At one of the earliest E3s, the keynote was from the CTO of AOL. I wish I remembered the year or his name or could find some video of the talk, but this was at the height of Napster where it seemed like no one was paying for music. This guy compared music piracy to the prohibition. He said people didn't want to break the law. People just wanted to drink. I haven't looked at piracy the same way since.
Fast forward to seeing this, and I realize this doesn't have the same draw as it would have 20 years ago. People can get the music they want at a price they're willing to accept.
> People can get the music they want at a price they're willing to accept.
People can get what is popular. There's just so many albums and soundtracks that just can't be found on Spotify. Legal streaming is nothing compared to the private music torrent tracker scene... Before it was shut down, one particular site was often called the library of Alexandria for music and even had actual artists release their music there.
There's also the issue of having your music collection tied to a cloud provider. I've been using Play Music for years, happily, but I don't much like the replacement (YouTube/YouTube Music/whatever). And I don't trust Google to have a stable product lineup either.
I had the same issue and moved to AIMP which has been pretty great honestly. To be clear though it's only a replacement if you're like me and all of your music is loaded onto your phone anyway (and don't mind the initial time investment of making playlists)
These days there is RED which comes close to what WCD was but the user base is a fraction of the size and will never reach WCD because torrents are far less popular.
You'd already need to know this is about trackers. Ok this is HN but that doesn't translate to 'people who know their way around in downloading anything they want' or so.
What CD was a private music tracker. It's hard to describe the range of music that was there. And there was a huge community that really knew its music so you could discover some really cool music through collections and the forum.
Redacted is the tracker that rose up as it's replacement after What CD was shut down.
The problem has been solved for the public, but there's still issues for the supply side though.
All the non-mainstream music makes I follow since I was a teenager complain that music has never been in a harder place in terms of making money off of it. Apparently their piece of the cake has massively reduced.
> All the non-mainstream music makes I follow since I was a teenager complain that music has never been in a harder place in terms of making money off of it. Apparently their piece of the cake has massively reduced.
This should be expected, given that the amount of artists making commercial non-mainstream music has skyrocketed. The pie has gotten bigger, and the non-mainstream share of the pie has gotten bigger, but there's a lot more people fighting over its scraps.
Lots of friends and my very own wife are musicians, their take on it is that to be competitive on Spotify and such, you have to produce content so regularly that quality is diluted.
There’s a whole market of tool-assisted beat and melody makers that build and curate then offer these for sell for artists to buy. The whole process is heavily industrialised, tools allow the maker to produce dozens of such bricks a day, basically bruteforcing a whole space, but everything resembles everything else, diluted to no end, channeling the money stream and bleeding the “old way” creators to death.
Albums have been dying for a while already, even EPs are barely living corpses in this attention grabbing landscape. Even for singles there’s just no way to mature ideas and create truly creative content in an amount of time that allows to keep up pace and make money through these platforms. So they stay on the local scene, which is being obliterated by COVID.
> their take on it is that to be competitive on Spotify and such, you have to produce content so regularly that quality is diluted.
I think this idea is misguided. The more music you produce, the more good music you produce. Trying to keep average quality up by restricting production is counterproductive in two separate ways; (1) it ends up causing you to produce lower-quality output than otherwise, and (2) nobody cares that you released some bad songs if you also released some good songs.
I read a fun paper documenting this very effect (the first one) in a college pottery class. One class was told the grading procedure would be as follows:
1. Over the course of the term, you make some pots. It's up to you.
2. Turn in all your pots at the end of the term.
3. The instructor will evaluate your pots for quality, and you will receive a grade accordingly.
A second class was told they'd be graded like so:
1. Over the course of the term, you make some pots. It's up to you.
2. Turn in all your pots at the end of the term.
3. The instructor will never look at your pots. They will be smashed into tiny shards, and your shards will be weighed. Your grade will be based on the weight of your accumulated pots after they are destroyed. More is better.
In fact, the pots in group two were evaluated for quality just like group one. Students in group two produced more pots. They also produced better pots.
The analogy is mildly inconsistent with what the OP was complaining about. The complaint is about the market being submerged with low quality knock-offs and automatically made products. The pottery story doesn’t apply because there’s no artistic craft learning curve involved in mindlessly running the tools.
Also, it’s not justified to assume artists didn’t practice and produce early iterations e between public releases.
> Also, it’s not justified to assume artists didn’t practice and produce early iterations e between public releases.
So what? Where did I make that assumption?
I'm assuming some combination of these two factors:
1. If you have three public releases, you probably put in more work overall than if you had only two public releases.
2. There are diminishing returns to polishing a song, such that the same amount of work is more productive spent on two songs than it is spent on a single song.
This is an often repeated cliché that one can find again and again in self-help books and blogs. There is no evidence that it is based on a true story, or that it reflects reality in any way.
There are many authors who produce one or two books a year, and those books are complete garbage. Some of the the best authors in history just wrote a few masterpieces.
Even with artists that were capable of a great output, it's not obvious that the quality of their art improves with time, beyond their formative years.
I agree that there is no evidence the story is true, but your assertion that there is no evidence that practice or experience makes someone better at a task is a bit much.
Not so much a streaming service, but I use bandcamp for any artists I listen to on the platform. They take a 10-15% cut on sales, but sales go to the artist otherwise.
This is what I also believe but I haven't seen data that shows it (as in: I have actually seen none, not that I have seen it showing the opposite), do you know of any?
Do we know if it has actually constrained supply? As far as I can tell there is an effectively limitless amount of new music to listen to in almost any genre you could pick. I just searched for one genre and I found no less than a hundred new albums this year. https://theboot.com/new-music-rundown-country-americana-blue... I think this is not exhaustive because most of the names I spot checked have produced chart topping singles or won industry-wide awards.
What if there are simply not enough people who enjoy this sort of music enough to be ready to pay for it?
Maybe the problem is not that it is hard for non-mainstream music to find its supporters. Maybe the problem is that non-mainstream musicians are deluded to think they have enough supporters to make a living off their music.
Even YouTubers that produce free content can make a living off Patreon. Even some podcasters can.
There is enough people who enjoy it, however; the proof is that those artists used to be able to make a living through their followers in the past.
The issue is that attention is a scarce resource, and the means to keep it through market formulas and analysis of trends have become way too effective. Artists are now in a race to the bottom where they have to choose between playing the game, and changing their style, message and work to chase engagement metrics, or resign themselves to be drowned and forgotten for staying "real"
Youtubers suffer the same fate. You can see people moving from tech reviews to game streaming and then to music production or vlogging in their search for views. But they (most of them) are more businessmen than artists, and don't feel tied to a message or artistic vision that they need to communicate.
I'd argue that an ideal system should have a place for artistic quality to shine beyond entertainment, and that used to happen, at least to a higher degree than it does now. Which is not to say that everything's worse: the tools to become a creator are better and more accessible than ever (hardware, resources to learn, etc).
I wish. About a quarter to a third of the stuff I want to listen to either has been pulled from Spotify in the last few years, or was never there to begin with.
I’d love to be able to pay a cloud service to be able to stop shuttling rare files around.
It's actually too much of a price. Most of on this site can gladly afford $10 a month for 12 months, but that's $120 a year. That's a lot of money for some people, and when you add people in other countries, that could be someone's monthly salary.
The price is fine for the majority of people. For those that can't afford the full price they can do this. The inconvenience of it stops most people doing it so I doubt spotify cares.
Even though Spotify "lets people drink," it still suffers from many of the same problems that piracy solves. For example, music publishers can arbitrarily decide they don't want you to be able to listen to their music any more, and even if you had "liked" the song to add it to your library, it will show up as greyed out and you can't listen to it.
'Price they're willing to accept' is interesting. Here, Spotify is $1/month more than Netflix. And $4/month more than Amazon Prime. This makes Spotify look very overpriced, since intuitively we think Video & Movies should be more expensive than Music. My gut feel is Spotify needs to be priced a lot cheaper for general acceptance, because people don't evaluate pricing of these services in a vacuum. I think this is why households are subscribing to two or three video streaming services, but not Spotify.
People rationally evaluate the cost to breaking the law. It's not a perfect economics 201 model, though, as its not like increasing the enforcement and costs fully deter piracy engagement.
I just want to mention that what I like about Spotify is I dont have to bother figuring this kind of thing out, because it provides music I want to listen to at a price that is completely reasonable.
But it's for the 13 y/o me that was figuring out how to use alcohol 120% to burn the latest games or fix my computer from all the viruses I got downloading movies and music at that time from p2p.
And if it wasn't for that pursuit that led to many other skills and opportunities, I know a lot of us wouldn't be in the financial situations we are in right now.
I remember getting alcohol 120% from a less than reputable source. Soon my Windows ME install was dead and the BIOS could no longer boot from CD. That computer was dead...
No. I was still pretty young and not that knowledgeable yet. My dad was more of a power user than an expert. It went to the basement and I got a used Dell with Windows XP several months later.
I had entire multi-hundred track playlists disappear on me. I keep paying for spotify, but in honesty I really shouldn't at this point, I'm barely using it. Bandcamp sells me what I want, and when they don't I listen to something else or find it somewhere else. I've even been buying (and ripping into my local collection) some 2nd hand CDs.
Yes I agree with you, I have had some songs I like disappear too. But with a subscription model, I can stop paying them when the value isnt there anymore.
A good example is that I cancelled Amazon prime this year because with add-on items and ineligible items it stopped providing any value over just meeting the minimum order $ for free shipping.
It might not be Spotify's fault, but it is certainly their problem. Their business survival depends on being able to fix it before a rival does, because consumers don't want to keep paying for a service that sucks for them, 'because it isn't their fault'.
Yep, browsers ship with native libraries for DRM, which are closed source and aren't available compiled for aarch64. Pinebook, raspberry pi etc can't use Spotify (or Netflix) out of the box. There are some workarounds, which are all quite inconvenient and perform poorly.
this is the main reason I'm making moves to go back to having a local library. its really annoying having songs disappear.
I used to tell myself I couldn't afford all the music I listen to but looking at all the money I have given spotify over the last decade im thinking maybe I could have bought a good chuck of my favourite music by now. so that is what I'm going to do at some point, and maybe just keep spotify for discovering new music every now and again
Every time music that I like disappears from Spotify I just buy the Vinyl. I bought at least 10 Albums last Year because Spotify dropped them, it really sucks.
One reason to use something like this would be to listen to music offline. Spotify doesn't support offline music on WearOS watches, but they do on Garmin and Samsung watches. It's not a technical issue, since Google music supported offline music on watches for years.
So once again, greedy business practices makes it more inconvenient for paying users than for pirates.
That doesn't allow offline music, so you need the LTE version if you want to go running without a phone. I'm pretty sure Spotify is selling offline music exclusivity to Samsung and Garmin.
Don't spread this nonsense. Spotify is an excellent way for independent artists to get free promotion and make money in 2020. Spotify pays about 3$ per 1000 plays, which is quite a bit more than YT will for music.
We're long past the 1990s, where only a very select number of major label artists made it big and sold millions of copies. We need to stop using these numbers as a benchmark for todays music landscape -- so much has changed and most of it for the better.
Music creation and distribution has been heavily democratized. Where you needed connections and thousands of dollars to even get something released (outside of niche DIY tape style releases) you can now basically do it for free from your room or band practice space. The amount of money per working musician has gone down significantly but there are more of them in 2020 than has ever before.
We can certainly argue about what kind of value art should have in society. Should there be more money going around? What industries should this money be taken out of? Suffice to say independent artists are better off than they have been, creating music and making money has never been easier and Spotify/digital music distribution in general have been great enablers.
Its interesting to me that for most of modern history, the value of performing arts like music was in the performance. Then recorded media were invented and there was a fleeting moment in the 20th century when distribution was controlled, and the value of that invention was captured by a small group. And now it seems things have equilibrated so that the value of recording is distributed more broadly again. I don't know if there are other examples like this in different parts of the economy (obviously it's the same in video), but it feels like a good study in how technology disrupts an industry and then disrupts is again.
It matches most other arts, where the value is in the physical artwork. Writing is the interesting one, as it didn't even exist as a paying art form until technology allowed for relatively cheap duplication (and education for popular consumption!). And then a second disruption is the same for writing as it is for Music, that will be playing out for the next decade or so; Authors being able to distribute directly to Consumers rather than requiring Publishers.
This is partially Spotify’s fault for what allocations they do pay, it’s the labels and record companies fault for then skimming marketing and promotions and admin fees from that leaving the artist with 15% at best.
> The amount of money per working musician has gone down significantly but there are more of them in 2020 than has ever before.
Which is a point: Quantity != Quality. This argument makes it seem like anyone can go and earn a living from music and that simply isn’t true. Anyone can make money with music with a little investment in a copyright and BMI id... To make it a career, to live off of, as your sole income source has a lot of musicians having to diversify how, where, they release music.
Artists with indie labels are fighting for air time with other artists with indie labels for $3/1000 plays.
I’m not blaming Spotify outside of the fact that my $9.99/mo subscription (minus 10%) should be allocated based on play time to the artists I listen to. This doesn’t seem to be the case.
Granted, it’s been over 15 years since I released music. I never “made it” in the traditional pre-diy era. Punk Rock is dead based on listenership. I went into tech.
Spotify pays 70% of revenue to the copyright holder. The fact is that record labels take a much bigger bite before giving it to the artist, and then blame it on Spotify.
Years ago when I read about this, the issue was that the remaining 70% was split between all copyright holders proportional to the number of plays. So if I listen to artist X for 10 minutes, and you listen to artist Y for 60 minutes, then artist X gets 10% of the total money and artist Y gets 60%. It would make more sense if each subscriber's money were split between the artists they listen to.
Is this that bad? I'm not saying your way is bad -- but both seem reasonable. Are some artists heavily benefited or harmed because their listeners listen to much less or much more total music than the average?
I'd guess that Spotify's model benefits artists that make radio-friendly or ambient music because some people will listen to them 8h a day while at work. Nobody listens to the same amount of intricate and challenging music, which is probably more expensive to produce in the first place.
I believe it's bad. It's making all of music more generic.
There's composers and producers with quite high production values, very complex and intricate music, the kind you want to pay attention to, in order to get the most out of it.
But I don't listen to that music all day. I got other music for background.
In my view the latter is not more valuable because I listen to it for more minutes.
When it was CDs I'd pay roughly the same for my Autechre as my Kruder & Dorfmeister.
That seems orthogonal to my point that what spotify achieved, for me at least, was being a better value for money than copyright infringement. It's worth $10 a month to have all the music accessible in one place.
The licensing agreements that spotify negotiates are between them and the artists, and if artists are unhappy they can take it up with Spotify. But hopefully artists realize that for recorded performances, there is a sweet spot where the convenience of a subscription has a higher value than trivially accessing pirated recordings.
Never the artists, always the labels or distribution company (not always the same).
But to your point. Pre-Spotify I think the overall music market sales volumes and profits, offset by piracy and copyright infringement, ended up around the same overall total market value that Spotify based their subscription and payments off of (that and economics of scale).
I’ve been a Spotify subscriber for a long time so I get it. I just wish Spotify would do more to support artists, not labels, or help fix the system for indies to self-distribute.
It’s obviously way more complicated. I dream of a utopia where a platform exists not for profits sake but for the art’s sake.
Spotify doesn't have all the music I want either. I'd need to pay for 3 different services, that don't allow me to own what I purchase and can delete things from my library at any time.
When my subscription ends, my library disappears. Not a very attractive deal.
The only reason I'm with Spotify is the generated playlists. I frankly wouldn't have discovered smaller bands if I stuck to buying CDs and listening to radio.
Deezer is doing weird stuff in comparison. A friend told me that each song has every third block of 2048 bytes encrypted using blowfish. The key is derived from the hex md5 of the song ID, xor the same hex md5 but with a Ceasar cipher shift of 16, xor a hard-coded secret. The initialization vector is 0,1,2,3,4,5,6,7.
Deezer's encryption has been reverse engineered a few years ago and given rise to lots of scripts for ripping music from the platform. Interestingly it's even possible to download and decrypt lossless files like that without having the subscription you'd normally need to access the higher quality audio.
A classic example of stacking algorithms in a way that provides no additional benefit whatsoever. In many cases, stacking encryption algorithms actually weakens the resulting security.
Imagine you have a couple of algorithms that scramble a solved Rubik's cube into a configuration that takes at least 20 twists to unscramble [0]. From there, any attempt to make it ‘even more scrambled’ would be pointless — and actually likely make solving the resulting puzzle easier.
Now imagine there's a programmer who wants to make the ultimate cube scrambler despite not knowing any of the above. Their brilliant idea is to take the aforementioned algorithms and chain them together. (Result: snafu.)
In essence, the moral of the story is that one shouldn't try stacking encryption algorithms without first acquiring a pretty good understanding of how they all work.
I think it depends. Imagine a future where quantum computers may be in reach by intelligence agencies, but a quantum-resistant public key encryption algorithm has been proposed but not rigorously defended. You wouldn't want to trust either algorithm alone, so you can use both: encrypt the data with the quantum algorithm first, then by the classical one. Decrypting would require breaking both, there's no shortcuts.
That’s not how it works unless you’re sharing a key between them somehow and one of them reveals the key. Otherwise an attacker could take something encrypted with a good algorithm and encrypt the cipher text with a bad algorithm to make it easier to crack themselves.
I gave an intuition for how it can happen that combining algorithms (in a bad way) results in weaker encryption — without claiming that it must always happen.
If we move the goalposts to where the combined algorithm receives a much larger key than any of the individual parts we're comparing to in terms of crackability, then the likely failure mode isn't ‘weaker’ any more, but ‘stronger, though maybe not as much stronger as was intended’.
The history of triple DES provides a nice practical example: ‘double DES’ isn't a thing because encrypting already-DES-encrypted data with DES again, with a completely separate key (thus effectively doubling the size of the key), does almost nothing to improve security.
To support your point. I've used these weaknesses to break crypto algorithms in the past.
A typical example is the crapto-1 Mifare Classic algorithm used to encrypt NFC cards. The way they read from the shift register and combine the bits was dumb and it's complexity weakened the algorithm.
Another I've seen is using two sequential keys XORd against one another to produce and "encryption" key. Turns out reading from low entropic systems very quickly yields a similar enough key that when XORd, partially removes the first one.
Can you give an example (or at least a sketch) of how, e.g. AES-128 on top of, or below, DES, is weaker than either?
The claims of "weakened by combining" are often aired, but all examples I've found so far are basically summarized as "remaining within a group structure" (as in your rubik's cube example whose god number is 20) - which might not be stronger than each individual, but is unlikely to be weaker either -- and algorithm combinations usually DON'T remain within a group structure (e.g. DES is not a group, so 3DES is strictly stronger than DES, even if it might not be 3-times strong in bits)
If I’m following this logic correctly - running a few more algorithms on something before trying to decrypt will make it easier rather than harder to decrypt?
Is the ceiling for “max encryption” that low, or is just that one algorithm combined with another has a local maximum?
I just cherry-picked a simple example to make a clear illustration, but …
> running a few more algorithms on something before trying to decrypt will make it easier rather than harder to decrypt?
No, it could make it easier, harder, or about the same. The ‘harder’ case is just unlikely when the algorithms one started with were already state-of-the-art and the programmer didn't know what they were doing. It might seem tempting to think that a cryptanalyst now has to do twice the work, but what they're really doing isn't cracking multiple encryptions — they're just attacking a different encryption.
Very basic example: ROT13 is a form of encryption. Applying ROT13 twice gives you plaintext.
It's of course not that trivial with better encryption algorithms. But before stacking encryption algorithms, try to first answer what you are trying to achieve (that application of a single algorithm does not).
There are ways where it can, but it is usually more secure to stack encryption despite what people on HN tell you. The NSA does stacks double for the secure version of the mobile phone that they give to high level diplomats and POTUS and there are cases like during Cloud Bleed where the only sites that were fully secure turned out to be the ones that used client side encryption in addition to HTTPS. I'm not saying that this would necessarily be more secure, just that is tends to be more secure based on all of the research I've done and personal experience on projects as well as conversations with people that actually break encryption for a living. The devil is in the details, though, and it also depends on the nature of your adversary.
I'm going to brace for the Karma hit here, but this is piracy pure and simple.
Spotify is pay-to-play and the royalties model is designed around that. Artists/Labels get a a very small slice of money from every play. As a Spotify consumer you do not pay for the right to play the track offline - if you did, the Artist/Label would get a bigger slice. If you want to play the tracks offline, just buy the non-DRM MP3 from Amazon or some other place.
For people saying the Labels take all the money anyway, there are many independent artists on Spotify who deserve your money if you play their work.
Most of us here are hard working professionals in our fields - how would we feel if someone said at the end of each week, "Thanks for what you did, it's really useful, but I've decided to not pay you, but I'm going to keep your output anyway and use it forever." We wouldn't stand for it, and nor should music artists have to.
100% yes it is piracy; but to remove the stigma from the word for a moment, I view this issue as an echo of something I've been thinking about recently:
Our society - civilization even - has fallen victim to the belief that there are certain kinds of control over human behavior that are possible and desirable, kinds of control that have never succeeded in human history, and attempting to lock music in a tiny little box to which very few people have the key, is one of those things that has never worked. To expect that to work now is.. so blindingly short sighted that I personally find it fantastically hilarious when it fails.
I don't necessarily think this applies to all professions or all aspects of human behavior but music itself is older than any human civilization and attempting to lock that away is going to be a fight with human nature itself.
And yes, I realize that some people believe that attempting to change that is a good thing. I'm not one of them.
> As a Spotify consumer you do not pay for the right to play the track offline
Yes you do, this is a specifically advertised feature of Spotify Premium.
> Most of us here are hard working professionals in our fields - how would we feel if someone said at the end of each week, "Thanks for what you did, it's really useful, but I've decided to not pay you, but I'm going to keep your output anyway and use it forever." We wouldn't stand for it, and nor should music artists have to.
When was the last time you paid for software? Were you happy about what you got?
Pay-per-use or pay-per-user simply aren't ethical business models for creative works where all significant costs are up front and fixed.
I don't understand your point either. Nowhere did I say open source software can't be of high quality, nor did I say that these paid products don't build on top of OSS. Hell, I contribute to open source software regularly.
I just answered plain and simple the question the parent stated, that I bought paid software and that I'm very happy with my purchase.
Look, I pay for JetBrains products as well and am happy to do so, but the vast majority of software I use I don't financially contribute to or very little, (a donation here and there), yet I extract great value from the gazillions of lines of code I utilize, some of them without even realizing it.
So for MOST software we use daily we indeed do not pay, bringing up 2, even 10 examples doesn't help with the fact that these are still exceptions.
Now I also happen to be a big supporter of indie artists and my Bandcamp library is in the high thousands of dollars in purchases.
> Thanks for what you did, it's really useful, but I've decided to not pay you, but I'm going to keep your output anyway and use it forever.
Is indeed exactly the stance many, many commercial companies take when utilizing FLOSS in their products.
The Spotify model also mostly benefits your Taylor Swifts, not the indie artists who actually could use it. They don't care about the small guy just as much as many don't care to at least not violate the terms or spirit of the software they use.
It is also worth noting that many of the major artists that benefit the most from Spotify are copyright maximalists, which basically means
"I not only want to profit off the work I did in my 20s and not allow others to reuse it to build new things, I also want my children to be able to do so 70 years after I die, thank you very much."
P.S. Am a free software maintainer myself, but we're talking about monetary contributions here.
Looking at my stats, Spotify earns my bands somewhere between $0.000022999977 and $0.090333931633 per play.
As an indie artist I'd much prefer they let people just download my music as well, enjoy it and support me in other actually meaningful ways.
The recorded music is just a tiny bit of the service that an artist provides. This whole discussion is just diseased from the pop industry that runs on abusing copyright and drills our heads full of constantly repeated songs.
The idea that this is a healthy artistic environment and has anything to do with actual musicians is ridiculous.
Which is my point actually, there are many platforms and technology already that let artists allow their users to download their art without incurring a huge cost. A relatively good torrent seed box costs around just 5 usd. So thanks to current technology cost of distributing your work for free isn't that hard.
Sadly they'll never get the amount of attention, funding etc. as Spotify just due to the fact that they won't earn millions on the backs of artists. Exploitation will always win in this kind of market.
There’s also the reverse notion of that: “Thank you for buying what I made, I hope it’s really useful, but I am going to keep it away from you unless you pay me forever”.
I agree with your points, but I think the topic of music deserves more nuance.
How would you know what you liked if you never heard it?
Would you pay for music you have never heard before?
At some point artists need to distribute their work, and to try and push their music to people that have never heard it before, so there is always a balance of advertising vs. revenue.
I imagine most people my age recorded songs off the radio onto cassettes. I still don't feel bad about it, because I bought the albums I cared about.
I agree that what we are discussing is piracy, but I don't believe music piracy to be a zero sum game.
Not quite as user-friendly with regards to exposing the keys, but if you're interested in learning Rust you can check out the reverse-engineered protocol and access already decrypted audio streams using librespot: https://github.com/librespot-org/librespot
Note that last I checked, this only provides real time output, likely to avoid a youtube_dl type situation where someone uses it directly to build a Spotify ripper. Of course, it could be patched to work differently.
There's an issue about that because surprisingly it's actually the opposite and it outputs as fast as it downloads the data. Hopefully that'll be fixed because it's definitely not the intention for people to the software for ripping.
Interesting project although the drawback seems to be that the maintenance is pretty high since it uses the hardcoded memory addresses to dump the key for each Spotify version. I understand it requires from the maintainer after each update, which are frequent since Spotify has a well-developed Continuos Delivery [0], to reverse engineer the memory address and commit it to this repo.
If picking up memory addresses can be automated, then would be fairly hilarious to put that into a CI system so that Spotify automatically pushes to release... and then this immediately automatically pulls it and builds a release to match:)
I don't think gitlab* vs github matters. All public sites in the US and allies need to have a mechanism for DMCA removals, or they lose their safe haven status (which allows them to not be legally liable for what their users do with respect to copyright). Losing safe haven status is a death sentence.
* by this I mean gitlab's own instance of gitlab. Of course, you can host your own, and then its up to you how you respond.
They meant that sites like YouTube change from time to time in ways that break youtube-dl so without updates your copy will stop working some day (same thing could apply to Spotify)
IANAL but doesn’t the DMCA takedown system only apply to distribution of content itself? No RIAA member has the ownership rights to this software. It probably is illegal but I believe another legal mechanism other than a takedown notice is required.
Someone correct me if I’m wrong. This is a layman’s understanding.
Yes the DMCA prohibits circumvention but I’m asking if a takedown notice is the correct legal remedy for such violations? I thought notices were just for content distribution.
DMCAs are a shoot first, talk later kind of deal. Or rather take it down first, file counterclaims, and see if the other party responds, then put it back up they don't.
After all, fuck-capitalism added this prominent disclaimer:
> This program was created for educational purposes. It is not intended to be used otherwise
/sarcasm
Pro-tip: Intent matters to the courts. Intent is really hard to show, since the prosecution has to prove the internal state of your mind when you did the thing.
Focus on plausible deniability when you do this sort of thing. I, for one, still own a Cowon iAudio, and can’t wait to format shift my legitimate subscription to it so I can use my high-end wired headphones.
you use a program called Fiddler (Classic) to intercept the network request to the file while it plays which allows you to download the song, and then you decrypt it. there's instructions on the GitLab page as well as a Youtube guide that provide more detail.
I think you need to intercept the network request then decrypt it using the key.¹ Can be automated I guess, not sure if someone has done that yet however.
FWIW, Tidal and Google Music/Youtube music Apps download unencrypted m4a/flac (or mp3) to mobile devices. (How you retrieve the files is on you). A much easier way of getting songs to offline devices.
spotify has exclusive content and I'm especially angry they make certain podcasts exclusive to their platform. itunes and bandcamp are good though when you want drm-free music.
OT: On a monthly basis I seem to have problems with the Spotify Web Player (slow loading times, max cpu utilization for a few minutes before I can use the player, a not loading page on the first try, etc.).
A few days ago, I could not access the player and desperately wanted to listen to music, so I looked around in the Firefox dev-tools and unregistered the ServiceWorker. After that, everything worked just fine and I decided to deactivate ServiceWorkers for the Profile which I use for Spotify via about:config.
Every since, I had no trouble anymore. I know writing ServiceWorkers isn't easy, but that is not my point. My point is, that I pay Spotify to deliver music to me in the DRM protected way the music industry demands for (not the consumer). So fixing things gets harder for me with DRM in place.
@Spotify: Please fix your broken software development process and deliver on your promises.
From napster to piratebay to whatever, I consider YouTube to be the biggest bootlegger of anything that can be digitized - of all time, and by a huge margin. And in plain site. And it is free use.
Whatever your views on Spotifys model, breaking that model is stealing.
On a wider issue, Spotify and its ilk should be paying more to artists, with royalties scaled.
Not irony, but perhaps hypocrisy. Self-defeating hypocrisy.
There _are_ FOSS alternatives to Visual Studio and Windows which can be used without engaging with capitalists.
Even simply using non-FOSS is an endorsement of it and helps to perpetuate its dominance; there's a reason why Microsoft competes with free by being free, itself.
Fast forward to seeing this, and I realize this doesn't have the same draw as it would have 20 years ago. People can get the music they want at a price they're willing to accept.