BBC iPlayer On iPhone Update
Easy For Legitimate Users, Hard For Hackers
Sorry to be posting this a few days after all the fun, but I've been on paternity leave and yesterday was my first full day back in the office.
So, the BBC iPlayer service on the iPhone got hacked. A way was found to take the iPhone streams and turn them into download files to your desktop. This was obviously not our intention.
We want to get iPlayer onto as many devices and platforms as we can (and as many as makes economic sense, given that we have fixed funding).
The launch on the iPhone/iPod touch platform has increased traffic to iPlayer by 10% (7% from general increased awareness and 3% specifically accessing iPlayer from their iPhone/touch). The team led by Anthony Rose has done a fantastic job: the iPhone implementation of iPlayer looks great, and neither Anthony, nor his boss Erik Huggers, nor I, have any intention of taking down the service.
We know that with each new platform comes more complexity and issues. We know that some platforms are going to be easier to break than others.
But we know that by offering a legitimate service to as many users as possible, most people, most of the time, will respect that rights holders want the BBC to only let their content be available for free at the time of transmission, and now with iPlayer, for a week post-transmission, and that therefore most users will use the legitimate iPlayer product in a legitimate manner.
In fact, more than most: the vast majority. Something like just one twentieth of one percent have accessed a BBC iPlayer programme via a hack.
Clearly, anything more than zero is not ideal, but we live in the real world, and at this level the hack does not undermine the trust we've built with our contributors, rights holders, and on-screen talent, particularly as it does not appear to be a malicious or commercially motivated attack.
As some commentators have pointed out, the reason the volume of iPlayer hacks is this low is probably because if you want to keep a permanent copy of a BBC programme for your personal use, there are easier ways to do it than hacking the iPhone implementation (which we've made considerably harder, if not impossible). You can simply tape/PVR your desired programme from air. If you really want to illegally distribute BBC programmes, then this is possible too. PVR BBC programmes off-air, and then upload the files to a file-sharing site. Most people don't want to break the law. And we do have legal redress, but have needed to use it, or even to threaten to use it, extremely rarely.
We'll try and ensure that it's easy for legitimate users and hard for hackers, and I think the team here is doing a great job at both - but no service (whether the beta of iPlayer last summer or the beta on the iPhone a couple of weeks ago) will necessarily work perfectly out of the box.
I hope that the vastly improved dialogue we now have with the various interested communities out there (developers, Linux users, etc., via this blog among other channels) will enable us to build the services that everyone wants, and that the vast majority of people can get to enjoy BBC programmes on demand... which is the point of all this.
Ashley Highfield is Director, BBC Future Media & Technology. Main image by Benjamin Watt.
© MMIX~RS~q~RS~~RS~z~RS~49~RS~)
Comments
Why don't you let Linux and Mac users browse the "beta" iPhone iPlayer. Let us choose if we wish to see a flash stream or a MP4 stream. My browser is set up to play MP4 streams and I've done nothing fancy
I have no interest in keeping the stream, I just want to watch on-demand stuff of a decent quality and size.
Yes I could go out and buy a card for my computer but thats not the point is it...its because I've forgotten to set up my PVR or its decided not to tape something. At the moment the only other option I have is to find some torrents.
You have built a delivery system for a minority mobile platform which so happens to support 2 minority operating systems.
The BBC is very keen to stretch its reach and you can do this very quickly.
When I heard that the iPlayer had been 'ported' to the iPhone, I was really impressed. When I heard that it had been misused to download the programmes for use outside the agreement the BBC has from the programme makers, I was really concerned that we would lose it altogether.
Well done BBC for committing to keeping it going. 'Yah boo' to the idiots that might just mess it up for the rest of us that can 'play by the rules'.
Oh please. This was hardly a hack. People were visiting a URL and downloading a file that was protected by nothing more than a user agent string, and any developer worth his salt that you never, ever trust anything coming from the client. From what I've read, you're still relying on quirks in the headers of the iPhone's Safari and Quicktime implementations in order to determine whether to serve up the un-DRMed mp4 stream.
I'm offended that you paint people who used this loophole as hackers and everyone else as 'legitimate users'. I downloaded the mp4 files because they are higher quality than the Flash streams, don't require me to be near a wireless hotspot, can be used on my Archos media player and download quickly (unlike the awful speeds I got when I tried to use the desktop client).
The music industry has realised that DRM simply does not work - you even admitted it in your post! The sooner the TV and film industries realise this, the better.
Hackers? Oh Please, BBC I would have thought better of you, it was as simple as going to a URL, oh and by the way, people you can still bypass the restrictions (of course I'm not condoning you do that).
Ashley, I'd like to ask a question, why is it that we can tape it on a vcr/dvd recorder and save it to our PVR's but not keep a copy on our computer?
Hope you'll answer the question.
I sympathise with the position of the BBC. They have to keep up this pretence to the rights holders that the content is protected when in reality is is not. The Listen again site for BBC radio does not allow you to record and of the streams, but by using a few open source tools it is relatively easy to save the stream and convert it to a usable format (ogg or mp3)
What really needs to happen is that the politicians get involved in this issue and set up some sensible copyright rules that allow this new media to develop. Something along the lines proposed by Lawrence Lessing and the creative commons http://lessig.org/
If we in the UK took this on and changed our copyright rules we could put this country in the centre of the creative media world. Its a really enormous opportunity.
Isuggest you read Andy Halsall's post to bbc_backstage mailing list on firt announce ment of the iphone version having problems
You are really not getting the point.
very few people want to do things "illeagally" or "*hack* the piracy protection". they want to want drm-free iplayer in an unencumbered format.
hackers are not trying to "pirate" stuff. DRM-free is the aim - not piracy
please please please. look up andy halsall's article in the archives - you will find it insightful and it will mean you dont write more offtopic blog posts.
sorry for spelling. i'm at astation using one of those console things
hope to see you at fsuk-manchester some day soon
congratulations on your baby
tim
I use the iplayer via an itouch, but the issue that I have is the number of programmes that are available. It doesnt appear that all the programmes you can view via the desktop application is available on the iphone version.
The hacker behind this deviously clever attack should be found and hired by the iPlayer team immediately. Too bad he is so clever he could obviously never be found. Good hack!
"So, the BBC iPlayer service on the iPhone got hacked."
No. It didn't.
In order for something to be "hacked", it has to be secure in the first place.
You "security" is roughly equivalent to putting a combination lock on your front door, with a sign next to it telling you what the combination is.
A bit early to party here, hmm?
It's understandable that the BBC has to make some efforts to protect the content: though at the same time, there is no perfect DRM systems: and if there truly is, then all the work involved in doing that would piss users off to the extent that the service would be worthless. The Windows downloads have DRM, but FairUse4WM deals with that easily. Flash currently has no DRM (though that's changing) and the protocols used for streaming make it difficult, but not impossible to capture... though it's not my first choice of version to save, I'd say. And then the iPod ones. It's not got any, and I hesitate to say the system was hacked, just utilising loopholes... and it wasn't, and still isn't difficult. Despite the success said here now, there's still a way in, made easy thanks to Paul Battley.
There's a bit of misinterpretation that the only reason for breaking DRM is to share the content illegally, or keep it forever. But it's not.
I have a Zune. There's probably only 7 other people in the country with one, not surprising as it's not actually out here. However, it plays WMV, and it plays MP4 - both file formats that iPlayer content is available in. But, thanks to the DRM of WMV, and the utter stupidity of how MP4 content has been handled (but I'll get to that later), if I wanted just to rewatch an episode of something, maybe I missed it, and probably even delete it when the run of the show is done - I have to jump through loopholes just to do it.
Now, iPod Touch/iPhone content. It's obvious that it (and the flash streaming) was done because there is the necessity to make iPlayer available on multiple platforms, and secondly to shut up the whiners up who claimed BBC were in the pockets of Microsoft due to exclusivity (although logic about available technology is totally irrelevant, apparently...). iPlayer was stated to be only on Windows because the technology used at the time would only work on Windows, and fair enough. The flash streaming was done for anything that would play flash content: and that's brilliant. Again, the limits are on the abilities of technology, not the platform.
Now, H.264 MP4 files. I find it utterly hypocritical that whilst it's a format that will work on many platforms, many of which that won't run the other formats, it's been limited to iPhone and iPod Touch out of pure choice: not technology. Whilst people complained about how it was only on Windows, the MP4 exclusivity is worse as it's saying "only for Apple owners, because we say so." That's closer to the "doing it specially for (company X)" situation many thought was happening with Microsoft, but no, it appears to actually be happening with Apple - although I am in no way suggesting there's some secret backdoor deal, it's great to see that you've done all this through the existing iPhone browser and not taking advantage of early access to the SDK.
And finally, a positive note about iPlayer - I see the BBC homepage module has been updated! Hurrah, very nice. Hopefully in the future we'll be able to choose what's shown there, maybe stuff from a specific category or choosing new releases instead, and maybe even recommendations... oh, and if people moan about "it's suggesting stuff on what I've already watched! Invasion of privacy!", let it be known that I (and I'm sure others) will happily opt in.
Ten percent increase..impressive. What's the real reason for DRM on the iPlayer?
Explain the point of DRM on anything. The fact that i can record TV shows onto a PVR them transfer them onto a pc and burn to dvd or put put on my phone or PSP. But i am unable to go to a offical source like bbc and download a TV show that every one in the UK has payed for. We are paying for a service that is crap. The industry still do not get it. As many people would still buy the DVD (then break the copy protection to put it onto there pc or phone)
Why is it that people have to use Bittorrent to get a full quality tv show and risk the fact that they may get "caught". If the industry get rid of DRM (like the Music industry is doing now) then there would be less copyright violations on the net.
I am writing this comment on a mac which i cannot download tv shows to because of this stupid DRM which like me millions of other people hate and which only effect the decent people and not the small majority of people that torrent shows. Why is it that the majority of people are effected just because of a small group.
We'll try and ensure that it's easy for legitimate users
I'm a legitimate user. I don't want to upload BBC programs to torrent sites, I don't want to keep these files for ever, I just want to be able to download them, watch them, and get rid of them. But you're not making it easy for me because I don't use either an Apple or an MS product.
You can open up the DRM free mp4 streams to everyone that wants them, and you should; they're harmless. Even with the high profile availability of the hack relatively few people are using it (by your own admission) and there's been no sign of the files being redistributed illegally; there would, after all, be little point since versions taken from Freeview are higher quality.
You know there's no point trying to impose DRM on one copy of media that's available in better quality without it elsewhere, so when are you going to make good on your words and ensure things are easy for this legitimate user?
The BBC iPlayer for the iPhone (and iPod Touch) in incredible. I've been having a great deal of fun with it over the past week.
Very pleased that you managed to put in a fix rather than take the service offline.
I'm really looking forward to a time when RRS feed are made available for the channels & categories. Being able to subscribe to a feed of the my chosen category/genre will be most useful.
There seems to be an assumption that everyone using this workaround (I hesitate to call it a hack) is doing so for nefarious means.
I have downloaded the mp4 streams so I can watch BBC programs on my Linux machine, something that is only partially supported by the BBC. When that fails I have been known to get the programs from the "pirates" who as you point out have just encoded the programs from their PVR's and made them available. I have no interest in violating the rights of the content providers or distributing copyrighted material. While the BBC continues to make it hard for users to access their material it shouldn't be surprised if people go for the easier routes.
The failure of DRM has many reasons. It treats everyone as a potential criminal to start with and it is a manifestly inferior to use product than the "free" alternative. It's no wonder the music industry has finally seen the light and has started back peddling. The BBC is behind the curve on this one. Finally it's a pointless technical solution. The DRM only has to be cracked once and the protection is gone. It matters not if one 20th of one percent accessed the hack, once the data has been copied once it is easily replicated and distributed rendering the whole "protection" the DRM supposedly supplies null and void.
It's great to see the iPlayer developing quickly now after the length of time it took for the betas & public value tests.. I am like many others that have commented - my Windows Mobile phone can play both the WMV files & MP4 from iPlayer, and I'd like to watch programmes on it when away from home. Does that make me a hacker?
Rather than 'hacking' your site for, why can't you give me the choice of format for my mobile device?
Windows mobile devices can enforce the windows media DRM on files obtained with the iplayer download service, you merely need to enable synchronisation of these files to mobile devices. In fact it worked like this in the original iMP trial.
No need to transcode to yet another format.
No need to adjust the iplayer site.
All you need to do is enable the sync option in the usage rights, users can then synchronise files (DRM intact) to their playforsure devices. How about making this the next enhancement?
Hi there
Love the Iplayer on my Iphone. I simply find it unbelievable! However I am unable to get the radio to play listen live.
I can listen to streamed podcasts etc with no hassle, but when i try and listen to live Radio 1 it doesnt seem possible. I do not have flash installed (and seem to be unable to install it) and do not have RM or WMP as they are obviously not part of the software for Iphone.
Any ideas? or do we just need to be patient as you work this stuff out?
Dear Ashley,
Firstly may I congratulate you and your team.
I really miss BBC programming as I live in Australia.
I have been considering buying my first apple laptop, and changing my phone to an iphone.
This application would be ideal for me to keep in touch with British culture - especially quality programming like Top Gear.
I am still a UK citizen, if I was to purchase a TV licence, could my IP address be added to the BBC iplayer lookup tables?
I do not want to use bit torrent, or a hacker's script, I want to do things legally.
There must be so many ex-pats who would appriciate this service - and would go through the right legal channels.
Best Regards,
Allan Walker
Finally a small move to open standards. I suggest 4 streams
MP4 HD 720
MP4 iPod touch
MP4/3GPP for mobiles
MP3 for radio
All video H264, all open standards. This is after all the future standard that will be adopted by digital TV broadcasting...
Nothing else, no Flash, WMV, RM etc