Hacker News new | past | comments | ask | show | jobs | submit login

Well... here's the dumb thing. The DASH-like manner (or, "rolling cipher" as they like to call it) has currently held up as being an effective protection measure. It comes up all the time when RIAA in particular sues YouTube stream-rippers.

https://torrentfreak.com/deciphering-youtubes-rolling-cypher...




Very interesting. I feel like any type of digital storage or transmission format (PCM audio formats like CD Audio, packet switched networks like Internet Protocol, etc.) could also be described thusly, given that a typical human can't readily consume it. We use a tool that parses it using some algorithm, not a tool that avoids/breaks the algorithm. The error correction of a CD or the sequence number of a packet surely rolls way more rapidly than those DASH slices, too. Are those more common formats also considered effective access controls, since humans have severe difficulty interacting with them without the help of a tool?

Granted, I suppose the difference there is that the creators of those formats/protocols did publish the spec, whereas YouTube didn't. Or did they, though? The JavaScript that YouTube serves is the instruction for parsing the DASH response, available publicly, hardly different from publications like IEC 60908 ("Red Book" CD-DA spec) or an RFC 791 (IP spec) -- a different language, is all.

What a mess.


The difference is also intent.

YouTube implemented the rolling cypher to satisfy music industry demands that the files were not permanently downloadable (and it appears they were able to provide abundant evidence that Google has communicated that to them in court, I don't think this is a controversial point).

That wasn't the point of the red book spec.

Intent matters significantly, legally.


If the rolling cypher they implemented truly exceeds DASH in such a way as to exert control, then I think that would convey intent. If it's substantially DASH alone and DASH requires the equivalent of a rolling cypher just to work, that's rather meaningless; the intent of implementing DASH certainly would've had most to do with adaptive bitrate UX.

Based on some other comments, it sounds like they added something like this for music videos and the like, so it may hold up.

But I'm armchair judging at this point, and IANAJ.

Isn't a rolling code how RF locks (car fob, garage opener, etc.) operate? Those are actually good at keeping out third parties, though.


Off-topic: happy 10k, 1k!




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: