and there's jack-crap on TV?

Read a book?

Re:Cat & Mouse.

[kirbysuperstar]

What is "book"?

Re:Cat & Mouse.

[Sleepy]

I can't tell if you are kidding or not, but if you think programming is easy, feel free to try it on your lunch break.

FYI - programmers don't require usability testing. I think you have programmers confused with your CUSTOMERS (or your Program Manager). They DO require pesky documentation. Most programmers have the urge to dive in and code without planning.

Re:Cat & Mouse.

[interkin3tic]

The XBMC guys already made a plugin [lifehacker.com] after the last hulu change. It'll take a few hours and a new one will be made.

Those slowpokes, I've already configured my videocamera to record my computer screen, the plugin took only 30 seconds (and the only reason it took that long is because I didn't have a flashlight and it was dark under my desk.)

Not only that, but I bet their version won't encode to high-quality VHS tape format.

Re:Cat & Mouse.

[dfries]

dict book
From WordNet (r) 3.0 (2006) [wn]:
2: physical objects consisting of a number of pages bound together; "he used a large book as a doorstop" [syn: {book}, {volume}]

Ah, an object used to hold doors open, but I fail to see the entertainment value in a doorstop.

Re:Cat & Mouse.

[Zordak]

True story: I worked for a government contractor in 1999. Our customer maintained an old DOS program that talked to little boxes on military aircraft. The program had a Y2K issue that the customer wanted fixed, so he issued a contract to us (sole source, of course). The budget was somewhere between $500k and $750k. The timeline was about 9 months, including writing documents justifying why the fix was needed, documents about what the fix would fix, documents about how we would fix it, documents about how we would test it, some actual coding, travel expenses for several people to fly halfway across the country to where they had airplanes, several days of extensive acceptance testing, more documents about how we tested it and what the results were and so forth.

In reality, the fix consisted of tweaking maybe 20 lines of Pascal, and I had made the changes within the first few weeks of getting the contract (while we were still in the phase of justifying why we need to change it; technically, I was not supposed to so much as touch the source files yet). The hardest part of the task was rebuilding their kludged-together make environment with hard-coded DOS paths since the thing would only work with the specific Pascal compiler they had used on their old system back in the 80s.

The best part: as soon as we were finished, and we had fully tested and qualified the shiny new Y2K-compliant code, the software got preempted by a new release of a bigger Windows-based system that rolled in the same functionality (basically it was a land grab by a program office responsible for another part of the same aircraft). As far as I know, my code was never deployed on a single computer.

Re:Cat & Mouse.

[fprintf]

Don't bother! I was being totally serious. You see, from a business/MBA standpoint (yes, I know there are very very few of us here on Slashdot.. I think we might be outnumbered by the women) it all looks like stonewalling. And the thing is, the project architect is going to get blamed, probably when he is long gone from the first project, when it takes $500K to add a table to a data warehouse.

Here is the problem. The MBA type guys don't have a clue what works or doesn't work from an IT perspective. We can only make suggestions of what we want, and encourage folks to seek acceptable alternatives. But if we say we have $5M to do a project, and you say it can't be done for less than $10M we have to trust you. Since we only have $5M you get to recommend either doing the project half-assed, with half the functionality required, or you don't get *any* work and the funding goes to some other project. So what ends up happening is a "multi-year" project is born. "We'll build the foundation and some of the features required and do the rest next year when more funding is available" the project manager will say. And yet, when next year rolls around then there is no funding 'cause a 100 other projects are requesting priority instead. It is a maddening circle. The MBA types, like myself, blame the IT team for incompetence and failure to deliver when they promise a certain feature set. The IT types blame the MBAs for being inflexible and unrealistic. Finally everyone blames the customer for being too demanding.

Re:Cat & Mouse.

[Yold]

I don't think the CIO's lack of understanding is caused by her being a "business type". Fact is, unless you've been knee-deep in the code for the system in question, you probably have a very skewed understanding of the time requirements.

Case in point, a client of mine was a PhD/MD. Definitely a nerd, not a business type. He has programming skills, yet he expects me to be able to accomplish 20+ hours of coding in an hour. He simply doesn't understand the amount of thinking, experimentation, design, coding and testing involved for modern web-apps.

More relevant case in point, my boss has a PhD in computer science. About 10 years ago, he was a programmer just like me, but now he runs big-numbers for the business types. He has been nagging me about current project to be done, because back when he was a web developer, everything was server-side CGI. No CSS prettiness to worry about, limited cross-browser issues, and there was no cluster-fuck codebase to wrestle with. If he gave 2-shits about being a better manager, he'd ask "what sort of problems are you having/expecting", rather than "is it done yet?", and then telling me to hurry up to create bug-free code (pfffft what an oxymoron).

Fact is, every manager I have ever had in a technical position has been woefully out-of-touch with the nitty-gritty of their subordinate's work. Whether or not that person had substantial computer/technical background is irrelevant, because they don't understand the specifics of the system/project in question.

Re:Cat & Mouse.

[cayenne8]

"As far as I know, my code was never deployed on a single computer."

Hey...as long as you got paid.

Re:Cat & Mouse.

[Patch86]

Alternatively, they may know that the obfuscation won't work, but may not care.

As an advertising-driven service, all they care about are site hits and views. It's not really in their interest to limit their service in any way, and not in their interest to bolster DVD sales.

Their content providers, however, care lots about piracy. They're probably laying on the pressure to make the Hulu boys tougher on piracy. And as noted, they're probably all advertising graduates.

By doing this, Hulu might just be doing something to appease the content providers ("hey look, we've done all these clever things to stop piracy!"), but not actually give two hoots as to whether it actually works.

Re:Cat & Mouse.

[meyekul]

Yes, but what if the Kindle is broken?

Don't they want people to use Hulu?

I mean, the alternative here is to use torrents. Why would Hulu (or their corporate overlords) want to make it difficult to use Hulu, when it's already just as easy to download the show and play it in whatever media center thingamajig I want with no ads?

Re:Don't they want people to use Hulu?

[NeoSkandranon]

They *want* you to go back to watching regular TV, where the ad revenue is greatest.

Re:Don't they want people to use Hulu?

[causality]

They *want* you to go back to watching regular TV, where the ad revenue is greatest.

As you probably know, that cat's not going back into the bag. I wonder whether the inability to admit this and work with it is a special trait of media companies or if it's just true of large organizations in general?

Re:Don't they want people to use Hulu?

CPM is higher on Hulu than it is on the TV because users are "more engaged" on the PC than they are on the TV. The two potential problems with pushing Hulu to the TV screen are:
1) Advertisers are paying a premium for engagment that they aren't getting.
2) It will eat into they biggest customers' (cable,satellite, etc) revenue who, I am reliably told, are putting a lot of pressure on Hulu to pull the plug on boxee.

Re:Don't they want people to use Hulu?

[MoonBuggy]

It's a shame, actually, that they had a flash of insight and then let it drop. They finally realised that they only way to compete with free, high-quality content from torrents was to offer free, high-quality content for themselves - the radical thinking (compared to other big media companies, at least) was that while it may not earn as much as broadcasting on TV, it's preferable to earning nothing from torrent downloads.

Now set-top PCs and services like Boxee start to appear and gain a bit of mainstream attention - the inspiration is gone and they try to fight a battle they can't win rather than accepting (as they did before) that they can still make money, just not quite as much as they might've done before.

Re:Don't they want people to use Hulu?

[zippthorne]

With set-top PCs and lots of bandwidth, the distribution and billing problem is solved. We don't need advertising supported television any more.

Let's be generous while discussing:

on iTunes, you can get an episode of Scrubs for $3. That's less than 22 minutes of show; You'd watch 8 minutes of ads for three dollars worth of entertainment, so in essence they're paying you $21.82 / hour to watch ads.

But it gets worse.

Suppose you buy in bulk, and you get longer shows?

A season pass for LOST on iTunes is $50, for 22 ~43 minute episodes, so they're only paying you $8/hour to watch the ads, and that's assuming that those prices are reasonable and not, you know, early adopter premium prices. If everybody bought every episode a la carte, I think things might be very different.

Dumb question here

[dkleinsc]

Couldn't an enterprising screen-scraper also just run it through the same Javascript code? Hulu is forgetting what I like to call the Fundamental Law of DRM: if you make data possible for users to see /hear, it will be possible for a reasonably enterprising user to copy it.

Re:Dumb question here

[ynef]

Yes, in fact, HtmlUnit is my preferred browser simulation library in Java for this very reason: it allows you to write very easy to understand Java code, and it uses Rhino as a JavaScript interpreter. Completely brilliant, and yet few people know about it.

Re:Dumb question here

[Applekid]

Couldn't an enterprising screen-scraper also just run it through the same Javascript code? Hulu is forgetting what I like to call the Fundamental Law of DRM: if you make data possible for users to see /hear, it will be possible for a reasonably enterprising user to copy it.

Sure. Except, crappy as the Javascript "encryption" is, now you're in violation of the DMCA by reverse engineering a copy protection mechanism.

Re:Dumb question here

[causality]

Couldn't an enterprising screen-scraper also just run it through the same Javascript code? Hulu is forgetting what I like to call the Fundamental Law of DRM: if you make data possible for users to see /hear, it will be possible for a reasonably enterprising user to copy it.

I think you left some of that Fundamental Law unstated. This is an approximation of the full version:

If you make data possible for users to see/hear, it will be possible for a reasonably enterprising user to copy it. Only one such user is needed to make a DRM-free (and ad-free) version available via BitTorrent. Meanwhile, you stand to annoy all of your legitimate/paying/ad-watching users, especially if they understand this Fundamental Law and/or your assumption of bad faith.

Re:Dumb question here

[nobodylocalhost]

only if the decoder is american though.

Re:Dumb question here

[jnetsurfer]

But you're not reverse engineering. They're sending you their code, you're just running it!

Re:Dumb question here

[mdm-adph]

Yes. To me, this is just like those JavaScript "password" scripts people used to make, and about as ignorant to the way client-side code works.

I almost want to say some web designer sold this "security" to Hulu as a joke.

Re:Dumb question here

[swilver]

No, you just run their javascript, the way it was intended to be. There's no reverse engineering involved. If they were smart (Hulu), they'd send different decoding function each time making it not possible to just recreate their function... if doing any of this can be considered smart.

Re:Dumb question here

[illumin8]

But you're not reverse engineering. They're sending you their code, you're just running it!

Actually I wonder if the DMCA would apply here. I think in fact it might. A non-techie judge might decide that running their javascript code on any device that they don't intend you to run it on is a violation of the reverse engineering clause.

Clearly, the content owners (Hulu) intend for you to only watch their content on a web browser running on Windows, Mac, or Linux. By running their javascript on a 3rd party device like a Boxee box (not a web browser), the judge might interpret this as reverse engineering to defeat a copy protection mechanism.

I think the grandparent is very astute. This is probably setting up a legal argument that could be used in court to sue the makers of Boxee.

Re:Dumb question here

[Mister+Whirly]

Maybe this is Hulu's "security theater" response to their content providers. Maybe Hulu knows it won't stop jack squat, but are trying to appease them by putting some "DRM protection" on the content. Maybe Hulu isn't so dumb after all.

Phase One is Over

[wonkavader]

TunerFreeMCE couldn't scrape the data. Mission accomplished. Oh, wait... Tada:

"Update- version 2.6.7 is now available to download to work round this new tactic."

And now, I supposed, there will be a DMCA attack as phase two.

Re:Phase One is Over

[Fahrvergnuugen]

And now, I supposed, there will be a DMCA attack as phase two.

That's really interesting. According to Wikipedia: "The DMCA criminalizes the circumvention of access control".

Can obfuscated HTML & JavaScript really be considered access control?? I sure hope not.

If it is, then what's the difference between obfuscated code and horribly written code thats difficult to understand? Or code thats been run through a minifier to make it smaller?

Re:Phase One is Over

[derGoldstein]

I sure hope not.

If it is, then what's the difference between obfuscated code and horribly written code thats difficult to understand? Or code thats been run through a minifier to make it smaller?

So you mean all Perl!??

Can you blame them?

[g0es]

I'm all for boxee, but if they wanted aggregates to link to their content I would think hulu would have provided an API to allow it. Maybe instead of trying to work around every change hulu makes they should work with them instead.

Re:Can you blame them?

[russotto]

I'm all for boxee, but if they wanted aggregates to link to their content I would think hulu would have provided an API to allow it. Maybe instead of trying to work around every change hulu makes they should work with them instead.

Hulu wants nothing to do with them and would rather they go away. They want to be able to release this stuff, but control it at the same time.

Re:Can you blame them?

[FauxPasIII]

> if they wanted aggregates to link to their content I would think hulu would have provided an API to allow it.

They did. It's called the hypertext transfer protocol.

Re:Can you blame them?

Absolutely.

It's been cute these last 10 years watching companies try to put things on the Internet and monopolize the information they put up. If you don't require user authentication, it's public.

If you want to piggy back in a web browser, with a public protocol like HTTP, expect people to interact with your server in unintended ways.

The only way to prevent this is to invent your own propietary protocol, and your own client. And even this doesn't prevent reverse-engineering of the protocol to gain access.

Re:Can you blame them?

[christurkel]

They want you to watch Hulu on your computer, not on your television.

Re:Can you blame them?

[dhasenan]

Hulu is merely owned by the content providers. Even if it's a well-integrated division, the people in charge of that division want it to do well, and better than other divisions. Also, the cable companies are probably quite conservative, so they will wish to keep Hulu on a tight leash. At the same time, Hulu is effectively a well-backed, well-placed tech startup, so they will be relatively liberal, as their owners allow.

Huh?

[AlterRNow]

My father gave me some HTML that was decoded with Javascript. To get the raw HTML was pretty simple IIRC..

1) Load page in Firefox
2) Open DOM explorer/inspector
3) Export as HTML
4) ???
5) PROFIT!!

Re:Huh?

[AKAImBatman]

The particular situation here deals with compressed/encoded HTML in an effort to prevent screen-scraping. This leaves two options for screen scrapers:

Option 1
1) Figure out how the decoder works
2) Replicate the decoder functionality in the screen scraper
3) Parse the decoded HTML
4) Make changes as the encoding scheme changes
5) ???
6) Profit!

Option 2
1) Link a Javascript engine like SpiderMonkey, Rhino, V8, or SquirrelFish into the screen scraper
2) Run the Javascript to decode the HTML
3) Parse the decoded HTML
4) ???
5) Profit!

As Long As It Works With Linux

[Prototerm]

As long as Hulu continues to work with a Linux-based browser, I'm happy. This is unlike ABC, whose system doesn't support Linux at all.

Their loss (or perhaps I should say "They're Lost").

I can't understand...Boxee displayed ads perfectly

[Papabryd]

...On a TV. Where ad rights, restrictions, and most importantly prices are much different than they are on the web. Hulu's (well really Fox/NBC's) bean counters won't let that fly especially when they can get roughly 7 minutes of ad space on a broadcasted show versus 2 minutes on Hulu. I'd be willing to bet that the prices for those 2 minutes on Hulu are a lot cheaper than 2 minutes on TV for an equivalent show.

And to anyone complaining about having to dance through proxies to watch Hulu internationally, it's for the same reasons. What benefit does Charmin see from advertising toilet paper to people in the Netherlands?

All that aside, as someone who has a modded XBOX with XBMC and was living abroad,I can say with experience that all these shenanigans are tiring. Like any arms race where it's content producers vs. the internet, the internet will win in the end.

Content Providers' Demands?

[T+Murphy]

Maybe they are just doing this to sate the content providers. As long as they appear to be trying to solve the problem, they should get brownie points with the major companies. Considering how popular DRM seems to be with the execs, I'll bet they think this works just as "well".

Re:Content Providers' Demands?

[maxume]

Hulu is a joint venture of NBC Universal and Fox Entertainment Group. The Hulu management might not precisely be content providers, but the folks holding the purse are.

Re:Content Providers' Demands?

[RyoShin]

Bingo. Services like Hulu have to serve two masters, and there's a constant juggle to make sure the content providers are happy in their diluted little world, while ensuring that the "honest" users can still access content with no problem. Considering alternative offerings, Hulu is still aces, far above anything else on the internet, even things like Youtube.

Likely, someone at NBC/Fox went "YEEEAARRRRGGG PIRATES" and some intern at Hulu said "Well, we can do X, bu-" "DO IT NOW." And so it will go.

Plan B: CAPTCHA

[derGoldstein]

Make the viewer fill it in every ~2 minutes to keep watching.

Ad revenue on TV Ad revenue on Hulu

[Coopjust]

Hulu is owned by Fox/NBC, and they are trying to attract other content providers.

Simply put, the ad revenue on Hulu is much, much less than on TV. Sure, it beats piracy (a little money and control over how long your content is on there) but if people were to cancel cable or watch Hulu on their Xboxes more, both cable/satellite providers and the content providers themselves would be unhappy.

Just another game of cat & mouse: Hulu makes changes, and Boxee updates. The hope is that if you make the workarounds unreliable enough to the point where people are too irritated, most will switch back to TV, with a few using Hulu just online on their computers and a few turning back to piracy.

I really don't get this...

[paralaxcreations]

Why all the effort to apply DRM to free streaming content? Is it just because the networks think that everything needs to have DRM?

Just More Proof...

[blueZhift]

This is just more proof that the people who run the big media companies not only do not understand technology, but cannot be bothered to learn it either. If they did, they would realize that DRM is ultimately a futile effort because the end user has to have everything they need in order to decode the content. That means that someone who wants to decode the content to display it in some other unapproved manner, also has everything they need to do it. I'll assume that the technical people/aliens at Hulu know this too and are only doing what the content providers are demanding.

Re:Just More Proof...

This is just more proof that the people who run the big media companies not only do not understand technology, but cannot be bothered to learn it either.

There is an old saying: "It is impossible to teach a man something, when his livelihood depends on him not understanding it."

They make their money the old way. If they learn this new way, they realize that their old way is doomed. Thereforefore, they cannot learn the new way.

Re:I can't understand...Boxee displayed ads perfec

[russotto]

These guys do understand that nothing prevents me from plugging my laptop into a TV and running a browser on it? And nothing prevents me from plugging a tuner card into my computer and showing TV on the monitor? So regardless of what they do, they can't make something show on a computer but not on a TV?

Wait a minute, my assistant is handing me an envelope he says will explain everything.

(envelope opening noises)

The note inside says "They're total idiots".

Yep, that does explain everything.

Site modding ponderings ...

[Zero__Kelvin]

"I really can't understand all this effort. Boxee displayed the Hulu advertising perfectly. I suspect Alec Baldwin is to blame. "

I used to wonder why you cannot mod a Slashdot editor's comment "Funny", but now I see that it would be an unused feature ;-)

Brand dilution guys....

[nweaver]

Hulu is a BRAND. It wants to live in its own world and be exclusive.

So their attitude is "Frak Boxie", as boxie is trying to DESTROY the brand of all the video sites to be replaced by the Boxee brand.

Why should Hulu play nice?

Re:Brand dilution guys....

[MightyYar]

They are being knuckleheads. Their "website" is analogous to a traditional TV channel and Boxee is analogous to a set-top cable box. You'd still get the Hulu ads, still get the Hulu branding.

To be fair, it seems like Hulu would very much like to be on Boxee - the distaste of the content providers' policies is palpable on their blog.

It's all about the DMCA

If you do decrypt it without authorization, they can claim you're in violation. It's not about the technical merits of their solution, it's about the legal aspect.

Re:It's all about the DMCA

[TooMuchToDo]

What about the DCMA provision allowing decryption/circumvention to provide interoperability?

Is it for screen scrapers?

[TheRaven64]

Won't this also prevent things like Phorm from modifying the ads? A screen scraper can just embed something like Gecko or WebKit and generate the DOM tree with the scripts, but something that needs to sit on a connection and do realtime packet modification like Phorm can't do that.

Since Hulu doesn't work outside the USA, I've never used it so I don't know if which is more likely, but if I had an ad-supported web site I wouldn't want carriers modifying my data in-flight, and this approach is a lot less computationally-expensive on the server side than using SSL without dedicated hardware.

Re:I can't understand...Boxee displayed ads perfec

[MrMarket]

And to anyone complaining about having to dance through proxies to watch Hulu internationally, it's for the same reasons. What benefit does Charmin see from advertising toilet paper to people in the Netherlands?

This is where the MBA and Marketing guys are falling down on the job. They should be selling regional ads for international viewers... instead of Charmin, they could sell Nokia ads for Dutch viewers, Weetabix in the UK, and Nutella in Italy, etc...

Fail

[Chlorine+Trifluoride]

This is not actually the worst web DRM. I once found a site where the top of the code had a comment that said "Source code not available" followed by a bunch of blank lines. In order to get the source, one just had to scroll down some.

Which, of course, would make the scroll bar an anti-circumvention device.

Re:Fail

[emurphy42]

That was mentioned on The Daily WTF, wasn't it? *googles* Yup, here we go:

http://forums.thedailywtf.com/forums/p/9204/172301.aspx

http://www.careercc.com/

EUCD is the EU variant of DMCA since 2001

[emj]

EUCD is the EU version, if DVD Jon would have been trialed in the EU it would have been interesting. Because I find it very hard to believe that anyone will ever get convicted for circumventing protection mechanisms, if it wasn't with malicious intent, or for monetary gain.

Compression, not encryption?

A couple years ago I was on a project building a web site that used asynch calls to web services to get JSON strings and then render DHTML from the resulting objects. The requirement came down that we needed to "encrypt" the data being returned by the seb services. They understood that it would only be obfuscation because the code to "decrypt" the strings would be right there in the JS for anybody to see, but it's what they wanted.

Instead of trying to encrypt it, I chose to compress it. The resulting string was obfuscated so the client was able to check that off the list but more important was that the strings being returned were much smaller and performance was noticably increased even though the string had to be decompressed in JS before it could be used.

There will always be "pirates"

There is a lot of talk in this thread about "who do they think they're fooling" and many more people saying "people will just crack the code"

You're right, there will be people out there who crack it. But if you look at it from a statistics standpoint there will be far more people who give up or don't want to take the time to crack it or find the pre-made crack. And vastly more people still who won't try because they've heard about the security and there are easier ways for them to get their content.

It's a numbers game. Especially with you're that "guy with the MBA" that was mentioned above. I think it has nothing to do with him not knowing what he's messing with. He doesn't need to know ... and neither do the advertising investors that are paying him gobs of money. They only need to know the statistics he gives them that says the content is "protected"

NOTHING is ever totally secure ... that's common knowledge. But how your security stacks up against your competitors can make the difference between a winning business model and just another also-ran.

Re:Ad revenue on TV Ad revenue on Hulu

[sricetx]

Sure, it beats piracy (a little money and control over how long your content is on there) but if people were to cancel cable or watch Hulu on their Xboxes more, both cable/satellite providers and the content providers themselves would be unhappy.

I already watch Hulu on my xbox 360 and I don't have cable. I run MediaMall's Playon server in a Virtualbox Windows XP image on my Linux machine and it works fine. I can watch cbs.com, Netflix instant viewing content, Youtube videos and a lot of other content with this setup. Oh, and I also stream all my Mythtv recordings (ATSC local broadcast only) to the xbox via Fuppes. It's great. I've always had a deep hatred of cable companies, and it is really satisfying to cut them out and get all this content legally and essentially free (well, Playon is $39, but it is a one time fee). Goodbye to these customer unfriendly companies that are just middle men that add no value.

Re:Ad revenue on TV Ad revenue on Hulu

[PPCAvenger]

Simply put, the ad revenue on Hulu is much, much less than on TV. Sure, it beats piracy (a little money and control over how long your content is on there) but if people were to cancel cable or watch Hulu on their Xboxes more, both cable/satellite providers and the content providers themselves would be unhappy.

Very true.

  However, this would seem to be the very definition of how the free market is supposed to work. Customers want Internet based television; prefer it over cable/satellite.

  Consumers steadily begin to use the net more. Hulu can then begin to charge more for ads while broadcast TV stations lower their rates.

  I would think advertisers would prefer Hulu simply because their ads can not be skipped over and users can't just change the channel during the break. That suggests they can charge more for the ads in such a business model since the ads are more effective. End result, less ad volume (compared to broadcast TV) and happier viewers or the same ad volume with more profits.

  It seems the cable and satellite TV providers are the ones that lose here but why should NBC/FOX care about them? The cable providers are already in a favorable position as the access point for new media distribution. If TV as a service goes the way of the dodo then they are free to charge more for Internet access provided they ditch the stupid caps.

  As long as content providers keep trying to fight customer demand they will continue to miss out on the revenue opportunities that exist. As for copyright infringement, that'll always be around but they can minimize the impact it has by not driving consumers towards it out of an unwillingness to change.

Obviously discrinatory against Lynx

[Digital_Quartz]

This is probably to stop Lynx browsers from properly displaying content. I'm betting this move was backed by bribe money. Clearly this is aimed at reducing compatibility with Lynx. MS is just trying to steal away market share.

Re:I HAVE THE RIGHT TO BE ENTERTAINED! right?

[tweek]

I wouldn't say I have a right by any stretch. I don't. These guys provide the content to me at their discretion.

I think what people are "upset" about is the fact that:

1) Companies (Hulu or otherwise) seriously think that they can control HOW someone access their content. Technology or not, you can't force me to listen to a song on the radio anymore than I can force you to play the song I want to hear. You can't force me to listen to that CD I bought in my car vice my house.

2) People were more than happy to access the content via legal means via Hulu. No one WANTS to pirate anything. It's a pain in the ass. A standard non-HD conversion of a tv show without the commercials over bittorrent still takes in the neighborhood of 30 minutes to download on a standard internet connection. God forbid I want something that is more than a few weeks old.

With Hulu I could sit down and watch the shows on my couch with my wife (when the kid was in bed). Now? Not so much.

The absolutely ASININE part is that users were screaming for this for years. For once, it seemed like the media companies actually GOT it. We were naive. Hulu was working on Boxee for the better part of a year if not longer. It wasn't until Boxee started gaining attention that someone said "You mean people aren't watching this stuff on a computer?"

Let's ignore for a minute how fucking stupid that question is. I *AM* (well was) watching it on a pc. It just happened to be hooked up to a television. What possible idiot doesn't have such a grasp of technology that they don't realize that you can hook a computer up to a television? Who, on the grandiose payroll of the media companies, didn't see this coming?

In the end, they DID hurt themselves. Ad revenues are already down. The company I was laid off from was in the business of television advertising. Between DVRs and P2P, you have a choice. Either provide the content and get at least a sliver of revenue or don't get any at all.

Sure, it may be costing you up front to build support for Hulu advertising among the advertisers but once the ball is rolling, it becomes a more viable outlet for advertising.

Here's the thing. Television advertising is a split bag. Local networks sell ads. National networks sell ads. There's a whole business around brokering advertising spots between buyers and the people with the air time. It's a complex machine. Hulu essentially cut out a few layers of that.

In the end, Hulu was a step in the right direction. Boxee was the "killer application" for Hulu. They really did screw themselves.