'DVD Jon' Breaks Google Video Lock 384
WillemdeMoor writes "Yahoo News runs a story on Jon Johansen, aka DVD Jon, cracking Google's in-browser video player. Addict3d.org has some more details, including links to Johansen's patch (Win32 executable) and Jon's blog entry at nanocrew.net."
whaaaaa? (Score:5, Insightful)
Johansen, also known as 'DVD Jon' for his work on decrypting DVD security codes, has created a patch for the Google Video Viewer--less than 24 hours after the search giant shipped the video playback plug-in, a tool based on the open-source VideoLAN media player.
The patch, released on Johansen's 'So Sue Me' blog, effectively disables a modification Google made to the VideoLAN code to prevent users from playing videos that are not hosted on Google's servers."
ROFLMAO!?! Ahahahahaha
Jon made a modification to an OPEN SOURCE media player, removing a trivial protection, and Yahoo news posts a story about him cracking yet another protection mechanism, implying parallels with his past work. This news then spreads to Slashdot.
Awww, come on... I've made countless little mods to open-source apps in order to get them to behave the way I'd like. I've never gotten news coverage for adding "//" before an 'if(condition)' statment.
Re:whaaaaa? (Score:4, Funny)
Re:whaaaaa? (Score:5, Informative)
Re:whaaaaa? (Score:3, Funny)
(Mod hint: Physics joke.)
Re:whaaaaa? (Score:5, Funny)
Hi, I'm from Yahoo News. Please tell us more about this "//".
Re:whaaaaa? (Score:5, Funny)
This is slashdot gawdammit! You're looking for slashslash
Re:whaaaaa? (Score:3, Funny)
Isn't slash slash stories where Hemos and CmdrTaco... well, I'll leave the rest to your imagination.
Re:whaaaaa? (Score:5, Funny)
"It's a nightmare for the industry, the
While Linus Trovalds confirmed that the
Various anti-piracy groups are pressuring congress to pass an extention to the DMCA laws, which will effectively outlaw commenting out parts of computer code. Under the new law it will also be illegal to manufacture a computer keyboard with the forward slash '/' key.
What a fabulous idea! (Score:5, Funny)
What a fabulous idea! I'll get right on it!
Thanks,
Sen. Orrin Hatch
Re:What a fabulous idea! (Score:4, Funny)
Re:whaaaaa? (Score:3, Funny)
NOP
Re:whaaaaa? (Score:5, Funny)
Re:whaaaaa? (Score:4, Funny)
Finally! Microsoft's evil plan to eliminate Linux becomes clear. Go ahead and try to use your Linux box without the '/' key.
Re:whaaaaa? (Score:3, Funny)
True story: Citrix had a double-secret-probation-type bug, which was that if you logged in with "//" as a password, you'd be logged in to whatever account you typed in the username field!
This was because there was a special "feature" of the password field, which allowed you to type "current/new/new" to change your password during the login process. Stupid sunbaked developers!
As a "neat" side effect, this
The "click" [/] "click" [/] "chunk" [SPACE]... (Score:3, Funny)
Re:The "click" [/] "click" [/] "chunk" [SPACE]... (Score:2)
Too many clicks and chunks there (Score:2, Interesting)
A real hacker would do something like this:
(3 added characters)
or at the very least:
(4 added characters)
Currency converter with free form text entry of conversion amounts and currencies [coinmill.com]
Re:Too many clicks and chunks there (Score:4, Insightful)
Does this make me a master hacker?
Re:Too many clicks and chunks there (Score:2, Insightful)
Re:Too many clicks and chunks there (Score:2, Informative)
Re:whaaaaa? (Score:3, Insightful)
Another potentially interesting way of putting this: Yahoo posts a news story about their biggest competitor's protection mechanism being broken less than 24 hours after release.
Hmm...
Re:whaaaaa? (Score:5, Insightful)
Re:whaaaaa? (Score:3)
Re:whaaaaa? (Score:5, Funny)
Well, it's obvious that you "hackers" don't know what you're talking about. I tried using this so-called "hacker technique" to hack into a password protected website, but changing "iexplore.exe" to "//iexplore.exe" did nothing. I guess Microsoft has found a way to defeat this hacker exploit.
Re:whaaaaa? (Score:3, Funny)
Re:whaaaaa? (Score:3, Interesting)
Funny, I found this via my Google homepage [google.com] - top story, middle column
Never even looked at Google video, never cared. For some reason I *need* to now. Good job Google.
Re:whaaaaa? (Score:2)
That's because when you commented out the "if" line, you had extra "}"'s that prevented you from compiling. Had you also commented out *those*, you'd have been famous by now.
Re:whaaaaa? (Score:2)
Re:whaaaaa? (Score:2)
I much prefer
if (cond)
{
}
Re:whaaaaa? (Score:4, Funny)
Bill Gates, is that you?
Re:whaaaaa? (Score:4, Funny)
How irresponsible. Don't you know the world's supply of semicolons is running low? And you go and use one totally unnecessarily. You insenstive clod!
Re:whaaaaa? (Score:2)
Re:whaaaaa? (Score:3, Insightful)
These are known as famous last words.
You can skip the articles, not much content (Score:5, Informative)
Story:
Ryan Naraine - PC Magazine Tue Jun 28,10:49 AM ET
Norwegian hacker Jon Lech Johansen has cracked the lock on Google's new in-browser video player.
Johansen, also known as 'DVD Jon' for his work on decrypting DVD security codes, has created a patch for the Google Video Viewer--less than 24 hours after the search giant shipped the video playback plug-in, a tool based on the open-source VideoLAN media player.
The patch, released on Johansen's 'So Sue Me' blog, effectively disables a modification Google made to the VideoLAN code to prevent users from playing videos that are not hosted on Google's servers.
Johansen said the patch, which requires the
The 21-year-old hacker, who faced two trials in Norway in 2002 and 2003 for his role in the release of the
DeCSS decryption software, is a hero to many for his efforts to defeat DRM (digital rights management) mechanisms built into media player technology.
He has been involved in a public cat-and-mouse game with Apple Inc., releasing several tools to bypass the DRM software used to encrypt music sold on the iTunes Music Store. LINK TO: PyMusique Unlocks iTunes Copy Protection. Again. http://www.extremetech.com/article2/0,1558,177952
Johansen has also cracked Apple's AirPort Express's encryption and released a proof-of-concept program that allows
Linux users to play video encoded with Microsoft's proprietary WMV9 codec. The proof-of-concept is based on the VideoLan code.
Addict3d.org more details:
Jon Lech Johansen, "DVD Jon", took just one day to build a crack to allow you to play video on your website using Google's VLC-based player.
This means you can publish video that will play on your webpage and will work for anyone who has Google's player installed.
Johansen, also known as 'DVD Jon' for his work on decrypting DVD security codes, has created a patch for the Google Video Viewer--less than 24 hours after the search giant shipped the video playback plug-in, a tool based on the open-source VideoLAN media player.
Crack can be found here -
http://nanocrew.net/wp-content/GVVPatch.exe [nanocrew.net]
http://nanocrew.net/?p=114 [nanocrew.net]
Blog Entry:
Google has released Google Video Viewer, a browser plugin based on VLC. Here's one of the features they've added:
+
+ const char* allowed_host = \"video.google.com\";
+ char * host_found = strstr(p_sys->url.psz_host, allowed_host);
+ if ((host_found == NULL) ||
+ ((host_found + strlen(allowed_host)) !=
+ (p_sys->url.psz_host + strlen(p_sys->url.psz_host)))) {
+ msg_Warn( p_access, \"invalid host, only video.google.com is allowed\" );
+ goto error;
+ }
This "feature" prevents you from playing videos that are not hosted on Google's servers. Download and run this patch I wrote to remove this restriction. Running the patch requires a
Gah! It's not even useful for most! (Score:5, Interesting)
This means you can publish video that will play on your webpage and will work for anyone who has Google's player installed.
That part is highly misleading! The people who want to view video on your website each individually need to download the patch! It's not very useful to content providers with this restriction.
How about users? Who would download this patch? Well, people who want to watch videos tagged with application/x-google-vlc-plugin that aren't from google. Not too many of these...
goto considered harmful !!! (Score:5, Funny)
I think we should all remember that just because Google is the pinnacle of success and is second only to (insert your diety here), Google too can make mistakes.
Re:goto considered harmful !!! (Score:2, Informative)
"The exercise to translate an arbitrary flow diagram more or less mechanically into a jump-less one, however, is not to be recommended. Then the resulting flow diagram cannot be expected to be more transparent than the original one. "
You have to understand when he wrote that paper people were doing what we would do know as while loops and switch statements with goto. He was arguing for alternatives
Re:goto considered harmful !!! (Score:2)
Re:goto considered harmful !!! (Score:2)
Heh. Just for that, I'd write all my code using variable and function names like go2, go_to, gotwo, gotoo... etc.
Ahh, endless juvenile humour. Anyway, sounds like that professor shouldn't have been teaching C. I bet he was happy when Java starting getting popular. "Ahh... sweet Java eases the pain..." [snpp.com] :-)
Re:goto considered harmful !!! (Score:3, Funny)
I believe the correct term would be "Moranians," but are you referring to people from Moran, Kansas; Moran, Michigan; Moran, Texas; or Moran, Wyoming?
Re:goto considered harmful !!! (Score:2)
Bill Gates called and says that he doesn't make any mistakes - everything you perceive to be wrong is a planned strategy in motion.
Re:goto considered harmful !!! (Score:5, Insightful)
While goto is often better avoided, a call like "goto error;" is among the perfectly valid uses of goto, since it actually can make code more clear and logical then code without goto. Such use of goto is really no different then exceptions in C++, simply a way to get to the place that handles the error conditions without having to painfully drag error-variables through the code.
Re:You can skip the articles, not much content (Score:2)
1. Was involved in the release of the DeCSS code.
2. Was instrumental in breaking several DVD locking/protection DRMs.
3. Is currently breaking iTunes DRM.
4. Just broke Google Video.
This is the kind of guy that just suddenly one day turns up missing, and conspiracy theories get started.
Re:You can skip the articles, not much content (Score:3, Insightful)
Yeeeeah (Score:5, Insightful)
In other words, big friggin deal. All you had to do was grep the code of an error message and a little snipping of the code. Any fool could have done it. Or even screw that, it was domain-based. Setup an HTTP server, modify your hosts file to alias "video.google.com" (or whatever the domain was) to 127.0.0.1, and you're done. Or just modify VLC to know the MIME type "application/x-google-vlc-plugin" and you can play your heart away.
What "crack" will he do next? Take the VLC code to dump the file/stream you're playing, add it to Google's code, and create a Google Stream Ripper? Wow... how... amaz... ing. Or maybe add some awesome skins to the Google player? Yeah, that'd be great. Best part of all, he'll do it in 48 hours, while standing on his head, without sleeping, pizza, or coffee, and while playing the banjo!!!
In Defense... (Score:5, Informative)
Re:In Defense... (Score:2, Informative)
Re:SLASHDOT NEWS TOMORROW (Score:3, Funny)
Ironically (Score:3, Funny)
Anyone else notice that Yahoo Search looks and acts EXACTLY like Google's? (That's probably redudant...)
I am just waiting for Revenge of the Sith to hit Google Video.
Re:Ironically (Score:2)
Nope, that's not true at all. Very different results.
Re:Ironically (Score:2)
It wasn't protected much, anyway (Score:5, Insightful)
Not to undermine Jon, just noting why it took him 24 hours to break this - It was not designed to withstand much of an attack.
Nontheless, most users won't patch, so it will work anyway.
Michael
Another Windows only service. (Score:5, Interesting)
Cmon Google.
Re:Another Windows only service. (Score:2, Funny)
Re:Another Windows only service. (Score:2)
It's been 6 seconds since you hit 'reply'.
Re:Another Windows only service. (Score:2)
Microsoft is the Marquis de Sade of the technology world.
Re:Another Windows only service. (Score:2)
Re:Another Windows only service. (Score:3, Informative)
but i guess you don't know anything about compiling and or use a binary only linux distribution.
Google and Windows (Score:5, Interesting)
Re:Google and Windows (Score:2)
Re:Google and Windows (Score:2)
Macrovision (Score:4, Funny)
Hold Your Horses (Score:5, Insightful)
Re:Hold Your Horses (Score:4, Insightful)
Re:Hold Your Horses (Score:2, Redundant)
I think you are mistaken. It is not a "minor fix" but a "minor hack". Fixing it implies that it was broken, I am pretty sure it was not borken - just had a feature that Jon did not like.
only for .NET? (Score:2)
Re:only for .NET? (Score:2)
System Requirements Windows 2000 or later with latest updates installed;
Don't bother patching, because you cant run the program to begin with.
Re:only for .NET? (Score:2)
You can run .NET applications on Windows 98, but probably can't write apps. Also, you won't have access to some features, like "Enterprise Services"... more info at microsoft.com [microsoft.com]
It says to go to Windows Update to get the package, although I'm not sure if Windows 98 works with Windows Update.
Re:only for .NET? (Score:2)
You've gotta be kidding me.
Get XP from one of the various P2P apps. Reformat.
If you can find slashdot and make a reply on it, then you can reformat your computer.
Do that, install the updates, and don't worry about it.
True Colors (Score:2, Funny)
Will they say "hey thanx for the tip? Want a job?" or will they go all RIAA on little johny?
Stay tuned for the next exciting episode of as my stomach turns!
Re:True Colors (Score:5, Insightful)
Do you really think google doens't understand open source?
"Do No Evil" (Score:5, Insightful)
Do you really think google doens't understand open source?
I think you make a very good point. This is perhaps more of an example of Google "doing no evil", creating a tool that, by default, for most casual users, promotes their video feed, while at the same time using a good free software project that allows those who want to, to bypass this setting.
If most people find the restriction onerous, they'll download a patched version (probably from websites that are also offering video). Social and market dynamics can take care of the rest. It seems a fairly reasonable position for Google to take ("we'll try this restriction, and if people really find it offensive, they'll modify the source and outcompete our offering, and we can write it off to experience and not try imposing these sorts of restrictions again. Either way, it probably won't affect our video feed business much.")
I doubt very much it is incompetence--google has much of the best talent around--nor is it a lack of understanding opensource/free software on the part of google, as they've been active in the community for many years.
Re:True Colors (Score:2)
That might take the hot air out of Yahoo's sails.
Re:True Colors (Score:2)
"Stuff that matters", my ass.
Escape the tyranny that is Google! (Score:4, Insightful)
Yay.
Uhh, good sir, could you please put the shackles back on? My ankles are getting cold. Thank you.
Re:Escape the tyranny that is Google! (Score:2)
I'm disappointed (Score:2, Funny)
People are getting lazy ya know... I thought Jon should have cracked it in 3-4 hours.... That boy needs to stop smoking so much....
PS: Mod me Funny +5 / Informative +5
Of course... (Score:3, Insightful)
Re:Of course... (Score:5, Informative)
Not much of a hack RTFA (Score:5, Insightful)
the upshot is you get a VLC plugin that can read some propriatary MS formats (thanx to google paying the bill for those software royalties)
it seems so easy that it's as if Google was just waiting for someone to come in and hack it.
Source code? (Score:2)
Before:
if(!running_on_google())
After:
Re:Source code? (Score:5, Informative)
With that link, and a little knowhow, you, too, can crack the code and make your own Google Video viewer. The upshot is that you can compile it for Linux (Google has only released it for Windows). The downshot is that I'm surprised it took Jon so long to make the change.
It's not like it was hard to find... go to http://video.google.com/ [google.com] click on "Install", and then click on "Get the source code". It's under "patches".
It's really disappointing (Score:4, Interesting)
Supposedly Google only hires top-coders, so what's up with that?
Re:It's really disappointing (Score:3, Informative)
Most colleges just say never use it because so many people turn out horrible code by using too many or misusing the goto statement.
Re:It's really disappointing (Score:2)
Of course, there's no reason to believe that Google only hires "top-coders" but this isn't evidence to the contrary.
only top coders are qualified to use goto properly (Score:3, Interesting)
Actually, even there I'm exaggerating a bit. Even fairly average programmers can usually be taught when goto is acceptable and when it's not. Anyway, the goto statement in C is much more limited, and much safer than the wide-open, global-scale thermonuclear goto that Wirth originally wrote about.
Highwayman: I know you Wizards have rules against using your powers on civilians, so you don't scare me. Just hand over the money, er
In related Yahoo! news... (Score:4, Funny)
Interesting (Score:5, Funny)
Google releases Google Maps
Google releases Google Desktop Search
Google releases Google Web Accelerator
Google releases Google Video
Yahoo RSS feeds:
Are Google Maps an invasion of your privacy?
Is Google Desktop Search working *too* well?
All about your privacy and Google Web Accelerator: The secret agenda.
Google Video cracked within 24 hours. And privacy.
Creating a Loveable Monster (Score:2)
But where are his clones? (Score:2, Interesting)
My point is, why does it always have to be 'DVD Jon' that does it, the more contributions by others the merrier the party.
And this comment from a 70 year old who really ought to be more of an 'establishment' type.
Realisticly, both patent and copyright has been expanded to protect the guilty until even I can
The program's UUID (OT) (Score:3, Interesting)
A little offtopic, but who gets to decide these things, to prevent clashes? What's their purpose anyway?
Re:The program's UUID (OT) (Score:3, Informative)
Wikipedia knows all. [wikipedia.org]
Matrix Revolutions is available (Score:5, Informative)
see this link [google.com] for the video
Who is providing the stuff on Google Videos? (Score:3, Interesting)
The O'Reilly Factor?
The Tony Danza Show?
C-SPAN Book TV?
Is this stuff being provded by the TV studios?
What is the deal with Google Videos?
Where is all the content coming from?
Re:Gone too far? (Score:2)
Re:Gone too far? (Score:5, Insightful)
Re:Interesting to see.... (Score:5, Informative)
Re:Interesting to see.... (Score:3, Insightful)
Re:Interesting to see.... (Score:2)
Re:All video now offline! (Score:2)