I won't post details here because macrumors is a place where we should be discouraging trading, especially when it has potential to make apple look bad.

basically it turns out the process is exceedingly easy. iTunes sharing is nothing more than an http server on another port with a small script. very lame.

[pudge@bourque pudge]$ curl http://10.0.1.132:03689/databases/32/items/1104.mp3?session-id=20570 > file.mp3
_ _ % Total % Received % Xferd Average Speed Time Curr.
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Dload Upload Total Current Left Speed
100 11.0M 100 11.0M 0 0 3071k 0 0:00:03 0:00:03 0:00:00 2818k


there is already a small app to easily download people's libraries. it works. it is simple. it is a sad day.

security through obscurity that isn't even obscure...

*note: i think it would be nice if we didn't reveal the source of the software...

heh... you can discuss the ideas behind it all.

just actual trading, discussion of trading specific files is discouraged.

So, I guess they are just streaming the data... as would be expected.

arn

i guess i just thought they would try to cover their asses a little more... that's all

there is a legal side that i really have no idea about but it can't be good from any viewpoint...

go go go, arn has given the word.

what are the secrets behind it? :D

Note: Don't mention a specific persons sharing server or files because at Macrumors that is a no no.

oh heck, i think this is going to get big. really big. even after/if apple culls it. bigger than iCommune ever could because anyone running iTunes 4 has the capability to share....


the app is here: http://www.etek.chalmers.se/~lernvall/itdlgui2.tgz

eat your heart out boys and girls.



*note: i feel dirty posting that url. the obvious simplicity of the details is in my first post with the terminal copy and paste.

oh yeah, this too: http://use.perl.org/~pudge/journal/11922

this is apparently the guy that went ahead and figured it out.

i wonder how this will affect the music store. and potential agreements between apple and the music industry.

hmmm, i want to do a test.

has anyone bought music from the iTunes music store and sharing it in their library? i want to see if i can download it and then convert it to aiff

Originally posted by beatle888
i wonder how this will affect the music store. and potential agreements between apple and the music industry.

shouldn't do anything.

Sure, you can copy a protected file... but you still can't play it.

arn

Originally posted by arn
shouldn't do anything.

Sure, you can copy a protected file... but you still can't play it.

arn

Wondered about that. Still, if this gets out, and it will, it's going to make Apple look pretty bad-- the software designed to cure MP3 piracy actually helps it along? I hope Apple can do something to fix this before it makes people lose faith--

btw am i the only one unable to get it to connect to any server? i'm doing it for experimental purposes of course... just curious...

pnw

i can see apple putting in a lot of limitations with a small itunes update in the very near future.

i guess at least the AAC drm works. that's something. i could download the file but not play it. i wonder if that will be circumvented....

and and by the way paul, just put the servername/ip address in the connect bar. no daap:// or :3689

just: 127.0.0.1

no big surprise. and the program is easier to use than that new version of iCommune.

Originally posted by melchior
and and by the way paul, just put the servername/ip address in the connect bar. no daap:// or :3689

just: 127.0.0.1

duh, thank you :) i didn't even think about that...

pnw

well this isnt good for apple, all my thoughts about buying legal music is slowly diminishing, dont give in dont give in.

iJon

whatever. the music store isnt targeted at those who would pirate things for the sake of getting free stuff. its targeted at those who have been forced to pirate because the record companies have been sitting on their asses when it comes to digital content. i am one of the latter, as i think most average users are. there will always be the pirates trying to figure out a new and improved way to screw everyone out of money. its the american way. this isn't security thru obscurity, its just making things a pain in the ass to do. that is a major deterrent...especially for mac users.

Man, I'm amazed at you people...no, wait, no I'm not, this is an online forum on a rumours site. :)

C'mon, this is the same Company (Apple) that shipped (and is still shipping) a MP3 player that had as it's "piracy protection" what: Hidden folders? Bwahahahahah!

If you think the guys at Apple aren't aware of this, you're delusional (IMO).

Do I think think this is going to get reported as some "breaking of their system"? Hell no. You still can't read the DRM'ed files from the iTMS, so who's gonna care? Get a grip people, and enjoy the "feature". :)

Now, mind you, it certainly might disappear if some label execs get their dockers in a bunch, but as long as it's not providing access to the DRM'ed files...

Originally posted by sparkleytone
its targeted at those who have been forced to pirate because the record companies have been sitting on their asses when it comes to digital content.


Forced to pirate...? please. :rolleyes: They choose to pirate. No one is forcing them.


Lethal

If you have your password on for sharing, that little program won't work. Although I think that part could easiliy be fixed.

It is only a matter of time before we see a small app that will remove the security feature of the aac file. And can you DL any song off a shared playlist? If so, everyting that isnt protected can be pilfered....

>all my thoughts about buying legal music is slowly diminishing (iJon)

Are these thoughts concentrated on 100% legality, or a general preference towards legal CDs?

Originally posted by chibianh
If you have your password on for sharing, that little program won't work. Although I think that part could easiliy be fixed.

why, this is a thory that was proven, we aren't acually USING it. :o

Originally posted by King Cobra
>all my thoughts about buying legal music is slowly diminishing (iJon)

Are these thoughts concentrated on 100% legality, or a general preference towards legal CDs?
im not sure, apple just made it fun easy to download music, and it was fast and cheap. its just knowing i can go get it else where for free is hard to pass up. i do not have anything against record companies or anything, its just hard for me to do. but with apples album prices i think i will be buying some cd's. although i downloaded linkin parks meteora before it was released, i think i will still buy it once apple gets it because i love that band. there are some also some other cds im waiting for apple to get and i will buy. i think i will gradually get in the habit.

iJon

Originally posted by arn
shouldn't do anything.

Sure, you can copy a protected file... but you still can't play it.

arn

just wait til you get a bunch of them and burn them to cd or dvd and reimport them.

actually this makes me think that the reason apple chose teh 128 encoded aac files is probably to discourage people from re-ripping 'protected' files. everybody seems to be complaining about the quality. it seems to be pretty border line. with some people claiming it doesnt sound good and some who cant hear the difference. had apple encoded at a higher quality (one that would please everyone) then re-ripping the file would still produce files that would sound decent to many people. but since the bit rate is so low on these than any loss in quality will be noticed.

Although many people suspect apple will begin offering high quality downloads (some say at a higher price) chances are this is one part of their 'protection' scheme.

kinda sad to me that i have to go to p2p channels to download decent sounding music.

awhile ago we had a thread about what bit rate you rip at. wonder how that has changed now that apple is offering aac encoding.

Well, looks like I am going to have to turn on password protection for my itunes sharing. Sorry everyone, but I am not going to let anyone freely download any of my music. I hope that apple does fix it. I think it would be great if I could protect my own songs. I don't mind people listening to my music, but I don't want them copying my music.

well i just read you can just burn it with toast and your set.

iJon

Some of you guys are making too much of this. This in no way compromises the security of iTunes or their DRM scheme. Most people don't know that HTTP uses port 80 (or what a "port" is, for that matter), but that doesn't mean anyone's trying to obscure the source of the content. The means by which files are shared does not need to be made public, but neither does it need to be a part of the overall security scheme.

The threat of P2P networks is not in the ability to connect to a machine and download the files. It's in the fact that they provide a huge directory of source machines. When you join a file-sharing network, you're not just sharing files with a couple of friends. You're advertising to the world at large that you have a collection of songs that you're willing to distribute to all comers for free.

Neither Apple nor iTunes provides this service. Rendezvous can be used to advertise to machines on your LAN, but that's by definition a relatively restricted audience. For anyone to access your machine from the Internet, you have to have a public IP address. If your machine is behind a NAT firewall, you'll have to forward the port manually. And then anyone who wants to connect will have to know your IP address, which you'll have to give them. You won't want to publish your address to the world at large if you ever want to use your Internet connection again.

And if someone ever creates a service that provides a global directory of iTunes shares, you won't have to wait for the RIAA to get litigious. Apple will demand it be shut down first, since the existence of such a service jeopardizes their relationship with the labels.

And though I can't seem to find the iTunes license agreement (now that I don't have the installer anymore), I imagine there's probably a clause in there somewhere that voids your license to use iTunes if you use it in that way.

would someone be kind enough to test my sharing with port forwarding over 802.11g at 68.102.169.55?

Originally posted by MorganX
would someone be kind enough to test my sharing with port forwarding over 802.11g at 68.102.169.55?

seems to be working well.

I've tried the program. One, it crashes a lot. Secondly, you have to download it by streaming...so it takes a long time. One download takes 5-6 minutes.

Originally posted by unc32
I've tried the program. One, it crashes a lot. Secondly, you have to download it by streaming...so it takes a long time. One download takes 5-6 minutes.
are you sure its not your connection speed. im downloading songs in about 1-2 minutes, adn these are 5-10mb files.

iJon

Originally posted by AmbitiousLemon
seems to be working well.

Thanks! Definitely a win for the Mac

yes, my connection is fantastic.

Originally posted by unc32
yes, my connection is fantastic.
then its probably the people you are downloading from because im havning no problem.

iJon

It isn't slow. Just not fast (faster than kaaza)...I am spoiled as I have had connections greater than 1mb/sec.

Remember everyone, you are downloading from yourself, not using the software for other means...

Doesn't seem like a huge deal to me... I mean, you could just run an FTP server or HTTP server (both built in) and share your ~/Music directory... am I missing something?

The program linked above does not stream the file in Real Time, it is an http transfer. Run it against "localhost" (your own machine) and it will take only a few seconds to download from your library.

At work (a University) our wireless network has 8000 IP addresses. There are regularly 10-15 iTunes libraries being shared. I have no idea who is on the network running this app and downloading all my hard earned (both in money and time spent ripping) music.

Originally posted by peterjhill
I have no idea who is on the network running this app and downloading all my hard earned (both in money and time spent ripping) music.

Umm.... Don't you have to "turn on" sharing in order to share your music? How is this a problem?

Originally posted by oldMac
Umm.... Don't you have to "turn on" sharing in order to share your music? How is this a problem?

Because There are many people that I work with, whom I know, that I would be happy to share my library with, since I trust them not to steal my music. There are also 6000 people that I do not know on the same subnet who could potentially see my library.

If you live in a small town, you may give your friends keys to your house, since you know them, but you won't leave your house unlocked. Before this app was released and made it trivial to steal other people's itunes music on a semi-public network, we had almost a week of living in a small town where you can leave your house unlocked, but now that is not the case.

ummm... think bigger. think different. there is a difference between wanting to share and being completely open to anyone.

So sharing is legal and implemented in iTunes as long as it is just being streamed, correct? And now they have a program that people can catalog their daap/IP addresses, correct? And now someone has made a program that lets you download files from those unsuspecting people, correct? Now all you need is a program that will search through the names of their files before downloading the file. It seems to me that apple has set themselves up to be one program away from napster. So who is going to be taken to court? I am sure I am guilty if I download those programs and then download a file from someone else. But is the other guy responsible who is advertising his music eventhough he unsuspectingly allowed me to download it? Or is apple responsible for setting up the whole mess? It seems like a wierd situation. Seems like apple is just asking for trouble.

well i believe Apple states that streaming from itunes (whether someone is copying or not) is for personal use not public use. Listing your address on ServerStore (www.thelittleappfactory.com) could be interpreted as public use of a private feature. Although some people seem to think Apple has put a block on how many people you can stream to (to prevent high volume public sharing) it seems the only limit is some sort of smart bandiwdth watcher. It makes sure it doesnt allow more people to connect than the bandwidth can stream to without excessive rebuffering.

The applications that allow capturing of streams also seem to know they are on shakey ground as they seem to be trying to maintain a low profile (no public releases or announcements). These applications would seem to be the most highly suspect.

But it really is not in Apple's style to directly confront these sorts of things. If Apple does want to prevent these (which I suspect they won't bother with) then it would be more in their style to make sure the apps have to be rewritten after every update to iTunes, quicktime, OSX, etc).

The fact is is that there is no 'unsuspecting' people here. You can turn on and off the sharing. Yo can password protect it if you only want a few people to join. And no one is being forced to publish their itunes stream addresses.

Mac only sharing networks always seem to be much more friendly, so this does have the potencial to become something big, but from the applications that are currently available it seems no developer is willing (yet) to jump headlong into this. I wouldn't be holding my breath waiting for itunes DL to become the next napster.

Originally posted by peterjhill
Because There are many people that I work with, whom I know, that I would be happy to share my library with, since I trust them not to steal my music. There are also 6000 people that I do not know on the same subnet who could potentially see my library.

If you live in a small town, you may give your friends keys to your house, since you know them, but you won't leave your house unlocked. Before this app was released and made it trivial to steal other people's itunes music on a semi-public network, we had almost a week of living in a small town where you can leave your house unlocked, but now that is not the case.

ummm... think bigger. think different. there is a difference between wanting to share and being completely open to anyone.

Look, purchased songs are protected. For your own collection, you can select what playlist to share. If you think you are at risk, don't share or only share protected files.

Originally posted by MorganX
Look, purchased songs are protected. For your own collection, you can select what playlist to share. If you think you are at risk, don't share or only share protected files.

You are missing the boat here... There are 8000 machines that can see my laptop advertise it is sharing my itunes library for streaming, I would like 25 people to have full access to my library (minus protected aac files). The way iTunes is implemented, I need to use a password to protect my library.

I would have let all 8000 people access my library, but now that any one of the 7975 people that I do not know can steal all my music, I don't want to share without a password anymore. Kind of sucks in a way. I have regularly had 4 people accessing my library, until I password protected it.

I think a 3rd party app would be nice. One that would let me see who was actively listening to my library, that would let me block specific users. Something like a buddy list and who can send a person messages in AIM. If i saw a user "listening to all of my Public Enemy songs in 5 minutes, I would know they were downloading my songs and not streaming them. If I could then block them, I would be happy.

Goodness I still can't get it to work lol

Danny

Originally posted by superscientific
Goodness I still can't get it to work lol

Danny

niether can i, detailed step by step instructions are a must.

Originally posted by peterjhill
I think a 3rd party app would be nice. One that would let me see who was actively listening to my library, that would let me block specific users. Something like a buddy list and who can send a person messages in AIM. If i saw a user "listening to all of my Public Enemy songs in 5 minutes, I would know they were downloading my songs and not streaming them. If I could then block them, I would be happy.

although I don't subscribe to the belief that sharing music is 'stealing' (or immoral) I agree that such features would be worthwhile in order to form a healthier itunes sharing community.

The guys at thelittleappfactory.com are working on an update to their serverstore app (allows people to publish their itunes stream so they can share with people) with a lot more features. I suggest you email them and ask them if they could add what you are describing (i've already emailed them myself).

the head coder is a big supporter of apple and anti-music piracy so i think he would agree with you and see the need for what you describe.

I still think that this is all a test by the music industry to see if this will work as a model for the future internet sales. Think of the users, limited to OS X and the U.S. They want us to abuse the system before the release a Windows version. That way if serious problems arise they can pull the plug. I doubt that this is a serious problem. I can get all of the music I want already P2P, but I bought 6 songs so far. And I plan on buying more. I think the true test is to see if they keep making money.

Come add your Share.
Right now its reachable at http://www.shareitunes.com. Add your own share or just browse other people's iTunes hosted music collections.

I'm a windows user, so i'm not quite sure if i getting the story right, as i have no access to test it.

What i gather is you can stream the songs from your friends comp to yours, then copy them, and use toast to burn them, making them your songs. Is this right?

Normally you can play your song on up to 3 computers, does this method circumvent this?

If so this is troubling to me, as a window user i was looking forward to itunes and itunes store coming to windows. If you mac guys have firgured out how to turn itunes into kazaa over there, i think the chances of itunes store making it to windows is poor.:(

Even thou apple said this streams are not for public use. Those posting there IP addresses shareitunes.com have now opened them self up to public access. All you need know is someone to write a program, to collect what songs are available on which IP address, and you have created itunes kazaa for mac's.

I am probably reading to much into it, but was really looking forward to itunes on windows, and i'm pretty sure if your all successful in turning this into a music sharing program, itunes will never make it windows.