What's funny is when projectplaylist.com was actually accessible, it was basically an HTTP version of Napster for music blogs. They made it seem like they were playing MP3s found on other sites, but they really aggregate all of the files in a large storage cache sorted by seemingly-random numbers. They then obfuscate the URLs by "encrypting" them with a single RC4 key which was embedded in their flash player. The end result was a search engine for finding and downloading any music you could possibly want right from their high-speed repository.
I don't think they ever re-implemented this but they did change the HTTP interface every so often, and now the main pages are down most of the time. Myspace had a similar functionality (with XML to serve the ___location of the files, so no nasty html grepping needed) but when they released their music-centric site they finally got wise and added a more dynamic system of authorizing and re-authorizing each piece of music being played while it's playing. This actually is neat because it allows you to gather stats on which songs are being played for how long and who's really interested. It wasn't worth it to me to extend my script to support this more complicated functionality but I don't see why it couldn't be reverse engineered with a little time.
So anyway, any of these streaming music sites are basically playing a dangerous game with their content. When you hand someone content for free, anonymously and via the internet, you're just asking for someone to make a script to download it where they don't need to watch your ads. RTMPE is not a solution because we've had rtmpe reverse engineered for what seems like years now. It seems like the only thing that makes content providers interested in this at all is when someone makes a snazzy GUI which does all the work for you and simply downloads songs.
All this could be handled by simply requiring authentication & authorizing song plays N at a time. Then you don't really need copy protection since the user simply doesn't have the capacity to download more than one or two songs at a time, which (if implemented correctly) can make it damn hard for anyone to exploit your service.
This is so old school, I love it. The first comment was left on 7 July 2004. I think a crawler like this made sense in 2004, now you are liable to fill your hard drives with a lot of nothing in 24 hours. Something like the hype machine does this in a little more intelligent manner, they at least are applying some form of reputation too the where the mp3s came from.
What's funny is when projectplaylist.com was actually accessible, it was basically an HTTP version of Napster for music blogs. They made it seem like they were playing MP3s found on other sites, but they really aggregate all of the files in a large storage cache sorted by seemingly-random numbers. They then obfuscate the URLs by "encrypting" them with a single RC4 key which was embedded in their flash player. The end result was a search engine for finding and downloading any music you could possibly want right from their high-speed repository.
I don't think they ever re-implemented this but they did change the HTTP interface every so often, and now the main pages are down most of the time. Myspace had a similar functionality (with XML to serve the ___location of the files, so no nasty html grepping needed) but when they released their music-centric site they finally got wise and added a more dynamic system of authorizing and re-authorizing each piece of music being played while it's playing. This actually is neat because it allows you to gather stats on which songs are being played for how long and who's really interested. It wasn't worth it to me to extend my script to support this more complicated functionality but I don't see why it couldn't be reverse engineered with a little time.
So anyway, any of these streaming music sites are basically playing a dangerous game with their content. When you hand someone content for free, anonymously and via the internet, you're just asking for someone to make a script to download it where they don't need to watch your ads. RTMPE is not a solution because we've had rtmpe reverse engineered for what seems like years now. It seems like the only thing that makes content providers interested in this at all is when someone makes a snazzy GUI which does all the work for you and simply downloads songs.
All this could be handled by simply requiring authentication & authorizing song plays N at a time. Then you don't really need copy protection since the user simply doesn't have the capacity to download more than one or two songs at a time, which (if implemented correctly) can make it damn hard for anyone to exploit your service.