Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Better and Cheaper Than IPTV (github.com/stupside)
231 points by xonery 11 hours ago | hide | past | favorite | 64 comments
 help



For a no hacks alternative, I built TV Explorer. It puts the channel's published HLS stream into your browser with no interim steps. Uses the public GitHub list of more than 10,000 free channels.

https://tvexplorer.live


That is an unbelievably slick thing that you've got there.

It feels very light-weight, it's approximately instantly-responsive. Back button works. I don't understand the stats (or my contribution to them), but whatever.

(the closed-captioning pop-up causes some overlay issues for me, though)

moar edit: Upon further review with my very not-special desktop box, I'm reasonably confident that this is the quickest, most-responsive "TV-watching" experience I've had since analog NTSC left the scene ~eons ago. It's fast like switching from channel 11 to channel 13 used to be with the very quickest and most well-behaved of tuners.

What aren't you doing that everyone else is doing?


> What aren't you doing that everyone else is doing?

Seems to be the fact that there's no advertising, tracking or other SDKs and the entire JS is contained in two files.


I think https://tv.garden/ has more channels than your especially if i look at Japan

Seems to depend on the country, tv.garden has nothing in Namibia, for example

Both of these are amazing

This is incredible! It loaded so fast on my mobile and I’m able to watch channels from all over. Amazing stuff man. It requires a thread of its own


This as a Jellyfin plugin would be awesome!

very cool. How would have this on actual TV? Load it in the built in browser?

Just stays on the loading screen for me (Safari, iOS 26).

Same here. I wonder if it's hugged to death?

This is fantastic, as others have said. Could you talk a bit about how it's so wonderfully fast?

This is such a high quality TV viewing experience, I really love it! Amazing work!

Love it

This situation where bots have to run a headless browser in a new profile is just stupid. Can we have the old internet back? Please? Cloudflare you're not stopping bots, you're just wasting effort on both sides while siphoning access logs and passwords to the NSA.

> I built it because I couldn't cast web video from my laptop to my TV: no Chromecast, no AirPlay.

Looks like Claude built it.


Claude helped me out for sure, i'm not a DLNA or FFMPEG beast, but i solved a problem I had and that's what matters. If it solved a problem you have, even better.

I'm pretty sure it was built by a compiler, using libraries provided by Google and others. Until Claude can directly output machine code packaged for distribution, it's just another middleman between the source of intent (the human) and the final deliverable.

</sarcasm, mostly>


You're absolutely right and let me be honest about the honest load-bearing smoking-gun you point at.

That's the core tension — and you're right to call it out! Let me walk back my claims.

Immediately worked for me on a simple Samsung bought 15+ years ago.

What's the best way to use it, write your own search to parse all the json pages https://vsembed.ru/movies/latest/page-1.json ?


Usually piracy software tries to maintain a little plausible deniability, but here this is suggesting it will help you stream this weekend's newly released $250m blockbuster.

I suppose it searches your configured sources for that movie and comes back "not found"

Stremio does this. Stremio is a legal application that finds media from any configured plugin. You're supposed to add the illegal Torrentio plugin to automatically pirate media. By doing it this way, most development can take place in public.

A similar situation exists with the emulator Azahar and the illegal fork Azahar Plus which can automatically decrypt games.


the interface shows the top movies right now on https://www.themoviedb.org/

It could just be streaming the trailer.

Main use case

I mean I get it, but also it's funny that you commented this 5 minutes after you edited the readme[1] to add in the exact type of plausible deniability I remarked was absent.

[1] - https://github.com/stupside/castor/commit/847abd1ad0dbe893fc...


Shhhh...

I’m not against piracy but the initial pitch made it seem like it’s more purely for trying to cast streams embedded in websites that you already are visiting and/or have access to, of which do not “allow” you to cast, or for whatever reason only work on a laptop and not on something like AirPlay. But the LLM-slop description of “random websites” in addition to the option for a TVDB API key confuse me as to what the actual focus is here.

I thought the whole point of turnstile was that it detects headless browsers and it's supposed to be "difficult" to bypass. Apparently this just simulates clicking on the checkmark. Is it really that easy?

The point of Turnstile is to sell a warm fuzzy feeling of security to website owners, block Tor users who don't enable JavaScript, and convince website owners to give a copy of all their traffic to the NSA for free.

Actual security is barely relevant except to the extent that if it doesn't add any security, the NSA might get worried that people will stop using Cloudflare.

Fake security - number of blocked users, which Cloudflare calls "bots" regardless of whether they're people or bots - is used in Cloudflare marketing.


With the right simulated events, a headless browser becomes indistinguishable from a real browser without platform detection. It's not hard to figure out that these headless browsers are running a software renderer on Linux. In time, they're just going to have to detect Linux users and force them to fill out one or multiple challenges if workarounds like these keep getting used.

The checkbox is just a small part of what the checks are doing. It's monitoring everything the browser is doing and how the browser is responding to certain events up until you tick the checkbox, at which point it determines if you need one of those "are you human" challenges or if you can pass without interruption, based on how bot-like you are.


People have been automating WoW for a generation using things like peripherals duct taped to oscillating fans despite multi-million dollar budgets designed to defeat things far more sophisticated than this.

I would think of headless browser automation in exactly the same way you would about cheating in FPS video games. The red team always has the initiative and can win if they want to spend enough time and money.


> was that it detects headless browsers

> Apparently this just simulates clicking on the checkmark

Not just that. It also spoofs a bunch of browser stuff.

A standard headless browser will probably get flagged.


If you can make the browser pass all the other checks going on in the background, clicking the checkmark is all that's left.

Yes, kindof…

Seems to be missing some context. What is this used for? Piracy?

It's a CLI that lets you select a movie, finds a matching stream from streaming websites, transcodes it, burns in subtitles in real time, and tells your TV to play it.

Do I need to bring my own sources or is there a maintained list?

it comes preconfigured with three different illegal pirate sites.

You mean the streaming website source ? You can use the one present in the config.yaml of the project, it works fine.

I am not sure how this would help with piracy? It can only play a stream you already have access to, it doesn’t break encryption or anything.

The default config has a bunch of such sources: https://github.com/stupside/castor/blob/main/config.yaml

sources: - proxies: - "https://vidsrc-embed.ru" templates: movie: "/embed/movie/{itemID}" episode: "/embed/tv/{itemID}/{season}-{episode}"

  - proxies:
      - "https://1embed.cc"
      - "https://www.vidking.net"
    templates:
      movie: "/embed/movie/{itemID}"
      episode: "/embed/tv/{itemID}/{season}/{episode}"

  - proxies:
      - "https://www.rivestream.app"
    templates:
      movie: "/embed/torrent?type=movie&id={itemID}"
      episode: "/embed/torrent?type=tv&id={itemID}&season={season}&episode={episode}"

  - proxies:
      - "https://www.rivestream.app"
    templates:
      movie: "/embed?type=movie&id={itemID}"
      episode: "/embed?type=tv&id={itemID}&season={season}&episode={episode}"

You already have access to pirated streams. This app plays them for you. Check the source addresses in config.yaml.

It's an alternative way to cast media to your TV by way of somehow ripping the streaming video off said website or service.

I agree, is the use case any video stream other than big established ( which already support casting)... So... bootleg sports streams?

It casts whatever stream's on the page, same as VLC plays whatever file you open.

>Castor launches headless Chrome with a randomized fingerprint and stealth scripts to hide automation.

you lost me in there.


I work with browser fingerprinting, so I took a look at the repo to see what it actually does. From what I can tell, it only patches navigator, the Audio API, and the Canvas API. That is pretty basic, so it will likely get flagged easily.

Depends what you're trying to bypass. Cloudflare isn't as strict as Google.

Docker version on MacOS might not find your TV.

You probably have to expose it to do Upnp through the VM that is needed for docker on Macos.

Can this be used without a TV, lets say if I just want to play the streams with VLC?

I would hope it would do the "find and extract stream source" on the web page bit well. (This is quite hard on some sites). From there VLC can handle it.

I use "Web Video Caster" on Android to stream videos from websites to my TV. Free version is fine.


We're just throwing straight up piracy on HN now? We're vibing piracy now? Felonies via API?

Yes. Unironically yes. Except that it's a misdemeanor. It's a felony for the author of this code and for dang if he doesn't remove this post (distributing piracy tools), but it's a misdemeanor for the ones watching the streams.

Can you cast to a Roku device with this?

I tried with v1.4.1, TVs running Roku TV do not seem to be supported at this point of time, at least "castor scan" does not yield any results. Roku TV does support Apple AirPlay as an add-on as you probably know.

This is interesting, instead of a command line interface it made me wonder what an interface right on the tv could look like.

Comparisons to watching tv, are usually a TV interface, with a TV device/app, be it an Android TV/Apple TV, etc.

Maybe I'm missing it, I couldn't see a tv interface.

The part where it can send video to any kind of tv is a pretty remarkable piece.


It's also remarkably "old" in a digital sense:

  Digital Living Network Alliance (DLNA) is a set of interoperability standards for sharing home digital media among multimedia devices. Introduced 2004; 22 years ago.
* https://en.wikipedia.org/wiki/DLNA

  Google Cast is a proprietary protocol developed by Google for playing locally stored or Internet-streamed audiovisual content on a compatible consumer device. The protocol is used to initiate and control playback of content on digital media players, high-definition televisions, and home audio systems using a mobile device, personal computer, or smart speaker. The protocol was first launched on July 24, 2013; 12 years ago.
* https://en.wikipedia.org/wiki/Google_Cast

Old also in this case keeps TVs useful longer

- very stupid comment: i still have no idea what this project does even after reading the README

- can someone kindly explain what is the actual problem statement and what the author is trying to solve here?


You type in the ID of a movie and it pirates it for you



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: