CARVIEW

MOTORHOMES

Select Language

HTTP/2 302 server: nginx date: Fri, 10 Oct 2025 20:43:07 GMT content-type: text/plain; charset=utf-8 content-length: 0 x-archive-redirect-reason: found capture at 20081217171638 location: https://web.archive.org/web/20081217171638/https://www.eff.org/blog-categories/technical-analysis server-timing: captures_list;dur=0.597022, exclusion.robots;dur=0.020012, exclusion.robots.policy;dur=0.008769, esindex;dur=0.009686, cdx.remote;dur=20.378418, LoadShardBlock;dur=2079.228755, PetaboxLoader3.datanode;dur=1948.737953, PetaboxLoader3.resolve;dur=95.149267 x-app-server: wwwb-app225 x-ts: 302 x-tr: 2126 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 set-cookie: wb-p-SERVER=wwwb-app225; path=/ x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() HTTP/2 200 server: nginx date: Fri, 10 Oct 2025 20:43:08 GMT content-type: text/html; charset=utf-8 x-archive-orig-date: Wed, 17 Dec 2008 17:12:47 GMT x-archive-orig-server: Apache x-archive-orig-expires: Sun, 19 Nov 1978 05:00:00 GMT x-archive-orig-last-modified: Wed, 17 Dec 2008 17:12:47 GMT x-archive-orig-cache-control: store, no-cache, must-revalidate x-archive-orig-cache-control: post-check=0, pre-check=0 x-archive-orig-vary: Accept-Encoding x-archive-orig-connection: close x-archive-orig-content-language: en x-archive-guessed-content-type: text/html x-archive-guessed-charset: utf-8 memento-datetime: Wed, 17 Dec 2008 17:16:38 GMT link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Sun, 24 Aug 2008 16:01:27 GMT", ; rel="prev memento"; datetime="Fri, 05 Dec 2008 07:41:55 GMT", ; rel="memento"; datetime="Wed, 17 Dec 2008 17:16:38 GMT", ; rel="next memento"; datetime="Mon, 16 Feb 2009 15:32:34 GMT", ; rel="last memento"; datetime="Sun, 11 Apr 2021 00:57:06 GMT" content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org x-archive-src: 52_7_20081217164724_crawl106-c/52_7_20081217171551_crawl103.arc.gz server-timing: captures_list;dur=0.697657, exclusion.robots;dur=0.025995, exclusion.robots.policy;dur=0.011608, esindex;dur=0.013929, cdx.remote;dur=30.163139, LoadShardBlock;dur=278.762173, PetaboxLoader3.datanode;dur=99.187165, PetaboxLoader3.resolve;dur=335.813604, load_resource;dur=313.337862 x-app-server: wwwb-app225 x-ts: 200 x-tr: 689 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() content-encoding: gzip Technical Analysis | Electronic Frontier Foundation

Technical Analysis

September 22nd, 2008

Comcast Unveils Its New Traffic Management Architecture

Technical Analysis by Peter Eckersley

Late on Friday night, Comcast filed an overview of its new traffic management arrangements with the FCC. This is the long term replacement for its controversial practice of using forged TCP Reset packets to limit the use of peer to peer protocols.

The new system appears to be a reasonable attempt at sharing limited bandwidth amongst groups of users. Unlike TCP RST spoofing, it doesn't explicitly discriminate against some applications, and it doesn't threaten protocol developers with interoperability problems and uncertainty about network behavior.

Comcast's objective here is still largely to prioritize non-P2P traffic above P2P traffic. But the criterion they use is the amount of data a cable modem sends during each 15 minute period, which is a much fairer rule than examining the traffic protocol. The way deprioritization works is simple: high priority machines get to send data, and if there is any transmission capacity left over, the low priority machines get a share of that.

EFF is proud that our work helped to expose Comcast's misadventures in network management last year, and we're pleased to see Comcast returning to congestion management practices that are transparently disclosed and avoid protocol discrimination.

The new traffic management setup should not be confused with the 250 GB/month cap which Comcast announced last month; the two will exist side by side.

[Read the entire post]

August 15th, 2008

DRM for Streaming Music Dies a Quiet Death

Technical Analysis by Fred von Lohmann

Yet another nail has been driven into DRM's coffin, this time for streaming audio (PCPro has a nice overview of the state of DRM for digital music).

Two of the leading on-demand streaming music sites, iMeem and LaLa, are not using DRM on their audio streams, instead sending the music as MP3s dusted with a dash of obfuscation. This is significant because both sites have been licensed by all the major record labels -- the very same record labels that were just last year pushing Congress to require DRM on all noninteractive webcasts. So it looks like the RIAA companies have changed their minds, dropping DRM requirements for the on-demand streaming music services.

This should put an end to legislation to mandate DRM on noninteractive webcasters. After all, why should these webcasters be in a worse position than the free, on-demand music services like LaLa and iMeem?

This also undermines the argument that DRM for music is necessary for subscription services. If the major labels have given up DRM for free, ~~ad-supported~~ (correction: iMeem is ad-supported, LaLa is free for a first listen of a track, 10 cents for repeat listening), on-demand streaming services like LaLa and iMeem, there's no plausible reason to insist on DRM for paid subscription services like Rhapsody and Napster 2.0. After all, there's no reason to think that those who prefer commercial-free subscriptions like Rhapsody are more likely to "pirate" streams than those who prefer ad-supported services like ~~LaLa~~ iMeem.

LaLa and iMeem each take slightly different approaches to streaming music. LaLa uses HTTP to download each requested song as an MP3 to your browser, but relies on aggressive "no-cache" headers and pre-expired date stamps to suggest that your browser not make a copy of the file on your hard drive. Using a packet sniffer to capture the entire HTTP session, however, easily reveals the complete MP3 embedded right after the HTTP headers.

iMeem also downloads and caches each requested song, but sends the MP3 as the audio track of a Flash Video file. This FLV file is typically saved (cached) on your hard drive as an obscurely named temporary file, which is overwritten when you request your next song (we mentioned iMeem's approach back in January, and it's essentially unchanged). Copy this temp file, however, and you can easily extract the audio track from the Flash video, saving it as a stand-alone MP3 file.

(The location of this TemporaryItems folder, and its equivalent on other operating systems, varies significantly depending on operating system and version. On some operating systems it's buried deep within the directory hierarchy, but it can be found automatically with standard tools.)

While the light obfuscation used by iMeem and LaLa might create a "speed bump" of inconvenience for users who want to keep the MP3 files, it doesn't rise to the level of a "technical protection measure" protected by the DMCA. In short, this is yet another example of why there is no legitimate business case for DRM on music -- it doesn't prevent piracy and it's not necessary to enable "new business models" like subscription or ad-supported music. (Of course, as the movie industry has demonstrated, DRM can still be valuable for impeding competition and putting the brakes on disruptive innovation. But it's hard to see how the law should protect those goals.)

[Permalink]

Subscribe to EFFector

» EFFector Archive

Action Alerts

» Action Center

Original Source | Taken Source