Feeds

BBC iPlayer rejects open source plugins, takes Flash-only path

Be safe: Use Adobe content protection, kids

Remote control for virtualized desktops

Exclusive The BBC has quietly updated its hugely popular iPlayer with a verification layer that closes the door on open source implementations of RTMP (real-time messaging protocol) streaming, The Register has learned.

The Beeb applied the update to its online video catch-up service on 18 February, just four days after Adobe Systems penned a corporate blog post about its “content protection offerings”.

The tweak means that free RTMP plugins offered by the likes of the XBMC community — whose code is based on the GNU General Public Licence v2 — can no longer stream iPlayer content. The latest iteration of XBMC’s plugin was created in May last year and was being used by UK viewers to play TV and radio catch-up content from the BBC’s iPlayer service.

El Reg asked the BBC to explain why it had implemented the change without first advising its UK licence fee-paying users of iPlayer that plugins such as XBMC would no longer have access to the service.

“Since launch in 2007, BBC iPlayer has always used content protection in order to provide UK audiences with the most compelling content. We periodically review the level of security to protect BBC programmes, brands and trademarks,” it said in a statement.

However, it didn’t explain to us why Auntie had decided to put a block on open source RTMP plugins now.

XBMC developer ‘frosty’ noted the Corporation’s change of heart on the XBMC community forum on 20 February.

BBC’s content delivery network have turned on ‘SWF Verification’ which is not implemented by XBMC. It probably can’t be added safely, as it is can be considered a ‘copyright protection’ mechanism, and so covered by the DMCA (in America). Macromedia [owned by Adobe] have sent lawyers after other stream-ripper software that implemented SWF Verification.

The clue is in a debug log. Ping type 26 is a verification request:

Code: RTMP_LIB::CRTMP::HandlePing, received: ping, type: 26.

As XBMC does not respond, the server closes the connection.

Reg reader Tom Rouse, who alerted us to the SWF verification tweak to the iPlayer, wondered if the BBC was simply satisfying the demands of Adobe’s content licence desires.

“It would seem that this move is likely [to] impact users of platforms not supported by Flash, with an unsatisfactory implementation (e.g. too resource intensive for the platform, with video tearing, etc.), or those who just wish to use an open source player,” he said.

“Ironically, third-party utilities that download files (which presumably the verification is there to prevent) still work fine. It is possible that this move will actually increase the occurrence of downloading files which will not be time limited, or torrenting of copyrighted material.”

Meanwhile, Adobe’s product manager Florian Pestoni pushed out a Valentine’s Day missive on 14 February that outlined the proprietary software maker’s “content protection offerings” for what he described as a “key tool that can be used to monetise premium video online.”

The firm’s Flash Media Server has a number of content protection features that includes support for the contentious SWF verification that effectively locks down the Beeb’s iPlayer in Flash.

In other words, “unauthorised” video player applications will no longer get a look-in.

A desktop version of iPlayer was developed in conjunction with Adobe and written in the company’s AIR technology. The BBC finally made that version available to UK users in December 2008, in part to appease Linux and Mac fans who had waited 18 months to get their hands on, what was until that point, a Microsoft Windows-only playpen.

Now, it seems, the BBC has once again picked a fight with openistas by closing the door on freely developed RTMP plugins for the iPlayer, and in so doing has forced users to download Flash if they wish to view and listen to the Beeb’s telly and radio shows.

Whether the BBC will back down and allow the XBMC plugin to stream iPlayer on non-Flash systems remains to be seen, however. Presumably that depends on where its relationship stands with Adobe as well as of course its viewers and listeners. ®

Beginner's guide to SSL certificates

More from The Register

next story
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The hidden costs of self-signed SSL certificates
Exploring the true TCO for self-signed SSL certificates, including a side-by-side comparison of a self-signed architecture versus working with a third-party SSL vendor.