Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Music Media

Emusic Tracking MP3s On Napster 159

Nice Geek sent us a wired story talking about EMusic tracking MP3s on Napster. Several issues: mainly the flaws of using MD5 checksums to determine the source of the MP3, but also the problem that using a bot violates Napster's terms of service. I don't really have any problems with this, but it'll be interesting to see what the next step will be.
This discussion has been archived. No new comments can be posted.

Emusic Tracking MP3s on Napster

Comments Filter:
  • A few days ago I posted a little teaser about Splooge. Anyone reading these threads would certainly be interested in this. We're currently looking for some beta testers for Splooge. We'll allow about 200 downloads before we take the beta download offline again. If anyone would like help us out and give it a try, it can be downloaded from www.splooge.com. Unfortunately, this is a Win app only at this time, a java client is in the works, however, development has been focused on the Win client. Any comments. concerns, or offers to work for free can be addressed to me at jbednar@splooge.com . Thanks! And no, despite the name, we're not a porn p2p engine. However... now that I think about it, thats not a half bad idea at all...
  • MP3 trading has been going on for years before napster. Before this, it was simple web site MP3 search engines. Now its in the hands of everyone, and they try and stop it. No matter what, there will always be people getting free music, with or without napster, gnutella, scour (now dead), or any other public service. It mostly all started on IRC, with bots and fserves allowing people to trade their songs. No matter what happens to napster, the record labels need to realized, people dont have to pay for their songs, and theirs nothinig they can do about it. This will not put them out of business, there are tons of people who still go out and buy music, But they need to find a way to live with this technology, because it will never go away; it will just mutate into something else.
  • There're lots of bad laws, that's not much of an argument - I probably would lose in court, but that's not what I was saying - I was saying I don't consider it theft, and that's all that matters to me. They have not lost anything, therefore there is no crime. Plus, I don't see how income taxes have anything to do with this. The only thing it has in common with this is the fact that it involved me paying out money or not. Income tax is not something you can "steal", it's not a product, so it doesn't really have anything to do with music at all.
  • I did say that if I couldn't get the songs it would be ok, but since I can why not? Sure I'm not doing what the content providors want, but they're NOT LOSING ANYTHING.
  • you can just change the artist's name a bit - from "Spears, Britney" to "Britney Spears"

    Thanks to recent elective surgery, I believe she now spells it "britnEy spEars"

    Pete

  • Or just change something in the ID3 tag...
  • And here is the crux of the matter. A) The artists often do not own the songs the write and sing, the record companies do. Many artists get little or nothing from "their" music. B) Considering the record industries "creative accounting" practices (i.e., screwing the artists), many people seem to find it difficult to accept the record companies claim of the higher moral ground.

    You don't make a case against the theft of music via file-trading. It is theft, as the Napster user is getting the benefit of the music while the licensed distributor gets nothing in return.

    I agree that the licensed distributors are sleazebags, fat cats who wine and dine little artists, seducing them into signing horribly restrictive contracts.

    To shift the industry away from the fat cat executives,

    Get the little indies to STAY independent. Those contracts are signed with their blood.

    Organize secure downloads at reasonable prices. A buck a song, or even lower through a subscription service that can handle the microtransactions with a minimum of fuss.

    Get debit cards in the hands of teenagers. They're the market for music money, yet so few teens have any purchasing power online due to the credit card hurdle.

  • Jeez. You'd think that /. readers had never used a web browser before or something.

    Ignore Wired. Go look at the EMusic press release for accurate information.
  • Open mailbox
  • > If you read your CD it says that it is illegal,
    > without prior consent, to copy it to another
    > form.

    And if you bought a new car, opened the hood, and saw a tiny little sticker saying "it is illegal to modify this car in any way, including but not limited to the addition of racing stries, repainting and tinting of glass without written permission from Honda" would that stop you?

    Just because someone writes some words on a peice of paper (or plastic) doesn't make you legally bound by them. In truth, it has been ruled that its perfectly legal to make copies for personal use...in fact, the law explicitly states that you CAN.

    Legally, the record companies can NOT stop you. they can not take that right away. However, they write their little fine print anyway because they know that they can fool some people, some of the time.

    > How would you feel, for example, if a book you
    > wrote, was disseminated on the internet, and as
    > a result you didn't sell any books?

    I would track down the person who distributed it and shake their hand. It feels great to creat something and have someone else like it enough to share it with others. It feels great to have your work accepted and praised in such a way.

    In fact, I can think of no greater praise for my work than to have someone hand a copy to someone else and suggest that they take a look at it.

    -Steve
  • Opening the mailbox reveals a leaflet.
  • You don't make a case against the theft of music via file-trading. It is theft, as the Napster user is getting the benefit of the music while the licensed distributor gets nothing in return.

    And there you put your finger on one of the core issues in this argument (I was wondering if anyone would catch it :-). I'm not convinced it is theft, at least the way I think you mean. If someone steals my wallet, I think we all agree that's theft, my wallet is gone. If someone makes a copy of one of my music CDs, is that theft? I don't lose anything. The copyright owner technically doesn't lose anything but a potential sale (there's no guarantee the copier would have bought the CD in the first place). Is it a different type of theft? Perhaps it's a different degree of theft? Should it be called theft at all? Personally, I'm undecided.

    Moreover, there's some evidence that downloading "illegal" MP3s inceases sales of CDs. Granted the evidence is controversial, but it puts an interesting philosopical twist on the controversy.

    I agree that the licensed distributors are sleazebags, fat cats who wine and dine little artists, seducing them into signing horribly restrictive contracts.

    At least we can agree on something. :-)

    Get debit cards in the hands of teenagers. They're the market for music money, yet so few teens have any purchasing power online due to the credit card hurdle.

    Nothing personal, but that's a disaster waiting to happen. There's a reason teenagers have a tough time getting credit and debit cards. I work retail part-time, believe me, I know.

    Moreover I might point out there's no constitutional right that guarantees that music companies should make money. If their target customers don't have money for CDs, maybe they should rethink their business plan.

  • No, but I understand that when I go to Piggly Wiggly, I'm paying for something (i.e. The transportation, storage, washing, and attractive shopping atmosphere) of the product. When it comes to music, the artists have to pay for their own recording, production, etc. i.e. The artists do the lion's share of the work, so they should get the money. The record company adds marketing, and probably should get something, but not $17.99....
  • "According the Digital Millennium Copyright Act, copyright holders can request that Internet companies refuse access to those people who are making unauthorized materials available for distribution." Why do all these things have to come out of the DMCA? the "Devil's Modia Conglomerate Ass-kisser" I like to call it. Actually I just made that up, but well it works. So are they saying that without the DMCA they wouldn't be able to do this? Or what? Anyway, napster isn't everything anyway, there's still a few (hundred) alternatives.
  • I'd think emusic isn't really concerned about all copyrighted music, but they probably check for mp3s from their site. I'd say that is a "legitimate" source
  • And do you rip the price stickers off CDs when you steal them from the shop?

    And do you spray over the security marks on that bike you stole?

    Do you remove the postcode from the things you stole from that house?
  • by moyet ( 148706 )
    >"People don't have the right to privacy when they are publicly making available infringing songs," Hoffman said. "A burglar >doesn't have that right when he's walking with a television under his arm."

    But they don't know if I have illegal music on my computer, unless they invade my privacy. How come people who try so hard to secure the artist rights so quikly forget about my rights?

    SCARY
  • One small problem here: MD5 is specifically designed to make sure that changing a single bit in the data changes the checksum. Assuming they check the ID tag at the end, this means you can just change the artist's name a bit - from "Spears, Britney" to "Britney Spears", say - and their `clever' software will regard it as completely different. Duh.

    Failing that, chop the last byte off the file. It won't affect the music you hear - just cutting the last millisecond or so of sound out - but it will make the file size and MD5 hash different.

    Finally, in order to calculate an MD5 hash, you need to download the whole file. EMusic plan to download every single file on Napster, just to check for files they claim rights to?? This, I must see!

  • Violates Napster's user agreement?
    Ehr..So does 80% of the Napster users, if not
    more, by downloading Music files and keeping them
    longer than a day.
    Who cares..Sueing individuals for downloading
    illegal music is the same nonsense as prosecuting everyone with a VHS copy of some
    movie.
    Napster's user agreement is a joke..
    Then again, it's a very good joke that prevents
    them from being guilty of spreading
    illegal copies. They are not, and I think Napster
    is doing a great job.
  • Sharing files on Napster is no different than lending someone one of your CDs for a day.

    No it's not, because you can lend someone a CD and they can listen to it without making a copy, but when you put your files on Napster, people have to make a copy to listen to them.

    The only way your analogy would work is if Napster deleted the track from your hard drive when someone downloaded it. Obviously, nobody would use it then.

  • by pallex ( 126468 ) on Wednesday November 22, 2000 @03:56AM (#607591)
    How will this work? If N people mp3 a song, then unless they all use the same software, and the same options, they`ll get different files. Some may normalize the wav file before mp3`ing. Some will trim the file to remove silence at the end (for example, the penultimate track may have loads of silence to `hide` the bonus track).
    If this took off, mp3 encoders could invert the song, or add some random bits to the end of the song.

    Basically, there is no way they can do this. They`d have to constantly be downloading songs - any song - and then either listening to it, or use yet more vapourware - a tool to analyse a song and guess which song it actually is - before taking action.

    I cant see how this would work!
  • I want to enjoy music I can download, and Napster stands in the way of this.

    Actually I think you could argue the complete opposite. Napster forced the big 5 Record Labels to acknowledge the Internet as a potential market. I'm sure Napster's press citing 20 million users and previously unrecognised demand helped get the attention of record company directors.

    Do you think that without Napster and MyMp3.com, you would be seeing the current rush by the big 5 to start their own distribution sites?

    Paul

  • I don't think so.

    If you read your CD it says that it is illegal, without prior consent, to copy it to another form.

    Like I said, the owner of the property has the right to do with it what he will. If he doesn't want you copying his music, you shouldn't - just as you don't want people abusing your things. You do not have owner's rights over the music - the fact that MS paid $millions for the Rolling Stones 'Start Me Up' will show you that. You just own the right to use a recording, in that form, and under certain conditions.

    If you don't like those conditions, you don't buy the music. It is not right to say that music companies are overcharging you, or that they are monopolies, because nothing forces you to buy their music - just as nothing forces you to come into my supermarket and buy my goods if you think they're overpriced.

    How would you feel, for example, if a book you wrote, was disseminated on the internet, and as a result you didn't sell any books?
  • Comment removed based on user account deletion
  • The next step, which should've been the first step, is psychoacoustic modelling. MD5 is so inadequate for this application that I'm impressed they've decided to use it in the first place.

    Now to distinguish one song from thousands of others WILL be difficult, and I'm willing to see how this works. [in comparison to software that's supposed to screen images for porn.]

    Flavio
  • Then there's the problem Emusic will be using a bot to do all this - at which point, they get barred from the service for ToS violations!

    I agree that they should get barred, as I did (one of Napigator authors, barred us for publishing Napster server stats) however with the recent court cases I think Napster will strike a deal with them to show the courts good faith.

  • They probably don't know how to disable file sharing (or they enabled when they started Napster once, since it bugs you about file sharing EVERY TIME YOU LAUNCH NAPSTER).
    _______
    Scott Jones
    Newscast Director / ABC19 WKPT
  • My thing is this: I don't consider it theft, because most of the songs I download from napster, I would never pay for anyway, so they're not losing any money. See? I'm never gonna buy a backstreet boys CD, but maybe they have a song or two I wouldn't mind listening to once in a while. I'll download it. If I didn't have it, that would be fine too, I wouldn't buy it, but since I can get it free, heh why not?
  • Moreover I might point out there's no constitutional right that guarantees that music companies should make money. If their target customers don't have money for CDs, maybe they should rethink their business plan.

    I wasn't suggesting that teens get debit cards to purchase CDs. Heck, if they want CDs, they can go to the local brick and mortar shop with the cold hard cash daddy gives them.

    Teens need online purchasing power to equalize the situation: indies can avoid the sleazy contracts purloined by big distributors if they can still make money from their audience. If the indies only target 40-somethings for making money, they'll starve. The indie needs to get cash from the teens, avoiding the big distributors.

    Cash flow:

    teen to debit card to online broker to indie

    Content flow:

    indie to online broker to teen

  • emusic, IMHO has done more for legitimatising digital music than anyone else. they are providing all of the benefits of digital music, legally! i.e.: lower prices, lower entry cost for artists, higher profit margins for artists, increases variety, less money going to corporate bastard record companies, etc, etc, etc. while i don't necessarily like this tactic, if it is necessary for them to keep their business going then, it is worthwhile. (Situational ethics always rule in capitalism) while i don't neccessarily like this tactic, if it is neccessary for them to keep there business going then, it is worth while. (situational ethics alway rule in capitalism)
  • If you go entirely on the MD5 hash, you will get false positives: look at the "birthday problem" to see why. With literally millions of different songs on Napster, there will be many random "collisions" (as they are known in crypto circles).

    Well, technically yes. Practically no. MD5 is a 128-bit hash, so there are 2^128 hash values. You'd need 2^64 distinct MP3s before you're likely to find two which hash to the same thing. 2^64 is really, really big. MD5 may or may not be a perfect hash (I think there is some evidence of flaws), but even if specific attacks were known, it's not like people are going to specifically construct MP3s so that they get hash to a known value (making themselves "look guilty" on purpose).
  • Why don't we ALL fsck with Napster, everyone else does....


    Thankfully I get all of my online music via usenet...

    First!

  • Emusic is already an attractive alternative. I no longer have to waste my time downloading songs from users with 14.4 connections. I no longer have songs that are poorly ripped. No more partial rips. And no RIAA police banging on the door. All that for $10/month is a steal.

    If only they had a system to suggest music I might like based on how I rate the songs I download.
  • by 91degrees ( 207121 ) on Wednesday November 22, 2000 @03:19AM (#607604) Journal
    Sounds like the BSA's "Pirate software detector vans" that can detect when you're using an illegal copy of a program.

    They just want to scare poeple into behaving.
  • Haven't you heard? EULA and copyrights are evil.

    I just found it incredibly funny that someone would complain, especially a slashdot editor, about violating the terms of service on Napster.

    Haven't you heard? Napster can't control what their users do.
  • I've been thinking what might be done for indie musicians. Perhaps a company could be created to represent the indies and to pool resources. Etched on every employee's forehead (figuratively speaking of course) is the rule that their clients (the indies) and their customers (their fans) are to treated fairly, honestly, and with respect. Beyond that, I believe the internet could be the great equalizer between them and the record companies.

    A few things I can think of that this hypothetical company could do is:

    Build and maintain websites musicians websites. Pooling webserver space and web design talent.

    Organize tours, recording sessions, CD manufacturing, jacket design, all that stuff...

    Maintain an mp3.com-like online streaming library for registered users. Thereby creating a database of potential customers. And/or...

    Streaming broadcast, via shoutcast, of all indies by genre. So fans can easily sample all the different talents.

    And of course, since the streaming audio is only poor to fair quality, online shopping for CDs is only a click away. The company could offer precompiled collections of songs or offer to burn custom CDs.

    Anyway, who knows, I'm not a musician or a businessman. Maybe it would work, maybe it wouldn't. It's late, I'm tired, and I'm going to bed.

  • Nice. And it will take only a few weeks and then there is a crack which will mask the Files so that they can not be tracked anymore...


    --

  • Now's the time to connect with your 14.4 and 1000-song playlist! That'll keep it busy for a while...
  • "I no longer have to waste my time downloading songs from users with 14.4 connections."

    Just avoid slow users. Hint: ping times can't fraudulently lowered, so they are sometimes more useful than quoted bandwidth figures.

    "I no longer have songs that are poorly ripped. No more partial rips."

    Stick to high bitrate stuff, and avoid incomplete files.

    "And no RIAA police banging on the door."

    Same here.

    "All that for $10/month is a steal."

    All that for $0/month is a steal... even literally, some would suggest. =)

  • Let's clear something up here. When you 'buy' a CD, or a DVD, or a book, or even a piece of software, the same rules apply: YOU DON'T OWN IT! You only purchase the rights to use/view/listen to it. You buy a license, but the material's copyright still belongs to the company or individual you bought it from. I'm a complete advocate of new business models which revolutionise the way money is made from music, and the crimes committed by Napster users is not theft - but it is obviously piracy, pure and simple. These people are not paying their license fees. The most surprising thing is how long it took for something like this to become an issue on the first unregulated and widely accessible information network ever seen (that's the Internet, for the slow or tired out there).
  • We have something that can control Napster. Let's hope it succeeds - people think they have a right to steal music, and they don't. Just because it's not physical theft, doesn't make it not theft.

    The artists (or the record company) own their recordings and have the right to do what they want with them.

    Middle class white collar theft is no less theft than any other kind of theft.

    Things about 'banning bots' etc are nothing set next to the fact that Napster is a tool for theft, plain and simple. These things are only used (or at lest 99%) to distribute stolen music.
  • by ichimunki ( 194887 ) on Wednesday November 22, 2000 @06:22AM (#607612)
    I was going to moderate on this story, but there's no moderation tag for "-1, Obviously Stupid", so I'll have to respond. Last time I checked, farming was one of the few remaining commodity markets in existence, which practically gaurantees that farmers are at the mercy of the few large corporations who buy the bulk of their products, and with the ongoing consolidations in the agriculturally-derived manufacturing industries (look at RJR Nabisco, look at Pillsbury being merged with General Mills), expect this to get worse.

    It simple economics, the fewer buyers there are, and as long as sellers are mostly dependent on those buyers, the buyers will be able to set their price about as low as they want to. Where I live in Minnesota, this is a continuous issue-- where families that have farmed for generations are now having to find other means to make money since farming is becoming increasingly unprofitable at the smaller, family-sized farm level. In fact, there is a large movement, especially among the devotees of organic produce, to support locally-owned, family-style, non-corporate farms in a very direct way (through co-ops and such).

    In other words, this analogy is flawed, I hear about farmers being ripped off a lot more than I hear about rock stars being ripped off. I also hear about farmers consistently losing ground through no fault of their own. Given the ease of capitalizing a CD pressing and the incredible number of outlets for same, I can't say I have the same sympathy for musicians too dumb not to whore themselves to RIAA member corps.

  • since when is it the responsibilty of napster to track ownership of files of anyone, for anyone?

    since when is it the reponsibilty of nampster to observe and report events on the internet to anyone?

    i think napster has done a service to the music community, because i find myself buying more cd's, because i can 'test' listen to them on napster. before that, i just waited.

    i would dearly love to have my children listen to the wit and humor of bill cosby. but just try and go to the store and buy one of his albums.

    i am to busy working on the internet to deal with the nonsense that the music industry is throwing in my face. the 'prosecution' would be well advised to consider the glorious industry of buggy-whips when challenging internet interactivies.

  • The guy that reversed engineered the protocol said that you only need to change one bit. What is to stop, say something like Gnapster to just change one bit at the start and end randomly? Will this affect the song playability that much? This an example where open-source clients are going to be so much better, especially considering an move by Napster to do this would be against their case.
  • Whoever marked the above post 'flamebait' LISTEN UP.

    1) The comment might have been serious, in which case it deserves an interesting or insightful

    2) if the comment was NOT serious, then it's a TROLL. Flamebait is when I call you a yellow bellied sneech, and besides that, you're a Windows user.

    A troll is when you post a bogus comment with the intention of getting numerous followups. Playing the devil's advocate is one example of trolling.

    Posting goatse.cx is NOT a troll. It's 'offtopic'

    BTW, this posting is also offtopic. If you must mod me down for this, please use the correct selection at least!
  • MD5 may not be the real means to track users or the real source of the files, but it may surely improve the quality of the files that you get from others.

    Using MD5 you can know for sure if your file is complete and was not corrupted in traffic.
  • Surely the DMCA only applies to music shared on machines within the boarders of the USA? So mp3 that originate outside the USA (which can now be identified by the MD5 footprint) could still be shared around?
    Probably not, but worth a try.
  • actually it took about an hour.. http://forums.napigator.com/read.php?f=4&i=20820&t =20820&l=0 (scroll down to last post)
  • Note: the system doesn't use _only_ MD5. Duh. Get a clue before flaming, you idiots. =) (Yet again, /. readers are the lowest common denominator) Listen to eMusic's teleconference about their setup: http://www.streetfusion.com/custom/MediaPlatForm/C ustomPageTemplate2.asp?MediaEvent=%7BE5B 4EE7D%2DBEFC%2D11D4%2D940C%2D009027EEA37A%7D&Conta ctID=0 (Free streetfusion reg required)
  • on a somewhat related note, i just noticed today that Dilbert is running a series of strips [unitedmedia.com] about musicians being paid with "digital tips." it's one of the funnier Dilberts in a very long while (and here i thought Scott Adams ran out of ideas long ago!)

    - j

  • It doesn't use _only_ MD5. Did you even read the press release? Go away and come back when you're not so stupid, stupid.
  • Let's face it, Napster has taken the concept of online music back ten years with its blatent support of piracy. Whilst the move to digital, downloadable music is inevitable at this point, Napster has made sure that the RIAA will move as slowly as possible whilst aiming for maximum control over every aspect of online music. If I were in the music companies place, I'd have taken Napster to court as well, they deserve whatever they get.

    Digital technology and the internet is doing this. Napster is just a tool. If it had not been Napster it would be some other similar tool. Napster was simply the first easy to use tool. Blaming Napster for this is like blaming the first web-browsers for spreading porn on the net.

  • So, why would you share songs if you don't want to share them?
  • And how, dare I ask, does one accomplish that?

    There are many simple things that you can do to make sure the file is the full song. Just look at all the search results and see what the most common song length is and there you go. Otherwise, lookup the song on some super huge online CD store like CDNow. They usually list the CD the song is on along with the length of the track.

    Damn it would be nice if some of those peering clients indicated if a file had Variable Bit Rate encoding, any fixed rate sucks rocks.

    Ahh, but you can do this with the Napster client. Just check for Bitrates that aren't in the set of numbers offered by most commerical MP3 encoders(ie 32,64,128,160,192,256,320, etc...). Those are usually VBR MP3s...

  • If you go entirely on the MD5 hash, you will get false positives: look at the "birthday problem" to see why. With literally millions of different songs on Napster, there will be many random "collisions" (as they are known in crypto circles).
    Uh, did you do the math here? MD5 is a 128-bit hash. The birthday attack reduces that to the square root, which means on average you'll need to generate 2^64 hashes before finding a collision. Last time I checked, 2^64 is quite a bit larger than "millions" (which is about 2^20). The magnetic particles on my hard drive platter spontaneously rearranging themselves into Britney Spears new single is more likely than any two songs on Napster accidentially having the same hash.

    To put this into better perspective, distributed.net [distributed.net] has been trying to find a single 64-bit key for close to three years now and the key rate is up to 121 billion keys per second without success.

    Burris

  • Isn't that gaydar ?
  • Why should this make Napster "dead meat"?

    Napster's strategy seems to be to hold out for as long as possible, then settle with the big record companies. They've already started. The Napster folks can get rich and avoid getting sued or jailed, the RIAA can hide behind the Napster brand, and maybe there are some bucks to be made from the inertia of all the Metallica downloaders who stretched their brains to get on the site at all.
  • I seriously doubt this is the way MP3-compression works, but I'm aware that you're being sarcastic here.. ;-)

    - Steeltoe
  • If you read your CD it says that it is illegal, without prior consent, to copy it to another form.

    There is a problem. See, these fuckwits have no way (nor do they have the right in reality, imo) to tell me what I can and cannot do with something I bought when I'm using it in the privacy of my own home/car/other for MY enjoyment. I can do whatever I want with the stuff I purchased as long as I'm the only one involved.

    Of course, my argument stops being valid once I distribute it.

    --

  • Apparently the author of this article hasn't listened to any Metallica songs recorded in the last 5-10 years.


    ---
  • When it comes time to pay for Napster, what will happen to the web based Napster client over at www.invalidpagefault.com? [invalidpagefault.com] A single Web-Nap provider could purchase an account for the aprox 5$ a month that it is going be and offer access to all at no charge.
  • I agree with you that taking something without paying for it (e.g. Napsterizing music) is wrong, but what are the alternatives? I refuse to give my money to the record companies, I want it to go to the artists. What can I do? Send money directly to the artists for each song I download? (A sort of Street Performer Protocol...)

    What's an ethical but not-willing-to-pay-the-pay-the-big-record-companie s person supposed to do?

  • fine, then let's take away your guns (or everyone elses) and let the government walk all over us.. or other countries for that fact.. since guns kill people. Oh, and take away music in general, because some of it is obviously "bad" and replace it with "good" music. When some rapper makes a racial slur about his own people.. Those are evil as well. Why not stop driving your car now, because walking is *much* safer? I dont think anyone is out to hurt the artists here. Hell, courtney love actually sued her own record company because they were sueing napster and she wasn't getting her cut. But the current way to distribute cds isn't working, OBVIOUSLY (otherwise, why is mp3 so popular?) I wouldn't want people to steal my music.. but at the same time, what are my other options to getting my hands on music? I know it's not a right to own it (if I can't afford it then I should just not buy it). So, next time you buy a cd, think of me and my poor family sitting around watching a black and white tv listening to records from 1945 (when I could afford them). Otherwise, don't tell me how to live. And if they made a new car that was soo much safer, would you want all those beautiful 60's and 70's classics destroyed? My friend, judging by your slashdot login, I think you have alot of growing up to do, even if you are older... age doesn't imply maturity.
  • Did you even listen to the teleconf? The system _does_ use PA modelling.
  • I find it amazing this got modded up.. Anyway, Napster is a tool -- but not one for theft. It can be used for theft, but so can the Internet. So can Usenet. So can my car, ad infinitum. Napster does have a "no bots" policy -- because they're doing this in the name of Good, they should be able to walk over that? What if I made a rule for my DNS server that I didn't want anybody packet sniffing? It wouldn't stop anybody -- but then they'd also be violating my policy. If Napster has a "no bots" policy, it won't stop many people from using bots - but they're violating the policy. I come to my previous statement; Are they allowed to do this just because they're in the name of ethics? Morals? Commander Joe? I don't quite think so, myself. Nobody ever claimed to have a right to steal music, last I checked. I wonder - Did you use the "preview" button before you submitted?
  • If the RIAA moves slowly this will only encourage people to copy more music illegally, since 99%+ of the songs on Napster were originally ripped from legitimately purchased CDs. Napster should spur them on to find ways to make it possible for people to easily get music over the net. Since searching for a completely secure method of distributing music is going to be futile, anyway, they should concentrate on getting money from people by giving them what they want.
    Of course they may well be too stupid/naive to understand this, but then they should be replaced with people who aren't.
  • eh...i'll give you 50/50. Napster is theft, plain and simple, but more importantly it has opened people's eyes to a new way to do business. And although I do consider it theft, I see it in the same light as the misdeeds of Robin Hood...stealing from the rich to give to the poor. There's no reason that a cd should cost $17. Were it $5-10, yeah, no problem, I'm there. If Napster does adopt the pay-per-month thing, i'll be first in line to sign up for it. Clear conscience and music? Where do I sign...

    --trb

  • What teleconf? I'm talking about the Wired article.

    Even thought "acoustic fingerprinting" is mentioned, no importance whatsoever is given to this technique.

    Flavio
  • Finally, in order to calculate an MD5 hash, you need to download the whole file. EMusic plan to download every single file on Napster, just to check for files they claim rights to?? This, I must see!

    the napster client already sends your MD5 info into the servers on login, it was used for auto resuming which has been disabled now..and it only MD5's the first 300k so if you have an incomplete file that's 350k and the full file is 5Mb the MD5's will match as the first 300k will be identical and we can safely assume it's the same file and resume regardless of filename.

  • The BSA could actually do this in about 3 years, using TEMPEST radiation monitoring equipment.
    Check these URL's:
    http://www.sciam.com/1998/1298issue/1298techbus4 .html

    and

    http://www.newscientist.com/ns/19991106/newsstor y6.html
    ========================
    63,000 bugs in the code, 63,000 bugs,
    ya get 1 whacked with a service pack,
  • I'm sure if the Napster servers don't, the opennap ones will :)

    Bye bye snoops!!
    ========================
    63,000 bugs in the code, 63,000 bugs,
    ya get 1 whacked with a service pack,
  • next thing you know they'll be telling people they can no longer loan their cd's to their friends...
  • I wasn't actually referring to the content of the traded mp3s but more to the quality of the mp3s themselves. Finding songs worth listening to is a bit of a challenge no matter where you look for them, be it at a record store, CDNow, or Napster. Dark side of the moon is also one of my favorite albums. But if I were to search for "Pink Floyd Money" on Napster chances are that what I would download would be complete and total shit. What I see as part of the value of paying for an album is getting a competent audio engineer to make the master that gets stamped onto the disk and not having that work undone by some AOL user trying to rip their CDs into a lossy audio compression format.

    I agree with you that there is a great deal of crap on the market. There are also some real jems. Lately Blue Note has been releasing some of their prize recordings on CD. Say what you like about music today being a rip off of everything good that was done by Pink Floyd, the Stones et. al. in the 70s, but remember that most of what they did was building on what John Coltrane and Miles Davis et. al. did in the 40s.
    _____________

  • I'd make myself look guilty on purpose. I'd take freely distributable mp3s, like ones from my friend's band dead composer, and modify them to look like metallica songs. Let's see them sue me for distributing songs I've got permission to distribute.
    ---
  • Well, if they don't start tracking, the BMG deal is off...
  • by Stavr0 ( 35032 )
    Last time I checked the MD5 check used in NAPSTER is calculated off the first 300kb (ballpark). So changing the last bytes of the files won't change the MD5.
    ---
    Inanimate Carbon Rod thanks you for your support. See you in 2004!
  • It really doesn't matter what you think it is; it matters what it is, legally.

    You can go on hollerin' about how, say, income taxes are illegal, and weed shouldn't be, and then withhold taxes on income from marijuana trafficking -- but don't be alarmed when the DEA or IRS comes after you. And, in court, you'd lose.
  • I hate doing this, considering I just replied to another post, but.. Policing Napster downloads isn't all fine and dandy, it violates their policy. If you agreed to the policy, you're therefore free to be banned from the service. Black and white. On or off. One or zero. That's it - nothing deeper. If there is an investigation system, then the only people who would be authorized to use it are Napster Inc., or people they in turn authorize. Besides, I have author permission on all 700 of my mp3's. I ripped and encoded them, gave myself permission.. Now, I don't allow you to copy them. Nyeh.
  • - The system uses Relatable's TRM open-source audio recognition engine in addition to MD5 checksums.

    See http://www.relatable.com/tech/trm.html for more info on it.
  • Dunno. Ask the hundreds of users on Napster that cancel your downloads, and message "Stop downloading from me!"
  • E-music held a teleconference about their system yesterday morning. There's a copy online... The URL is in one of my later posts to this article.

    The system uses Relatable's TRM "audio signaturing" software (which is open-source, btw.).

  • "People don't have the right to privacy when they are publicly making available infringing songs," Hoffman said. "A burglar doesn't have that right when he's walking with a television under his arm."

    What an incredibly misleading analogy. An mp3 is a digital representation of a song, not the real goods. Audio signals are removed and repetitous or similar patterns are looped, so what the listener is hearing is a reasonable fascimile of the music - no more. Comparing it to breaking into private property and stealing a television set is quite a stretch.

    Your Support for Napster Can Make a Difference [napster.com]
  • Well-- use id3v2 then :P
  • We have something that can control Napster. Let's hope it succeeds - people think they have a right to steal music, and they don't. Just because it's not physical theft, doesn't make it not theft.

    People do not have a right to copy music without permission under the current body of laws designed to compensate artists so that the increased body of art will further the public good. That being said, it is wrong to live under the contract of this society and disregard completely this piece of the contract.

    Unauthorized copying is not ethical under the currently accepted system of artist repayment in the US. However, this is not a universal ethical guideline, and in other places it may not apply. Unauthorized copying is in no wy, shape, or form theft. The artist still has the master locked away for themselves and no one looses access to the artwork (actually the record company owns the work). Stealing an idea is akin to talking away the notebook of secret plans, copying such a notebook is simply unlawful replication, and not theft. The only thing that is possibly lost when an mp3 is downloaded illegally is the monetary compensation which the record company is entitled to by agreed upon US law, and this compensation is only truly lost if the kid had some intention of actually buying the work.

    I am tired of the theft analogy. It was made up by software and record companies trying to sensationalize this entire process. Later society might realize that IP ownership applied to music has been in no way productive to society, esp. considering the downward spiral popular music has made in the last century, from baroque masterpieces and culturally viable folk art, to trite commercial music marketed to the LCD of the 14 year old population, with large stadium concerts (the worst accoustic environment imaginable) in which overpriced tickets result in riot and death.

    Furthermore, as an owner of over 300 legally purchased CDs, I have found that through false promises and illegal trade restrictions, the music industry more of less owes me about $500-$1000. Add to that the piracy surcharge I paid on my blanks I used to copy BSD and Slackware legally. Fair, no?

    You must own stock to actually support these theives.

  • Could you define the word 'complaint' for me?

    Thank you. ;)
  • by tewwetruggur ( 253319 ) on Wednesday November 22, 2000 @04:24AM (#607666) Homepage
    well, pooh. I had been working on shrinking hound dogs to the size of an electron to follow MP3's by scent. I'm sure I was only 2-3 weeks away from a major breakthrough on this, too...

    damn damn damn!

    and I already had the Milkbones ready for 'em.

  • by Darth Yoshi ( 91228 ) on Wednesday November 22, 2000 @04:31AM (#607673)
    A few quibbles.

    Whilst the move to digital, downloadable music is inevitable at this point, Napster has made sure that the RIAA will move as slowly as possible whilst aiming for maximum control over every aspect of online music.

    I would disagree. If anything Napster has accelerated the industry's move to online distribution. RIAA (and the music industry in general) is an established bureacracy who believe the adage, "If we're making tons of money from brick and mortar stores, why should we go online"? Napster et al, have given the music industry a well deserved kick in the butt.

    Napster really is not the future of online music, ...

    Strictly speaking, I agree, but I think something Napster-like may be.

    and has merely solidifed the opposition of a lot of artists to making their music available online

    And support from a lot of other artists, especially (but not exclusivly) indie artists.

    teenagers won't go out and buy a Brittany Spears CD

    You say this like it's a bad thing. :-)

    b) theft is still theft - the artists have not given their permission to do this and so anyone uploading their tracks onto Napster is infringing upon their rights to control what they produce.

    And here is the crux of the matter. A) The artists often do not own the songs the write and sing, the record companies do. Many artists get little or nothing from "their" music. B) Considering the record industries "creative accounting" practices (i.e., screwing the artists), many people seem to find it difficult to accept the record companies claim of the higher moral ground.

    I want to enjoy music I can download, and Napster stands in the way of this.

    You're entitled to your opinion. To restate my opinion, I think Napster has been a wakeup call and the record companies will have to move damn fast to come up with a consumer acceptable online alternative.

  • the napster client already sends your MD5 info into the servers on login, it was used for auto resuming which has been disabled now..and it only MD5's the first 300k so if you have an incomplete file that's 350k and the full file is 5Mb the MD5's will match as the first 300k will be identical and we can safely assume it's the same file and resume regardless of filename.

    If you go entirely on the MD5 hash, you will get false positives: look at the "birthday problem" to see why. With literally millions of different songs on Napster, there will be many random "collisions" (as they are known in crypto circles).

    Of course, you can then remove or randomise the hash from your Napster client. Since it is no longer used, why keep it?

    Then there's the problem Emusic will be using a bot to do all this - at which point, they get barred from the service for ToS violations!

  • by big.ears ( 136789 ) on Wednesday November 22, 2000 @05:10AM (#607678) Homepage
    Emusic [emusic.com] is one of the sponsors of the Freeamp [freeamp.org] open source music player (which has limited support for .ogg formats, and is available for Linux and Windows). They have teamed with a company called Relatable [relatable.com], and another project called MusicBrainz [musicbrainz.org], to categorize and catalog mp3s and cds. Relatable has a signaturing system that I believe uses acoustic fingerprinting--which is robust to small errors (or maybe even large errors) in songs. MusicBrainz takes these fingerprints and uses them to determine what songs you actually have, and then can use collaboritive filtering techniques to suggest playlists to you. I think this combination and seamless integration is making freeamp a very attractive player, although it still needs a little work and a little more help from interested developers.

    What does all of this have to do with napster and you? Well, freeamp allows you to download/stream music from emusic fairly easily (for a fee--something like $10 a month). So, if the napster distribution channel dries up, they become a quite attractive alternative. No more crappy searches, no more little red dots beside the songs, linux integration, artist-tipping support. Now, I'm not saying that emusic's actions here are good or bad, but do have a legal approach to digital music, while napster/gnutella/etc are questionable at the very least. They do support an open source project as well.

  • by synq ( 55040 ) on Wednesday November 22, 2000 @03:29AM (#607680) Homepage
    You have a point. Stealing things is not right.

    But opening a way to buy music while not letting the 'monopolist' record companies be the only ones to distribute it may make very well sense. Music that's not as good as other music may have a lower price. Plus, using the internet as a distribution medium is much cheaper than CD's that need packaging and handling.
  • Looks to me like it would be useful only for detecting stuff that was downloaded from a "legitimate" source (are there any?) and put unchanged onto Napster.

    The reason you're seeing this come from Emusic and not The Big Five(tm) is that Emusic are a legitimate source of digital music. Unless people go to the effort of purposely modifying the mp3 files they get from Emusic before putting them in their Napster directory, the files will be identical.

    Before now, there's never been any reason anyone would go to that effort. But now, I suspect you will see lots of utilities that flip some number of random bits in a file to destroy the signature.

    Incidentally, there are plenty of other legitimate sources, and they're growing by the day. The majority are band's own websites... often an exclusive remix or a live version of a song. As a current example, the official Nine Inch Nails site [nin.com] contains two tracks that were not put on the new remix album "Things Falling Apart".

    [TMB]

  • by GeekDork ( 194851 ) on Wednesday November 22, 2000 @03:32AM (#607686)
    Your modem/DSL/ISDN adapter is a tool for theft. Throw it out of your window immediately or I will sue your nuts off, bubba... ;-)

    This discussion is old and boring. Napster itself is a tool for exchanging music. It is, however, used to exchange "illegal" music(???).

    EMusic is using a bot on thre service and therefore should be banned from the network as anyone caught running one. I don't want to hear someone cry "it's a good bot!" or stuff like that. EMusic violates Napster' s TOS and even makes it public. There's no excuse for plain stupidity.

    Aaaah! My blood pressure's coming down again...

  • The md5 is created by the napster client stored in the shared.dat on windows machines and in ~/.gnapster/shared for gnapster. That is what is sent to the napster server for the search engine. All you have to do is alter the md5 in the file and poof, emusic's little bot is worthless. I made a dippy little bash script that scrambles the md5s in my gnapster shared file and then launches gnapster for me. No cracking involved.
  • I want to enjoy music I can download, and Napster stands in the way of this.

    Couldn't agree with you more. All that Napster really does is make lots more really bad mp3s avaliable to a huge audience and see that they get handed around further. I stopped using Napster quite a while ago because so much of the music there sounds really bad (as if mp3s weren't bad enough to start with) and/or is missing the end of the song. As far as I'm concerned, it's still worth some money to be able to buy an album and know that I'm getting something quality.
    _____________

  • I suppose you pay the farmer directly for everything you eat, right?

    Pope

    Freedom is Slavery! Ignorance is Strength! Monopolies offer Choice!
  • "You can't forge MD5," Weekly said via instant message. "Napster uses MD5 to fingerprint each song. The thing is, if you change one bit in the song, you get a different MD5. Meaning that if you try and track songs by their MD5s, and the users find out, they will be able to very easily modify their songs to have wildly different MD5s."

    Why not make this part of the file-sharing protocol? The user could click a box that says "Use anti-signature device" before downloading and a few unimportant bits would get flipped intentionally during download. Then, every file would have a unique MD5 signature.

  • by TheGratefulNet ( 143330 ) on Wednesday November 22, 2000 @10:04AM (#607711)
    BSA's "Pirate software detector vans

    huh? are the Boy Scouts of America into driving pirate-detector vans these days? I thought they were putting most of their muscle into gay-detection...

    --

  • They go through Napster to find cuts with "their" particular MD5 checksum. Every ripper, of course, creates bit-by-bit identical .mp3 files (needed to get the same MD5).

    Looks to me like it would be useful only for detecting stuff that was downloaded from a "legitimate" source (are there any?) and put unchanged onto Napster.

    As soon as Napster starts letting the record companies run bots against their servers, they're dead meat. All the record companies have to do is look for people serving stuff that *might* be theirs, and then download it to check it out. Of course, they'll have to keep downloading it to see if it has changed. Bandwidth? What bandwidth?

    --
  • by LostScorp88 ( 249884 ) <seldumonde@nOspam.comcast.net> on Wednesday November 22, 2000 @03:45AM (#607728) Homepage
    So, we are to assume that you NEVER right-clicked an image on a webpage and saved it and used it. Or that you never forgot to give credit to the original author for something you quoted. Or that you never, ever burnt a CD-R or gave someone something that may have been copyrighted (eg, a game or application). Well, you get the idea.

    Napster may be used for theft, but the software itself is not a criminal. All it does is allow people to download songs from others. Some people view Napster as this evil tool, when all it really does is allow people to trade music. They could do this anyway, but Napster makes it much easier and more accessible. Very few people truly abuse it. Most of the users just downloaded a few selected songs, making the total loss to the artist virtually nothing.

    And it's not like they make a ton on the CD either. They get very little of what they are sold for. Each song is worth cents. So buying CD's doesn't do them that much better.

    Finally, having a little bot to monitor the files you have is an invasion of privacy. Those files could be legitimate rips from CD's. In short, any attempt to monitor Napster activity is no better than monitoring where you go on the Net - it is a blatant violation of privacy. Do you want some machine looking over your shoulder, seeing you downloading that "evil" music? Don't think so. The future lies in freedom, not in the old way of selling CD's costing in excess of 15 dollars.

  • I agree with some points. Theft is theft. However, a good portion doesn't view downloading mp3s as wrong. Whether or not this is "morally" or "legally" wrong is irrelevant if the majority of society doesn't believe it to be so.

    Sharing files on Napster is no different than lending someone one of your CDs for a day. You don't know what they are going to do with it, perhaps they just want to hear more of the band, perhaps they are going to copy it and sell it on the black market. The only difference is that Napster gets more press because it occurs on a larger scale.

    I don't know what the solution to this is, but I think its unfair to say that Napster is completely wrong. Instead of trying to fight napster, the record labels should be looking for methods to compete with it, charging money if they desire, or finding ways to make purchasing records more popular. Peer to Peer is out of the bag. Even if they shut down Napster, there will be others. They should learn to adapt.

    My 2 cents... Captain_Frisk

The trouble with being punctual is that nobody's there to appreciate it. -- Franklin P. Jones

Working...