When it comes to protecting digital content holders from the hordes of naughty file grabbers, you'll be hard pressed to find a more zealous partner than Apple. So we were surprised to learn that Apple's Safari browser makes it easy to download MP3 files hosted on MySpace that are supposed to be limited to streaming only. …
a media player
Try VLC (VideoLan Client). Plays pretty much anything you can throw at it.
Even DVDs with libdvdcss2. Available on pretty much every OS out there.
Linux, Mac OS, Windows
Many's the time I've used the activity window to grab something I want to watch offline. Very useful feature - and as you said, a timely reminder that stuf on the net is pretty much public. Having said that, though, if you want to pinch the music it'd be pretty much as easy to grab a torrent.
Works for Youtube as well.
Works well for YouTube / Google Video as well - you can install Perian into QuickTime (if you're on OS X), and play those FLV files straight out of QT player.
They fixed that quick...
I tried this "hack", and it's prompting me for a user name and password when I attempt to open the MP3.
They fixed that bug pretty quick!
No, they HAVEN'T fixed it
Go through the Unblock City web proxy. You'll get there just fine.
Interesting but surely just firing up your favourite audio recording software (Audacity get my vote) and clicking the Record button does this just as well without all that hoop-jumping or the having to admit to being sad enough to own a Mac. It certainly works here.
the problem is...
... it only downloads the mp3s at 96kbps 22khz, so although slightly useful, isn't amazing.
Can also use Firefox extensions
There's several Firefox extensions that can be used to do this. TamperData will let you see what's going on (and change it if you're so minded:-)
Relying on 'security by obscurity' isn't particularly effective.
mp3 link (OS X)
If you're on OS X, http://www.rubicode.com/Software/RCDefaultApp/ should do what you need with respect to opening things when you click on them.
The story in general, though, old news!
Why blame Safari?
How you can even remotely consider this to be Apple's fault is beyond me. Or is that firsrt paragraph just to stir things up a bit?
When you paste the .mp3 URL into a new browser address bar, hold the ALT key and press ENTER and it will download the mp3 to the Desktop where it will open in iTunes if double-clicked.
PS, no password problems at my end.
Sounds like it may be possible in Firefox too...
I haven't played with it yet -- but Firefox's DOM inspector, or similar, ought to be able to show you the same information -- I know it worked on certain *ahem* "special interest" video sites which used "hidden" links.
To the people working in the DRM industry:
"Kids, you tried your best and you failed miserably. The lesson is never try." - Homer Simpson
or get the firebug plugin for mozilla
... and do it on any platform
Yeah well thank you
for putting up this signpost so sites can start finding ways to kill it... *grrr*
Also, as it was said, this is nothing of a hack, if is simply finding a file that is there in the first place, but obscured. *seesh*
@MahatmaCoat: Crawl back into your cubicle and reinstall your OS, will you?
question really is... who cares?
Its quicker and easier getting them from good old fashioned p2p :P
I've been doing this for years! The activity viewer is a really handy debugging tool, so you can see exactly what the browser is requesting, and the response from the server.
Anyone who suggests I've used it to download "protected" content is a filthy liar. :-|
Opera does it too... for a long time!
If you play ANY tune from MySpace - Opera automatically downloads the file into your cache as an MP3 at a low bitrate and then it's yours for the taking.
By default your Opera cache is at
C:\Documents and Settings\Neo\Application Data\Opera\Opera\profile\cache4
Except obviously change "Neo" for whatever your computer/login name is ;)
Have been listening to music like this for around the last six months without using Burp or other assorted tools *vbg*
As an aside...
I found this article by using Opera's quick search by pressing / and typed iphon to find an article related to the unlocking of the iPhone...
How very annoying.
Firebug has made this possible in Firefox for as long as I've been using it (in the Net tab). Apparently...
Re: question really is... who cares?
Good ole fashioned p2p may be more efficient, but it doesn't always offer the selection found on MySpace. Frequently, artists put exclusive content on MySpace that isn't available elsewhere, under the pretense that the files on MySpace can't be downloaded.
How do people think they can hear/see things on their computer without them downloading it ?
Michael explains the situation perfectly.
It is no 'bug' or 'hole'.
Bottom line, if it gets to your computer, you can save it, whatever it is. Even if you are not technical enough to save the original mp3 or stream, you can still do the equivalent of 'taping off the radio'.
Incidently, an easy way to save things which do actually stream (rtsp/rtp/pnm things like realaudio, and some windows media), use the "dumpstream" option on "mplayer"
That saves the stream in it's native format without you ending up with a large wav to re-encode (as you would with an audacity 'save all you listen to') - it also means you can save/listen to multiple streams at a time without the saved copy being a resultant mix!
Surely it's equally cumbersome to fire up stinkin' Safari as Burp?
How does this simplify? And for those poor saps with Windoze, or those blessed with *nix?
err... you can do this in Internet Explorer 7
open your temp internet files,
sort by date last accessed,
find a song you want on myspace & add it to your own profile,
now view your own profile, and listen to the song.
Got back to the temp files window, hit f5, and there is your mp3...
has a silly obfuscated name, but one quick copy & rename later and you have your file
not really rocket science, and taking mp3s of myspace is definitely not confined to safari, or osx.
"If they 'closed the door', you wouldn't be able to hear any music."
MySpace music promises uploaders control over access to their music, and I think it's fair to assume that most people assume that they're using some sort of streaming tech to do so.
Real Media and Microsoft's streaming formats are now almost universally available and although trivial to hack, they do at least attempt to block recordings.
MySpace are putting MP3s up for download without making this clear to users, many of whom explicitly choose *not* to have downloads available (see the greyed-out "download" link in most players).
MySpace has skimped on the technology, failing to pay for appropriate measures. They should be more open and properly inform the artists who use their sites. After all, they're the ones who bring people to the site.
erm... safari is on windows now too
thanks this was very useful. i got a track i had wanted for over a year!
The comic-book-guy technique
Personally I prefer to plug my opensolaris wristwatch into a promiscuous hub and packet dump the traffic as the other box streams it off myspace. I use a perl script to mark up the datagrams into xml then use this nifty safari plugin to filter out the ones belonging to the mp3, before reassembling the stream by hand using a set of emacs macros I wrote (in vi).
I don't actually listen to the audio, as doing it this way I feel I have a much deeper appreciation of the contents.
P.S. I hope you can supply me with an IP row-ter for my token-ring/ethernet lan config-yuration?
The most useful FireFox extension...
that does an awful lot of very very useful things, is FireBug, which can definitely be used for this purpose.
"Oh please, what a bunch of nonsense. The door is open because people want you to listen to their music and so they upload it to the site."
Proper streaming software would be reading the file from a directory outside of the Web server's "sandbox." If that were the case, no URL would give you a direct link to the mp3 file; the Web server would not be able to access the MP3. It would have to rely on an external application to generate the stream.
MySpace has apparently chosen to use the "cehap and cheerful" instead of the "free open source software that's secure" route.
A far simpler approach.
www.myspacegrab.com. If you're dyslexic, you may end up reserving a spot in a car park someplace instead.
AN Other media player
This is rather annoying to me. I put my music on MySpaz for people to hear, before I let them be accessed by the public (Free or to pay downloads).
96kbps though is rather crap, so I doubt it will kick off much
There's a much easier way...
Just go to http://www.myspacegrab.com/ and you can download any song you want.
- Hi-torque tank engines: EXTREME car hacking with The Register
- Product round-up Ten excellent FREE PC apps to brighten your Windows
- Review What's MISSING on Amazon Fire Phone... and why it WON'T set the world alight
- Product round-up Trousers down for six of the best affordable Androids
- Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...