đŸ Archived View for dioskouroi.xyz âș thread âș 24988101 captured on 2020-11-07 at 00:45:52. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
________________________________________________________________________________
This request wasn't well-received by developers, many of whom retaliated by posting copies of the code. Yesterday, things went from bad to worse when a user with the name 'F__* T__ RIAA' uploaded three MP3s of the songs the RIAA mentioned in its takedown notice
RIAA couldn't care less. As far as I understand, they practically are just a team of lawyers whose job is to attack whoever they can reach, take whatever they can down and collect money when possible. They hardly even care about the actual recording business, let alone about how do people feel about them.
Making developers afraid to work on youtube-dl is a much more powerful move than taking down a few songs that were already available for free on YouTube.
I don't think this inspired fear in any relevant developers. If anything there are probably more developers willing to work on it now.
Yuuup. I havenât used youtube-dl since I was a teacher and needed it to bring educational videos into the classroom that lacked Internet.
But now I have a copy of the source, and have been thinking about how I might contribute and/or repackage it as a âbrowserâ (with the option to run it in âheadless modeâ, of course).
You have a snapshot of the source, which will be less useful over time as sites change their code and the plugins stop working.
...yes, that's how downloading works.
It also brought _tons_ of attention to youtube-dl itself, which is still widely available and will remain so for basically ever
(apologies for rewording the Striesand Effect but it is very real).
If developers are afraid, they will be tempted to program a solution for censorship-resistant hosting of open source software that additionally allows to contribute anonymously (not just pseudonymously).
the problem is lot of the incentive to contribute for free is the name recognition.
Lot of dev see it as a way to show what they can do (portfolio) because that canât share the code they produce at work
That's only true for high-profile projects.
Projects like YouTube-dl are usually born out of passion, and the best kind of projects.
Yep, plenty of tools in the infosec world on github and elsewhere are published by anonymous developers.
Plus when you use an anonymous name and get a popular project out of it, you still get recognition. Even if it's not publicly in your name. You'll still feel good about contributing to the world.
Is is good for name recognition if you contribute to software of somewhat dubious legal status such as youtube-dl?
âDubious legal statusâ defined by whom?
All GitHub got was a take down request (which they were required to act on), not proof of anything being illegal (which requires a court case to prove)
> Dubious legal statusâ defined by whom?
A potential employer.
A potential employer doing that will open themselves up to some serious legal problems.
"Oh, you committed code to a repo I consider dubious though nothing proven... hmmm not sure I'll hire you".
"Oh, you shop at a store run by a non-white person.... hmmm not sure I'll hire you".
"Oh, you follow a religion, but I'm atheist... hmmm not sure I'll hire you".
... the list goes on.
Except that one of these is legal under federal (and most state) laws, and the other two are not.
Show where in the list of protected classes (race, sex, ethnicity, etc) "your choice of programming projects" is covered?
Two of those are protected classes... the third one isn't.
Show on the list where youtube-dl has been proven illegal.
Implying criminality because you're participating on something "of dubious legality" defined nebulously ("guilt by association") wouldn't play well.
As per the post you are replying to, choice of programming project is, unlike race and religion, not a protected class. It is perfectly legal in the US for a company to discriminate based on it.
A company could also freely and legally discriminate based on whether or not you prefer whole-wheat bread. That's not a protected class. It doesn't matter that whole-wheat bread is legal.
I think you guys are conflating this with what the poster is getting at, which based on what was said (_"implying criminality"_), is more akin to defamation (though admittedly the choice of earlier examples is poor).
If, as an employer, I decide that because you chose a specific project (_or_ political party, _or_ brand of motor bike, etc. anything whose association has potential 'dubious legal status') that you're part of a criminal organization (and hence a criminal, or any other description that might be undesirable/harmful) because of that and don't hire you, that may put me at risk.
Obviously there would be a legal bar to meet from that, not the least of which would be proving that it was intentional to defame the person, and resulted in actual damages to that person (i.e. proper standing - would not getting the job be enough?)
IDK IANAL, but I sure AF wouldn't want to be the trailblazer for finding out (like IBM is right now).
Johnny gets it
I didn't imply YTDL was illegal. My response was directly to your implication that "committed code to a repo" (or however you want to phrase it) is a protected class like race or sex.
> "Oh, you committed code to a repo I consider dubious though nothing proven... hmmm not sure I'll hire you".
"Oh, you shop at a store run by a non-white person.... hmmm not sure I'll hire you".
"Oh, you follow a religion, but I'm atheist... hmmm not sure I'll hire you".
There are zero laws on the books to stop a company from firing you for committing code to an open source project.
Unless you can find me a law that actually says "Companies can't terminate employment or otherwise discriminate based on a code repo commit".
There ARE actual laws that say "You can't discriminate based on Race/Religion/Sex/ethnicity/etc".
Whether or not YTDL is illegal (I doubt it is) is irrelevant to this thread. Just like a company firing you because of a post on facebook or twitter is generally allowed (local laws and state statutes may grant more protections).
Please... prove me wrong and provide laws - local or otherwise - and possible a case where someone successfully sued for wrongful discrimination based on code they wrote.
Youtube-dl has a lot of legal applications!
Indeed it has. But the DMCA takeout request nevertheless shows that the legality of the youtube-dl itself is not clear.
Wait, that's just Git with extra steps
> Wait, that's just Git with extra steps
But the extra steps are not completely trivial to do right if strong anonymity has to be ensured.
Indeed. This just plays into their hands.
Not necessarily. Remember what happened when Digg tried to ban anyone from posting the 09F9 number because it was a secret key to some DVD thing? The users revolted so hard that the people managing the site gave up and let it stand.
Then again... who remembers Digg?
What an interesting read!
https://en.m.wikipedia.org/wiki/AACS_encryption_key_controve...
> Then again... who remembers Digg?
I do. It was pretty good, then they destroyed it, de facto paving the way for Reddit's success.
I hope something replaces reddit soon. The creeping features are beginning to rot.
Once Reddit finishes its transformation into an meme image and video board, the current incarnation of its platform will go the way of forums and newsgroups.
Over time, Facebook groups and Twitter have become the de facto discussion hubs for communities that I've been a part of for years. Those platforms make it hard to not reveal your true identity online, and you have to give Facebook and Twitter your phone number just to register. Facebook will even ask users to verify their identities with their driver's licenses. At least for me, this causes a chilling effect on my online participation in these communities.
For example, I won't talk about politics in my neighborhood's Facebook group because I don't want to be harassed. I recently witnessed a single mother get harassed because she respectfully disagreed with someone's politics in the group. People started posting pictures of her kids, putting them into crude memes, and the mayor went through public records to find her full name and address.
Reddit threading is just garbage. Impossible to follow the conversation beyond the comment you directly responded to and the immediate ones thereafter. Anything deeper and you never get a notification.
The last redesign that nobody wanted did it for me, that was the last straw. The mobile app was horrendous as well - from all accounts it sounds like nothing has changed. But yes, I agree, we need a replacement soon.
They haven't removed old reddit yet. I believe you can set old reddit as your default in your profile still.
Completely off topic but there's no way to get to r/friends from the mobile app. It's pathetic.
There are third party apps that allow you to that, and many other things.
I am aware of two open source ones: RedReader and Slide (both Android).
You really think Github will giveup respecting DMCA and copyright infringement? Your example is nice, but it's about the copyright stand of a number... it's much more grey than respecting an actual DMCA notice and being aware of actual copyrighted content on your platform.
I don't think so... instead what I expect would most probably happen is that they automate it even more, which will suck even more. We got enough damage already from Youtube doing it...
Of course Microsoft (the company behind Github) will not give up respecting DMCA and copyright infringement.
The question rather is: how much will developers continue to respect Microsoft?
Youâre asking people to not respect Microsoft because theyâre doing something theyâre _legally mandated_ to do. If Microsoft takes the route many have argued for here (namely, reject the DMCA request as itâs invalid) and the DMCA request ends up being found valid in the courts, Microsoft loses their DMCA safe harbor protections and open themselves up to multi-million dollar lawsuits. Sure, if theyâre right, then theyâre in the clear, but when their business is at risk of being killed if theyâre wrong, theyâre going to err on the side of caution.
Itâs easy to stand at a distance and mock those who do something we disagree with, but when youâre actually in that situation, your tune is going to change very quickly. A bad example, but if youâre getting mugged, sure, you could fight back, but your life is on the line.
The safe harbor under Section 512 applies to takedown requests for content copyrighted by the person issuing the notice. I don't think there is anybody asserting that the RIAA is the author of youtube-dl and thereby eligible to make a claim under that section.
I would also be curious to see you cite a case that says that refusing a takedown notice in one case costs anyone the Section 512 safe harbor in all other cases where they continue to execute takedown notices, since that would be oppressive and ridiculous.
Not necessarily. If this situation goes viral and leads to an overall increase in piracy, someone at RIAA will have to answer for it.
The question being "Hooray, we can bill our clients more. Piracy is back! Who's name is going on this bonus here then?"
How do you optimize to maximize billing while minimizing effective takedowns? If I recall, you could host youtube-dl like repos in the Netherlands and Turkey on VMs running hosted git, and they'd be out of reach of the copyright cartel.
That is not hard, as the actions are fueled by greed and depend on spreading fear. It has nothing to do with rational thinking. At least not in the way an average consumer would assume.
Copyright cartels live by bullying. It is not important how much of the takedowns are actually effective, as long as they get to dominate the news with their lawsuits. Because only that will already deter al lot of people. Just drag everything on forever and have an occasional success that you can trump on every news channel. That is enough to spread fear. And that works also in other countries, like The Netherlands, because they will have some representative organization there (Brein, in this case) that is happy to take on the role of the bully for a small amount of cash.
I would go further and call them a "Hypnosis Apartment" - they only "work" when the client believes they work the actual realities are irrelevant. Even if they actually stopped all piracy if their clients believed it was because they designed a majestic new American Flag their cartel goes crumbling down.
> Because only that will already deter alot of people.
Thing about software is it doesn't need a lot of people. Just a handful.
Napster was viral.
oink.cd was viral.
PopcornTime is viral.
The Pirate Bay was/is viral.
RIAA doesn't care. Their main business is extortion racket. And it's extremely lucrative.
And it's extortion _on all sides_. They extort money from DMCA and copyright lawsuits. They extort money from artists. They extort money from music services.
How could someone kill RIAA?
You'd have to kill the Big Four:
https://en.wikipedia.org/wiki/Music_industry#Consolidation
As long as they act they will be fine. Github will be more at risk, since they are legally responsible for content hosted on their site. They have some protections under the DMCA, but only if they respond to takedown requests in a timely manner. And those takedown requests take time and effort to process.
The RIAA and other copyright holder representatives have automated submitting a DMCA takedown request process ages ago, and now submit thousands a day to e.g. youtube. Youtube in turn has automated taking down content that receives said requests and probably a big part of the appeal process as well. Is Github that far already?
Microsoft is playing a different game than YouTube/Google.
Microsoft bought Github for 7.5 billion dollars. Github is a website wrapping a git-server; you know Microsoft could have built their own for a lot less money. The didn't buy the technology, they bought a network, its data and a brand. They are trying to improve their reputation with the open source community. It's really hard to measure such a thing, but this RIAA take down reduced developer trust. If Microsoft chose to fight a legal battle, win or lose they would win on their branding front. They would signal that they are defending open source.
Is the RIAA actually sending _DMCA_ takedowns? Or are they just doing ContentID claims? The former of which puts a strike on your account and can be appealed in the courts while the latter is entirely Googleâs doing and youâre at the mercy of their appeals process.
microsoft is a tad bigger than the riaa.
Can someone explain what is so hard here to go ahead and host your own Git repository? I mean how hard is it to run
git instaweb --httpd=webrick
Also there are tons of options GNU Savannah, Gogs,Gitea , Git Bucket ...
It is very easy to run a git repository. However you (and your ISP) might receive DMCA notices and have to respond or at least deal with legal notices yourself.
Itâs trivial.
What is hard is managing the identity/ authentication process of large numbers of developers.
Even harder is actually covering your costs, i.e. running a going concern.
Github offers far more than a git repo. PR reviews, issues, etc. are important for many projects. Linux gets by with LKML but that's a nonstarter for most people now.
Linux kernel manages themselves pretty much without github.
That's typical mobster mentality. Quite similar to patent trolls.
This sounds like gossip. _The word on the street is..._
Well, that's partly by design on their part. The RIAA exists to take heat off the record labels while carrying out their enforcement actions.
Which will lead to GitHub adding content filters which will lead to false flags and rejected commits which will lead to algorithms wrongly flagging existing content in your repo which will lead to a byzantine appeal processes which ...
... no wait, that was my Youtube channel.
Companies actually lobby the EU, I guess the same is true for the US, to allow "forward scanning". Meaning they would like to proactively try to purge the net of illegal content. Mozilla is part of this alliance.
I am going to leave Github, since the tech giants + Mozilla should not be trusted.
Mozilla jumped the shark when they relented to supporting EME and packaging Widevine and OpenH264 with an otherwise-FOSS product.
It's not as though a fork couldn't have added those.
And despite adding those the user share of Firefox continues to decline.
How Mozilla has changed in the last years hurts the most. I do think the leadership just wants to profit from the name and it will at one point cease to exists.
It has done much for the net though, it should not be forgotten.
they are just trying to stay alive
They're doing a poor job of it. They've been stuck at around 4% market share for over a year now.
Mozilla is not GNU. They may compromise on their values because it allows them to stay relevant and get anything done at all.
Stay relevant? Firefox is stuck at around 4% of market share. They're as relevant as a statistical aberration.
Is this[1] the document you are talking about?
It doesn't seem to read as bad as what you make it sounds but it could end up exactly that bad.
As dotdi said, I hope that companies like Mozilla joined to (try to) influence these decisions.
[1]
https://edima-eu.org/wp-content/uploads/2020/10/ORF-Series_-...
They also don't want to let it sound bad, but in essence this is exactly what they are proposing from what I gather.
In a moment of greatness, which we have very few, EU officials specifically disallowed "forward policing".
Perhaps I do have a fundamental misunderstanding and the ambition is indeed to restrict general monitoring (sic) and these attempts are meant to sway some more zealous voices. But a lot of these companies here have shown interest in getting more data rather than less.
Without further comment this seems to be an attempt to fortify their positions as "leading internet companies" as they describe themselves and furthermore...
> limited liability when they take proactive action to ensure that illegal content [...]
... can basically allow propaganda. You just need to conjure a threat of incoming "illegal" content.
The EU technocrati are both a complete disaster and one of the most progressive well informed group of legislators on earth. Itâs a curious paradox
I think rather than pretending such efforts don't exist, opposing companies could strategically join to have _some_ say and _some_ influence on how this plays out.
Or maybe I'm just being naĂŻve.
I hope you are correct, but reading up about it just left me disappointed. While it may be true that you can influence the group, I think it is often used as an excuse because more participants give more weight to the interest group in the first place. But I hope you are right.
Thanks for sharing this. Didn't know and i live in EU. It's so disgusting i actually have a sore tummy after visiting the site.
I really detest the obnoxious marketing speak like: "We support policy initiatives that are pro-consumer and that promote innovation and growth towards a Digital Single Market for Europe."
I'm sure people will start noticing the pattern with these platforms... any day now.
How does the problem have anything to do with GitHub and not the RIAA/DMCA?
It "backfires" because people post a small number of mp3 files on github that will promptly taken down? We did it reddit, the DMCA is no more!
What a silly headline.
If you want to actually something that will matter then make sure that github doesn't become a single point of failure for FLOSS software in the future. Or get your GH account banned by posting Lady Gaga tracks in your repos, you do you.
TorrentFreak's headlines are terrible "fan service" most of the time.
You just realized the people on Hacker News are no smarter than the folks on reddit!
Those two groups are not mutually exclusive :-)
I enjoy both and I'm not embarrassed. Where else can I get my "Below Deck" news and "Schitt's Creek" memes?
The EFF appears to concur with a previous comment I made on this topic:
"EFF believes that the circumvention restrictions in DMCA section 1201, which prevent people from bypassing technological restrictions, are too broad.
DMCA 1201 is incredibly broad, apparently allowing rightsholders to legally harass any âtraffickerâ in code that lets users re-take control of their devices from DRM locks,â EFF wrote recently."
This creates an unaccountable enforcement party who can harass "targets" on behalf of another unaccountable party. The way it is written, reddit would have to take down a selectively unpopular subreddit for providing technology that facilitates the trafficking of copyrighted images. Whose copyright? Who cares? One could inject a bunch of copyrighted material into sites and then use a DMCA notice against their upstream provider to shut them off - a pattern I would predict is likely to materialize in coming months. Write sideloaded apps for a community because an app store uses their policy against you? "Circumvention!" The opportunities for abuse are endless.
While teleological arguments are always a bit iffy, the final objective is to ensure that there can be no information or service on the internet that is outside not only U.S. subpoena, but that there can be no communities or networks of personal relationships that are not governed by legacy institutions. It is under the auspices of people being "accountable," for their thoughts and beliefs, and yet without precision about to whom one is being held to account by.
To every establishment growth is the greatest threat of all, and the DMCA s1201 is effectively designed to suppress it. The good news is these blunt attacks are a forcing function for developing decentralized technologies, and every one of these creates a cohort of new hackers.
Music consumers across multiple generations, while supporting artists, have expected a certain degree of freedom with the music playback technology placed in their hands. Whether it was recording a custom mix-tape for a special friend full of copied tracks or ripping a stream to play back on demand, there are certain things that most people see as _reasonable_ and harmless.
RIAA made a habit of attacking things seen as reasonable and harmless and has earned a reputation for being unreasonable and harmful. Musicians deserve better. Ultimately, they are the bosses here. Perhaps someday they'll start acting like it.
Does anyone think that music company executives (the boss's boss) have ever paid money for mp3s, cds, tapes, 8-tracks, and vinyl ?
Music and video production software tends to have some of the craziest DRM, so that should tell you what the audience for that software is like.
>Musicians deserve better.
Some do. I seem to recall Nirvana being outspoken of their corporate attack dogs the RIAA back in the Napster days when the RIAA was with a straight face claiming damages that totaled more money than was in circulation, globally.
Do you mean Metallica? South Park did an episode about how ridiculous their arguments against Napster were[1]. I don't remember Nirvana weighing in on the RIAA's side (incidentally, Nirvana disbanded in 1994 after the death of Kurt Cobain; Napster was founded in 1999).
[1]
https://en.wikipedia.org/wiki/Christian_Rock_Hard
It was metallica.
My bad, mixed up Metallica and Nirvana in my head. I don't listen to metal, obviously. Can't edit.
Does one imagine that the RIAA is substantially worried about this? I don't. I'm sure they see it as a total win.
It seems one of the RIAA's jobs is doing unpopular things and taking the blame. The recording studios can keep them at arms length and stay reasonably spotless while they are the real responsibles for these actions.
I don't think the studios care either, it's the artists that are at the forefront. As long as their image is not spoiled the rest doesn't really matter, I doubt many people buy (or don't buy) an album because it's published by Sony Music or Universal.
I know laymen that otherwise wouldn't care, but would not buy Sony Music. Sony ruined some hardware back in the day. I don't think that anyone I know personally had hardware ruined, but they heard of it and learned to stay clear of Sony Music.
Yep. Sony has been on my 'do not buy anything Sony" for almost 20 years now.
I used to buy lots of music and video. I deliberately stopped buying anything in that line way back in the early 2000s. Roughly at the same time as my Sony boycott.
The ticketmaster value proposition
Blame-as-a-Service. The business model of many management consultants.
Agreed. If the people behind these take-down requests actually ended piracy, they'd be out of a job.
Don't be naive.
When they are done with open piracy they will move to other stuff.
Did you whistle a copyrighted tune in the elevator? You owe us money now.
(If you think I'm joking, look at Japan who jails musicians for 10+ years for playing covers at parties without paying royalties)
Citation needed. All I can find are jailed musicians in Japan for drug possession.
I don't think you're joking, but I think you're making pretty terrible assumptions.
A party large enough is effectively a broadcast/performance.
It's not as cut and dried and greed-filled as all that.
For large acts and musical pieces that have moved into the larger cultural milieu, sureâthere's a discussion to be had about the place of the work in that society. (And then maybe the society as a whole should compensate the artist they've so benefited from more directly)
Those licensing and copyright laws were designed to protect journeyman musicians from having their life's work robbed by large publishers and broadcasters and it still serves that purpose.
Imagine proprietary software from your work was lifted and incorporated by a potential client. I'm certain in most cases that would be grounds for litigation in most peoples' minds. (Or, for example Robert Kearns' case)
IP protection laws are completely overgrown though, in the way a bacteria out of balance harms it's host, or a plague of locusts destroys the environment.
10 years, not a second more! For all IP .. no exceptions.
Lifetime wasn't the discussion at hand, though. The topic was the validity of protections at all.
People have a lingering hatred on for the RIAA, and maybe rightfully so, from the Napster trials and so on from the early 2000's and I think they let it blind them to the history of music and creators' rights in North America.
The assumption that musicians are all a bunch of greedy sods making it filthy rich, undeservingly, is pretty awful. The reality is they get robbed often.
(And people get all hot under the collar when it comes to licensing of performances and broadcasts because they want to rant about the RIAA, but that's not really their wheelhouseâthat's more the domain of organizations like SOCAN, ASCAP, BMI, etc, and they do a lot _for_ artists).
But who am I kidding. It's 2020. Everywhere I look, people want their music, films, and journalism for free while they proceed to whip the creators for whatever faults they find with the creation or research...
This didn't backfire for the RIAA, it backfired for _GitHub_, who are absolutely not the bad guys in this. They have expressed more support for the project than they would have needed to and are bound to laws.
Github's failure is one of principles. That the youtube-dl repository is actually a violation is tenuous at best. Should they actually care about the state of things they would have resisted, but they did not.
No, GitHub did everything "right", or at least as right as the law allows. DMCA 1201 is really just that overbroad, and if GitHub hadn't complied with the takedown anyone involved with that decision would literally be put in jail. Unlike normal copyright infringement (which is usually just a shitton of money damages) messing with DRM is a felony, punishable by up to five years in jail.
Unless you literally want Microsoft to start committing insurrection against the US government. I'd rather lose youtube-dl than live in a world where tech companies are corporate sovereigns.
Again, no: Github could assert the law is invalid in this context and/or there is no way that youtube-dl can be DMCA'd. It takes principles to do this, and apparently they have none.
In the short-term, no. In the long-term - should companies like Microsoft get sick of their crap, all of the RIAAs power is based in regulatory capture. We can (and should) change the copyright laws that enable them to sue someone over a creative work that quite frankly they shouldn't get a single piece of after an extremely short period of time. The RIAA is big, Microsoft is much, much bigger and could tie them up in courts and outspend them in lobbying without missing a beat.
You helped make an album? Great - here's your flat fee, royalties go to the artist and the artist only. The problem would fix itself overnight.
Setting aside the fact that Microsoft is a member of the RIAA alongside other major companies, the RIAA isnât the only one interested in lobbying for strict copyright laws. Thereâs the MPAA, Disney, Viacom, etc. Ask Google how they fared when Viacom tried to sue YouTube into oblivion. :) Hint: Content ID
Google is new money, these fucks are old money. Print establishments are older money. Print doesn't care about piracy. Print has a good academia racket going.
Microsoft is a member of RIAA.
As we highlighted earlier, hundreds of new copies of the youtube-dl code appeared online in response, also on GitHub.
While GitHubâs CEO Nat Friedman was annoyed by RIAA takedown efforts, he stressed that the platform legally had to comply, which it did. More recently, the company even said that users who continue to republish the code risk being banned.
Mates, just put the youtube-dl code up on IPFS[1] or SourceHut[2], which is a platform much more sympathetic to and defensive for the open source cause. No need to put it back up on GitHub and risk banishment there. There are lots of options here. The RIAA can't sensor _open source software_. At least, I'd like to see them try.
I wanted also to say that I don't necessarily agree with jacking videos off of youtube. But who knows? What if you have the permission of the youtuber? What if the youtuber is just posting stuff that's in the public domain anyway? What if you're downloading the whole video so that you can get clips of the video you intend to put in your own video in an attempt to criticize the video, thus invoking fair use? The RIAA does not and should not have the power to take down open source software just because it could be used for nefarious purposes. There are also plenty of innocent uses out there.
1:
2:
But now there is no official fork of youtube-dl, so development will either stop or be fragmented. And users will not want to trust any given fork, so downloads will taper off.
If the original creator endorses a fork, is he making himself liable? - not sure what happens if you repost after a takedown notice.
And the involvement of the law, and the publicity will lead overall to self-censoring, as most devs won't want to deal with this...
Doesn't seem to me to making things worse for the RIAA
Looks like the project moved to GitLab:
https://gitlab.com/dstftw/youtube-dl/-/commits/master
Source:
https://news.ycombinator.com/item?id=24960039
All the maintainer has to do is collect patches and release an updated version of the canonical source. This isn't something that happens only in theory, the kernel for the OS I'm typing on right now is developed this way.
Github is more interesting because of eg issue tracking, but there are other ways to do that.
> But now there is no official fork of youtube-dl
youtube-dl has made new releases after the takedown, so development appears to be continuing.
Copyright laws and their consequences have been a disaster for the human race.
What laws haven't been a disaster? People are still murdered. The environment is still polluted. Taxes are still squandered. Healthcare has become unaffordable.
TL;DR: Someone uploaded 3 (yes three) mp3s, which will be duly removed if they haven't been already. Torrentfreak bothered to tell the RIAA, to generate further drama and ad views, but even they weren't interested.
This has nothing to do with youtube-dl; it's just someone annoyed about it doing something completely pointless.
It's important to make this as painful and dramatic as possible for Microsoft so they don't side with the RIAA they are a member of.
In what way are you buried? I can see your comment.
You wouldn't clone this repository.
https://www.youtube.com/watch?v=ALZZx1xmAzg
This makes it necessary to sync another service with Github for software projects. Once Github, now a unit of Microsoft, gets takedowns going, legit software projects will be taken down through random errors.
Systems which rely on Github in production, such as Rust's "cargo", now need to be using multiple sources and checking hashes.
Even without that package manager relying on Github sounds plain stupid to me. What if Github decides to rate limit, gets banned in country(it got banned in India once) or lot of other things that could happen at Microsoft's whims.
Why does it rely on Github? Can't it download git repos from other sites?
It 99% does not. Cargo does not download the sources of projects from github. The package index is downloaded as a git repo from github.
I'm not sure I'd call this "backfiring," as I'm sure that the RIAA must have seen this coming (they have been the Snidely Whiplash of the tech industry for a couple of decades). This kind of reaction is not exactly anything new; just the medium.
I think that pirating streams actually helps to sell music. At least, in my limited sample pool, that has been the case.
I used to stream an Internet radio station that played Industrial (dating myself -no one else will), and would often grab songs from it.
A lot of times, the only reason that I grabbed it, was so that I could find out more about it. The quality of the audio grab wasn't really what I wanted as a "keeper."
These pretty obscure groups made a lot of sales (to me) because they had their stuff out there.
> I think that pirating streams actually helps to sell music. At least, in my limited sample pool, that has been the case.
So you say that users pirate the music and then buy the same music they illegally downloaded?
_>music they illegally downloaded_
Since this site has a technical audience, please explain to me how streamed music is played at all, if it is not downloaded?
What I am getting at is - where is the line drawn? Supposedly I am fine to download when streaming but I am not allowed to retain that downloaded file. Once the stream is in my cache, I can rewind and play it a thousand times without downloading it again, but if I close my browser or power off the PC, suddenly I seem to be legally required to download it again - all of this on a PC that I have paid for, and on a network connection that I also pay for data on.
This all seems like a lot of control for a third party to demand over the internal workings of a PC and network connection that I pay the bills for.
Legally, would I be able to run a virtual machine with a browser inside, take a snapshot of the state just after caching a stream, and save that to return to later? Why or why not?
AFAIK, the illegal part is not the downloading, but the act of uploading/seeding the assets.
But this pipeline you establish - of people "pirating" music and then purchasing that same music later on - was a very common one, and remains so to this day.
Before digital audio was a thing, people would routinely record songs onto tape while listening to the radio. They would then play this music in other contexts, to which they had no license, effectively making these individuals "pirates." Any "pirate" who recorded a Todd Rundgren song in 1972 from the radio, and then purchased his full double-LP "Something/Anything" at Sears the next week, was definitely a win for the artist, the record label, and the industry as a whole.
On top of this, also don't forget that even to this day, consumers commonly purchase the same music when it gets released on a newer audio distribution format (vinyl -> 8-track -> cassette -> CD -> iTunes -> Spotify/Apple Music). "Piracy" now does commonly mean a "purchase" later.
> So you say that users pirate the music and then buy the same music they illegally downloaded?
Yes? That is really not as far fetched as you make it sound. I have no problem paying a creator for something that I enjoy. But I do want to know that its worth the money. In older times we would use the radio to help make that decision. Nowadays there is so much more available than what is played radio, but I still want to make an informed decision. Youtube works well for that too.
In my case, yes, but I haven't done that in quite a while (YouTube became a good place to sample music).
I'd rather see a curated database of content that isn't covered by any enforcement arm of the recording industry, so I can compensate those musicians directly.
What benefit would that make? I heard mostly good things about the studios from artist's perspective. They might be forced to lie though in public. You can buy the songs from itunes and artist will receive most of the money.
It could be beneficial if it contributed to diminishing the coercive influence of the industry with respect to copyright law and actions like the one being discussed here.
I haven't used iTunes in quite a while, but it's worth noting that Bandcamp is still waiving its revenue share the first Friday of the month. Of course that only makes sense given the variety options which also support the platform itself, like their vinyl program.
Closest that comes to my mind is probably Bandcamp.
https://github.com/github/dmca/commit/e672d697b36e82007f2f7c...
run
1. run `node dmca.js` to get a __Justin Timberlake - Tunnel Vision (Official Music Video) (Explicit).mp3__ file
2. `node youtube.dl.js` to get a __youtube-dl-master.zip__ file
;-)
While GitHubâs CEO Nat Friedman was annoyed by RIAA takedown efforts, he stressed that the platform legally had to comply, which it did.
It would be nice if for once platforms stood up legally for their users when they believe its unjust.
Too expensive. The fault lies with legislators and the damage was already done years ago.
Lobbyists. The fault lies with lobbyists. The politicians they bought are just the middlemen.
No, wait - the executives that sent the lobbyists. The fault lies with the corporations that have built and hijacked 'the music industry'.
Yes, I have a pretty easy time blaming a lot of social ills on greed.
Yeah! Why can't Microsoft executives just risk years of jail time, or just overthrow the US government and write their own laws? /s
i agree with you... now show them your support by sending them a blank check for their legal fees. oh... i'm sorry... did i offend HN, strike a nerve and become a troll?
no i did not. i am demonstrating that most people on this site haven't the slightest clue what they are talking about.
it costs money and time to fight something and companies have something called a risk management department that decides whether it is worth the risk to fight or comply.
github knows that getting into a heated legal battle is going to cost alot, especially going up against the deep pockets of the RIAA. not saying that github and microsoft don't have deep pockets, but that this _will_ become an expensive battle to fight and defending a grey area open source project isn't worth the time nor the money.
Is Microsoft a stranger to long, expensive legal battles? They've taken that risk before when it suited pushing their monopoly.
And since Microsoft is a RIAA member...
"defending a grey area open source project isn't worth the time nor the money."
need i say more?
_it costs money and time to fight something and companies have something called a risk management department that decides whether it is worth the risk to fight or comply_
Genuine question: why? The police won't get involved in a civil matter, only a criminal one. So what happens if you just ignore the other side's lawyers?
> So what happens if you just ignore the other side's lawyers?
IAN[even_close_to_being]AL but I'm fairly sure this would result in a default judgment. At least it does in civil cases between citizens (in the US) and corporations- when a company files with the court clerk, a complaint ("you've been served" kind of thing) is issued to the defendant and they typically have 21 days to respond by filing their own motion with the clerk. If they ignore this or never actually receive this, a hearing is scheduled where a court date is decided, which the court will attempt to communicate to the defendant if they didn't show up to the hearing. The court date will come and go, and if the defendant is still ignoring the situation, the judge assumes there's no contest and will issue a default judgment against the defendant. In the case of corporations vs citizens, this is when damages/fines are accessed and wage garnishment notices get issued. Garnishments (and the corporate equivalent of fines) are no joke- corporate accountants take them extremely seriously because of the penalties for failing to carry them out: if they don't, the company's assets can get seized, accounts can get raided (depending on the type of case [medical and taxes are two large categories] and the plaintiff), and fines get levied and even increase. I imagine it's the same way with default judgments against corporations, but again, I'm no lawyer- just a guy musing about corporate civil suits based on citizen civil suits.
Couldn't those ignored lawyers invoke the power of the court somehow? E.g. a subpoena or similar? IA(clearly)NAL.
cause lawyers cost money
I feel sorry for GitHub people that are caught between RIAA's vandalism of the law on one side and activist vandalism on the other.
To keep their business they should defend from both sides.
I don't feel sorry at all for Microsoft. They have a long history of harassing developers (e.g., [1]. It's nice to see them bear some of that for once.
1.
https://www.infoworld.com/article/2676459/microsoft-sues-lin...
Any reason why youtube-dl hasn't filed a counter-takedown notice?
Copy-pasting a comment of mine from a related thread (
https://news.ycombinator.com/item?id=24886260
):
They might decide not to counter-notice, because there's a big trap in the DMCA counter-notice: as far as I know, for a DMCA counter-notice to be valid, the one doing the counter-notice must agree to be bound to the jurisdiction of an USA court. If the youtube-dl author is not from the USA (I think he's from the EU), that would expose him to legal risk.
(As a non-USA person, to me this is the most evil part of the DMCA take-down system: even a defective DMCA notice leads to a dilemma, either you keep the content offline, or you risk being sued in a foreign jurisdiction you have no control over. This is also why I believe one should always prefer to host in one's own country, so that any dispute can be resolved by the local courts.)
People outside of the US can't be bound to be sued in a US court or anywhere outside of the jurisdiction they currently reside in and even then a country he is a citizen of could try to use high level channels to get him out of there. Extradition treaties complicate this a bit more, but extradition still has to go through local laws, local law enforcement, local government and far from everyone would get extradited left and right if there is an agreement.
The biggest thing a counter-notice could do (if it's even possible) is reveal one's identity and only if Microsoft/Github tries to verify it, which would be bad, because it could be used for harassment. But the author is obviously Russian, not sure if he lives in Russia, but if he does, they definitely won't be able to get him in Russia, only harass him.
Github is just one bottle in a room full of bottles
https://alternativeto.net/software/github/
Sure, but it's the most famous bottle, also among people that never use bottles
Exactly THIS!
This isn't a 512 notice, so a counternotice is not possible.
Really? I thought that every dmca notice was counterable. GitHub simply took down the repo with no recourse? That doesnât sound right.
> [T]he RIAA was not citing DMCA Section 512, the usual takedown route, but DMCA Section 1201, the ban on breaking digital locks. [1]
[1]
https://www.eff.org/deeplinks/2020/11/github-youtube-dl-take...
Every notice is. This wasn't a notice.
The recourse is filing a declaratory judgement to establish the legality of the code.
> The recourse is filing a declaratory judgement to establish the legality of the code.
Which is expensive relative to the resources of some individuals doing this as a hobby, so some kind of legal defense fund may be in order.
Of course, the other option is to put enough pressure on Github/Microsoft to get them to be the ones to defend it, since it's _not_ that expensive relative to the resources of a trillion dollar corporation, and they could quite plausibly have more to gain in positive PR with developers (or in avoiding continued negative PR) than they pay to the lawyers they probably already have on staff.
We shouldn't forgive companies who do the wrong thing on issues like this, because the cost of people not forgiving them is a major incentive for them not to do the wrong thing.
Microsoft pays for RIAA lawyers, why would it pay for more lawyers to defend themselves from other lawyers they pay for already?
The obvious solution being to stop paying money for RIAA lawyers and use that money to defend against the RIAA lawyers, netting zero expense and twice positive PR.
With bit torrent, Iâm surprised that the RIAA canât even keep up. itâs not like Napster anymore, you can download an entire discography
Isnt YouTube meant for content distribution including downloading? I thought they encouraged remixing and reposting videos, is that not correct?
It would appear that if you are going to stick your thumb in a grizzly bear's eye, you should really get it up to the second knuckle.
How many times do we have to teach you this lesson, old man!
Github is part of critical infrastructure. It is bad enough it is blocked in Iran and some other countries.
Then that's a problem that needs fixing. Make the web decentralized again!
If only we had some form of decentralized source code management.
The problem is that git is not feature complete to replace github. In hindsight I wish it had gone the Fossil route: integrate issue management in the distributed repo.
If issues, wiki and code review were integrated in git proper it would be trivial to change host on a dime. Unfortunately it doesn't work that way (yet?).
Actually, why couldn't you keep issues as text files in a folder in the repo... I mean, you've got your CI stuff and documentation and everything else in there.
You could, but that would get messy quick since it would add a new commits to be merged/rebased every time somebody wants to comment. I guess the easiest solution would be to make it a submodule so that it could evolve at its own pace, but then you still want to be able to reference specific versions of the code in the comments, so maybe it would make more sense to make the code a submodule of the issue repo.
Maybe with good tooling that would be workable with git as it is.
> You could, but that would get messy quick since it would
> add a new commits to be merged/rebased every time somebody
> wants to comment.
How about a branch "bugtracker". A smart UI could keep this branch checked out internally.
You know what, I'm going to flesh this out. If anybody has something insightful, please comment here. I'll write the first rough UI in Python CLI app, but the real value I'm looking to create is in the file formats so that other UIs can be created.
I'll do issues first, then PRs, but all input is welcome.
My gmail username is the same as my HN username if anybody would prefer to contact me in email.
Here is the repo, PRs welcome:
https://github.com/dotancohen/entomology
Note that this is very rough, it only has about two hours of work in it.
There are a number of tools for distributed bug tracking:
https://news.ycombinator.com/item?id=22833037
I'm not so convinced. Seeing as I use a number of issue trackers and code review systems daily and most of them are trash. I'm very happy for git to serve as a compatible core and I can "easily" move between systems as they improve.
Basically I am glad that git does source control well. And I prefer that there is a marketplace of issue trackers, patch management and CI software layered on top. Until we have a clear excellent solution I don't think there is a need to bind them together.
Let there be choice!
I see where you're coming from, but that does create a big barrier to decentralization. The youtube-dl source code is safe and sound but as far as I know all the issues, discussions, unmerged PRs and more are lost forever.
I suppose the ideal would be if git somehow provided a low level API that could be used to build these types of solution and then everybody would be free to build their own solution on top of it.
Much easier said than done, of course.
> all the issues, discussions, unmerged PRs and more are lost forever
I don't see your argument here. Any decentralized solution wouldn't really help here if it wasn't used. And if it was used any decentralized solution would have helped even if it wasn't built into git.
Is the argument that if we bundled it together people would be more likely to use it?
Of course, that's precisely the argument. Currently cloning a git repository is trivial, you can have different branches targeting different remotes etc... It's decentralized at the core. An issue solution that built on top of this architecture would be very powerful and "just work" while a solution built on the side will face an uphill battle for adoption.
Basically my point is that I consider issues to be an integral part of a repository's history, and it's a weakness of VCSs not to integrate it. A lot of the time I find Github comments on a feature/issue to be vastly more interesting and important than the resulting commit message.
That makes sense. My counter argument is that even if it was built in it is unlikely to be good enough to be used by the majority of projects. But maybe I'm over estimating the difficulty of making a top quality issue tracker and code review tool.
Pagure is a git forge you can self host (or use the hosted instance) that stores all project metadata (issues, wiki, etc.) in git, not just the project source code:
> If issues, wiki and code review were integrated in git proper it would be trivial to change host on a dime.
It would also constrain the various competing solutions to all conform to the git standard.
"It would also constrain the various competing solutions to all conform to the git standard. "
That's already more-or-less the case. Gitlab refuses to add Hg support because they pretty much hardcoded their platform around Git and don't want to abstract that away. Github doesn't support Hg. And in August, Bitbucket permanently disabled their Hg support too.
Personally, I want to see Git die. But you're talking about _pantomime portability_ here.
I wasn't talking about support for version-control systems other than git. I was talking about the way GitHub, GitLab, and SourceHut, can all offer different bug-reporting/wiki features. These features aren't predetermined by the git standard, and that's a good thing.