The America Online Protocol Revealed

Gods Misfit writes "The America Online protocol(Connecting, Logging In, Joining Chats, etc..) has remained a mystery for most of its life. The only way one could log into their AOL account was via the AOL software. A few months ago, some people set out to break down the AOL protocol and open the door for alternative America Online software. This document is the result: The AOL Protocol. A sign on example for Visual Basic programmers has been written and is available here." I suspect a fair number of people never try Linux or one of the BSDs because they're moderately happy with AOL as an ISP, and switching OSes would mean switching ISPs at the same time. A shame that AOL doesn't make this kind of information more easily available.

Gaim

[peter_gzowski]

I don't know about the ISP protocol, but people have cracked the AOL Instant Messenger protocol, so you can use AIM in Linux (along with various other protocols, it's fantastic). It's called Gaim, and it's available over at Sourceforge (link here [sourceforge.net]). Happy chatting!

Re:Illegal Activities?

[Purificator]

it may be illegal, but not under the dmca because it doesn't involve bypassing encryption to get to data; it's just reverse engineering. if the software has a reverse engineering clause there might be problems.

i liked timothy's comment that people who use aol may shy away from bsd or linux because they wouldn't want to switch isps. having seen the aol interface and met aol users, i doubt any aol user would honestly USE linux. at best a couple might try the install, but go back to using windows.

Re:A Text File woudl be nice

[gorillasoft]

Have an HTML version of it...
http://www.accs-net.com/hosts/theaolprotocol.htm

Re:Making it available means lost revenue

[Traicovn]

Well.... The AOLSERER is it's own version of http, however it can issue both the mal-adjusted AOL-HTML and standard HTML pages. Content within AOL is programmed primarily in a butchered version of AOL with a combination of standard html tags and proprietary HTML tags. It's got a little bit more XML in it now, but it's still got a strong backing in plain HTML. The AOL Client relies on MSIE being installed to help it display content, but is not 100% reliable on it. AOL cannot function 100% alone without IE if I remember properly, but it can do quite a bit.

So you are correct about it's own version of http, but they do display content in a 'modified' version of HTML too. If I remember properly they use a little bit of Java Script, and some of the code that distributes content is PERL....
:)

Re:Illegal Activities?

[blakestah]

Wouldn't this be considered illegal under the DMCA, since they reverse engineered AOL's proprietary protocol? If AOL had meant for it to be public, then they would have put it out themselves.

No. Reverse engineering algorithms protected only by copyright is always legal. DMCA makes it illegal to circumvent or reverse engineer copyright protection schemes. There is no evidence anything of the sort has been done.

Re:Why do you think that is?

[Skynet]

A large amount of AOL's income is from advertisements. You're bombarded by them from the second you sign on, in every window you open, till you sign off. Salon might have adopted the mandatory ad viewing my friend, but they didn't invent it. AOL has been using these for years. Subscribers are forced to view several ads of "special offers" before they can even begin to navigate through the "service." It's like playing Where's Waldo trying to find the Close button on some of these windows.

Actually this is misinformation. There is a preference setting in AOL to allow you to turn off the Pop-Up ads. It's accesible from the preferences section of AOL, they just don't tell you about it. And why should they? AOL DOES make a lot of it's money from advertising.

The AOL experience is not all ads. I would venture to say it is about equal to surfing the Web the amount of ads per screen space encountered. If it were, 32 million people would not love to use it.

AOL doesn't want third parties designing software to be used on their networks because it would be detrimental to their advertising income. Fewer members using their software translates into fewer eyes viewing their ads, which reduces the value of their ad space. It's a safe bet that AOL will do everything in its power to ensure that people continue to use its software.

Agreed.

There *is* an AOL mail workaround...

[aquarian]

There is a work-around to AOL's proprietary email protocol. I think it's called e-netbot, and it works by connecting to AOL webmail, and downloading messages into Outlook Express. The program itself uses Internet Explorer components.

PDF Format

[1010011010]

Here is the file in PDF, rather than "write" format:

http://www.flyingbuttmonkeys.com/mirrors/The-AOL-P rotocol.pdf [flyingbuttmonkeys.com]

Re:What about mail?

[bkocik]

A) Reverse engineer the AOL mail protocol so that external programs can at least READ AOL mail (sending, unsending, and AOL custom features are optional)

It's just a set of IMAP servers. There's no secret about it. If you use Netscape 6.x, it gives you the option to set up an account to retrieve your AOL mail, and it does this by setting you up to do it via IMAP.

imap.mail.aol.com

(Yes, I'm an AOL employee)

There is one more client out there

[sulli]

Claris Emailer 1.x for Mac. It is the only email client I've seen that connects to AOL AND POP3. Still works today, though I haven't used it for more than playing with it in years.

Of course, I can see why AOL doesn't want people doing this - I used this mainly as a tool for migrating to POP3! I would check AOL email once in a while, and whenever there was anything other than spam (rare) I would reply to it from my POP3 account.

AOL/Time Warner vs OpenAOL clients

[smack_attack]

3-6 months - someone actually writes a fully functional OpenAOL client that people are willing to use.

+ 2-3 months - AOL figures things out, issues cease and desist letters, starts blocking OpenAOL clients.

+ 1 week - OpenAOL figures out new protocols (return to previous step as needed while Lawyers OpenAOL users)

+ ??? months - AOL finally wins in a DMCA case that no one cares about because by this time everyone is using DSL and realizes that AOL and is another weight throwing mega-corp.

Note: AOL will probably blow a LOT of money fighting this too, that's why this is so humorous to me... I look forward to seeing ideas like this show up on rtmark.com [rtmark.com].

AOL is just a modified PlayNet protocol

[jesup]

The AOL protocol described is a modification of the old (1984) PlayNet error-correction and data communication protocol I devised (with some input from Steve Bohram, but it was mostly my design based on the Tannenbaum networking book).

CRC-16 was used because modems (300 baud) didn't have any error correction, and we could use tables to process the data 16 bits at a time without using too much memory or CPU (the servers were 12MHz 68010's).

Packets all ended in hex 0D because we were using Telenet and Tymnet X25 dial-in pads in line-buffered mode, because we were charged by the packet. We also munged the other fields to avoid 0D (that may be gone now). Also, they were limited to 256 byte lines; thus the length byte instead of something longer.

Bytes 6 & 7 (which the author doesn't understand) are sequence numbers used in the sliding-window error-correction protocol.

The two-character ASCII prefixes were the actual message types for data packets, and were the input to a multi-tasking state-machine language. EM for example was (IIRC) part of email, perhaps to turn on the 'MAIL' icon. (I forget all the codes, I'm afraid).
Z on the front seems to be an AOL addition.

I was at PlayNet from Feb '84 to Feb '86 (when we declared bankruptcy). AOL licensed the PlayNet software from us for a song when we were running out of money, and rebranded it QuantumLink (and made minor mods, many of which we did for them).
PlayNet ran out of money in Feb '86, though the service continued to remain up for the 1500-3000 subs for another year or two.

PlayNet got a cut of AOL gross revenues until they finally wiggled out of it right before launching America Online (a port of the software to the PC with considerable enhancement), at which point PlayNet's bankruptcy was closed.

The servers were Stratus fault-tolerant machines, and as of 3 years ago they were still using them.

They didn't manage to change the 10-character limit on usernames until a few years ago. That limit was because of the 40-character width of the C64 screen, a ',' between each name, 16(?) characters for the room name plus a space, and we wanted N (12? 15?) users in a chat room. The result was that there were 10 characters available for the username.

The algorithm in AOL for selecting usernames that resulted in JohnQ12345 was also part of the old PlayNet (server) software. Also the default initial passwords for "marketing" accounts (i.e. the free disks) of "word-word" is another thing thought up over lunch at PlayNet that still hasn't changed.

Many things have been added & changed - but far more than I ever expected remains the same. I figured they'd dropped the ECC protocol ages ago.

-- Randell Jesup

http://www.bozilla.net:8080/theaolprotocol.txt

[nocomment]

here you go
www.bozilla.net:8080/theaolprotocol.txt [http]

Re:A Text File woudl be nice

[gweihir]

Save as WRI, cut of first and last lines in a
binary capable text editor (e.g. emacs).

Optionally use "dos2unix" and "fmt -78" on the
result. Makes readable ascii.

Re:What about mail?

[Anonymous Coward]

are they filtering non-aol ips? i can't get in

Re:Cat and mouse games

[Trepidity]

Uhh, the ad disabling is built into the AOL client. Go look under preferences. They're only on by default.

Open Source Linux AOL client exists.

[llzackll]

This has all been done years ago. Check out www.pengaol.org [pengaol.org] it's in french, but there is an english version also. PengAOL is under active development. There are a few others that were under development a few years ago, but are no longer around. There is not much as far as an interface to aol areas yet cause would need to interpret FDO script language, but they will allow you to establish an internet connection with your aol account from linux.

If you want more info from other sites, just use this google search [google.com].

Re:Illegal Activities?

[Defector!!!]

Yeah, the DCMA specifically makes an exception that allows for reverse engineering. Check here: http://www.loc.gov/copyright/legislation/dmca.pdf
for some more info and a short (well, 20 pages) summary of the DCMA. Oh, and teh reverse engineering thing is on pg. 4 of that PDF.

Re:it's all about advertising

[Kinetix303]

Obviously unresearched. You can turn off ad receiving in AOL prefs. Don't see why this got modded up to 5.... it's blatantly wrong.