Tried it on Chrome/Linux. Audio appears to be played through a flash plugin (noted since I have "click to enable plugins" set). Checking the debugger, the service seems to use HTTP Live Streaming/m3u8 with 10-second, 400k mp2ts chunks.
Digging a touch further, chunks are apparently encoded to 256-kbps AAC, and their URLs can be captured and replayed for up to an hour. Reconstituting tracks, then, is as simple as catting all the chunks together and running them through libav.
I'm sure there are much easier ways to make unauthorized copies of music, but this actually seems fairly unprotected, though obviously not 'open', since it's using a flash-based player.
Digging a touch further, chunks are apparently encoded to 256-kbps AAC, and their URLs can be captured and replayed for up to an hour. Reconstituting tracks, then, is as simple as catting all the chunks together and running them through libav.
I'm sure there are much easier ways to make unauthorized copies of music, but this actually seems fairly unprotected, though obviously not 'open', since it's using a flash-based player.