[jchw]

Thanks for this. It is weird how long it’s been. I totally forgot that Wireshark was once called Ethereal.

I hope that the DMCA takedown issue can be resolved reasonably, but it’s starting to seem more and more like a move off of Github is overdue. Especially in a world where anyone can stand up a Gitea or Gitlab CE instance.

[jordigh]

> I hope that the DMCA takedown issue can be resolved reasonably,

I don't think it can be solved on Github.

"GitHub’s CEO suggested that YouTube-DL won’t be reinstated in its original form. But, the software may be able to return without the rolling cipher circumvention code and the examples of how to download copyrighted material."

https://torrentfreak.com/riaas-youtube-dl-takedown-ticks-of-...

This pretty much makes youtube-dl useless, since the "rolling cipher" is just downloading the same bit of js, inspecting it, and executing it, almost the way a web browser does (AIUI, the difference is that yt-dl inspects the js and picks out the function to run from it instead of just running it all verbatim). This counts as circumvention according to the DMCA, which leaves yt-dl little legal standing in the US.

Also note that the "examples of how to download copyrighted material" in the yt-dl tests were just code for getting the first few bytes of a number of RIAA-sequestered music videos. Small excerpts are usually allowed under Fair Use. The RIAA didn't really look into that detail.

On the plus side, this fork is active and not DMCA'ed, for now. I just turned to it because I needed a fix for Bandcamp that upstream yt-dl doesn't have:

https://github.com/blackjack4494/yt-dlc

[squarefoot]

Would moving the offending piece of code into an external, developed elsewhere, plugin work legal-wise? If yt-dl had a standard generic way to load external plugins to adapt to various sites, that would shift the responsibility to the external plugin which then could well be available through safer places than GitHub.

[crtasm]

> This pretty much makes youtube-dl useless,

Does everything on Youtube use the rolling cipher? I thought it was only on things like major label music videos.

[minusf]

it's not working since a couple of days, but i have been using mpv+youtube_dl for bandcamp listening for years.

[segfaultbuserr]

What? youtube_dl supports bandcamp?! It's great news for me (I knew youtube-dl supports a huge number of video sites, but didn't know bandcamp). I'll immediately start using it today. Just like you, not really that interested to actually download the music but just to use it with mpv. Thanks for the tip.

[woofie11]

gitlab isn't evil. One of my short life lessons is that, in general, when I do business with evil, sketchy, or nasty organizations or people, I generally come out behind.

If the good guys have an inferior product and charge double, I'll sometimes pick the bad guy. And more often than not, I get burned, costing me tenfold what it would have cost to just go with the high-integrity choice in the first place.

I'm not leaving github over this, but I'm mostly starting new project on gitlab instead.

[speeder]

I've been using GitLab for a while now.

GitHub did many, many decisions that I found sketchy.

[res0nat0r]

Gitlab enforces DMCA requests. If you're a reputable company wanting to do legit business in the USA you have to follow the process, it really isn't up to Github or Gitlab unless they want to lose safe harbor status.

https://about.gitlab.com/handbook/dmca/

[woofie11]

As well they should! Following the laws is part of not being sketchy.

github went way above-and-beyond here. It is under no obligation to:

1) Enforce an invalid DMCA request

2) Take down forks and repos from other users, without DMCA requests

3) Threaten to ban users

DMCA has a simple, neutral process. github receives a request. It's required to take down that specific tool if it's a valid request (NOT everyone who forked it). The developer who owns that repo can then put that up. At that point, github brings that repo back, and gives the RIAA means to file litigate against the developer. It's inspired by the concept of a common carrier, where github would be acting as a neutral party, not a thuggish policeman-for-hire.

If github ignored DMCA requests, I wouldn't do business with them either. I expect them to be a neutral third party, as the law dictates.

[qw3rty01]

How was the DMCA request invalid?

[a1369209993]

I assume others are downvoting because they assume you already know, but DMCA takedowns apply to active distribution of actual copyrighted content (like a mp3 containing music), not to tools that puportedly are for the purpose of enabling infringment. If the RIAA wanted to take down a tool, the not-illegal method would be to file a lawsuit against the developers, recieve (or preferably be denied, since their case has no merit, but that's beside the point) a preliminary injuction from the judge, and present that to GitHub.

[d1zzy]

It's pretty easy, just find a reputable company somewhere outside of the US.

[llsf]

What I had totally forgotten, was libflashplayer.so :) it was so flaky. Glad I do not have to worry about this anymore.

[nosmokewhereiam]

My first tech book after Mike Meyers "All in one A+ 4th Ed" was a book written on Wireshark by Laura. I never got too deep as it was taken from the desk I pulled CQ duty at.

[mschuster91]

> I hope that the DMCA takedown issue can be resolved reasonably, but it’s starting to seem more and more like a move off of Github is overdue.

It's a risky move, dabbling with stuff that is targeted under DMCA. Anything hosted in the US is liable for takedowns - including domain names that are under the control of US-based companies. You'll need to deal with acquiring hosting and DDoS protection yourself, plus keeping track of security updates. And to be honest Europe isn't exactly a legal safe haven either, we also have nasty laws (e.g. in Germany the infamous "Störerhaftung") exposing you to liability.