Feeds

BBC iPlayer rejects open source plugins, takes Flash-only path

Be safe: Use Adobe content protection, kids

Combat fraud and increase customer satisfaction

Exclusive The BBC has quietly updated its hugely popular iPlayer with a verification layer that closes the door on open source implementations of RTMP (real-time messaging protocol) streaming, The Register has learned.

The Beeb applied the update to its online video catch-up service on 18 February, just four days after Adobe Systems penned a corporate blog post about its “content protection offerings”.

The tweak means that free RTMP plugins offered by the likes of the XBMC community — whose code is based on the GNU General Public Licence v2 — can no longer stream iPlayer content. The latest iteration of XBMC’s plugin was created in May last year and was being used by UK viewers to play TV and radio catch-up content from the BBC’s iPlayer service.

El Reg asked the BBC to explain why it had implemented the change without first advising its UK licence fee-paying users of iPlayer that plugins such as XBMC would no longer have access to the service.

“Since launch in 2007, BBC iPlayer has always used content protection in order to provide UK audiences with the most compelling content. We periodically review the level of security to protect BBC programmes, brands and trademarks,” it said in a statement.

However, it didn’t explain to us why Auntie had decided to put a block on open source RTMP plugins now.

XBMC developer ‘frosty’ noted the Corporation’s change of heart on the XBMC community forum on 20 February.

BBC’s content delivery network have turned on ‘SWF Verification’ which is not implemented by XBMC. It probably can’t be added safely, as it is can be considered a ‘copyright protection’ mechanism, and so covered by the DMCA (in America). Macromedia [owned by Adobe] have sent lawyers after other stream-ripper software that implemented SWF Verification.

The clue is in a debug log. Ping type 26 is a verification request:

Code: RTMP_LIB::CRTMP::HandlePing, received: ping, type: 26.

As XBMC does not respond, the server closes the connection.

Reg reader Tom Rouse, who alerted us to the SWF verification tweak to the iPlayer, wondered if the BBC was simply satisfying the demands of Adobe’s content licence desires.

“It would seem that this move is likely [to] impact users of platforms not supported by Flash, with an unsatisfactory implementation (e.g. too resource intensive for the platform, with video tearing, etc.), or those who just wish to use an open source player,” he said.

“Ironically, third-party utilities that download files (which presumably the verification is there to prevent) still work fine. It is possible that this move will actually increase the occurrence of downloading files which will not be time limited, or torrenting of copyrighted material.”

Meanwhile, Adobe’s product manager Florian Pestoni pushed out a Valentine’s Day missive on 14 February that outlined the proprietary software maker’s “content protection offerings” for what he described as a “key tool that can be used to monetise premium video online.”

The firm’s Flash Media Server has a number of content protection features that includes support for the contentious SWF verification that effectively locks down the Beeb’s iPlayer in Flash.

In other words, “unauthorised” video player applications will no longer get a look-in.

A desktop version of iPlayer was developed in conjunction with Adobe and written in the company’s AIR technology. The BBC finally made that version available to UK users in December 2008, in part to appease Linux and Mac fans who had waited 18 months to get their hands on, what was until that point, a Microsoft Windows-only playpen.

Now, it seems, the BBC has once again picked a fight with openistas by closing the door on freely developed RTMP plugins for the iPlayer, and in so doing has forced users to download Flash if they wish to view and listen to the Beeb’s telly and radio shows.

Whether the BBC will back down and allow the XBMC plugin to stream iPlayer on non-Flash systems remains to be seen, however. Presumably that depends on where its relationship stands with Adobe as well as of course its viewers and listeners. ®

SANS - Survey on application security programs

More from The Register

next story
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.