by phantop on 10/23/20, 7:26 PM with 1443 comments
by dang on 10/23/20, 9:41 PM
https://news.ycombinator.com/item?id=24872911&p=2
https://news.ycombinator.com/item?id=24872911&p=3
by jchw on 10/23/20, 7:30 PM
> We also note that the source code prominently includes as sample uses of the source code the downloading of copies of our members’ copyrighted sound recordings and music videos, as noted in Exhibit A hereto. For example, as shown on Exhibit A, the source code expressly suggests its use to copy and/or distribute the following copyrighted works owned by our member companies:
They could, of course, have asked for the code to have been changed. Instead, they attacked the project itself. IANAL, but this seems outrageous the same way DMCA'ing a Bittorrent client would be. This doesn't circumvent DRM like Widevine. I don't understand what leg they have to stand on here.
This feels like DeCSS all over again.
P.S.: They also took down youtube-dlc, even though it's not listed.
[1]: It turns out I am wrong. It wasn't in the readme, but in the test cases. See extractor/youtube.py. To me this seems even more tenuous, but IANAL.
by resfirestar on 10/23/20, 9:32 PM
The same thing will probably happen here because this is not one of the purposes of DMCA takedown letters, period. Even if there are inappropriate test cases or something in the repo, or if they’re correct that youtube-dl bypasses DRM in violation of a different part of the DMCA, it’s still not a valid takedown because GitHub isn’t hosting anything the RIAA/those it represents own the copyright to. The correct way to do this is to go after the lead youtube-dl developer(s) and/or GitHub for facilitating infringement or whatever, but I don’t think RIAA wants to do that because they probably don’t have much/any legitimate grounds for legal claims against them, so they abuse the DMCA to look like they’re doing something.
Edit: for a more concrete picture of what happens next, read GitHub’s DMCA policy.[2] Basically youtube-dl can file a counter notice assuming they disagree with the claims, after that the RIAA has 10-14 days to get a court order or the repo goes back up.
[1] https://torrentfreak.com/github-reinstates-popcorn-time-code...
[2] https://docs.github.com/en/free-pro-team@latest/github/site-...
by crazygringo on 10/23/20, 7:33 PM
> The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube, and (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use.
But the "circumventing" is still accessing a stream the user can view anyways, and the "reproduce and distribute" feels like a stretch -- there's no inherent distribution. This isn't anything like a pirating or a torrenting tool.
It feels more akin to when movie studios sued VCR manufacturers for being able to record TV back in 1984 -- and lost [1].
(Also, side note but I have never in my life seen a story upvoted so quickly on HN. 130 points in just 7 minutes so far.)
[1] https://en.wikipedia.org/wiki/Sony_Corp._of_America_v._Unive....
by Kim_Bruning on 10/23/20, 8:30 PM
Some examples for youtube-dl might be:
* https://www.youtube.com/watch?v=aqz-KE-bpKQ Big buck bunny
* https://www.youtube.com/watch?v=eRsGyueVLvQ Sintel
* https://www.youtube.com/watch?v=WhWc3b3KhnY Spring
In fact, youtube actually allows you to filter by CC, so there's never a reason not to!
by dvt on 10/23/20, 9:29 PM
c:\Users\david\dev\git
λ git clone https://gitee.com/mirrors/youtube-downloader.git
Cloning into 'youtube-downloader'...
remote: Enumerating objects: 98560, done.
remote: Counting objects: 100% (98560/98560), done.
remote: Compressing objects: 100% (30542/30542), done.
remote: Total 98560 (delta 73037), reused 90045 (delta 66441), pack-reused 0
Receiving objects: 100% (98560/98560), 49.86 MiB | 9.58 MiB/s, done.
Resolving deltas: 100% (73037/73037), done.by aquova on 10/23/20, 7:53 PM
by jordigh on 10/23/20, 7:44 PM
youtube-dl has been my primary way of getting videos since I learned about it. If the RIAA manages to kill it, my ability to partake in culture will be severely limited.
by tbabej on 10/23/20, 8:43 PM
At the same time, this lead me to browse the Github's DMCA repo, which has some real gems. For example, this DMCA takedown of repo with copied course assignment of a different student and did not comply with the Apache 2.0 Licence [1].
[1] https://github.com/github/dmca/blob/master/2020/10/2020-10-2...
by arno1 on 10/23/20, 8:47 PM
Diff between that mirror and the one from the web.archive.com looks good. I.e. no hidden/evil things inside. Looks safe to start over.
```
$ git log --oneline -3 48c5663c5 (HEAD -> master, origin/master, origin/HEAD) [afreecatv] Fix typo (#26970) <=== https://gitea.eponym.info/Mirrors/youtube-dl
7d740e7dc [23video] Relax _VALID_URL (#26870) <=== https://gitea.eponym.info/Mirrors/youtube-dl
4eda10499 [utils] Don't attempt to coerce JS strings to numbers in js_to_json (#26851) <=== https://web.archive.org/web/20201018144703if_/https://github...
```
https://tor.stackexchange.com/questions/4855/is-it-possible-...
by pengaru on 10/23/20, 8:00 PM
It's like serving Mozilla a DMCA takedown for FireFox.
I however welcome the highly visible reminder that github should only be used as a mirror at most.
by orliesaurus on 10/23/20, 7:32 PM
IMHO this wasn't the best move, I mean... the use of copyrighted music as an example DIRECTLY stated in the repo, as an example to show what you can download with the tool
by black_puppydog on 10/23/20, 8:33 PM
1. You should not have your development process on a centralized platform, at least not if you're doing anything that smells of copyright issues
2. If you do host on a centralized platform, have regular, decentralized backups of code and issue tracking.
3. Also, avoid US-centric hosting for this kind of thing. But really, refer to 1.
by dredmorbius on 10/24/20, 3:38 AM
"RIAA blitz takes down 18 GitHub projects used for downloading YouTube videos"
aand isn't a DMCA 512 takedown:
Although GitHub classified the RIAA letter as a DMCA takedown request, it is not one. As Public Knowledge Legal Director John Bergmayer pointed out today on Twitter, RIAA isn't alleging the library infringed on its rights, but that the library is illegal in itself.
This isn’t really a DMCA request. I don’t see an assertion that youtube-dl is an infringing work. Rather the claim is that it’s illegal per se https://t.co/vQ16nVleCf
— John Bergmayer (@bergmayer) October 23, 2020
https://www.zdnet.com/article/riaa-blitz-takes-down-18-githu...
by bonoboTP on 10/24/20, 3:09 PM
I wonder how this will impact the AI research community if there's some FUD around this tool.
Generally scraping is a gray area. I know researchers who scraped Google street view for large areas to train AI models without Googles approval and got hired by Google for their impressive AI skills instead of threatened.
I know researchers are a tiny group compared to consumers, but it's still interesting I think.
by fivre on 10/23/20, 7:59 PM
The DMCA is over 2 decades old, and seemingly nothing useful has come up since. The current system seems to do not much other than provide a big stick for the RIAA and MPAA to wield whenever they get bored and try to extract rent using law that still seems stuck in some mire of player piano era logic. The last sane system I encountered was when I was doing college radio, where you had a license to play music, were required to log what music you played, and were assured that some clearinghouse would sort out the royalties that needed paying out of the aggregate license fees.
There seems to be mass confusion over what's legal on modern services like Twitch, where music is used in the same spirit as radio (background music chosen at the whim of the DJ/streamer), but isn't legal because it runs up against licensing schemes designed for including music in TV and film productions with massive budgets.
There doesn't seem to be any clear way to handle shit as any sort of small content creator, as the rightsholders seem to want to preserve some weird fantasy land where they're both entitled to complex negotiated rights deals (which make sense if you're say, some massive entity a la NBC, and want to include music in a new big budget show) while also not providing anything for the rest of society (if you're not NBC- or CBS-sized, the people who negotiate rights contracts won't give you the time of day). If you're not one of the mammoth-class media conglomerates, your options appear to be "do not use music ever" or "use music casually, and then be on the receiving end of a massive legal bludgeon". You can't get the time (or music) of day, but if you do somehow manage to get it, then you _do_ get the time of day, but in the form of massive retroactive fees or whatever that you "should" have paid had the licensing cthulu been willing to engage with you before you determined that the rightsholders weren't interested in dealing with you.
Right ol' kafkaesque nightmare, it is.
by nullc on 10/23/20, 8:06 PM
by dredmorbius on 10/23/20, 11:57 PM
The difference matters. GitHub is required to honor DMCA takedowns. Other legal requests are granted on a case by case basis.
-- /u/telionn @ reddit
https://old.reddit.com/r/programming/comments/jgub36/youtube...
As I understand, takedown is a 17 USC 512 (copyright infringement) safe-harbour, but not a required or indemnifying protection under 17 USC 1201, anti-circumvention:
https://www.law.cornell.edu/uscode/text/17/1201
Lumen (Chilling Effects) is silent on this point in their FAQ: https://lumendatabase.org/topics/14
by jaspergilley on 10/23/20, 7:35 PM
Fuck the RIAA
by bob1029 on 10/23/20, 8:25 PM
Perhaps the next iteration of this project can leverage google's own insatiable greed against them. Embedding youtube into every "smart" device on the face of the planet probably requires that google maintain a fairly consistent private API which all of these devices can communicate with. If someone were to reverse engineer one of these devices or just throw wireshark on the WLAN, it probably wouldn't take long to emulate the same approach...
What is stopping someone from using these types of internal interfaces instead of the public ones?
by zxcvbn4038 on 10/23/20, 9:05 PM
It also shows again that while free services like Github are convenient, and truthfully their interface is the one to beat, it is better to use them as a mirror of something you self host then the primary.
Some options: (I prefer gitea - easiest to install and maintain, very active development community, single binary, written in Go)
by dredmorbius on 10/24/20, 9:04 AM
I'm not even sure that the RIAA has standing to sue or could demonstrate injury:
- The claimed anti-circ method is not the RIAA's, it is Google's (via YouTube). - As a user agent, youtube-dl is simple an alternate Web access method which runs code from the YouTube website as a necessary part of the process of accessing and playing content ... meant to be accessed and downloaded. - Youtube-dl has substantial non-infringing use. 17 USC 1201(a)(2)(B) https://www.law.cornell.edu/uscode/text/17/1201
See 17 USC 1203: Civil remedies: https://www.law.cornell.edu/uscode/text/17/1203
by Conan_Kudo on 10/23/20, 7:36 PM
by rgovostes on 10/23/20, 7:38 PM
by nickjj on 10/23/20, 7:49 PM
> The clear purpose of this source code is to (i) circumvent the technological protection measures used by authorized streaming services such as YouTube
Using this logic then OBS or any desktop recording tool is also violating the same measures because you could press record while a Youtube video is playing and wind up with your own locally recorded copy of the video.
Since we're here, let's also say any smart phone is also in violation since they could technically record a Youtube video playing on another device.
by dheera on 10/23/20, 7:30 PM
> Repository unavailable due to DMCA takedown.
(a) Are there mirrors?
(b) Are there Github equivalents in e.g. Russia where the RIAA doesn't have jurisdiction or extradition power?
by reggieband on 10/23/20, 8:16 PM
My personal feeling, and obviously not a legal opinion or even morally infallible in any sense, is that storing a local copy of digital content that has been consumed should be allowed. Where it becomes grey (or my feeling tends towards disallowing) is if I share or re-broadcast that content in any form.
That is, I feel the DMCA is in the wrong here. Unless they can prove intent to re-distribute it feels wrong that they can ban my ability to maintain a copy for myself. I believe it ought to be a right to store such content locally.
by Santosh83 on 10/23/20, 7:30 PM
by 3np on 10/23/20, 7:32 PM
It's not that far from targeting wget or curl, were it not for the widespread use of them in industry.
by RealStickman_ on 10/23/20, 8:17 PM
Edit: NVM. Getting nowhere with setting that up.
by andrey_utkin on 10/23/20, 8:07 PM
by neiman on 10/23/20, 7:32 PM
by q3k on 10/23/20, 8:29 PM
This is master on 4eda10499e8db831167062b0e0dbc7d10d34c1f9, retrieved from gitee.com, and is the last known hash from Google Webcache [1].
Clone, verify and rehost.
[1] - https://webcache.googleusercontent.com/search?q=cache:o7ilf8...
by erk__ on 10/23/20, 7:37 PM
by grawprog on 10/23/20, 8:33 PM
The RIAA and America in general has no right to police the rest of the world.
by cwkoss on 10/23/20, 11:34 PM
I don't want my money funding this sort of overreaching censorship.
by nimbius on 10/24/20, 12:05 AM
Napster was followed by bittorrent, bittorrent by popcorntime, and youtube-dl. in the past 20 years the industry has quietly capitulated and delivered some content users really want like streaming audio services, but in the grande cosmos of the DMCA-related war on piracy the industry itself continues to do more to smite its own face than it does to offer a more reasonable and accessible product to their audience.
There is nothing to keep me from writing something now that scrapes puseaudio for content triggered by mpv. the only real factor thats of concern is that this new backflip would be even harder for the RIAA to prosecute.
by ordo_inf on 10/23/20, 9:56 PM
Also, a recommendation for the youtube_dl crew is to use a self-hosted solution (if GitHub/GitLab/SourceForge wont do). Find a cheap Linux hosting provider and run Gitea on it: https://github.com/go-gitea/gitea
It's the best tips I can give for now.
by blumomo on 10/23/20, 7:47 PM
by andy_ppp on 10/23/20, 9:39 PM
by mikece on 10/23/20, 8:33 PM
by int_10h on 10/23/20, 8:19 PM
by jaspergilley on 10/23/20, 7:55 PM
by tgbugs on 10/23/20, 9:45 PM
by Iv on 10/24/20, 3:38 AM
The whole copyright industry is based on toxic premises that do not hold true anymore in the internet age.
By now, different models have been proven to work. Make them the norm. Abolish copyright. Or turn them back into what they were supposed to be: a TEMPORARY protection of a work since first publication (originally 21 years IIRC).
Old Disney characters, superheroes invented in the 40s and 50s, even the "more recent" Starwars are part of culture now just like Othello or Moby Dick are. Allow to use them as such.
by l0b0 on 10/24/20, 12:56 AM
$ git clone https://salsa.debian.org/debian/youtube-dl
$ cd youtube-dl
$ git remote rename origin salsa-debian-org
$ git remote add -f code-hackerspace-pl https://code.hackerspace.pl/q3k/youtube-dl
$ git remote add -f git-technik-io https://git.teknik.io/ytdl-org/youtube-dl
$ git remote add -f ytld-org https://gitlab.com/ytdl-org/youtube-dl
$ git remote add -f gitea-eponym-info https://gitea.eponym.info/Mirrors/youtube-dl.git
$ git remote add -f gitee-com https://gitee.com/mirrors/youtube-downloader.git
The start of the log looks like this:
$ git log --all --decorate --graph -n2
* commit 416da574ec0df3388f652e44f7fe71b1e3a4701f (gitee-com/master)
| Author: Sergey M․ <dstftw@gmail.com>
| Date: Fri Oct 23 21:31:37 2020 +0700
|
| [ytsearch] Fix extraction (closes #26920)
|
* commit 48c5663c5f7dd9ecc4720f7c1522627665197939 (ytld-org/master, gitea-eponym-info/master, git-technik-io/master, code-hackerspace-pl/master)
| Author: Toan Nguyen <davidnguyen1501@gmail.com>
| Date: Thu Oct 22 19:15:05 2020 +0700
|
| [afreecatv] Fix typo (#26970)
by read_if_gay_ on 10/23/20, 7:32 PM
by 2OEH8eoCRo0 on 10/23/20, 7:36 PM
I'm worried about Newpipe now, it's been a life changer.
by fabiomaia on 10/23/20, 8:42 PM
$ brew install youtube-dl
...
==> Downloading https://github.com/ytdl-org/youtube-dl/releases/download/2020.09.20/youtube-dl-2020.09.20.tar.gz
...
curl: (22) The requested URL returned error: 451 Unavailable for Legal Reasons
Error: Failed to download resource "youtube-dl"
Download failed: https://github.com/ytdl-org/youtube-dl/releases/download/2020.09.20/youtube-dl-2020.09.20.tar.gzby danmg on 10/23/20, 9:13 PM
Everyone knows what Youtube is. It's easy to understand the utility of being able to download a video from Youtube to save it on your computer. If they didn't already know this was possible to do, they'd immediately want to start using it as soon as you explained it was possible.
DeCSS was exploiting a weak encryption scheme's weak key distribution scheme. Where the only final explanation for why this matters is that it can be used to rip off DVDs.
by arafsheikh on 10/24/20, 7:59 AM
by Ansil849 on 10/23/20, 9:09 PM
by siliconc0w on 10/23/20, 8:53 PM
by DoingIsLearning on 10/23/20, 8:28 PM
Why do I need to be denied access to a repo if I'm outside the US?
by AkumaNoTsubasa on 10/23/20, 10:17 PM
Well, then please also Block all Browsers, SSH, Tunnel, etc. too, because you can use those too to easily download copyrighted material.
by ravenstine on 10/23/20, 9:52 PM
I really hope this doesn't stand, because what it's basically saying is that you can't even tell someone how to download something that might be copyrighted. Not only that, but this was brought forth by a murky technicality.
Pray to god this never happens to NewPipe.
by VikingCoder on 10/23/20, 7:41 PM
by bArray on 10/23/20, 10:53 PM
* Downloading a video you uploaded and no longer have stored locally.
* Downloading a video to create a fair-use response video.
* Downloading video/music that is free commons (or some other non-restrictive license).
* (Gray) Downloading content to archive it.
* Downloading content you have already purchased and have in your possession.
* (Dark gray) Downloading content you have a paid subscription to view, but don't have reliable internet.
All of these anti-piracy measures need to answer one simple question - what stops somebody from just screen recording your material? At the point in which somebody can view your material on another device, you've lost a lot of control.
P.S. This clone seems legit:
`git clone https://gitea.eponym.info/Mirrors/youtube-dl.git`
by johnisgood on 10/23/20, 11:29 PM
by boogies on 10/23/20, 7:39 PM
IUUC importing this to GitLab would have taken ~½dozen clicks and saved the open issues, etc.?
by maledorak on 10/23/20, 11:35 PM
https://github.com/marzzzello/youtube-dl
https://github.com/koalp/youtube-dl
https://github.com/r4rdsn/youtube-dl
by nudpiedo on 10/23/20, 9:35 PM
by ffpip on 10/23/20, 7:48 PM
This website is currently disabled due to a DMCA takedown notice. The website you are trying to access hosts copyrighted content. Please contact support, or seek the copyright holder's permission to access the content.
by mhandley on 10/23/20, 11:03 PM
by names_are_hard on 10/24/20, 8:21 AM
by hprotagonist on 10/23/20, 9:24 PM
if nothing else, today i finally actually used a bundle file:
git clone ytdl-org-youtube-dl_-_2020-09-28_19-41-32.bundle youtube-dlby kemonocode on 10/24/20, 3:34 PM
by diffeomorphism on 10/23/20, 7:43 PM
1: At this time this is just a baseless accusation and there are no repercussions to the RIAA for blatant abuse. Why wouldn't they simply send a takedown for anything they don't like no matter whether it is legal or not?
by mmaunder on 10/23/20, 8:16 PM
by how2draw on 10/23/20, 11:01 PM
1. Clone the repository. Make an insignificant change to the initial commit in order to change all commit hashes. Push to github as a new repository.
2. Create a password "protected" zip file (or smaller volumes) containing the repository. Use a password that's easily found in common wordlists. Commit it to another project and push to github.
Microsoft GitHub may be centralized, but it's not omniscient. RIAA may be a control freak, but it's not omnipotent. Let information be free for all.
by resynth1943 on 10/23/20, 8:46 PM
Self-plug, I know. But I'll update it if anything new comes in.
by SoylentYellow on 10/23/20, 7:56 PM
by ijcd on 10/24/20, 1:43 AM
FWIW, it's easy to find the code on Google. The release tarballs have the format youtube-dl-YYYY.MM.DD.tar.gz and one can look in the Homebrew Cellar, for example and see there was a release on 2020.09.20. ;)
by brink on 10/23/20, 9:23 PM
by oleg131 on 10/24/20, 12:23 AM
https://web.archive.org/web/*/https://github.com/ytdl-org/yo...
E.g. the first snapshot redirects you to https://web.archive.org/web/20200923163719/https://github-pr... and it works.
by iameli on 10/23/20, 10:27 PM
by readme on 10/24/20, 3:39 PM
by esalman on 10/23/20, 7:29 PM
by theobr on 10/23/20, 9:26 PM
by shiado on 10/23/20, 9:18 PM
by getpolarized on 10/23/20, 7:51 PM
by xvilka on 10/24/20, 2:06 AM
[1] https://ipfs.io/
by palashkulsh on 10/24/20, 6:05 AM
by ezoe on 10/24/20, 12:05 AM
> (i) circumvent the technological protection measures used by authorized streaming services such as YouTube,
> and
> (ii) reproduce and distribute music videos and sound recordings owned by our member companies without authorization for such use.
https://github.com/github/dmca/blob/master/2020/10/2020-10-2...
(i) is strange claim as youtube-dl simply implements various streaming protocols public to anyone, most commonly used protocol is HLS which is just a simple list of URIs of small portion of video files in text file over HTTP/HTTPS. No technological protection whatsoever. (ii) can be easily avoided by simply removing or changing the example usage.
by JdeBP on 10/23/20, 9:04 PM
"Download Web Videos" "Keep your favorite web videos safe on your PC by downloading them. You can save videos from popular sites in one click – including YouTube."
by whatsmyusername on 10/23/20, 7:35 PM
by easton on 10/24/20, 2:54 AM
by htrap on 10/24/20, 12:27 PM
by sakoht on 10/23/20, 8:30 PM
Seems clearly that if youtube authorizes downloads, then people shouldn't put things on youtube they don't want downloaded?
The takedown notices should be going to youtube. But of course they want to use youtube to promote themselves.
by baldfat on 10/23/20, 8:35 PM
by amatecha on 10/24/20, 1:49 AM
by dredmorbius on 10/23/20, 11:39 PM
by riclad on 10/23/20, 11:04 PM
by ColanR on 10/24/20, 12:22 AM
by rhabarba on 10/24/20, 7:42 AM
by hadcomplained on 10/24/20, 7:26 AM
by jedberg on 10/23/20, 7:47 PM
I suspect this will be fixed in a day, and just be hosted elsewhere.
And also, isn't this like when the studios sued the makers of VCRs?
by pseudosavant on 10/24/20, 3:27 PM
It would seem hard to argue that Google is completely against it when they could be considered a contributor to the "problem". Providing apps that violate their own TOS. Not just source code, but actual apps/extensions.
by skottk on 10/23/20, 8:20 PM
They're requesting the takedown under 17 U.S. Code § 1201 - Circumvention of copyright protection systems. [https://www.law.cornell.edu/uscode/text/17/1201] It's a few paragraphs of the actual law at stake here. There's no much to it.
Essentially, they're arguing that Youtube's normal stream distribution technology is "effectively control[ling] access to a work." Given 3A & B from the link above, that will take a fair amount of arguing - there's no encryption, there's nothing that requires information under the authority of the copyright holder (like a key) to descramble the information.
Unless the repo has code that's breaking browser-based DRM, in which all bets are off - breaking DRM is by definition circumventing a technical protection. Doesn't matter if it was easy to break-- you break encryption, there's no more argument over whether you're circumventing. Decryption is right there in the text of the law.
Github agreed to the takedown because they don't want to be distributing a circumvention tool, and they don't feel like going to court over whether this is a circumvention tool or not. There are a lot of repos out there, you can't go to court over every single one. I'd be surprised if it stayed up on GitLab for much more than a New York minute, either.
The EFF might fight this, because there's a pretty good argument around the noninfringing uses; however, they also might not, because there's not much of an argument around whether it violates the Google Terms.
Some us are mentioning that there are use cases for this software that don't infringe copyright. That goes back to Sony v Universal, the VCR/Betamax case, which permitted the production and sale of technologies with "substantial noninfringing uses." In the case of the VCR, the particular noninfringing use was time-shifting of broadcast television, taping shows to watch later. The noninfringing uses here are around downloading works that are in the public domain or Creative Commons, and definitely around offline use. Easily a colorable argument.
The file sharing cases of the early 2000's have drawn some lines around the noninfringing use defense, though. Napster and Grokster both claimed, in court, to support noninfringing uses. However, both products promoted their products as offering free access to copyright-protected works, and the courts took notice of that in both cases-- I believe that the Grokster opinion may have noted that Grokster had never mentioned a noninfringing use outside the trial.
IOW, if you're providing a dual-use technology for noninfringing use that is also capable of infringing use, you absolutely cannot promote the infringing uses to the exclusion of others. Not only do you draw unwanted attention to yourself, you may actually (as in Napster and Grokster) invalidate the most important defense that you have for your activities.
by Lammy on 10/23/20, 7:30 PM
> Repository unavailable due to DMCA takedown.
How, exactly? This is why I dislike GitHub's "Fork" button, since a takedown of the original takes yours too.
by riclad on 10/23/20, 11:10 PM
by throwaway4good on 10/23/20, 9:57 PM
Github receives a letter from a private organisation RIAA and then takes down the repository.
How does Github know that this request is proper and youtube-dl is illegal? Just because it comes from RIAA?
Did Github give the repository owners a chance to migrate to another service willing to host their content?
by ddingus on 10/23/20, 9:30 PM
by ddavis on 10/23/20, 7:36 PM
by tpoacher on 10/23/20, 8:09 PM
by Stephen304 on 10/24/20, 8:07 PM
;)
by em3rgent0rdr on 10/23/20, 7:38 PM
by daodedickinson on 10/24/20, 5:08 PM
Coincidence?
After the RIAA won a case against Limewire in 2010, the next significant legal action I can find in a bit of looking is that the US Supreme Court ruled against the RIAA in Allen v. Cooper (March 23, 2020).
Here are the opinions: https://www.law.cornell.edu/supremecourt/text/18-877#writing...
I have a lot to look into...
by krob on 10/23/20, 8:34 PM
by 7ewis on 10/24/20, 4:49 PM
https://twitter.com/GalacticFurball/status/13197659867911577...
by LockAndLol on 10/23/20, 10:52 PM
The more often this happens, the more we'll learn about reproducible builds, decentralized (and/or anonymous) code hosting, and setup tools and software that uses this more. I'm sure the distributed tar.gz is next on the list for this DMCA and we can't rely on things hosted on the clear web anymore.
[1]: https://radicle.xyz/
by jonathan-neil on 10/23/20, 7:32 PM
by vms20591 on 10/24/20, 1:28 PM
Sure, GitHub like features offer more than just a space to host our code. It has become a goto site for example, finding new and interesting repos to contribute to.
It's important that the devs or community that develop a software think about the potential censorship it might have to encounter from thugs like DMCA, based on what is it that they develop and evaluate the choice of hosting.
by neves on 10/24/20, 1:39 PM
It also showcases a marvelous advantage of using git as a VCS, they automatically have multiple backups and can easily transport the project. And it showcases that all the other project info, like issues and comments should also be under version control and downloaded in developers machines. You can't depend on an external service for your project.
BTW, is it possible to use GitHub features in a distribute way? E.g.: create issues in my machine and pushing it to the server?
by johnnyapol on 10/23/20, 8:45 PM
by sj_krueger on 10/24/20, 10:48 AM
For now this should be sufficient:
http://it7otdanqu7ktntxzm427cba6i53w6wlanlh23v5i3siqmos47pzh...
I will give the main contributors the neccessary access for reviewing/merging/etc.. or will entirely hand over the project if you can prove you are the maintainer.
by aestetix on 10/23/20, 10:14 PM
by bonsi on 10/23/20, 8:16 PM
by lsiebert on 10/23/20, 11:52 PM
I wouldn't have installed if they hadn't done this, and I'll probably never use it, but this rubbed me the wrong way.
by sweetlucipher on 10/23/20, 11:02 PM
If it's been taken down I am sure it will pop up on some torrent. The authors and all those who have contributed to it have copies.
How can a court tell me not to publish generally useful software with a legitimate intent?
by Aeolun on 10/23/20, 10:50 PM
All the connected forks have also been disabled. Better to clone and re-push if you ask me.
by iamnot_fussy on 10/24/20, 10:26 AM
Has github made a statement yet?
(Oh and don't think for one moment that the RIAA's actions have anything to do with supporting the struggling artist.)
by weyland on 10/23/20, 9:45 PM
by openfuture on 10/23/20, 9:47 PM
by bryanrasmussen on 10/24/20, 8:42 AM
by hexo on 10/23/20, 8:03 PM
by camnora on 10/23/20, 8:05 PM
by apetresc on 10/24/20, 11:27 PM
I feel vindicated, but also sad that the end of this particular era has finally arrived :(
by robgibbons on 10/23/20, 7:31 PM
by ineedasername on 10/23/20, 11:14 PM
by choeger on 10/24/20, 7:19 AM
I really wish there was some kind of retribution in the typical OSS licenses. You censor free software, free software censors you. I think these organization would think twice to take down a project if they would immediately lose access to Linux, Apache, Python, et. al.
by sylvain_kerkour on 10/23/20, 7:51 PM
by bergstromm466 on 10/24/20, 5:34 AM
by okareaman on 10/23/20, 9:08 PM
by kazinator on 10/23/20, 10:43 PM
by stingraycharles on 10/23/20, 7:30 PM
So I’ll ask: is this DMCA request justified? Why would the RIAA be going after YouTube-dl, rather than Google? Wouldn’t it make more sense for the RIAA to go after YouTube instead?
by porjo on 10/24/20, 12:49 AM
by Paianni on 10/23/20, 11:21 PM
by cft on 10/23/20, 7:33 PM
by Thaxll on 10/23/20, 7:53 PM
You're out of troubles?
by awwaiid on 10/24/20, 12:59 AM
by ohyash on 10/23/20, 8:53 PM
And even a lot of unofficial libraries that allowed easier yt access. Dead in a go.
Do we have a cli alternative that does everything of yt-dl except the video download part?
by lelandbatey on 10/23/20, 8:59 PM
The only _concrete_ circumvention they level at youtube-dl is that it "circumvents YouTube’s rolling cipher". I looked into this more, and before I go into how totally bulshit it is that they've apparently conned judges into believing this, you should read their full accusation (or just read the full DMCA letter from the RIAA):
For further context, please see the attached court decision from the Hamburg
Regional Court that describes the technological measure at issue (known as
YouTube’s “rolling cipher”), and the court’s determination that the technology
employed by YouTube is an effective technical measure within the meaning of EU
1 See https://github.com/ytdl-org/youtube-dl/blob/master/README.md#readme.
and German law, which is materially identical to Title 17 U.S.C. §1201 of the
United States Code. The court further determined that the service at issue in
that case unlawfully circumvented YouTube’s rolling cipher technical
protection measure.2 The youtube-dl source code functions in a manner
essentially identical to the service at issue in the Hamburg Regional Court
decision. As there, the youtube-dl source code available on Github (which is
the subject of this notice) circumvents YouTube’s rolling cipher to gain
unauthorized access to copyrighted audio files, in violation of YouTube’s
express terms of service,3 and in plain violation of Section 1201 of the
Digital Millennium Copyright Act, 17 U.S.C. §1201.
So I went looking, and it turns out that the RIAA has used this exact same excuse to go after some other people, their documents are available, and we can see more of what they wrote. I'm referencing this[1] document which I found through this[0] blog post about a 2016 case where the RIAA went after an online service called TYMP3. Here are the links, and here's what the RIAA said:
[0] - https://www.techdirt.com/articles/20160927/17062135646/can-s...
[1] - https://assets.documentcloud.org/documents/3114545/YTMP3-Com...
< The following is found on page 8 of the PDF linked above >
39. Plaintiffs are informed and believe, and on that basis allege as follows:
YouTube has adopted and implemented technological measures to control access to
content maintained on its site and to prevent or inhibit downloading, copying,
or illicit distribution of that content. YouTube maintains two separate URLs
for any given video file: one URL, which is visible to the user, is for the
webpage where the video playback occurs, and one URL, which is not visible to
the user, is for the video file itself. The second URL is generated using a
complex (and periodically changing) algorithm - known as a “rolling cipher” -
that is intended to inhibit direct access to the underlying YouTube video
files, thereby preventing or inhibiting the downloading, copying, or
distribution of the video files.
< further down, on page 12, they lay out their accusation >
Among other things, Plaintiffs are informed and believe, and on that basis
allege, that YTMP3 employs a means to circumvent the YouTube rolling cipher
technology described above, and other technological means that YouTube employs
to protect content on its site.
https://gitlab.com/HacktorIT/youtube-dl/-/blob/master/youtub...
So to summarize, youtube creates two URLs: one that's a public video URL, and one that's the URL to the actual video content. The URL to the video content changes on a rolling basis, and is slightly rearranged. All that's true. However, what the RIAA is avoiding saying, and which completely changes the context of this discussion is:
YOUTUBE SENDS YOU BOTH URLS IN CLEARTEXT, AND INCLUDES THE CODE FOR HOW TO DOWNLOAD THE VIDEO, SO YOU AND YOUR WEB BROWSER CAN DOWNLOAD THE VIDEOS WITHOUT USING ANY ENCRYPTION/DECODING.
So when a judge asks "how is it that you're getting around this 'rolling cipher' to access the video?" all you have to say is "Youtube told me where to download the video, so I followed Youtube's instructions and downloaded it from the URL that Youtube gave me."
Frankly, I'm amazed that any judge, or any lawyer, would ever lay out or believe such bare faced lies as is being spouted by the RIAA in this document.
FUCK THE RIAA
by cblconfederate on 10/23/20, 11:47 PM
Also couldn't the youtub-dl team claim that the whole "drm video download test" was a security test?
by scastillo on 10/24/20, 2:13 AM
by johnisgood on 10/24/20, 2:42 PM
by vernie on 10/23/20, 8:54 PM
by xtat on 10/25/20, 2:05 AM
by rektide on 10/23/20, 8:44 PM
They acted very fast on this one.
by Pxtl on 10/23/20, 11:33 PM
by gadders on 10/24/20, 3:37 PM
by Aeolun on 10/23/20, 10:37 PM
Guns can be used to shoot people, they’re explicitly advertised as being for shooting people, shooting people is a crime. We request you stop selling guns.
It’s all just a tad misplaced.
by amatecha on 10/23/20, 9:47 PM
... Actually, I should stop giving them ideas for their next takedown notices...
by xvilka on 10/24/20, 2:13 AM
by maxo133 on 10/23/20, 9:21 PM
That's the way how it works with google search.
by keyme on 10/23/20, 7:37 PM
by bryanrasmussen on 10/23/20, 10:32 PM
by kelvin0 on 10/25/20, 1:03 AM
by gorgoiler on 10/24/20, 6:09 AM
I’ve never scrutinized one before. I would have assumed it would be of the form “under the terms of the DMCA you are REQUIRED to etc etc”
by francisperron on 10/25/20, 3:40 PM
by proffan on 10/23/20, 8:05 PM
by anta40 on 10/24/20, 10:01 AM
:D
by eshack94 on 10/24/20, 3:22 AM
by mosselman on 10/24/20, 12:09 PM
by blitblitblit on 10/23/20, 10:24 PM
by nolim1t on 10/24/20, 8:15 AM
by panpanna on 10/24/20, 10:37 AM
Like silk road but for your open source fixes...
by URfejk on 10/24/20, 2:44 PM
by bryanrasmussen on 10/24/20, 8:51 AM
This thing with YouTube-dl makes me consider that one quality that a "The Adventures of Huckleberry Finn" of computer science should possess is having been banned. Of course YouTube-dl might not be the Huckleberry Finn, but maybe it is something like The Satanic Verses (which I was never a fan of).
by ffpip on 10/23/20, 7:50 PM
by fsociety2020 on 10/23/20, 9:13 PM
by cute_boi on 10/23/20, 8:38 PM
by arendtio on 10/24/20, 10:57 AM
scnr
by austincheney on 10/24/20, 4:22 AM
by ianlevesque on 10/23/20, 9:41 PM
by dr_dshiv on 10/24/20, 12:15 PM
by sushshshsh on 10/24/20, 1:38 AM
by pdimitar on 10/23/20, 8:56 PM
I wonder if the project can defend itself?
by jimnotgym on 10/24/20, 8:44 AM
by musicale on 10/23/20, 10:38 PM
by shmerl on 10/25/20, 2:46 AM
by smashah on 10/23/20, 8:08 PM
by White_Wolf on 10/23/20, 9:00 PM
Warning: do a diff against the last archive.org copy to make sure it's clean.
by amelius on 10/24/20, 3:36 PM
Are user-agents illegal now?
by neonate on 10/23/20, 10:05 PM
by cphajduk on 10/23/20, 8:52 PM
Would it be possible to host a Git server on an IPFS distributed system?
by trhway on 10/23/20, 8:17 PM
by doompilot on 10/23/20, 11:16 PM
by Bellamy on 10/24/20, 7:16 AM
I'm ready to be a sponsor for the project to live further.
by banana_giraffe on 10/23/20, 8:51 PM
by karmasimida on 10/23/20, 7:48 PM
Does this mean bittorrent client can be taken down as well?
Who is drawing the line here?
by weetniet on 10/25/20, 1:39 PM
by ikeboy on 10/23/20, 9:16 PM
The legal reasoning here is shaky. Notice that they cite a German court and assert that the law there is materially the same as that in the US.
I did some research on this specific issue at one point, and I'm skeptical that Youtube's controls qualify under the law in question.
RIAA cites two sections of the law: >the provision or trafficking of the source code violates 17 USC §§1201(a)(2) and 1201(b)(1).
It almost certainly doesn't violate 1201(a)(2), which is for access controls. This is intended to be used by someone who already has access to Youtube, so no access controls are bypassed.
R. CHRISTOPHER GOODWIN & ASSOCIATES, INC. v. SEARCH, INC., Dist. Court, ED Louisiana 2019:
>While the user id/password combination required for access was surely a "technological measure" that controlled access to the works at issue, Pevny did not circumvent that measure. She validly accessed the system using her id/password combination while she was still an employee with Plaintiff. Even if the use that she made of that access is not something that Plaintiff would have authorized her to do, i.e., copy the materials at issue, it remains that Pevny's alleged abuse of her logon privileges does not rise to the level of descrambling, decrypting, or otherwise to avoiding, bypassing, removing, deactivating, or impairing anything. As the district court observed in Digital Drilling Data Systems, LLC v. Petrolink Services, Inc., No. 4:15-CV-02172, 2018 WL 2267139, at *14 (S.D. Tex. May 16, 2018), many different district courts have held that using the correct username and password to access a copyrighted work, even without authorization to do so, does not constitute circumvention under § 1201(a) of the DMCA.
Youtube-dl either involves access to files that don't require a login, or it uses your password / cookies to access the file, so it doesn't bypass access controls.
The claim under 1201(b)(1), which is for copy controls, has more potential.
There are the subsections:
>(A)is primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; >(B)has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof; or >(C)is marketed by that person or another acting in concert with that person with that person’s knowledge for use in circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner under this title in a work or a portion thereof.
A and B clearly don't apply. The primary purpose of youtube-dl isn't to download copyrighted content, but simply to download Youtube videos, whether they're copyrighted or not. There's clearly more than limited legitimate uses (such as downloaded public domain videos.) The question here is about C - there's an arguable case that the examples in the repo that this letter cites are "marketing" usage for infringing purposes. I'm somewhat skeptical that counts as "marketing", however, and it could be easily remedied by removing those examples or replacing with public domain examples.
by koyao on 10/24/20, 5:49 AM
by Shared404 on 10/23/20, 10:34 PM
If anyone wants them, feel free to shoot me an email.
by noobermin on 10/24/20, 2:28 PM
by psds2 on 10/23/20, 11:50 PM
by hkt on 10/24/20, 6:55 AM
by varispeed on 10/23/20, 7:54 PM
by josteink on 10/23/20, 8:50 PM
by precommunicator on 10/23/20, 8:49 PM
by vermooten on 10/23/20, 9:19 PM
by qwerty456127 on 10/23/20, 8:14 PM
by jijji on 10/23/20, 10:19 PM
by intricatedetail on 10/23/20, 10:15 PM
by mikece on 10/23/20, 7:59 PM
by SteveNuts on 10/23/20, 8:01 PM
by rla3rd on 10/23/20, 9:52 PM
by dylan604 on 10/23/20, 9:00 PM
phew. i'm all good.
by med_abidi on 10/24/20, 12:11 PM
by Havoc on 10/24/20, 11:15 AM
by mola on 10/24/20, 6:45 AM
by mugivarra69 on 10/24/20, 9:15 AM
by lousken on 10/23/20, 7:40 PM
by CivBase on 10/23/20, 7:46 PM
Why stop there? I can use my browser to illegally download content, so I guess we better issue a DMCA takedown that too. But who even needs a browser? Let's issue a takedown for the GNU Project while we're at it because I could use wget to do the same thing. In fact, I could write my own program to illegally download content, so we better just get rid of computers altogether.
Stop attacking useful tools just because they can be used to do bad things! Youtube-dl should obviously change their README to get rid of the copyright-infringing example, but this DMCA takedown is otherwise rotten from the core.
by antonzabirko on 10/24/20, 4:50 AM
by vram22 on 10/24/20, 3:02 AM
youtube-dl, a YouTube downloader in Python:
https://jugad2.blogspot.com/2013/03/youtube-dl-yourube-downl...
by richardARPANET on 10/24/20, 11:12 AM
by m0zg on 10/24/20, 1:14 AM
by microcolonel on 10/23/20, 9:33 PM
by dpumpshitlord on 11/2/20, 3:07 PM
by dpumpshitlord on 11/2/20, 3:01 PM
by TLightful on 10/24/20, 3:34 PM
by dpumpshitlord on 11/2/20, 3:05 PM
by codecamper on 10/23/20, 8:17 PM
by codecamper on 10/23/20, 8:16 PM
by shmerl on 10/23/20, 7:31 PM
by dfsegoat on 10/23/20, 7:38 PM
by avodonosov on 10/23/20, 8:25 PM
by olliej on 10/23/20, 8:01 PM
by anovikov on 10/24/20, 4:37 AM
by google234123 on 10/23/20, 8:26 PM
by musicbizsucks on 10/23/20, 11:17 PM
Imagine yourself stumbling upon some incredible technology breakthrough. Let's say, it's some magical script you wrote that automatically improves the efficiency of any container by 70%+. You've worked for years on this specific problem, went broke a couple of times trying to figure it out, and finally struck gold. You form a company, issue that IP to the company, and start getting rich.
Then one day, literally Google comes along and posts your script to some website they own, without your permission. They did this illegally, without your permission, by using this other neat script called gofyourself-dl. You have a problem now. Every is improving their containers or whatever for free. Your company loses revenue every day because why would anyone pay you for tech they can get for free from Google?
What can you do? Sue Google? Good luck with that! No, you would complain to a regulator, which is the only real power (sort of) against that kind of money. You would try and convince that regulator to stop Google from stealing your IP and getting rich from it because it is YOUR IP and YOU should get rich from it. In the meantime, since gofyourself-dl is the way people are stealing your IP, you naturally try to get that taken down because IT IS BEING USED TO STEAL YOUR IP.
Stealing IP is exactly what YouTube is - and has been - doing, for years. There is this weird idea that the major record labels (who fund the RIAA) have unlimited money and are just as evil as blah blah blah, in reality the entire music economy is a minuscule fraction of Google's market cap, power, size, influence, everything, and large tech companies have no real incentive to deal with them in the standard cases because why would an elephant concern itself with an ant.
It sucks to do this to an open source repo, but everything they are saying in this memo is true - this technology is obviously being used to STEAL IP. Its primary focus is the THEFT OF IP. DMCA is a shitty blunt instrument that no one likes, don't for a second think the RIAA is thrilled with that mechanism, but what else are they supposed to do? What would you do if it was someone stealing your proprietary code and posting everywhere after having stolen it from you?