The America Online Protocol Revealed

Gods Misfit writes "The America Online protocol(Connecting, Logging In, Joining Chats, etc..) has remained a mystery for most of its life. The only way one could log into their AOL account was via the AOL software. A few months ago, some people set out to break down the AOL protocol and open the door for alternative America Online software. This document is the result: The AOL Protocol. A sign on example for Visual Basic programmers has been written and is available here." I suspect a fair number of people never try Linux or one of the BSDs because they're moderately happy with AOL as an ISP, and switching OSes would mean switching ISPs at the same time. A shame that AOL doesn't make this kind of information more easily available.

Re:Congratulations!

AOL cracks have been in existence for over 10 years now (way before AOL was even on the internet, or called AOL). As it turns out, AOL started with a lot of security through obscurity (they used to trust the client for a lot), and as a result, there were holes galore. One crack a couple years ago realized that you got internet access before you actually logged in, and for a while people were getting free internet access without signing up again every 30 (now 45) days (like those of us with a little more fear of jail time do).

In any case, yes, releasing the protocol might uncover some additional security through obscurity holes, but in the end they can always be plugged up, just as they have in the past.

Re:Congratulations!

Things that are proprietary are not always bad. Windows 95/98 used a proprietary IP stack, but you could still share a connection, use said connection with other programs besides IE, etc. It's when proprietary things severely (in our minds, our meaning tech geeks) limit what you can do beyond the realms of "reasonable use" or whatever you want to call it. I hope that answers your question.

Illegal Activities?

Wouldn't this be considered illegal under the DMCA, since they reverse engineered AOL's proprietary protocol? If AOL had meant for it to be public, then they would have put it out themselves.

Re:Illegal Activities?

I think that would only count if AOL claimed to be secure. That would be one interesting legal argument.

Re:Illegal Activities?

I wonder if "intentionally obscured" is the same as "encrypted" in the eyes of the DCMA

You mean using Double Rot13 for an extra layer of security?

Re:Illegal Activities?

it may be illegal, but not under the dmca because it doesn't involve bypassing encryption to get to data; it's just reverse engineering. if the software has a reverse engineering clause there might be problems.

i liked timothy's comment that people who use aol may shy away from bsd or linux because they wouldn't want to switch isps. having seen the aol interface and met aol users, i doubt any aol user would honestly USE linux. at best a couple might try the install, but go back to using windows.

Re:Illegal Activities?

Wouldn't this be considered illegal under the DMCA, since they reverse engineered AOL's proprietary protocol? If AOL had meant for it to be public, then they would have put it out themselves.

No. Reverse engineering algorithms protected only by copyright is always legal. DMCA makes it illegal to circumvent or reverse engineer copyright protection schemes. There is no evidence anything of the sort has been done.

Re:People sticking with Windows because of AOL?

I know people who actually use the words "I like AOL" all together in one sentence.

Hey now, wait a minute!!! You're stepping on my toes, now. I use those words together in one sentence all the time:

"I would like to see AOL ripped into tiny pieces and thrown into the Seven Seas."

Cat and mouse games

How long until they make an arbitrary change that breaks all the "new" clients? While I don't understand why they'd care (the customer is still, in theory, paying for the service), the fact that they've kept it secret for so long makes me wonder if they'll let this slide. Not to mention their annoying policies regarding the AIM client (how many times did they break everybuddy?)

Re:Cat and mouse games

The reason they won't let this slide : not all of AOL's revenue comes from subscription. They have lots of ads. And alternate clients could nix the ads, hence no ad revenue.

Re:Cat and mouse games

Uhh, the ad disabling is built into the AOL client. Go look under preferences. They're only on by default.

Re:Cat and mouse games

Not if you figure out the AOL auto-updating mechanism as part of the protocol. Then, the only way they can lock alternatives out is to actually force everyone who is on AOL 2,3,4,5, and 6 to upgrade immediately. That isn't ever going to happen.

I Thought The Main Benefit Of AOL...

...was keeping AOL users ON Windows? Now they can spread....

AOL on linux

AOL on Linux.

Isn't that like having a red neck teach physic's at MIT?

Well, that seals it

Finally, I can get onto AOL using Linux! I'm installing it as soon as I get home!

Seriously, I don't know why whenever something gets posted on /., the sentiment "Finally! Now the average user will use Linux!" has to be used. The simple fact is that the average user isn't savvy enough to use it, and there is a large group of users who ARE savvy enough to use it, but find setting it up to be a big headache.

America Online isn't going to be Linux's killer app.

(ducks behind asbestos wall)

AOL Runs on Linux also.

Uh, AOL runs on linux also, think Gateway kitchen device, think Playstation 2. It's there, it works, they've shipped. You just can't download it yet.

But I would go as far to say that the type of people who like computers very simple, and very task oriented wouldn't want to install Linux on their desktop for more than one reason.

1) maybe AOL
2) their computer likely came with windows and installing a new OS is beyond their skills
3) linux desktops are still not dumbed down enough. Come on, TiVo is easy to use, my playstation 2 is easy to use, why is my computer so hard?

Joseph Elwell.

Silly Rabbit!

I suspect a fair number of people never try Linux or one of the BSDs because they're moderately happy with AOL as an ISP, and switching OSes would mean switching ISPs at the same time. A shame that AOL doesn't make this kind of information more easily available.

Probably very few people using AOL would consider playing with *nix. If you're playing with other operating systems, you've probably already outgrown AOL. You're not burning ISOs from Redhat that you downloaded via AOL/dialup. If you're on AOL, you're happy and content and most probably don't want to be switching ISPs or playing with a new OS. Besides, just because you're on a new OS, doesn't mean you have to get rid of your M$ partition and AOL as your dialup. People can explore the goodness of *nix on that old computer in the closet they feel bad about donating to the Salvation Army.

The AOL protocal was a nice reverse engineering hack. Nice work fellows. AOL didn't make it more freely available because it was a proprietary technology. They'd prefer to keep it to themselves or license it out.. otherwise they would have used a published standard.

=steve

Re:Silly Rabbit!

The AOL protocal was a nice reverse engineering hack. Nice work fellows.

Hear, hear!
Look:
There is nothing wrong with a cool hack, made by hackers, that is solely of interest to other hackers, and that maybe even impresses your hacker friends.

This is all Just For Fun, people... never lose sight of that!

Re:Silly Rabbit!

no - but how many people leave their system booted into windows, since their SO, mom, whatever doesn't know how to:

# sync
# sync
# /sbin/shutdown -r now

If they could just click on a pretty AOL icon on the linux desktop, a lot of linux-users might drop their windows partition entirely.

it's all about advertising

when you have to use aol's software to log in to aol, you have to look at the ads and crap that they want you to look at. aol is just one large, happy advertisement. with the possibility of being able to log into your aol account without having to use their software, they'll lose some of that advertising exposure, which means that yes, they will have kittens over this. whee.

Not a big user group overlap..

I suspect a fair number of people never try Linux or one of the BSDs because they're moderately happy with AOL as an ISP ...

Let's face it, the reason that AOL and Linux don't mesh isn't because there's no AOL-Linux interface. It's because people who use AOL use it for a reason - it's got a happy, friendly, push big rainbow colored buttons, don't-cut-yourself safety-scissors interface. Love 'em or hate 'em, it's what they do well - an interface so simple that even grandma can use the demon box.

Linux is still, even in its most user-friendly form, a system that requires you to get some dirt under your fingernails while you use it. It's still a power-user OS.
There just simply isn't a big overlap between the types of people who use AOL and the types of people who traditionally run Linux.

Re:Not a big user group overlap..

There just simply isn't a big overlap between the types of people who use AOL and the types of people who traditionally run Linux.

Everything you say is true (I did't quote your entire post, but I mostly agree with all of it). There is one point you and many others overlook: @Home is bankrupt. What will thousands of Linux users do when their always-on, high-speed ISP goes away and is replaced by AOL? Switch to Windows? Perhaps so, either that or go back to a dial-up ISP. If I were faced with that choice, I'd prefer to figure out how to make AOL work with Linux. Or rather, figure out how to make Linux work with AOL. There may not be much overlap between Linux users and AOL subscribers now, but in the near future there may well be quite a bit of overlap as the "types who traditionally run Linux" are given few alternatives.

Unless you think it might be easer to get MSN to play with Linux.

Making it available means lost revenue

Actually, it doesn't surprise me that they don't make it available. If they release that information, they lose an edge they have on joe average as an entry level computer user. How many times have you talked to someone who wanted to show you something that was on the 'internet' and in reality, it was something that was on a section of AOL? AOL has done a really good job of making a 'controlled' section of the internet we're they control the information. By having only one style of software they have more control also. Would YOU just want anything to connect to YOUR server and have authorization privleges? Of course AOL is very much based on server side scripting, and a butchered version of html. All aol sections are addressed with an aol://xxxx:xxxx:asdgfsadgas type link... a mix of alphanumeric strings, etc. Essentially it's THERE style of html distributed through a browser.

But in the end the bottom line is profit. You don't want to allow people to get onto the internet where you can't 100% control what the first thing they see is. AOL gives the illusion to first time joe averages that it IS the internet. My mom spent months on AOL without even using the actual internet and she thought she was on the internet. It's marketing genius. You control their access, you control the way content is shown, you give them places to spend their money and control the ways they communicate. Everyone does it the same way, so everyone is having a similar version of their own experience...
The AOL designers aren't dumb IMHO, sure it's not the service that I want as my ISP, but when it comes to marketing, they know what their doing...

For awhile they were going to make it so you could use them as a 'traditional' isp using Dial-up, but I don't think that anything really ever came of it.... I guess AOL users just like hearing 'WELCOME, YOU'VE GOT SPAM, (I MEAN MAIL)...'

This will not get AOLer to Switch OS's

This will not get AOLers to switch OS's. Most AOLer's are very paranoid about any change to their computer.

They fear that the change they make will kill their expensive toy and force them to go talk to a more computer literate friend who will once again berate them for using the most expensive ISP with the worst service.

What this will do. (maybe) is covered by point 8

8) Common Sense

Ok, most of you have probably stopped reading by now. But I need to make a point.

The only reason that the information above is not already widely available is because of the fear of abuse. Putting this information in immature hands is dangerous. Some people believe that if it gets out, the walls of the America Online service will come crashing down as things like faster mail bombers, spammers, IM bombers, and cloners begin to immerge. It may very well be impossible to enter a chat room without being so lagged by scrolling, IMs, and emails that you cannot even stay connected. I don't personally believe that though. Due to the complexity of these packets, it is far harder to use even copied source of this than to use copied source of the infamous "AOL Progs" that eventually died out. If you are learning from this document, I implore you to use common sense in your use of this information.

I suspect that this doocument will be the source from which nasty new AOL hacks will be based. And now that it is out it is in very immature hands.

Not that it matters to me because I don't use AOL

Finally!

Public recognition of Visual Basic as a programming language by the /. crowd! Millions of Microsoft programmers, no longer afraid to talk about work at cocktail parties!

Re:Finally!

The only reason you aren't publicly beaten right now is because of the political climate and the promotion of tolerance towards those that are different, regardless of how stupid they appear to be.

Personally, I think we should declare a war against VB programmers after the war on terrorism is over.

What about mail?

In my opinion, logging on and enjoying AOL's so-called services was never 1/10 of the problem as their stupid crappy propritary mail system.

Back around 1996 or so, I was part of an AOL beta program that released a MAPI interface for AOL mail servers. IE, you could add the AOL mail server to your Outlook config and download your AOL mail right into Outlook.

Of course, the AOL exec freaked out when they considered how many eyeballs their advertisers would lose if everyone uninstalled the AOL client and kept their mail via Outlook. So the program was canned, and I was unfortunately too short-sighted to save a copy of that MAPI tool before the area was closed down.

Ever since, I've been trying to get my sister/parents/grandparents off AOL. Not to mention that AOL never supported Windows NT because they couldn't figure out how to install their stupid AOL Adapter TCP shunt thing. So for years my relatives were forced to run a crappy 16-bit (Win 3.11) version of the AOL client for the sole purpose of checking e-mail.

AOL's mail service is terrible but a lot of people don't want to change their e-mail addresses. If you really want to do a great services to help newbies move beyond their AOL shackles...please, I implore you:

A) Reverse engineer the AOL mail protocol so that external programs can at least READ AOL mail (sending, unsending, and AOL custom features are optional)

B) Reverse engineer the AOL mail database (local copy of stored mail) so that it can be imported into another program.

Even after I got a couple family members to switch over to Hotmail, they still have to use the AOL client to read their old mail. It's that or save it all as flat text and lose all the important header information.

Also, a bonus to reverse engineering the AOL mail database would be the ability to sync mail with your Palm. The AOL client for Palm is 400KB and can only dial-up, not sync.

Please post reply if you know of any project working on the AOL mail/database formats. Thank you!

- JoeShmoe

Re:What about mail?

A) Reverse engineer the AOL mail protocol so that external programs can at least READ AOL mail (sending, unsending, and AOL custom features are optional)

It's just a set of IMAP servers. There's no secret about it. If you use Netscape 6.x, it gives you the option to set up an account to retrieve your AOL mail, and it does this by setting you up to do it via IMAP.

imap.mail.aol.com

(Yes, I'm an AOL employee)

Re:What about mail?

Not to mention that AOL never supported Windows NT because they couldn't figure out how to install their stupid AOL Adapter TCP shunt thing.

AOL 5 runs fine on NT 4.0. AOL doesn't support it, but it works. The last time I called their tech support (last Spring,) they said they'd have a specific NT client out by now. I haven't seen it and don't know that the world really needs it since AOL 5 works fine. I also bitched about the lack of a Linux client and the support person told me that they thought one was going to be released, but I haven't seen that, either. I figure it's either vaporware or someone changed their mind.

AOL's mail service is terrible but a lot of people don't want to change their e-mail addresses.

AOL is also one of the few IPs who allow multiple users per account (although only one can be signed on at a time.) With five people in my house (all of whom have e-mail accounts,) I'd pay $100 per month for separate unlimited access accounts for everyone. With AOL, it's just $23 per month. Pure economics. Another reason for AOL accounts is their great worldwide POP network. We keep several AOL accounts for traveling salespeople and executives because we know they can find a local POP to dial into from just about anywhere they happen to be: London, Munich, Mexico City, and almost anywhere in the US. It beats the heck out of paying ruinous hotel long distance charges, or the '800' AOL line surcharge. And really beats the crap out of talking a marketing manager through whatever weird TCP/IP setup a local provider in Back Woods, Ontario needs for a local ISP connection over the phone on Sunday evening. :)

Finally, you no longer need the AOL mail client to send/receive AOL e-mail, you can use practically any web browser. Just point to www.aol.com and sign in to your AOL account, then click the mail icon. Presto, you're there. It's all web-r-ized. Webbified. Whatever.

Why do you think that is?

A shame that AOL doesn't make this kind of information more easily available.

A large amount of AOL's income is from advertisements. You're bombarded by them from the second you sign on, in every window you open, till you sign off. Salon might have adopted the mandatory ad viewing my friend, but they didn't invent it. AOL has been using these for years. Subscribers are forced to view several ads of "special offers" before they can even begin to navigate through the "service." It's like playing Where's Waldo trying to find the Close button on some of these windows. AOL doesn't want third parties designing software to be used on their networks because it would be detrimental to their advertising income. Fewer members using their software translates into fewer eyes viewing their ads, which reduces the value of their ad space. It's a safe bet that AOL will do everything in its power to ensure that people continue to use its software.

AOL has one good feature

As a single person without children I've never had any desire to use AOL, but I know lots of AOL users. There is at least one good reason to use AOL. Years ago internet access was $20/month and that gave you one email account. Meanwhile, AOL gave allowed you to create many accounts. Which is the better choice for a family with several children? One account shared between mom, dad, and all the kids, multiple accounts with some (possibly outrageous) surcharge per POP account, or one AOL account with lots of screen names?

Even now, most ISPs will give you a couple of POP mailboxes for $15-$20/month, but few if any provide the ease and convenience of creating new "screen names" that AOL provides. Try telling a 12-16 year old girl that she can't change her screen name to avoid some pre-pubescent geek who's harrasing her via email.

Here's the simplified version:

Here is the simplified version of the protocol:

void AOL()
{
while(connected)
{
send_advertisements();
monitor_browsing_habits();
monthly_fee++;
if(bandwith_to_spare)
send_internet_data();
}
return;
}

This doesnt solve the problem . . .

A bunch of clone clients have been trying to get hooks in for years to no constructive end because AOL actively tried to BLOCK other clients from connecting. If I remember correctly Jabber and MSN had it working for a while until AOL forced them out by altering the protocol. Most lately I believe they've been doing it with executable checksums. We might have figured out the protocol, but theyre just going to change it up again as soon as foreign clients start connecting in large numbers.

Some old coverage of this [zdnet.com] can be found at ZD. Theyve got a whole site called "InstantMess" that talks about how AOL refuses to discuss an open format because they want to lock users into their app.

Recently Trillian (www.trillian.cc) [trillian.cc] has succesfully done it. I think they got around it by using whatever method the JAVA aol clients (AIM express, Quickbuddy) [aol.com].

Id love to see an open standard, but without AOL on board its useless. Its sad really - that the unwashed masses are dictating the standard for the rest of us.

ROck On

I can't wait for the first Linux-client. Why?

The only thing about AOL that's worth anything are the chatrooms. Unlike IRC, you can actually meet real, low-self-esteemed, fat chicks who'll put out for anyone willing to pretend to listen to them whine about how no one likes them.

I'd better stock up on condoms and twinkies, big dog is gettin' let out of the house...

This is gonna rock.

(710)123-4567 is my phone line.
(456)123-4567 is an AOLnet dialin. Numbers mutilated to protect the guilty, of course. A few years and many many area code splits ago, we were all one code. More than a few lusers are confused by Windows' concept of "dialing location" and area code settings, and apparently more than a few of them are AOLers.

I get silent phone calls all the time, sometimes several in a row. Without fail, if I answer with a carrier, they connect.

Sometimes if I send "login:" they talk back. I've never bothered to get farther than that.

I've long dreamed of hacking up a barebones AOL emulator, just enough to push them a page that says "You dumbass, your area code settings are fux0red!" and then play some fart noises before dropping them.

Yeah, this is gonna rock. Not only do I get to fuck with their heads, but I get a free supply of AOL l:/p: pairs delivered to my desktop! Never know when those might come in handy.

Re:This is gonna rock.

Why do I see a lukewarm future among kiddies of "number squatting", getting personal phone lines that're similar to national ISP dialins except for the area code?

I also wonder about the legality of such a practice. The users are placing the call, right? I guess it depends on how different AOL's login procedure is from something standard. "No, Your Honor, that was my personal login so I could access my computer from my friend's house." Compare to the tone-detector that lets you use a redbox to turn appliances on and off.

Linux and AOL can fit.

Even though AOL is not targeted at the Unix/Linux user. There could be good reasons why a Unix/Linux guy could want or need to use AOL.

1. There are many kids out there who want to learn Linux and are allowed to setup a duel boot systems. But their parents are paying for AOL as an ISP and will not switch. So not at least they can switch the os and pay for one ISP.
2. Emergancy Internet connection. Every once in a while your Internet connection goes down at the ISP level and you need a quick short term internet connection. Hay AOL give 1000 hours free internet for a month. And if you like me there are hundreds of those CDs with trial passwords around. It is tempoary free internet. Hey it may suck but it is better then nothing.

3. Simular to #2 many new computers come with a year of Free AOL. You got the computer at a good price why pay for an other ISP when you can get AOL for free for a year.

4. AOL only services. AOL has some services that other ISPs dont have. Although they are ways around them but sometimes they may be covient.

5. The @AOL.com E-mail address. Those are easy to remember for most people (becasue they use AOL). And with the e-mail they can find your IM name quicker.

I dont directly use AOL (I use RoadRunner own by AOL/TimeWarner) nor do I ever want to use AOL. But I just wanted to state they there are reasons why a UNIX/Linux person would want access to AOL. and they are people who can use Linux who dont care much about the proper geek way, they just want a good OS, or just to try something new. To say that All AOL users are Unix Ilerate or will always be that way is a gross overstatement.

PDF Format

Here is the file in PDF, rather than "write" format:

http://www.flyingbuttmonkeys.com/mirrors/The-AOL-P rotocol.pdf [flyingbuttmonkeys.com]

Reasons for AOL on Linux

Amazingly, I'll put myself in the catagory of people who could use a Linux AOL client. Why?

1. Because I'm a poor college student who's parents are still on AOL. Why pay for a second ISP when there's one available? Linux isn't a solution for them, but if I could dial up from the Linux Box in my room (Linux on the second cheap computer? I have the second cheap computer!), that'd make my life simpler.
2. Who wants to reboot to a Win/9x partition, connect, DL kernel patch, reboot to linux partition... etc...
3. Remember that AOL offers a nation wide network. So these days, that's nothing new. But think about moving every few years, and doing this six years ago. Want to hunt up a new ISP every time you move?
4. If you've managed to keep an ISP (and e-mail address) for a few years, would you want to go through the hassle of chainging? There are alot of long time AOL users who cling to AOL just to keep their e-mail addresses. As they grow more comfortable with their computer they may even grow towards Linux. Being able to keep your ISP would make that decision easier.

It's not about converting windows users to Linux because now they can keep AOL (though I think you may see some of that). It's about letting power users simplify thier life. (Single ISP for both the kids running windows and parents running linux (or the other way around!))

Another possible effect could be an "Offical AOL For Linux". Which would be easier and less stressful in the long run, continually fighting off the third party connections, or writing an offical port to get people away from third party connection software?

Really...

How many self-respecting Linux users would want to use AOL? Granted, there is a small appeal in saying "Hey i got AOL to work on Linux," but I imagine it would sorta wear thin after a minute or 2.

Opening the AOL protcol and terrorisim legislation

Better be careful. AOL may consider any unauthorized use of their servers as computer trespass - even if you are an AOL subscriber. (They can say via license "you are only authorized to use our servers using OUR software.")

Thus, this information is aiding and abetting computer trespass. Slashdot and the authors may be liable retroactively under the new terrorism legislation (depending on the scope of the hacking provisions) with mandatory life sentences for giving aid to terrorists.

By advocating an open AOL client for linux, given AOL's licensing terms, you are trying to change intellectual property policy, thus are "trying to change government policy through computer trespass" under the PATRIOT act, USA act, or whatever they are calling it now.

While this scenario seems crazy, keep in mind that this is literally within the scope of (some versions of) the terrorism legislation.

Conclusion: "You've got jail!"

finally!

/dev/aol anyone?

AOL users discouraged from switching?

So, here's the premise. AOL isn't available on Linux or BSD, therefore people who are happy with AOL but considering switching to Linux/BSD would not switch, because AOL isn't available.

There's just one problem. How many AOL users are even aware of the mere EXISTANCE of Linux/BSD? The people who use AOL when there are other options available are the same types of people who use Windows simply because that is what is loaded onto their computer when they bought it. The vast majority of AOL users aren't going to bother to find out whether other OSes would be good for them, considering that they haven't bothered to see whether ISPs are better.

-Jenn

AOL is just a modified PlayNet protocol

The AOL protocol described is a modification of the old (1984) PlayNet error-correction and data communication protocol I devised (with some input from Steve Bohram, but it was mostly my design based on the Tannenbaum networking book).

CRC-16 was used because modems (300 baud) didn't have any error correction, and we could use tables to process the data 16 bits at a time without using too much memory or CPU (the servers were 12MHz 68010's).

Packets all ended in hex 0D because we were using Telenet and Tymnet X25 dial-in pads in line-buffered mode, because we were charged by the packet. We also munged the other fields to avoid 0D (that may be gone now). Also, they were limited to 256 byte lines; thus the length byte instead of something longer.

Bytes 6 & 7 (which the author doesn't understand) are sequence numbers used in the sliding-window error-correction protocol.

The two-character ASCII prefixes were the actual message types for data packets, and were the input to a multi-tasking state-machine language. EM for example was (IIRC) part of email, perhaps to turn on the 'MAIL' icon. (I forget all the codes, I'm afraid).
Z on the front seems to be an AOL addition.

I was at PlayNet from Feb '84 to Feb '86 (when we declared bankruptcy). AOL licensed the PlayNet software from us for a song when we were running out of money, and rebranded it QuantumLink (and made minor mods, many of which we did for them).
PlayNet ran out of money in Feb '86, though the service continued to remain up for the 1500-3000 subs for another year or two.

PlayNet got a cut of AOL gross revenues until they finally wiggled out of it right before launching America Online (a port of the software to the PC with considerable enhancement), at which point PlayNet's bankruptcy was closed.

The servers were Stratus fault-tolerant machines, and as of 3 years ago they were still using them.

They didn't manage to change the 10-character limit on usernames until a few years ago. That limit was because of the 40-character width of the C64 screen, a ',' between each name, 16(?) characters for the room name plus a space, and we wanted N (12? 15?) users in a chat room. The result was that there were 10 characters available for the username.

The algorithm in AOL for selecting usernames that resulted in JohnQ12345 was also part of the old PlayNet (server) software. Also the default initial passwords for "marketing" accounts (i.e. the free disks) of "word-word" is another thing thought up over lunch at PlayNet that still hasn't changed.

Many things have been added & changed - but far more than I ever expected remains the same. I figured they'd dropped the ECC protocol ages ago.

-- Randell Jesup

AOL now sucks less

Well AOL the company isn't so hot because they didn't give away this information. However the main reason that AOL stinks as an ISP is because in order to connect you have to load this enourmous hog of a program into memory. With a normal dial up isp you use dial up networking, and with a NIC you load nothing. If we could write a very small program that simply connects to aol and establishes an internet connection, that would be fantastic. People could still use AOL, but it wont suck, as much.

Alternate Clients

I keep hearing people say that the reason there are no alternate AOL clients is that AOL changes the protocol if it decides people are using alternate clients. However, as far as i can tell, the only way AOL can see what client you are using is through the identification packet that is sent during logon. If the client is designed to properly fudge the identification, AOL would never know, and in fact they'd think you were using a plain old AOL client.

Can someone please tell me if i understand this properly?

Places this could be useful

This spec could be terribly useful for anyone who wants to write a program to migrate a user's e-mail (or even their settings, etc.) to a new service.

Or better yet -- think about this: with this spec, an AOL module could be written for fetchmail. Suck down the mail from that old AOL account and deliver it via SMTP. Cool, eh?

They used to license the AOL protocol

Back in 1995, Claris introduced Emailer [macemail.com], a Mac e-mail client application that could retrieve AOL mail, along with many other kinds of mail accounts. Development was continued on it for about 3 years or so, but it became an orphan when Claris became Filemaker, Inc [filemaker.com] and divested itself of non-database products. It was neglected and finally end-of-lifed by Apple in November 1998 at version 2.0v3. Most of the team that created it went on to develop Outlook Express for the Mac, which does not do AOL mail because AOL decided to stop licensing out the protocol. I can only assume that AOL realized they could make more money by forcing everyone to use their shitty built-in mail client and bombarding them with paid advertisements the entire time, than by licensing out the protocol to other software companies creating clean, elegantly-designed mail clients.

Six years later, Emailer still works great on Mac OS 9.x, and the original developers do not believe it should break under OS X. I still use it (as do a lot of people) and I still think it's the best mail client I've ever used, because it doesn't do HTML mail. Nothing but pure, speedy text.

~Philly

Screw the Client, write a new Server

Grossly overlooked in all the posts I've seen so far is the fact that this also will allow you to write a new AOL server. So you could piggyback on AOLs carpet bombing of free CDs by having people just dial up a new number, and get GnuAOL.

AOL version 2.5?

This document reveals the "secret" protocol of AOL version 2.5. Version 2.5 was released eons ago. The protocol has probably changed a lot since then, since AOL's current client is on version 6.0.

In addition, this document must be eons old as well. Who claims this is a new document? Why would anyone bother with deciphering AOL version 2.5 at this point? This is ancient info.

Open Source Linux AOL client exists.

This has all been done years ago. Check out www.pengaol.org [pengaol.org] it's in french, but there is an english version also. PengAOL is under active development. There are a few others that were under development a few years ago, but are no longer around. There is not much as far as an interface to aol areas yet cause would need to interpret FDO script language, but they will allow you to establish an internet connection with your aol account from linux.

If you want more info from other sites, just use this google search [google.com].