Re: (was Re: Adding a description text property for a track) non-free ja

emms-help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: (was Re: Adding a description text property for a track) non-free ja

From:	Yuchen Pei
Subject:	Re: (was Re: Adding a description text property for a track) non-free javascript and ytdl
Date:	Thu, 31 Mar 2022 19:37:22 +1100
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux)

On Sun 2022-03-27 20:42:08 +0200, Alexandre Garreau wrote:

>
> while, if you have a set of randomly generated programs, that teach you
> nothing, that nobody ever did read nor understand in history, but with wich,
> with an interpreter, you can open a file… i mean, it does sound stupid because
> it’s bad security, but i don’t think there is a hard political threat there, 
> as long
> as you are able to execute the script without internet, as it is purely
> deterministic, and once it is executed you won’t ever need it anymore…
>
> i mean there is literally no use nor way to have these programs being free
> except by getting google’s serverside source… which will be of literally no 
> use
> because their services are enormous, unhostable by anyone but them, and not
> federated nor implementing new formats/protocols we’d need…
>

So I played with the youtube-dl code today to understand the decryption
code.  I tried one video, and the code containing decrypting program is
located at
<https://youtube.com/s/player/1d26561d/player_ias.vflset/en_US/base.js>.

The code is huge, but the decrypting function is extremely once you have
the magic regexp to extract it from the code and beautify the code.

You can print out the decrypting function by printing func_m and its groups
in jsinterp.extract_function, and locate the functions invoked inside
the body of the decrypting function in the base.js code.

The complete decrypting code is so trivial that I am not sure it can be
copyrighted, but the funny thing is, the first few lines (after
beautification) of the code contains an Apache-2.0 license identifier:

    > /*

    >  Copyright The Closure Library Authors.
    >  SPDX-License-Identifier: Apache-2.0
    > */

I'm not familiar with Apache2.0, but given it is a lax license, I
suspect it does not require distribution of source.

In any case, assuming the license indentifier implies the js code is
under Apache2.0, then I guess you definitely don't lose freedom running
the (trivial) decrypting code.

Best,
Yuchen

-- 
PGP Key: 47F9 D050 1E11 8879 9040  4941 2126 7E93 EF86 DFD0
          <https://ypei.org/assets/ypei-pubkey.txt>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: (was Re: Adding a description text property for a track) non-free javascript and ytdl, (continued)

Prev by Date: Re: (was Re: Adding a description text property for a track) non-free javascript and ytdl
Previous by thread: Re: (was Re: Adding a description text property for a track) non-free javascript and ytdl
Next by thread: Re: (was Re: Adding a description text property for a track) non-free javascript and ytdl
Index(es):
- Date
- Thread