github

72 Articles

Community Rallies Behind Youtube-dl After DMCA Takedown

October 27, 2020 by 63 Comments

At this point, you’ve likely heard that the GitHub repository for youtube-dl was recently removed in response to a DMCA takedown notice filed by the Recording Industry Association of America (RIAA). As the name implies, this popular Python program allowed users to produce local copies of audio and video that had been uploaded to YouTube and other content hosting sites. It’s a critical tool for digital archivists, people with slow or unreliable Internet connections, and more than a few Hackaday writers.

It will probably come as no surprise to hear that the DMCA takedown and subsequent removal of the youtube-dl repository has utterly failed to contain the spread of the program. In fact, you could easily argue that it’s done the opposite. The developers could never have afforded the amount of publicity the project is currently enjoying, and as the code is licensed as public domain, users are free to share it however they see fit. This is one genie that absolutely won’t be going back into its bottle.

In true hacker spirit, we’ve started to see some rather inventive ways of spreading the outlawed tool. A Twitter user by the name of [GalacticFurball] came up with a way to convert the program into a pair of densely packed rainbow images that can be shared online. After downloading the PNG files, a command-line ImageMagick incantation turns the images into a compressed tarball of the source code. A similar trick was one of the ways used to distribute the DeCSS DVD decryption code back in 2000; though unfortunately, we doubt anyone is going to get the ~14,000 lines of Python code that makes up youtube-dl printed up on any t-shirts.

Screenshot of the Tweet sharing YouTube-dl repository as two images

It’s worth noting that GitHub has officially distanced themselves from the RIAA’s position. The company was forced to remove the repo when they received the DMCA takedown notice, but CEO Nat Friedman dropped into the project’s IRC channel with a promise that efforts were being made to rectify the situation as quickly as possible. In a recent interview with TorrentFreak, Friedman said the removal of youtube-dl from GitHub was at odds with the company’s own internal archival efforts and financial support for the Internet Archive.

But as it turns out, some changes will be necessary before the repository can be brought back online. While there’s certainly some debate to be had about the overall validity of the RIAA’s claim, it isn’t completely without merit. As pointed out in the DMCA notice, the project made use of several automated tests that ran the code against copyrighted works from artists such as Taylor Swift and Justin Timberlake. While these were admittedly very poor choices to use as official test cases, the RIAA’s assertion that the entire project exists solely to download copyrighted music has no basis in reality.

[Ed Note: This is only about GitHub. You can still get the code directly from the source.]

GitHub’s Move Away From Passwords: A Sign Of Things To Come?

September 15, 2020 by 69 Comments

Later this month, people who use GitHub may find themselves suddenly getting an error message while trying to authenticate against the GitHub API or perform actions on a GitHub repository with a username and password. The reason for this is the removal of this authentication option by GitHub, with a few ‘brown-out’ periods involving the rejection of passwords to give people warning of this fact.

This change was originally announced by GitHub in November of 2019, had a deprecation timeline assigned in February of 2020 and another blog update in July repeating the information. As noted there, only GitHub Enterprise Server remains unaffected for now. For everyone else, as of November 13th, 2020, in order to use GitHub services, the use of an OAuth token, personal token or SSH key is required.

While this is likely to affect a fair number of people who are using GitHub’s REST API and repositories, perhaps the more interesting question here is whether this is merely the beginning of a larger transformation away from username and password logins in services.

Continue reading “GitHub’s Move Away From Passwords: A Sign Of Things To Come?”

Codespaces For Embedded Development

September 7, 2020 by 11 Comments

We can sympathize with [Benjamin Cabé]. He has a lot of development boards and it has become painful to maintain the many toolchains for each board. We’ve also suffered from upgrading one tool breaks another tool in some obscure way. His solution? Use Github Codespaces which you can get early access for beta testers.

The idea is that you can spin off a container-specific to a GitHub repository that has all the proper versions and dependencies required to work with a project.

If you sign up for the beta, you’ll be on a waitlist, but it is interesting to see [Benjamin] go through the steps. The service is free during the beta and you get two codespaces. Presumably, you’ll eventually be able to pay for more capability.

The idea is good, but we’ll have to see about the implementation. A preconfigured container might move from machine to machine or even to deep storage for later reconstitution. Flashing the binary image to the device looked painful from the browser. We’ve seen it done nicely with, for example, the online Arduino IDE but it did take some installable software helpers to do that.

We’ll be curious about how many different platforms this will support. However, you can roll your own version of this and avoid the cloud using Docker or even a full-blown VM like VirtualBox. Sure, it is more work, but you control your destiny. Add something like Platform.IO and your choice of development tools and you can avoid having so many competing development tools all in your main computer.

Continue reading “Codespaces For Embedded Development”

Hackaday Podcast 079: Wobble Sphere, Pixelflut, Skeeter Traps, And Tracing Apps

August 7, 2020 by 3 Comments

Hackaday editors Mike Szczys and Elliot Williams gaze upon the most eye-popping projects from the past week. Who would have known that springy doorstops could be so artistic? Speaking of art, what happens if you give everyone on the network the chance to collectively paint using pixels? There as better way to catch a rat, and a dubious way to lure mosquitoes. We scratch our heads at sending code to the arctic, and Elliot takes a deep look at the contact tracing apps developed and in use throughout Europe.

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Take a look at the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!

Direct download (60 MB or so.)

Where to Follow Hackaday Podcast

Places to follow Hackaday podcasts:

Continue reading “Hackaday Podcast 079: Wobble Sphere, Pixelflut, Skeeter Traps, And Tracing Apps”

Ask Hackaday: Why Did GitHub Ship All Our Software Off To The Arctic?

July 29, 2020 by 95 Comments

If you’ve logged onto GitHub recently and you’re an active user, you might have noticed a new badge on your profile: “Arctic Code Vault Contributor”. Sounds pretty awesome right? But whose code got archived in this vault, how is it being stored, and what’s the point?

Continue reading “Ask Hackaday: Why Did GitHub Ship All Our Software Off To The Arctic?”

Hackaday Links Column Banner

Hackaday Links: July 19, 2020

July 19, 2020 by 19 Comments

Care to flex your ethical hacker muscles? The Defense Advanced Research Projects Agency, better known as DARPA, is running its first-ever bug-bounty program. The event is called “Finding Exploits to Thwart Tampering”, or FETT — get it? Bounty hunter? Fett? — and is designed to stress-test security hardware developed through DARPA’s System Security Integration Through Hardware and Firmware, or SSITH. Tortured backronyms and pop culture references aside, FETT will start this month and go through September. This is not an open challenge per se; rather, the Red Team will be coordinated by crowdsourced security research company Synack, who has called for security researchers to sign on.

The Linux kernel development team has decided to join the trend away from insensitive terminology like “master/slave” and “blacklist/whitelist” in coding style. A July 4 proposal by kernel maintainer Dan Williams goes into some detail on the logic of making the change, and it’s quite convincing stuff. It’s hard to argue with the fact that code reviewers can easily be distracted by coding style changes, so replacing terms that have become lightning rods only makes sense. Linus himself has signed off on the changes for all future code; the current terminology will only be allowed for purposes of maintaining older code.

Some stories just leap off the screen when you’re scanning headlines, and a story with the term “narco-antennas” practically begs further investigation. It turns out that the drug cartels in Mexico (and probably elsewhere, but the story focused on Mexico) are quite sophisticated in terms of communications technology. Eschewing cell phones for some of their communication needs for obvious reasons, they still apparently leverage the cell system by installing their own transceivers at cell sites. This can lead to some tense moments for the engineers who maintain legitimate gear at these sites; the story above recounts one hapless tech who powered down a site to make some repairs only to be confronted by armed men upset about the loss of their radios. It’s a fascinating look at the underworld and their technology, and we can’t help but feel for the men and women who have to face down these criminals just to do their jobs.

Way back in January — remember January? — we kicked off the 2020 Hack Chat series with a fellow named Alberto Caballero, principal investigator of the Habitable Exoplanet Hunting Project. At the time, I was blown away by the fact that the tiny changes in intensity caused by planets transiting across their star’s face were detectable on Earth with instruments an amateur astronomer could easily afford. And now, the project’s crowdsourced planet hunters have hit pay dirt, with the discovery of a Saturn-sized exoplanet in orbit within the habitable zone around star GJ 3470, also known as Gliese 3470, a red dwarf about 30 parsecs away in the constellation Cancer. Their paper is still in preprint and hasn’t been peer-reviewed yet, but it’s exciting to see this kind of citizen science being done, and we’d like to congratulate the team on their achievement and wish them continued luck in their search for “Earth 2.0”

And finally, if you can’t stand the idea that future archaeologists may someday pore over your code in an attempt to understand the digital lives of their long-dead forebears, then you might want to skip this story about how GitHub shipped 21 terabytes of open-source code to cold storage. The destination for the data, contained on reels of archive film and shipped on two pallets, is the world’s long-term memory: the Artic World Archive on the island of Svalbard. Perhaps better known for the Svalbard Seed Vault, where the genetic diversity of the world’s plants is stored, the Artic Code Vault is in a nearby abandoned coal mine and set deep within the permafrost. The rationale for making the effort to preserve code makes for some interesting reading, but we can’t help but feel that like the graffitists of Pompeii, if we’d known someone would be reading this stuff in a thousand years, we might have edited out a few things.

Microsoft Releases The Source Code You Wanted Almost 30 Years Ago

May 22, 2020 by 65 Comments

In the late 1970s and early 1980s, if you had a personal computer there was a fair chance it either booted into some version of Microsoft Basic or you could load and run Basic. There were other versions, of course, especially for very small computers, but the gold standard for home computer Basic was Microsoft’s version, known then as GW-Basic. Now you can get the once-coveted Microsoft Basic source code for the 8086/8088 directly from Microsoft in the state you would have found it in 1983. They put up a read only GW-BASIC repository, presumably to stop a flood of feature requests for GPU acceleration.

You might wonder why they would do this? It is certainly educational, especially if you are interested in assembly language. For historical reasons, you might want to get a copy you could modify, too, for your latest retrocomputer project.

There are a few tidbits of interest. Some of the source is marked that it was translated. Apparently, Microsoft had a master implementation for some processor — real or imagined — and could translate from that code to 8088, Z-80, 6502, or any other processor they wanted to target.

From what we understand, GW-Basic was identical to IBM’s BASICA, but didn’t require certain IBM PC ROMs to operate. Of course, BASICA, itself, came from MBASIC, Microsoft’s CP/M language that originated with Altair Basic. A long lineage that influenced personal computers for many years. On a side note, there’s debate on what the GW stands for. Gee-Whiz is a popular vote, but it could stand for ‘Gates, William’, Greg Whitten (an early Microsoft employee), or Gates-Whitten. The source code doesn’t appear to answer that question.

We did enjoy the 1975 copyright message, though:

ORIGINALLY WRITTEN ON THE PDP-10 FROM
FEBRUARY 9 TO APRIL 9 1975

BILL GATES WROTE A LOT OF STUFF.
PAUL ALLEN WROTE A LOT OF OTHER STUFF AND FAST CODE.
MONTE DAVIDOFF WROTE THE MATH PACKAGE (F4I.MAC).

It wasn’t long ago that Microsoft released some old versions of MSDOS. If you have the urge to write some Basic, you might pass on GW-Basic and try QB64, instead.

GW-Basic Disk and Manual photo by [Palatinatian] CC-SA-4.0.