Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

115 comments

Uhh... (0)

Anonymous Coward | more than 5 years ago | (#28070125)

Do what?

Someone doesn't know what "clean room" means (0, Redundant)

Rix (54095) | more than 5 years ago | (#28070133)

Unless rtmpdump was itself a clean room implementation, nothing based on it can be.

Re:Someone doesn't know what "clean room" means (0)

Anonymous Coward | more than 5 years ago | (#28070159)

sure it can. You wouldnt be using the computer you typed that in with today ...

Re:The OP doesn't know what "clean room" means (5, Informative)

Anonymous Coward | more than 5 years ago | (#28070177)

Of course it can. "Clean room" implies a barrier between two implementations where no code is shared.

Someone doesn't know what "clean room" means

Quite.

Re:The OP doesn't know what "clean room" means (0)

Anonymous Coward | more than 5 years ago | (#28070251)

I do not understand the immediate parent post.

Re:The OP doesn't know what "clean room" means (5, Informative)

Jurily (900488) | more than 5 years ago | (#28070419)

The developer of the clean implementation does not see one byte of the original code, onnly the reversed specs. This is how the original IBM BIOS was cleaned, allowing the PC explosion.

Re:The OP doesn't know what "clean room" means (5, Funny)

KlomDark (6370) | more than 5 years ago | (#28070579)

That's not what my mom told me a "clean room" meant.

Re:The OP doesn't know what "clean room" means (1)

vtcodger (957785) | more than 5 years ago | (#28070721)

***That's not what my mom told me a "clean room" meant.***

Maybe. Or maybe you never really understood what she was trying to tell you. Who's to know?

Re:The OP doesn't know what "clean room" means (1)

madnis (1300099) | more than 5 years ago | (#28071065)

She just wants a clean basement.

Re:The OP doesn't know what "clean room" means (4, Informative)

CaptSolo (899152) | more than 5 years ago | (#28071887)

Here's the DMCA takedown notice issued to the rtmpdump project:

http://www.chillingeffects.org/anticircumvention/notice.cgi?NoticeID=25159 [chillingeffects.org]

Note that they are just claiming the ability to download copyrighted content as the reason for takedown (will we see a DMCA notice for IE and Firefox soon?). They might as easily use the same "reason" to issue notices to projects implementing this clean room specification.

Re:The OP doesn't know what "clean room" means (3, Informative)

stonecypher (118140) | more than 5 years ago | (#28072341)

You're not correct. Clean room is legally carefully defined. It means reverse engineering a protocol or specification with no access to any outside information of any form. The germane importance of clean room is to prove that no tainted or protected information was used, as it clearly is in this case. Clean room requires an enormous amount of documentation which has not been produced here. This is not a clean room reimplementation by any stretch of the imagination.

You can get a clearer idea of the issues by reading about how Compaq defended itself against IBM when cloning the IBM PC BIOS, because it had carefully kept all documentation necessary to prove that its reimplementation was clean room, which is why IBM couldn't stop them from opening the PC clone market.

It's a far stronger statement than "no access to original code", which is effectively meaningless: you get caught ripping code off, you just write it again while looking at the ripoff? You do realize that'd entirely destroy every protection the GPL affords, don't you?

Clueless. Please don't pretend to yourself that you know what clean room means. Grandparent poster was correct. You are not.

Re:The OP doesn't know what "clean room" means (0)

Anonymous Coward | more than 5 years ago | (#28073723)

Oh please do stop using legal definitions in a technical forum, it makes you look like an ass.

You do realize that'd entirely destroy every protection the GPL affords, don't you?

What? It's done all the damn time. BSD developers re-write GPL code (particularly drivers) for BSD on a regular basis. They don't even "clean room" the development process: the GPL does not require any such thing.

Clean room requires an enormous amount of documentation which has not been produced here.

No it does not. It simply requires that I, as the implementer of the "clean" version, have never had access to the "tainted" codebase. I can quite easily take the RTMPE specification published here and write my own implementation. Provided I never look at the rtmpdump source, Adobe have absolutely no recourse against me.

If you disagree I'd love to hear what law or laws you believe I would have broken, and what legal options Adobe would have...

Re:Someone doesn't know what "clean room" means (4, Informative)

Spy der Mann (805235) | more than 5 years ago | (#28070255)

Well, one thing is clean-room IMPLEMENTATION. A very different thing is clean room SPECIFICATION (whatever that's supposed to mean).

The article clearly states that this one's a spec.

Re:Someone doesn't know what "clean room" means (1)

Jurily (900488) | more than 5 years ago | (#28070471)

clean room SPECIFICATION (whatever that's supposed to mean).

I imagine it's something like this:

It used to be said [...] that AIX looks like one space alien discovered Unix, and described it to another different space alien who then implemented AIX. But their universal translators were broken and they'd had to gesture a lot.

Paul Tomblin

Re:Someone doesn't know what "clean room" means (1)

mysidia (191772) | more than 5 years ago | (#28072091)

I believe in this case they mean the 'spec' doesn't include any source code.

I suspect the intent is that an implementation where the author only saw the spec (and not the original RTDUMP code) be able to be a clean room implementation.

This is not the normal way a clean-room implementation is developed.

Normally, the actual protocol would be reverse-engineered to develop the specification.

In this case, it's difficult to be 100% certain that nothing in the spec is a derivative work of the supposedly infringing "code" it was "reverse-engineered" from

Re:Someone doesn't know what "clean room" means (2, Informative)

Trahald (698493) | more than 5 years ago | (#28070263)

Quote:"Typically, a clean room design is done by having someone examine the system to be reimplemented and having this person write a specification."
Indeed "Someone" doesn't know what "clean room" means. That "Someone" is you.

p.s. I commented because I don't have mod points for the other comment (http://tech.slashdot.org/comments.pl?sid=1243387&cid=28070177) which seems to have been downmodded.
Mods: How difficult would it have been to look up wikipedia (http://en.wikipedia.org/wiki/Clean_room_design) before downmodding the guy ?

Re:Someone doesn't know what "clean room" means (1)

binarylarry (1338699) | more than 5 years ago | (#28070305)

You tell 'em comic book store guy!

Nice quotes. :)

Re:Someone doesn't know what "clean room" means (3, Informative)

Adrian Lopez (2615) | more than 5 years ago | (#28070613)

Someone doesn't know what "clean room" means

Evidently, you don't. It's really quite simple: Party A looks at the rtmpdump source code and writes a document describing the protocol at the level necessary to create a compatible implementation. Party B looks at the document describing the protocol and creates an implementation of the protocol that contains no source code from rtmpdump. Party B now has a clean-room implementation of RTMPE.

Re:Someone doesn't know what "clean room" means (2, Insightful)

jonaskoelker (922170) | more than 5 years ago | (#28071679)

So in other words,

  1. party A translates source code to English
  2. party B translates English into source code
  3. the IP is lost in translation

Right?

Re:Someone doesn't know what "clean room" means (1)

Qubit (100461) | more than 5 years ago | (#28071903)

the IP is lost in translation

Yes, Coppola... :-)

Joking aside, I believe the idea is that by having the specification serve as the only transmission medium, the resultant code is based solely on the "distilled fundamental properties" of the original product. The argument is that these fundamental properties are the necessary components to, for example, create an interoperable product, and as such are not protected by copyright.

I'm not exactly sure how reverse engineering works if we're talking about patented file formats or protocols such as H.264. It is unclear how much (if any) software is patentable in the US at this point, however if a court were to uphold a software patent, I believe that even a cleanroom-produced spec could be found to be infringing.

Copyrights, not patents (2, Informative)

mspohr (589790) | more than 5 years ago | (#28073501)

Copyrights, not patents

Clean room is a way to make sure that you don't have any copyrighted code in your project. This will prevent a programmer from 'inadvertently' including a copyrighted code sequence in his new implementation.

However, it does nothing to protect against patents on methods in the code. If the patented methods are reproduced in the new code, they will still have patent issues.

Re:Someone doesn't know what "clean room" means (0)

Anonymous Coward | more than 5 years ago | (#28075519)

Party C takes the implementation, streams audio and video from a local band throughout a club and gets totally shit faced on free beer.

Dump (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#28070139)

Yes, I just took a tmpdump

Pwned! (1)

Pharago (1197161) | more than 5 years ago | (#28070239)

good job for all those involved

Why? (5, Insightful)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#28070273)

IANAL, etc. but my distinct impression was that cleanrooming wouldn't(outside of curious edge cases) save you from the DMCA. For copyright claims, the more layers of cleanroom, the better; but the DMCA only cares if the code constitutes a circumvention device or not. It could be based on a cracked copy of some proprietary adobe tool, OSS based on network sniffing of the proprietary tool, written according to a spec based on the OSS implementation, or, for that matter, produced by the Oracle of Delphi based on instructions from Olympus.

Re:Why? (2, Insightful)

h4rr4r (612664) | more than 5 years ago | (#28070445)

That is easy to deal with, just hand off the spec to a developer outside the USA. The DMCA does not matter anywhere else.

Re:Why? (2, Informative)

MichaelSmith (789609) | more than 5 years ago | (#28070543)

That is easy to deal with, just hand off the spec to a developer outside the USA. The DMCA does not matter anywhere else.

Unless they have their own DCMA. Trade agreements tend to make these things spread to other countries.

Re:Why? (3, Insightful)

fuzzyfuzzyfungus (1223518) | more than 5 years ago | (#28070565)

True enough. In that case, though, why bother with the cleanrooming? rtmpdump can simply be hosted offshore, as I'm sure it already is.

Importation of the reimplementation (3, Informative)

tepples (727027) | more than 5 years ago | (#28070709)

That is easy to deal with, just hand off the spec to a developer outside the USA. The DMCA does not matter anywhere else.

Unless other major developed countries have legislation substantially equivalent to 17 USC 1201, as MichaelSmith pointed out. France has DADVSI, for instance. The United States government has been pushing such legislation as part of "free trade" agreements with several countries. And even if the spec is reimplemented in a country with no DMCA-alike, it also matters once the implementation is imported into the United States.

Re:Why? (1)

0xB00F (655017) | more than 5 years ago | (#28071681)

That is easy to deal with, just hand off the spec to a developer outside the USA. The DMCA does not matter anywhere else.

Try telling that to Dmitry Skylarov [cybercrime.gov] .

Re:Why? (1)

mdmkolbe (944892) | more than 5 years ago | (#28072003)

IIUC, DMCA take-down notices only apply to copyright infringement. They are not applicable to "circumvention devices". That is a different part of the DMCA.

I say again this is not a take-down notice. It is more likely a cease and desist. (I can't find a copy of the letter so I can't be sure about that.)

Re:Why? (1)

haruchai (17472) | more than 5 years ago | (#28072291)

Oracle bought Borland,too?

WTF is RTMPE? (5, Insightful)

Anonymous Coward | more than 5 years ago | (#28070275)

If you're going to post an article about some obscure bullshit nobody's ever heard of, you could at least give people some hint at WTF you're talking about. "RTMPE" doesn't even show up on Wikipedia. God forbid you elaborate your terse, two sentence summary.

Re:WTF is RTMPE? (1)

SanityInAnarchy (655584) | more than 5 years ago | (#28070427)

It does, however, show up in a Google search [lmgtfy.com] . You had the initiative to check Wikipedia, but you were too lazy to check Google?

Re:WTF is RTMPE? (3, Insightful)

Anonymous Coward | more than 5 years ago | (#28070527)

You're missing the point. Providing an introduction to what you're about to discuss is covered in probably 5th grade English. It's pretty basic shit.

If the "editor" or submitter wanted me to take their information seriously they should have given some idea of what they were talking about. As it stands, all I got out of the summary was "OMG! Here are some links to illegal content on torrent sites." If it's as important as they seem to think, maybe they should expend the extra 30 seconds of effort and explain why I should give a shit. As it stands, illegal stuff on a torrent site isn't very earth shattering news.

Re:WTF is RTMPE? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#28070963)

plz be making statements to back up your claims that the content on BT was illegal kthx.

Also, you are a lazy, whining fuck. Discuss.

Re:WTF is RTMPE? (5, Insightful)

hazem (472289) | more than 5 years ago | (#28070791)

It's a common problem with the summaries on slashdot that less-common acronyms are not explained. The world of nerds is pretty vast and it's impossible for all of us to keep up with every possible acronym, system, software, etc.

It would have been trivial to add ", a proprietary protocol developed by Adobe Systems for streaming audio, video and data over the Internet," right after the first instance of RTMPE and it would have made the summary much more useful and informative.

Re:WTF is RTMPE? (0, Flamebait)

Hurricane78 (562437) | more than 5 years ago | (#28071043)

When you can write a whole comment, you can also fill the holes in your knowledge, by looking it up.
Oh, and if you do not knew it, because you do not care, why did you open/read it then?

Re:WTF is RTMPE? (1)

cheekyboy (598084) | more than 5 years ago | (#28071109)

Maybe because half the other stories here are even more boring!!

or learn basic html concepts.... (1)

cheekyboy (598084) | more than 5 years ago | (#28071101)

Like providing a link to what it is where it says the word RTMPE, just in the old says of 1994 html. Where people did place more active links to blocks of text. Even a tooltip cannot hurt really. Or a moreinfo icon.

Who is lazy now? the author or the consumer?

But I forget, we dont expect much professionalism of design or human aesthetics here, it is a techy site, where like man pages can be written poorly.

Re:WTF is RTMPE? (1)

ConceptJunkie (24823) | more than 5 years ago | (#28071197)

It would have been trivial to add ", a proprietary protocol developed by Adobe Systems for streaming audio, video and data over the Internet," right after the first instance of RTMPE and it would have made the summary much more useful and informative.

That would imply /. has editors.

Re:WTF is RTMPE? (1)

mishehu (712452) | more than 5 years ago | (#28071917)

My favorite tech acronym: PCMCIA

People Can't Memorize Computer Industry Acronyms.

Re:WTF is RTMPE? (1)

MikeDX (560598) | more than 5 years ago | (#28073665)

It's a close call between that, and TWAIN Technology Without An Inteligent Name... Of course then there's SCSI which (apparently) was meant to sound "SEXY"

Re:WTF is RTMPE? (1)

Fred_A (10934) | more than 5 years ago | (#28073727)

It's a close call between that, and TWAIN

Technology Without An Inteligent Name...

Of course then there's SCSI which (apparently) was meant to sound "SEXY"

I've always heard it pronounced as "scuzzy" or spelled out. Maybe it's a Euro thing.

Re:WTF is RTMPE? (1)

steveg (55825) | more than 5 years ago | (#28075439)

It's not. Pretty much everybody calls it "scuzzy", but that doesn't mean the originators realized that would happen.

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28075569)

Maybe, for him, scuzzy *is* sexy ?

Re:WTF is RTMPE? (1)

SanityInAnarchy (655584) | more than 5 years ago | (#28075389)

I don't know, when an explanation is provided, it just irritates me. For instance, if they'd put "An session-aware, sockets-based protocol which delivers most Internet traffic" after every mention of TCP. It's that kind of dumbing down -- and it inevitably is dumbing down, as you're generally trying to explain in one sentence what would really take several paragraphs (or a book) -- that often leads me to believe the mainstream press has no clue about technology.

Again, you're already on the Internet. Chances are very good you're using a web browser which has a little search box in the upper right hand of the screen. Taking the time to bitch in the comments, when it would've taken less time to type that acronym into Google, is just moronic.

Re:WTF is RTMPE? (1)

haruchai (17472) | more than 5 years ago | (#28072319)

How this this get modded up to 5+ Insightful? The poster didn't open the first link nor did a Google search. True, the article post didn't spell out what RTMPE is but it did clearly state that Adobe issued a DMCA. Since Slashdot has seen fit to give considerably more mod points, perhaps it could also raise the bar on posts. Too many posts get modded up to 5 far too quickly and the meta-moderation doesn't happen fast enough

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28072531)

Poster didn't open the first link nor did a Google search, as the article did not contain enough information about RTMPE for him to give a shit.

I fell for the same thing, no clue what it was. But I checked the comments and finally found out what it is and if I should care.

Re:WTF is RTMPE? (0)

Savantissimo (893682) | more than 5 years ago | (#28072873)

The commenter went to more trouble than the story submitter and shouldn't have to. Furthermore, this story is stupid and boring, as is your post.

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28070437)

Seconded. I thought clean rooms were those places where you take broken hard drives to recover the data for a couple thousand dollars. How the hell is there one on SourceForge? (And does this mean I can download a clean room into my apartment for free?)

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28070487)

Clean rooms are sterile environments with special air filtering systems, essential for writing virus free software.

Re:WTF is RTMPE? (1)

dcollins117 (1267462) | more than 5 years ago | (#28070547)

Thanks, that really clears up a few things.

Re:WTF is RTMPE? (4, Informative)

Darkness404 (1287218) | more than 5 years ago | (#28070621)

Clean room reverse engineering is where you reverse engineer things using no code from the project you are attempting to emulate. This is used to make sure your project is 100% legal.

Re:WTF is RTMPE? (1, Insightful)

Anonymous Coward | more than 5 years ago | (#28070789)

Clean room reverse engineering is where you reverse engineer things using no code from the project you are attempting to emulate. This is used to make sure your project is 100% legal.

Well, sort of. You can be 100% sure you're not infringing copyright. But many other laws can apply, such as patents or the DMCA.

And this project seems to be a circumventing technology and illegal under the DMCA.

Re:WTF is RTMPE? (1)

Fred_A (10934) | more than 5 years ago | (#28073761)

Well, sort of. You can be 100% sure you're not infringing copyright. But many other laws can apply, such as patents or the DMCA.

Also nowadays, even if no specific law applies, you can get hit by some kind of legal troll à la SCO which can be a major nuisance.

Re:WTF is RTMPE? (1)

Pig Hogger (10379) | more than 5 years ago | (#28074833)

And this project seems to be a circumventing technology and illegal under the DMCA.

Of course it’s illegal under the DMCA. However, take-down notices are solely, uniquely and only provided to remedy against actual copyright infringements, and clean-room reverse-engineering is **NOT** copyright infringement. Circumvention devices are covered in a totally different section of the law and the remedial mechanism is most definitely **NOT** a takedown notice.

And since the DMCA does not apply outside of the U.S., 95% of the people can safely mirror it [zapto.org] and there isn’t a thing Adobe can do about it. Heck, they can’t even invoke patents because software patents as they are illegal here.

Re:WTF is RTMPE? (1)

jonaskoelker (922170) | more than 5 years ago | (#28071709)

This is used to make sure your project is 100% legal.

Isn't it strictly speaking used to make sure that you 100% avoid a particular way of being illegal?

Say I write a program which prints "Niggers are evil" and exits. You can create a clean room implementation of the same program and avoid copyright problems. Depending on your local laws regarding hate speech or similar, what the program does might still be illegal.

(I don't think anything bad of people of any particular skin color or ethnicity.)

Re:WTF is RTMPE? (2)

bonch (38532) | more than 5 years ago | (#28070513)

It doesn't matter. All that matters is that the story has the word "DMCA" in it and embarrasses a company. Bam, instant front page Slashdot story.

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28070923)

"RTMPE" doesn't even show up on Wikipedia..

Oh, really? http://en.wikipedia.org/wiki/RTMPE [wikipedia.org]

Re:WTF is RTMPE? (1)

ResidntGeek (772730) | more than 5 years ago | (#28071387)

Look at the history.

Re:WTF is RTMPE? (1)

Castlerock (40459) | more than 5 years ago | (#28071227)

If you're going to post an article about some obscure bullshit nobody's ever heard of, you could at least give people some hint at WTF you're talking about. "RTMPE" doesn't even show up on Wikipedia. God forbid you elaborate your terse, two sentence summary.

ok, who gave this anonymous douchebag a +5 insightful when they didn't even have the common sense to use the google.

good grief.

Re:WTF is RTMPE? (0)

Anonymous Coward | more than 5 years ago | (#28071337)

People who want a readable summary that's who. Way to miss the point.

Re:WTF is RTMPE? (0, Flamebait)

Khyber (864651) | more than 5 years ago | (#28072015)

If you're going to read a geek site be up on your terminology or get the fuck out.

That is all, Mr. Moral Orel.

Re:WTF is RTMPE? (1)

bcmm (768152) | more than 5 years ago | (#28072975)

Summary assumed you already read Slashdot?

Re:WTF is RTMPE? (1)

Pig Hogger (10379) | more than 5 years ago | (#28074573)

"RTMPE" doesn't even show up on Wikipedia.

Sure it does [wikipedia.org] , you insensitive clod

FOSDEM talk about the reverse engineering work (3, Informative)

Anonymous Coward | more than 5 years ago | (#28070283)

Rob Savoye (long time GNU developer) talks at FOSDEM 2009 about how he did the cleanroom reverse engineering of RTMP, on which rtmpdump is based.

Also he mentions about how wireshark includes an RTMP decoder based on his work.

http://www.fosdem.org/2009/interview/rob+savoye

Can't seem to find the link to the video of the actual talk, but it must be somewhere around there.

http://www.fosdem.org/2009/schedule/events/reverse_engineering

Re:FOSDEM talk about the reverse engineering work (3, Informative)

Qubit (100461) | more than 5 years ago | (#28070349)

Can't seem to find the link to the video of the actual talk, but it must be somewhere around there.

The FOSDEM site doesn't seem to have links to the 2009 videos on their main page, but at least they don't have index files in the appropriate directories on their web server, allowing us to dig it up.

Reverse Engineering of Proprietary Network Protocols, Tools, and Techniques:
Ogg Theora (239M) [belnet.be]
Xvid.avi (183M) [belnet.be]

Re:FOSDEM talk about the reverse engineering work (0)

Anonymous Coward | more than 5 years ago | (#28074577)

It's on YouTube.

Link: http://www.youtube.com/watch?v=t3s-mG5yUjY

Title: Reverse Enginering of Proprietary Protocols, Tools and Techniques
Speaker: Rob Savoye
Licence: CC-by-nc-sa
Length: 43:56

RTMPE? WTF! (2, Informative)

Anonymous Coward | more than 5 years ago | (#28070323)

OK WTF is that all about and should I care?

Subbys, please don't assume everyone reading your article is as clued up as you and do try and add a little explanation to your text - especially if you use abbreviations.

Yeah, I could Google it, but that would be like needing an encyclopedia by your side just to read a newspaper.

Re:RTMPE? WTF! (5, Informative)

Qubit (100461) | more than 5 years ago | (#28070461)

OK WTF is that all about...

RTMP is the Real Time Messaging Protocol that Adobe has developed for streaming stuff over the Internet.

Red5 [wikipedia.org] is a Free Software (LGPL) implementation of the RTMP.

Cygnal [gnashdev.org] is the Gnash project's [gnashdev.org] RTMP server (also Free Software).

Also see more docs on RTMP on the Gnash wiki [gnashdev.org] , and RTMPE on this other wiki [multimedia.cx] .

... and should I care?

Would you like to have control over the software that you run and use? Are you concerned about your software and/or hardware implementing things like the Broadcast Flag [wikipedia.org] ? Do you believe in Free Software because it gives you control over your computer?

If you answered "yes" to any of those questions, then you probably should care, as what's going on right now is making it difficult or impossible for you to run Free Software (or even to pick software) to interact with the RTMP protocol -- a protocol that a given website might require you to use to interact with their media content.

Re:RTMPE? WTF! (0)

Anonymous Coward | more than 5 years ago | (#28072701)

Also, check this implementation: http://www.rtmpd.com/

A more human-readable summary. (3, Informative)

Grendel Drago (41496) | more than 5 years ago | (#28074847)

I, also, was confused. This is the issue, as I understand it after reading some of the links.

Copyright holders want to be able to paste something resembling their previous business model onto the internet. The urge is understandable, but it's not really a plausible goal--consider the hoops that had to be jumped to get books on the Kindle--so we see attempts to enforce the business model with laws rather than code.

More concretely, if you're just sending a regular old HTTP request to get some flash video, it's vulnerable to a trivial replay attack--just resend your request from your downloader. Adding cookies makes the replay attack only slightly less trivial. So, Adobe engineered their own (presumably obfuscated; I haven't looked) protocol, RTMP. It was reverse-engineered. Adobe then released an encrypted variant of RTMP, RTMPE.

RTMPE was, of course, reverse-engineered, but because it used cryptography, it's apparently covered under the DMCA, and so Adobe can sue people who explain how to get around it.

The fundamental problem is that data is being sent to an untrusted player on an uncontrolled host. Without something like Trusted Computing, it's impossible to completely prevent users from doing what they want with data that you send to them--which is why this is a DRM issue.

In short, it's the same DRM story. Companies try to use bound-to-fail technologies to prevent users from doing what they want with data on their own machines--usually, this means copying it--and when this inevitably fails, they start suing people. We're at the "suing people" stage.

Define acronyms in the article! (4, Informative)

bertok (226922) | more than 5 years ago | (#28070355)

Clearly, Slashdot editors are strategically shaved monkeys trained to click "accept" or "reject" in exchange for bananas.

Define obscure acronyms in the articles!

RTMP is the Real Time Messaging Protocol [wikipedia.org] used by Adobe Flash

You think like a ReThuglican Jew (0)

Anonymous Coward | more than 5 years ago | (#28072219)

You think like a ReThuglican Jew

seeding (2)

Sir_Lewk (967686) | more than 5 years ago | (#28070367)

59KB is kind of absurdly small to justify a torrent, but what the hell, I'll seed it.

Re:seeding (0)

Anonymous Coward | more than 5 years ago | (#28070713)

And the tarball (the bigger one, about 129 KB, it has get_iplayer & get_iplayer.cgi added) is also on Bitzi [bitzi.com] with its various hashes (SHA1, ed2k). Kind of a Streisand effect [wikipedia.org] ?

Re:seeding (1)

sakdoctor (1087155) | more than 5 years ago | (#28070819)

Thanks [wikipedia.org] for linking [wikipedia.org] to wikipedia [wikipedia.org]

Re:seeding (0)

Anonymous Coward | more than 5 years ago | (#28071575)

It's probably not about the size of the file, but rather the ease that it can be taken down.

What!? (0)

Anonymous Coward | more than 5 years ago | (#28070433)

What in the hell is this!? Ten links to d

Re:What!? (4, Funny)

JadeNB (784349) | more than 5 years ago | (#28070787)

What in the hell is this!? Ten links to d

Wow, apoplexy induced by the poor summary killed the anonymous coward!

(OK, so it's not quite as punchy as “Video killed the radio star” .)

Vote for it (3, Interesting)

masshuu (1260516) | more than 5 years ago | (#28070457)

We need people to nominate it on sourceforge

heres a handy dandy link(everyone who reads this should vote for it):
http://sourceforge.net/community/cca09/nominate/?project_name=rtmpdump&project_url=http://sourceforge.net/projects/rtmpdump/ [sourceforge.net] "

I like it! (1)

Qubit (100461) | more than 5 years ago | (#28070593)

I just went and nominated rtmpdump, and you, dear reader, should go nominate them, too!

I would find it deliciously amusing if we could get the /. editors to post this link as a new article, seeing as how /. shares corporate overlords with SourceForge.

Perhaps (1)

MrKaos (858439) | more than 5 years ago | (#28070501)

Adobe hasn't read 'How to win friends and Influence people'

Re:Perhaps (1)

gmuslera (3436) | more than 5 years ago | (#28070539)

Definately has read it... is following step by step all of "not do" of that book.

Academic RTMP discussion? (3, Insightful)

Qubit (100461) | more than 5 years ago | (#28070503)

Just as Prof. David Touretzky has his Gallery of DeCSS Descramblers [cmu.edu] , perhaps some other CS Prof would like to put up a website talking about the protocol?

I haven't looked at the code yet, but I'd assume that the bulk of it is considered acceptable by Adobe. So what small piece of it is the target of Adobe's DMCA takedown? Is it something that we can put on a T-shirt? :-)

Re:Academic RTMP discussion? (1)

lkcl (517947) | more than 5 years ago | (#28074205)

i've done an analysis (and updated the document). RTMPE is nothing more than a way to link content with the original SWF file (by way of its hash and its size), and an SSL-like end-to-end secrecy algorithm.

Not as in Python (0)

Anonymous Coward | more than 5 years ago | (#28071925)

From the spec:

data[x:y] means "bytes x through y, inclusive" - like in python

The spec indeed uses [x:y] to mean bytes x through y,inclusive, unlike in Python, where the end is exclusive.

It's not like (1)

ghmh (73679) | more than 5 years ago | (#28072955)

we needed another reason _not_ to use flash...?

Let's move forward! (0)

Anonymous Coward | more than 5 years ago | (#28073343)

And what about open rich web media initiative..? OGG+Vorbis is relatively successful in its own market.
By the way, Microsoft is surprisingly 'open' with Silverlight technology and sponsors Moonlight project. This could make Adobe not to be such 'close'.

Re:Let's move forward! (2, Funny)

Psyborgue (699890) | more than 5 years ago | (#28073401)

Vorbis is ironically very very successful in xbox games and windows games in general. It seems even M$ has a hard time arguing the quality is superior.

Re:Let's move forward! (1)

Pollardito (781263) | more than 5 years ago | (#28075565)

A lot of third parties make games for xbox and windows too, so that statement doesn't really mean anything without examples that have MS as the creator/publisher.

Re:Let's move forward! (1)

Psyborgue (699890) | more than 5 years ago | (#28075623)

True, but it is ironic that game developers are choosing to use vorbis rather than windows media.

RTMPE nothing more effective than SSL (2, Informative)

lkcl (517947) | more than 5 years ago | (#28073797)

i've updated the RTMPE.txt document, after doing some analysis this morning. there are two aspects to it: one is an end-to-end secrecy algorithm that is similar to SSL; the other aspect links the size and a hash of the original SWF file (through which the content is supposed to be streamed) into the handshake process.

there are no passwords used. there is no security. there is no authentication.

conclusion: RTMPE is definitely not a copyright protection mechanism. all the information needed to obtain the content is publicly available.

Re:RTMPE nothing more effective than SSL (2, Interesting)

Grendel Drago (41496) | more than 5 years ago | (#28074983)

conclusion: RTMPE is definitely not a copyright protection mechanism. all the information needed to obtain the content is publicly available.

Sadly, I don't think the former doesn't follow from the latter--you don't need to be a good or even plausible system to be considered a copyright protection mechanism.

By the way--thank you for doing this work. It's usually pretty thankless, and it has the potential to piss off armies of lawyers. Thank you.

Mirror (1)

Pig Hogger (10379) | more than 5 years ago | (#28074547)

For the record,

yet another mirror [zapto.org]

well outside the reach of the DMCA and also of software patents in particular.

As Always It's About Money (1)

BeardedChimp (1416531) | more than 5 years ago | (#28074899)

About two years ago we were trying to create an h264 streaming solution since flash had just implemented it. Things were going well encoding wise, but streaming h264 was a nightmare because the only protocol flash would let you stream it from was RTMP. And guess what, adobe wanted thousands for it's use (licensing was based on concurrent users IIRC).
I had a look at a few attempts to create RTMP servers but they were all in the alpha stage, and would mostly just get stuck in a loop. We even went so far as to start writing a h264 java implementation, before we gave up and did an mpeg4 one.
In the interests of open standards and preventing total domination of flash in streaming, I congratulate the RTMP developers. If you didn't know BBC's iplayer uses RTMP and as of recently (svn) xbmc has a plugin to play even it's h264 streams. IPlayer on the xbox, now thats cool.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...