Please create an account to participate in the Slashdot moderation system


Forgot your password?
Music Media

Napster Bans Non-Native Clients 164

Anonymous Coward was the first one to write with this tidbit: "Napster is now refusing connections to anyone not running its 2.0 beta 10.3 client. Of course, this stops anyone from using a client not published by Napster. The error message that the Napster server gives you is: "::: server / You must upgrade your client at ::: error / You must upgrade your client at " The Napster website says: "Beta 10.3 incorporates new file identification technology", and nothing else regarding the matter that I can find. I know most people are using OpenNap and other file sharing services now, but I still like to connect to Napster to get lesser-known (and not banned yet) songs."
This discussion has been archived. No new comments can be posted.

Napster Bans Non-Native Clients

Comments Filter:
  • by Anonymous Coward
    The RIAA's attempts to stop online music trading via (as a start) r00ting Napster, are futile. Just move to another file sharing applications. Great eh? OpenNap iMesh Gnutella etc. etc.. Haven't bought a mainstream CD in 3 years - no big loss considering it's all teeniebopper 'label' bullshit. However, I do regularly buy CD's (online) from lesser known bands (which usually produce the best music), which didn't make it with the big guys (companys), because they don't a) Have tits or b) Look 15.
  • by Anonymous Coward

    I really need to memorize my password so I can log in at work; maybe someone is still paying attention to this thread and will agree with me enough to give me a Score: 1.

    I am starting to think that we would have been better off without Napster to begin with.

    I think mp3s--well, I prefer Ogg now--are wonderful, even when restricted to unarguably legal and ethical uses. I love being able put all the songs from my CDs on my hard drive and listen to them without the annoyance of skipping (which even brand new CDs seem to do sometimes, no matter how careful I am with them), or having to change CDs when I have ten CDs that each have maybe two or three songs that I really want to listen to.

    And, though probably not legal, I don't think it was necessarily bad when people would get a couple mp3s here and there from their friends, and expose themselves to music they weren't familiar with. I have a few CDs (from people who are now some of my favorite artists) that are a direct result of my first hearing some mp3s given to me by a friend. If it wasn't for the mp3s, I wouldn't have been exposed to those artists, and I don't have enough money to go around buying CDs without knowing ahead of time that I like the music.

    Trading mp3 music on this scale benefited people overall. Nobody got hurt; it probably caused more CD sales than it stopped, and it happened on a small enough scale for the record companies to not care. Even when you could download mp3s from various places on the net, it wasn't so bad because it was a pain in the ass like any other form of Warez, so it was restricted to a small subset of the population.

    Then Napster came along, and any ditzy wow-AOL-is-so-cool-"I've-got-mail!" 15 year old could download hundreds of tracks with a few clicks. And while I know many people use Napster very moderately, and even use it as a "try-before-you-buy" service, there still are countless people out there who have several CDs worth of unpaid-for music on their hard drives and don't give a crap about how anyone else is affected by it. There are colleges whose bandwidth got sucked up by Napster users, making it difficult for other students to use their Uni's net connection for serious research. Putting aside the ethicality of it, which has been debated enough, my question is: Is that situation what we really want? Do we want it to be so easy to get hundreds of mp3s freely that the possibility of paying for it might not even enter most peoples' minds? (I'm speaking of music published on CDs, BTW, not music from artists who specifically want to distribute their music as mp3s). It is because of this that we have The Big Evil Corporations trying to change music formats in ways that reduce our freedom.

    And, because of all this, we (by "we" I'm speaking of the high percentage of Slashdot users who care about "Free" and/or "Open Source" software) look very guilty by association (i.e. from vociferous support of Napster when they fought the RIAA, and now from the many suggestions of alternatives). To the masses, we end up looking just like the Warez kiddiez. Their attitude is sort of like: "They're just the same bunch of criminals, only difference is the software they steal is technically free anyway." But hey, why should we look any different if, along with getting our free stuff for free, many of us still try to illegally get our non-free stuff (e.g. music) for free too? "Sure it's legal that downloaded Linux for free, but even if it wasn't legal you would have done it anyway."

    Maybe you don't care what other people think of you; I normally don't care either. But when the 2600 folks go to court in a desparate attempt to defend their rights, and the judge is predispositioned to look upon them as a bunch of criminals, I start to care. When Microsoft can go around and say we're a threat to American society, and the masses listen, I start to care. I think many of you will care when Microsoft releases their "shared source", claims all our GPL'd software is illegal because we could have stolen source from them, and everyone believes them because they already think "those Linux users are just a bunch of free-loading criminals anyway."

    Is the easy trade of copyrighted music between people who don't even know each other worth it? Do we want to be associated with that?

    Anyway... I do like the possible legal uses of things like Napster, Gnutella, etc. But maybe it's time we start pushing harder for fair and legal solutions that benefit everyone (like micropayments or whatever), instead of putting so much effort into just circumventing the broken solutions that the companies have come up with on our own.

  • by Anonymous Coward on Thursday June 28, 2001 @03:51AM (#123460)
    Over at ( the last ever article on the rapidly dying "Napster" music service was posted today.

    News that Napster had started banning all non Napster clients was greeted with lacklustre response by readers prompting Slashdot to announce they will in future ignore any story submitions with the word Napster in it.

    "We'd been planning on doing this for quite some time" CmdrTaco told Slashdot.

    "When theres only 5000 users left on Napster they are obviously going to be people whose IE home page is, have a 64 x 64 shortcut to napster on their Windows desktop, and have to phone up AOL technical support every time they need to search for a song in order to get the l33t version of the name to type in. These obviously aren't the sort of people who read Slashdot"

    When asked "What about the first posters?" CmdrTaco had no reply.

  • Yes, it stops GNapster, Knapster, nap, webnap...

  • IMHO they are doing a Xerox PARC, snatching defeat from the hands of victory. They had millions of people on their servers, downloading songs, and due to their (and the RIAAs) stupidity and incompetance, now they have a few thousand, and very few songs. Bands in China LOVE napster, and encouraging pirating of songs, except over there they call it "sharing". See, they make money off of concerts, and the more people who listen to your music, the more people will like you. If I'm forced to pay $20 for something I may or may not like, chances are I'm not going to put out the money.
  • I think you misread his statement. By "them" he was referring not to the company, but to the users. Other than that, I agree with your poste.
  • I am on a 192.168.*.* address behind my firewall and I am uploading and downloading files to/from people when using LimeWire [].


  • [I've never used Napster, so apply the appropriate amount of salt.]

    Assuming anyone gives enough of a damn, how could Napster effectively enforce this? If online-game cheaters can reverse engineer the protocol, despite the best efforts of the games' originators, how is the Napster protocol any different?

    The worst that might be called for would be to download the officially-blessed code, root around in it for the key to its digital signature, or perhaps send a hash of a bit of the original binary, and mimic it in your favorite flavor of deprecated client. Napster can't win, they can only get momentary advantages.

    I can see how many would consider this more effort than it's worth, but there must be a number of hackers for whom this is just an interesting challenge.

  • Yep, AudioGalaxy sure rocks. The featured artists section is good, and has introduced me to a few bands I had never heard of.

  • Yes it does. Say hello to OpenNap....
  • Poorly-thought-out-analogy:

    "These radio staions broadcast by airmusic inc. are only avaiilable in a Ford (tm) car, truck, minivan, or suv with a Ford (tm) factory-installed stereo. Want to listen to them? Go buy a Ford."

    Seems wrong, somehow...but yes, it's well within their rights to do so.
  • long till those of us on a linux/BSD OS can connect up to this? Someone's got to be reverse-engineering ithe protocol...

    OTOH, Gnutella is alive and well, despite it's quirks - and Freenet is starting to get usable. =)

  • I'd definitely agree with this... I've been using it for a couple months now and I can't think of anything I haven't been able to find on there. Even better, it has video and image search just like Scour did plus a couple other categories (documents and software i think).
  • Who's to say the filtering isn't being done client-side? It would make sense if the filtering component was small/simple enough to include with each client. Puts all the load of fingerprinting and filtering all the songs on the client, not only reducing the workload of the server but also the bandwidth used between the client and server. I have no idea how exactly they're doing the filtering. But it would certainly make sense to me to do it at the client level...
  • I think someone did... thats why Napster has perpetually been in beta (Beta 10.3? geeezus). at least they've recognized all this time that their software was barely beta quality and honestly kept calling it that, instead of rushing that sub-par quality software out as a "release" version...
  • Some people think Shawn Fanning's greatest masterwork was creating Napster; in fact it was getting the hell out of there before it came to this.

    what? shawn hasn't left.
  • Since Napster is taking the big leap, shedding a huge number of users by forcing all of them to download a new client, I'd hope for their sake that they made this the last download its users ever need.

    Does this new version have a self-updating feature like Windows RealPlayer and AIM do? As it is, by not putting in such functionality much sooner, they've diminished the value of their one real asset: the size of their user base. If they don't have it this time, they're just pathetic.
  • he best place I have discovered so far, to download MP3; is
    DANGER! DANGER! DANGER Will Robinson!

    Audio galaxy is spyware []!!!

    Knowledge is, in every country, the surest basis of public happiness.

  • Even better than Kazaa is Morpheus (, with the same system as Kazaa, but a whole helluva lot more files online. I've been able to find all but two tracks from an obscure 60's folk LP that's sitting, scratched, somewhere in my mom's basement.

    What I'd still like to see is more meta-searching capabilities in clients. Kazaa and MusicCity both seem to be the same software, but different communites (Kazaa found 12 "New Christy Minstrels" songs, Morpheus found 58). Why can't they search one another? What about plugging into OpenNap servers? And what about searching multiple OpenNap servers at once? It's frustrating to have to choose between one or another system, and I'm not about to run a search on Morpheus, then Aimster, then Kazaa, then two or three different OpenNap say nothing about connecting into one of the many gnutella nets...

    Any solutions out there for that?

  • by FreeUser ( 11483 ) on Thursday June 28, 2001 @05:20AM (#123477)
    Yes, Napster can do what it likes with their servers, up to and including actions like this which make the service vastly less useful to their customers, and unusable by anyone using a real OS.[1]

    What you imply in your statement (however inadvertantly) is that, because Napster may do what they like with their own servers, their customers should not speak up when they do something those customers don't like. Nothing could be farther from the truth. One of the key ingredients to a healthy and successful free market is customer awareness, and the ability of consumers, and groups of consumers, to share their experiences and complaints with one another and to find a competing product when the service they are getting is of poor quality, overpriced, or has other drawbacks (environmentally unfriendly, invades ones privacy, whatever).

    Consumers informing one another that a particular product or service sucks, and letting each other know about better alternatives ... kind of like, no, exactly what is happening here.

    [1](Gratuitious anti-MS Jab as counterpoint to the recent plethora of gratuitious pro-MS Jabs at Free Software): Real Os defined to be one not written or sold by Microsoft.
  • Even better than Kazaa is Morpheus (, ...

    Yes, because would have been so much more difficult to remember. On the other hand, maybe I should be happy any time a chance to fill up the 'net namespace is missed. I know I cheer inside everytime I see rather than

    Caution: contents may be quarrelsome and meticulous!

  • by ethereal ( 13958 ) on Thursday June 28, 2001 @05:15AM (#123479) Journal

    According to this story at [], this is to comply with RIAA-imposed filtering criteria. They aren't even going to allow older versions of their Napster client, so you know other peoples' are out the door.

    Favorite quote: " This means songs that aren't on the record companies' list will have to trickle back into circulation a little at a time as Napster ascertains that they are or aren't on the must-block list." So essentially the RIAA has won the real war here - everything not from the RIAA has been removed and presumed guilty until proven innocent. Maybe Napster was a great exposure space for indie musicians before (personally, I doubt it) but it sure isn't now.

    Caution: contents may be quarrelsome and meticulous!

  • This will only make fewer people use it.

    The three other people who still use Macs are pissed, too.
  • Surely this was inevitable, with the court rulings raining down on Napster, and it signing deals with various companies and organisations [].

    The company has to ensure it's following the court rulings, and letting any client connect exposes it to the very abuse it's been charged with encouraging.

  • I still use Beta 6 and cannot get on Napster now, but I start up Napigator and choose a server from there, double click and I'm connected. Not being able to get on the Napster network is no great loss, it has been useless for months.
  • I do all the work. I supply all the bandwidth. And then I pay Napster a fee so that others can download my files? And, for some odd reason... they think we are going to go along with this plan!
  • You use the word 'customer' a few times in this comment....

    From WordNet (r) 1.6 :

    n : someone who pays for goods or services [syn: client]

  • Hello and welcome to last week!

    I thought we already came to a consensus that Napster was irrelevant?
  • Try Aimster. We released our Mac beta on Tuesday. []


  • by mindstrm ( 20013 ) on Thursday June 28, 2001 @03:09AM (#123487)
    It's napster's servers.. they can do whatever they want.
  • I'm not at all sympathetic with Napster Inc., or its client base. They filter my own original [] non-RIAA music. I use the Ogg Vorbis OpenNap server at to distribute my own music, search for Rick Dicaire.
  • Someone should remind Napster of the difference between "Beta" and "Production" quality.
  • If their server requires a "beta" version, that's the production version.
  • The best place I have discovered so far, to download MP3; is It's web based, You can resume stoped download too. Very easy to use. You can can easily discover new artists too.
  • If they were going for straightforawrd comparison, your correct.

    However, consider this: You can recognise a song, from, say, 10-20 seconds of it?


    If the way that _you_ recognise the song (which is indepentant of encoding, bit rate etc), is implemented in a computer, then provided that a human can ID the song, no matter what it is, so can a computer.

    The way to do this would be to use some extremely harsh psycho acoustics - like those used in MP3 or Vorbis, but throw away a lot. Given Naptsar is MP3 only, I'd extract the key parts of the song that exist at really low bitrates, and assume that they must be present at all bit rates. Then look for those.

    It's difficult, yes. Artifacts are a big issue too, but I beleive it's perfectly possible.

    Note that this approach does not inherently use a neural net, but instead attempt to mimic the pathway between the ears and the cereral cortex. This reduces the problem to one asking if two files, of known representation, are similar, a difficult, but known to be soluble, problem.
  • Yes they can. However this doesn't justifie it as right. This means
    that some people using Linux or any other OS that they don't support
    will not be able to use their service.

    And again, so what? There's nothing inherently wrong with that ideal.

    If Napster, or Microsoft, or Bob's House of Software doesn't release versions of software for Linux, then so be it. That's their call, not yours.
    If they also decide that you can only access their service using their client, then there is also nothing wrong with that.
    They have a complete right to do that.

    There are good points and bad points to any OS. One of the negatives for Linux is no Napster. That's Napster's call, and it's completely right.
  • Ummm... let's see....

    Tool - Lateralus is an awesome cd. As is....
    Radiohead's Kid A. As is.... Linkin Park's Hybrid Theory. I could go on and on. The thing is, I agree that there is a *lot* of crap out there, but don't forget about the few good bands left who make music for the sake of making music, not the money.
  • And again, just because they can doesn't mean they should. Did you think if you repeated your point it would be any less boring?

    Don't forget, I still have the right to tell napster to go fuck themselves.

    And, I don't think they are making a "completely right" call by refusing to do a linux client. Just because you release an app only on Windoze doesn't mean it's any safer from hacking, manipulation, or shenanigans.

    Boss of nothin. Big deal.
    Son, go get daddy's hard plastic eyes.

  • I use lopster [] from my linux box at home. And I wasn't able to login to napster network.

    Now if i use openNap, do I still need a working napster login? how does this work? thanks LL

  • 31337songtitle.gz.mp3 After download, it will be necessary to transpose the .gz and .mp3 extenders then gunzip the resulting 31337songtitle.mp3.gz. Let's see how the acoustic fingerprint thingy likes that.
  • I've been using the Linux client for a few days lately, and it's really nice in terms of HOW it works, but the UI and installation procedures kinda suck.

    First off, you have to get the accounts.txt file right, and that was rather tricky to do for me (for some reason). Probably had to do with failure to read the text file which says how to do it :)

    Secondly, you have to know that their servers are perpetually overloaded, it seems. The end result is that, even though I'm downloading (and can see the file size change), the server will consistently report that my satellite is offline at almost any time I try and use it.

    That having been said, it's a great service, and I recommend it. Just pay close attention to the docs, as it's easy to get tripped up.

  • Er... It's more likely that your ISP has banned it. Or Napster had a server outage when you tried to connect.

  • Shit, ignore that. I didn't read the damn article.

  • Whoop-de-do. Has the demise of napster made a dent in file sharing? Nope. People just use ICQ/AIM or any number of other alternatives. ( Rather than have the problem in one, great big centralized location where the record industry could reap a fortune from it, they've thrown water in the oil fire and now it's everywhere. Great long-range thinking, guys.

    The fight wasn't about file sharing, anyhow. The music industry makes their money of prepackaged crap that the kiddies buy and the marketting therefrom. They were worried napster could spawn a indy revolution with the illegal file trading as the catalyst, and they brought the smackdown.

    What do I care, anyway - I'm CANADIAN, and I can copy music for MY OWN USE, LEGALLY. Hahaha. Go CDR levy. There's one fact the RIAA and napster aren't spreading around.. but they got their little levy.

  • I think the Communications Act of 1934 gives me the right to tune into any sort of radio transmission. The above analogy is poor because in the case of radio, the resources used to transmit the signal do not increase if more people listen. You're not really creating a link to the radio station. The signal is passive. In the case of an AIM server or Napster, you must actively create a connection, which uses network and computing resources.

  • I don't think anyone is arguing that they can't be allowed to do this. I think it's more a question of "should", or, at the least, that it seems to go against our community's acceptable practices.

    For me, this is another example of a company which ignores their users and instead strongarms them into doing what the company wants. Companies don't HAVE to act like this-- there are many who don't and still flourish. It's just more encouragement to develop open-sourced hands-off alternatives.

  • by British ( 51765 ) <> on Thursday June 28, 2001 @05:07AM (#123504) Homepage Journal
    I stopped using Napster when the most popular song online(and the only one was) was by some band called "No", with their hit single "Matching Files Found!"
  • This is shameful. Napster should shut itself down while it still has a shred of dignity, before it becomes a free marketing tool for the RIAA.

    Some people think Shawn Fanning's greatest masterwork was creating Napster; in fact it was getting the hell out of there before it came to this.
  • If they really wanted to be careful, they could require periodic cryptographic-based challenges. For instance, the server could require an RSA-computed signature of a random set of bytes (perhaps the concatenation of two contiguous sections of the binary), where the binary contains the encryption key in some obfuscated form, and the server retains the decryption key for verification.

    Bypassing that sort of system can be done, but it'd be a bear requiring disassembly of the binary to find out the key, and would require embedding the binary with any workaround -- or, finding some odd proxy-based solution to use the official client to answer, without letting the server know that there are actually *two* clients running.
  • Even I agree that this is overrated.

  • by dimator ( 71399 ) on Thursday June 28, 2001 @03:25AM (#123508) Homepage Journal
    The error message that the Napster server gives you is: "::: server / You must upgrade your client at ::: error / You must upgrade your client at"

    Actually, this is not true. I just tried it, and the actual error message is:

    ::: server / Why are you still using this service? Napster officially sucks.

  • Now wait a minute ...

    > Download from multiple sources- not only makes
    > things faster, but if one guy you are
    > downloading a 600MB divx from loses his
    > connection right before you finish, you can just
    > get the last 5MB from someone else

    This assumes both versions of the downloaded file are identical TO THE BYTE. I don't know about you, but I tend to change the idv1/idv2 tags of mp3s, and rename images / movies when I download them (including CD / DVD / DIVX rips).

    Downloading from multiple sources is a good idea in Theory, but unless there's a hash-checksum associated with each file, I think it's just wasted effort.
  • In reference to you sig, I understand your point. However, economics deals with the flow of money, and a mother at home raising her children is not part of the earning-spending cycle, and that is why she is considered to be out of the job market, and therefor the "real" economy. No sane economist would doubt her value to the economic system, but she is not part of the system that is studied.


  • My preferred Napster substitute is now AudioGalaxy. Works pretty well..have found lots of good tunes I did not find in the last spasmodic months of Napster as a matter of fact...
  • How well does audiogalaxy's Linux client work. I have had problems getting it to work in the past.
  • morhpeus sucks dogs balls... it is soooo slow. Wtf did they write it in, JAVA... unbelievable
  • Some posts mention alternatives to Napster, but I have not seen this one: [].
    I admit I haven't tried it myself, but it seems it's a P2P with a Windoze AND Linux client. Anyone has tried it?

  • A boycott of napster is pretty much redundant at this point. They've managed to drive off most of their customers without any outside help.
  • Ever since all of those great opennap servers of MusicCity switched to their own Morpheus client, my Gnapster program has seemed next to worthless (and I haven't tried it for a bit...)

    Are there any good opennap networks up now? Is anything being done?

    Yeah, that annoyed me too... however, there IS help available. I personally use gnapfetch [] to download OpenNap network lists in formats both Gnapster [] and TekNap [] could understand. Of those, I personally prefer the OggVorbis and NecessaryEvil networks... while they are frequently full and take a couple of minutes to get in, actually getting a connection to the servers is usually not a problem (as opposed to other networks) and the selection is fairly decent.

    Just my $.02...

  • by OakLEE ( 91103 ) on Thursday June 28, 2001 @03:24AM (#123522)
    Let's just face it, your grandaddy's Napster is long gone. Even though most of you refuse to acknowledge it or worse even try to justify it, we all know that most of what we downloaded off of Napster was stuff that we hadn't bought and didn't own the rights to. Now I know some of you went out and bought whatever your downloaded, or were meerly "sampling" the music (whatever the hell that means), but personally I gave up any hope of finding anything once I started having to type in "1337" phrases like "|24d10h34d", "J1/\/\/\/\y h3ndr1X" and "0utk4$t" to get past the filtering software. It was a good while it lasted but I think we can finally declare Napster dead! Actually we could have done when the report about it only having 5000 users sharing 18 gigs of music came out, but the prophecy of Napster being the sacrificial lamb that many of us secretly new it would has come true. I say just cut your losses, and move on to programs like AudioGalaxy, Morpheus, whatever soots your needs. When getting stuff off of the Gnuetella is easier then getting the same stuff off of Napster, you know the program is doomed.

    Just my 2 cents, sorry for the cyncism, but we need to face the truth here.

  • The reason they're going with the new version and the new way to identify songs is so they can offer more songs on the service again.
  • I've had mixed success with Gnutella.. The biggest problem is that it doesn't show you the bitrate that the mp3 was encoded at.. I tend to like mine at 192 or higher, most of what I pull from Gnutella is 128. The other thing is, with a large number of clients (lime wire being the biggest problem) will give you results with the sharing IP as a 10net or 192.168net address.. these are not routable on the net, so you can't even get files from them.

    Also, I'm not sure if this is a problem with just this program, but the same has happened with other.. When using bear share and I search for say "Pi Soundtrack" I get results for anything with either of those words rather then the google type of results matching that exactly.


  • I'm sure is the RIAA asked Napster to create a "spying client" for them it would be done. It shouldn't be too hard for them to add another client to the "approved" list that the server will accept.
    =\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\= \=\=\=\=\
  • Certainly, Napster CAN do this. I haven't seen anyone saying that they can't do this, that it should be illegal, that they should be sued, etc. But just as Napster can do what they want, we can do what we want too. And that includes sitting around bitching about Napster's poor decision making or even organizing a boycott of Napster. No one is questioning their right to make the decision; we're discussing the intelligence (or lack thereof) of the choice.
  • This is NOT the same free trading Napster I knwe.

    R.I.P. Napster. Have fun RIIA.
  • by pallex ( 126468 )
    The error message that the Napster server gives you is: "::: server / You must upgrade your client at ::: error / You must upgrade your client at"

    you`re saying theres an error in the error?
  • start using Morpheus [] or edonkey2000 []. These networks are a little underpopulated now, but they seem to be gaining userbase. Both support the ability to download one file from many people at the same time, I've seen aggregates of 130k/s downloading from 5 different users. Steal your music just a little bit faster.
  • What I really wonder is if this means that bootlegs will now be resurrected on the napster system, since they are generally not copyrighted by the Record company, but by the artist. Many artists allow bootlegs to be freely distributed. Personally, that's the only reason I used napster in the first place, was for the bootlegs which I couldn't buy in the stores anyway.
  • Isn't this something like AIM's authentication for the oscar protocol? Many groups (trillian [], jabber [], gaim []) have found ways around that. Is it conceivable to trick the Napster servers in a similar way? Not that anyone who would bother with CVS nightlies hasn't already found a better alternative.
  • I can confirm that the new client does work, but it only lets me share 5 files. :-/
  • It sounds like you're not familiar with the TRM algorithm; it's designed to produce the same signature even if there are slight differences in the original audio.
  • It's their server, they can code it however they want. If you can't code your way around it, whose fault is that?
  • by Sebastard ( 142754 ) on Thursday June 28, 2001 @05:04AM (#123548) Journal
    How can you call Morpheus under-populated?

    Last time I logged in:

    231,995 users online, sharing 20,357,000 files (91,722.0 GB).

    I've been using it for a few weeks now, and while it has problems and little annoyances, it's by far the best P2P client I've found (for Windows only though).

  • this will probably foil their fingerprints.

    instead of ripping 1 song at a time, rip songs and append them together (2 at a time). 2 isn't too bad from a bandwidth/download perspective; and since the time duration and signature won't match any single song they have on file, I predict it will foil their detection algorithm.

    fight fire with fire. if they catch on, then reverse the order of the songs you append as couplets. let them waste their cpu cycles endlessly fingerprinting random couplings of songs.


  • It's Opennap and mIRC for me now.
  • by Rackemup ( 160230 ) on Thursday June 28, 2001 @04:04AM (#123554) Homepage
    From what I understand, the new "file identification technology" they're using is the acoustic sampling methods which ID a song despite how the file is named.

    Apparently they take random samples of files shared by users. The server requests an acoustic fingerprint for a song shared by a user, your software takes the fingerprint and sends it back (without your control) and the pattern is compared or added to their database.

    That means that renaming Metallica songs to "Metalica" wont have any effect since it's using the fingerprint and not the actual file name to ID the song.

    As far as I'm concerned Napster has been neutered and it's only good for finding music by non-mainstream bands now. I've actually found a few good songs through their "discover" artists tab, but havent been able to find some songs to sample from a new CD by a band that I actually like.

    I'll probably still use Napster to search through occasionally, but it's back to IRC for my normal music downloading. It may not be as pretty but it gets results.

  • by Skuto ( 171945 ) on Thursday June 28, 2001 @03:41AM (#123556) Homepage
    >The other thing is, with a large number of
    >clients (lime wire being the biggest problem)
    >will give you results with the sharing IP as a
    >10net or 192.168net address.. these are not
    >routable on the net, so you can't even get files
    >from them.

    They are not routable on the net, but they _are_
    routable on gnutella via push messages. Those
    addresses basically mean that the client is
    behind a firewall and cannot accept connections,
    but it _can_ send you the file.

    If such a client generates a hit on a search and
    sends it result back all clients on the path
    between that client and the originator of the
    search keep routing information for the 10.x or
    192.x address.

    If the searcher requests the file it generates
    a push message that is sent along the path the
    hit came from.

    The reason why the 10.x or 192.x addresses are so
    unreliable is that many old clients handle them
    wrong. If one of those is along the path you
    will never get the file, but if all clients along
    the path are ok, 10.x/192.x addresses work just
    as fine as any other.

    The reason why you percieve limewire as more
    prone to this prolem is that it is less picky
    in allowing connections from older clients, and
    hence theres more chance that a bad client is
    inbetween a limewire client and yours. But there
    is nothing wrong with the limewire client itself.

  • As of 6:01 P.M. PST:

    3,602 users sharing 7,693 files, totalling 30 gigabytes.

    CLEAR! (Pzzt-thump). CLEAR! "I can't get a pulse anymore, doctor..."
  • I just took a packet-by-packet look at what the new Napster client is doing (included below).

    Summary comments:

    It looks like they may be doing some low-level authentication in TCP headers, but not clear. Other than that, the client identifies its version number. All of this is simple enough to fake, perhaps by putting a proxy in between your client and the server. No "scan of your hard drive" is necessary to let you download files.

    Will follow-up as I try to get an old client to connect.

    -- SESSION ANALYSIS ----------

    1st - negotition w/ (MTU, etc) [new]
    2nd - handoff to server
    3rd - awk, negotiation with server
    (some serious packet exchange here, looks like data maybe being passed in TCP headers, 'other options')

    packet 16: data from client, non-human-readable
    packet 17: six 00 bytes from server
    packet 18: login and client IDentification (will this alone work???)
    packet 19: six 00 bytes " "
    packet 20: ' 993776103' from server
    packet 21: no data, from client
    packet 22: "intro message" from server -- esp. interesting is "we'll soon be disabling future versions"
    packet 23: tcp only packet from client
    packet 24: first request from client, ie, "...+FILENAME CONTAINS \"doors"..." (standard Napster protocol)
    packet 25: tcp-only from server
    packet 26: first part of response stream from server (looks to be standard from here on out, except that the client keeps sending tcp-only packets... pings?... not much place for data in what they're using...)

    [I then proceeded to download a file without any other monkey business occurring]
  • They are not routable on the net, but they _are_ routable on gnutella via push messages.

    Unless both machines have unroutable IP addresses. My work machine uses, but gets masqueraded through a Linux box. As such, it generally can only initiate connections, but it can't receive them. (Presumably, the push message tells such a machine to initiate a connection to the client, to get around this limitation.) Now someone else who's in the same situation wouldn't be able to connect with me, since neither of our machines could be the one to receive a new, incoming connection. As such, it'd be nice if the client (I use limewire) were smart enough to let me filter out all the non-routable IP addresses. I know it can recognize them, as it highlights them in red. But I found nothing in the options that would let me auto-ignore what're more-or-less worthless search results.

  • But that is just phase one of Napster's plan. Phase two is the pay service. Napster has licensed MusicNet's new software to allow paying users to share blessed files (those from labels Napster has bought off, like this week's deal with European labels). The catch is that files will be "limited in quality" and users will be "unable to burn downloads to CD". Basically, the new software which they are beta testing right now shares little to no resemblence to Napster's current software.
    I doubt I need to point this out to anyone here but this is suicide for Napster. People may be willing to pay a subscription for Napster as it was but a pay-per-download system will not fly unless it's extremely cheap. Especially with the sorts of limitations the RIAA obviously want to impose.
  • by TheOutlawTorn ( 192318 ) on Thursday June 28, 2001 @03:04AM (#123566)
    One Ferrari GT, slightly used, under 30,000 miles, runs great. Contact Shawn Fanning at
  • Oh well, back to borrowing CDS from the library and friends and ripping them to Ogg Vorbis. Plus I expect the more people get used to digital music and have access to CD writers, the more the shelves of used CD stores will swell with decent CDs.
  • by Magius_AR ( 198796 ) on Thursday June 28, 2001 @05:45AM (#123568)
    How could acoustic fingerprinting work?

    All you'd have to do is record at a different bitrate or normalize the song differently, or change pitches slightly, and it would no longer match.

    I find it hard to believe they can account for all these things. Not to mention they'd have to scan the entire song, because of differing file lengths, they couldn't simply grep out a specific "time-slice" of info. That'd be murder on mem/cpu processing time.


  • Audio Galaxy.
  • by 11223 ( 201561 ) on Thursday June 28, 2001 @04:53AM (#123571)
    Wow! A comment from the article author! How rare!

    Oh, wait. Nevermind...

  • by nerk88 ( 204690 ) on Thursday June 28, 2001 @03:45AM (#123573)
    It also means those on Macs can't connect at all. I just downloaded the latest Mac beta and it still tells me to upgrade. Its a pity that they did not make new clients ore widely available before changing the service. This will only make fewer people use it.
  • by ageitgey ( 216346 ) on Thursday June 28, 2001 @06:57AM (#123577) Homepage
    Yes, the new version of the Napster software includes acoustic fingerprinting software that is actually pretty good at stopping you from sharing much of anything. A report I saw yesterday claimed the average user went from sharing 220 files in February to 1.5 songs this week. According to all reports, Napster is all but empty.

    But that is just phase one of Napster's plan. Phase two is the pay service. Napster has licensed MusicNet's new software to allow paying users to share blessed files (those from labels Napster has bought off, like this week's deal with European labels). The catch is that files will be "limited in quality" and users will be "unable to burn downloads to CD". Basically, the new software which they are beta testing right now shares little to no resemblence to Napster's current software.

    The plan is that as soon as the pay service is implemented, the free service (aka what you know as Napster) will dissapear completely. Napster is being reborn as yet another ill-concieved .dot com, right up there with selling 15 pound bags of dogfood over the internet. Napster's idea is that you will use a proprietary client to share only songs Napster has rights to, you will only be able to download poor quality copies, and you won't be able to burn these to CDs. For this priviledge, they want you to PAY them. Basically, it's no longer a file sharing system, but instead a pay music download site that tricks you into supplying the bandwidth.

    Blocking other Napster clients is only the first step. Soon, even their free clients won't work. The "new" pay Napster has little relation to the current Napster. It's a completely different thing.

  • by vitesse ( 218912 ) on Thursday June 28, 2001 @03:08AM (#123580)
    Presumably this also means that custom clients written to track who is sharing what and locate copyright violations will also be unable to connect. Just think - if Napster had forced client authentication from the start, it would have been very difficult for eg Metallica to generate a huge list of everyone sharing their songs.
  • by jabber01 ( 225154 ) on Thursday June 28, 2001 @05:30AM (#123582)

    The REAL jabber has the /. user id: 13196

  • meant to say: Those are better, the "new blood"

  • by unformed ( 225214 ) on Thursday June 28, 2001 @04:30AM (#123584)

  • That means that renaming Metallica songs to "Metalica" wont have any effect since it's using the fingerprint and not the actual file name to ID the song
    Conversely, it's fine to share songs with artist Metallica and with a Metallica title, as long as your client is cracked to return a fingerprint from a public domain source, and only send the copyright version to clients who prove to you that they're also cracked. (Client-to-client authentication. Naturally this would be done in a way so that when the napster server asks the client what version it is, unless the server uses the secret-handshake that a cracked client asks with, will get back the uncracked version.). Great for us. We can start using Napster's servers like in the old days!

    Remember folks: any program that "authenticates" by sending something that it computes into a register in volatile memory, is easily crackable. Find the code in the assembly where it's done computing the fingerprint, and substitute the pre-cooked, freeware fingerprint into that memory area. Duh.

    Works on lockable-memory architectures, too, because you're hacking the binary itself, not intruding on its memory area during run-time. Of course, if it's a smart client, it'll check it's own size with complex CRCs and stuff, but then you can just find the part of the assembly where its done computing its own CRC, and then substitute the precooked CRC from the original client. In other words, any security that isn't MATHEMATICAL, that TRUSTS the client to do its own authentication /isn't secure on an enduser's computer!/

    Repeat after me: the moment you let someone run your client on a machine you don't control, you can no longer trust your client, however well you designed it, to perform any calculation correctly, to return any data correctly, or in any other way behave how you want/expect it to, unless there is a mathematical reason that the client can only treat its data a certain way. (For instance because it doesn't have all the information necessary to perform it a differenct way, or because there are public keys that result from the calculation only when correctly done, and which you can check with a private key, etc.)
  • Just like the old napster, only better.

    -Download Music, Images, Video, Whatever

    -Good search engine, actually tells you the bitrate on mp3s for example

    -Download from multiple sources- not only makes things faster, but if one guy you are downloading a 600MB divx from loses his connection right before you finish, you can just get the last 5MB from someone else

    -Yeah it's windows only so far, but wasn't the original napster? Give it some time I'm sure someone will come up with a linux client. .h tml

  • Would it be possible to fudge it. Everytime the server asks for a watermark, couldn't you just send the same bogus watermark every time? This would let all of your songs show up on the network. All someone needs to do is figure out the protocol, and go for it.

    All of this is academic however, cause napster sucks, and its all about the audiogalaxy.

  • It's posts like this that make me want to cry. You sir, have completely missed the point. The point is not that /.['s] editors... think its a crime... for companies to restrict how you connect but that this move by napster effectivly bans all Linux users because all Linux clients for the service are unofficial ones. Consequently, /. has chosen to post this article informing its heavily Linux dependent userbase of this development.

    And frankly, there are a large number of people in Cal. complaining about how they receive electricity, and a large number in Florida who were (a few months ago) complaining about how they received water (or the lack there of).

    Last point. No one said it was -wrong-. Many people called it stupid, irritating, obnoxious, and even counter productive. No it's not illegal. But it certainly alienates a large portion of their potential user base... that would make it unwise.

    This has been another useless post from....
  • According to you, the company shouldn't be able to strongarm itself into doing what the company wants. That is either nonsense, or absolutely true. One can't strongarm one's self.

    In contrast to your argument, there are NO companies that come to mind that have gone through the excessive amount of litigation that Napster has and still have the opportunity to even exist. The court told Napster that, essentially, everything it was doing was illegal.

    Napster's only option is to pull a 180 and hope for the best. If that involves forcing people to use their client, then that's what they have to do. Just because the greater majority of the Internet-wielding population wants to be able to illegally (at present, because the courts have said it is so) trade mp3's, doesn't make it legal.

    Stop trying to get karma for another "Oh my God, they killed Linux!" argument. Yes, Slashdot is a pro-Linux user base. But it's irrelevant to the discussion. Your rights are not being trampled. Linus, RMS, Alan Cox, and all your Linux friends will survive this without discomfort. All this means is Napster doesn't want to provide a service anymore, and as such, shouldn't have to.

    Open-source is great. I've worked on a number of different open-source GPL (and other licensed) projects. But it's IRRELEVANT to the story about Napster forcing you to use their client. If you don't, they get sued and die. So leave Napster, or quit whining.

  • by PARENA ( 413947 ) on Thursday June 28, 2001 @03:08AM (#123608) Homepage is a great place to find your illegal mp3's. Disable your cookies and you don't even need to download their software (Win only sucks). :)
  • ...isn't there a way to make the client's version response be what the server wants sit to be if you're running an open source client?
  • I think what we need now that all the different MP3-searching (and other files like video) systems are booming, why not make something like a portal to all of them (like jabber is a portal to all the IM servers)? It should be modular so it was easy to add more server-protocols.

    The all do approximately the same thing anyway... why not make them all accessible at once!?

"Well, it don't make the sun shine, but at least it don't deepen the shit." -- Straiter Empy, in _Riddley_Walker_ by Russell Hoban