Apple's iTunes DRM Cracked?

joekra writes "The author of DeCSS is back in the spotlight with a new application called QTFairUse. The new application attempts to convert DRM'd AACs to non-DRM'd AACs on Windows machines. MacRumors has done some limited testing on it and has found it doesn't yet work as advertised... but they do offer a look into how it works."

QuickTime hacked, not Apple DRM cracked

[neonstz]

I read the comments on MacRumours, and basically this program is not an Apple DRM crack but a hack for QuickTime (windows version) which dumps the decrypted AAC stream to disk before it is sent to the AAC. This is done by patching QuickTime and writing the data in memory to disk. It is easy for Apple to change QuickTime to make this app useless, but it is nevertheless an interesting approach.

That said, it is certainly possible to reverse-engineer the decryption routine in QuickTime instead of hacking the application itself. It is just a matter of time.

Re:QuickTime hacked, not Apple DRM cracked

[Erioll]

It makes piracy a hassle for whom? Certainly not the pirates. They'll just go on sharing perfectly unenecrypted files.

DRM only inconveniences the people who are paying for their music.

Exactly. In reality, there are only a few types of people out there in terms of music, and piracy in general:

• Die-hard Piraters: These people will pirate whatever they can, from whatever source. They pay for nothing, ever, be it software or music, movies, etc. VERY legally Liable
• Convenience Piraters: If it's easy, and they think that the legal way of getting it is too expensive/inconvenient/restricting, they'll pirate stuff, but only at near-zero risk of getting caught. Only really liable to RIAA, and not worth pursuing.
• Non-pirates, but Hackers (us): Won't do it because their morals actually tell them that even if it IS easy, if there is NO chance of getting caught, it's still wrong, and so they don't pirate anything because of morals, but wanting to help the little guy too.
• RIAA and MPAA Lackeys: These people are the absolute angels to people like the MPAA and the RIAA. Do what you're told, buy our things at our terms, and we'll all be happy. Ya right, but they do exist, and at least they are safe from lawsuits (probably, but DMCAv2 and other things may make even the innocent guilty).

The first group are NOT in large supply, but do provide a fair amount of content you otherwise wouldn't see, like movies out before they are in theatres, cracked full versions of expensive software tools (almost any Adobe product), etc. These people are NOT going to be stopped by anything short of MASSIVE inconvenience to pirate something, or uselessness even if they did. CD Keys for Online Play are a good example of foiling these people, at least to a degree. Games that have MOST of their value online (Quakes, *Craft, etc) will lose relatively fewer players to piracy, since the CD Keys will keep the online stuff straight (for the most part. I know that there are workarounds, etc, but this is in general).

The Second group, of what I call "Convenience Piraters" is quite a large group. Most people who download music that they didn't buy fall into this catagory. They are also the group that is most easily targeted by Online Music Services like iTunes. Most times, the things pirated by them they see as not hurting anybody, and/or that it's overpriced anyways (music fits this perfectly). A moral discussion about this is a whole topic in itself, but most of these people don't see what they are doing as really "wrong", or else they probably wouldn't do it, because they are basically good people.

The Fourth group of Lackeys is self-explanatory.

US! Some of us sometimes fall under Convenience Pirates, but most of the time we don't. But most of us believe in Fair Use, and we make many great tools that let us use our LEGALLY obtained media and other things. MPlayer should be completely legal everywhere, as any other "player" should be. Same thing as DeCSS. The first group of rampant pirates use tools like DeCSS to pirate and hurt people, but people like us use them for playing our stuff, not distributing it to 100k people.

We are the most misunderstood group, but also often the easist to target with lawsuits, like Jon Lech Johansen with DeCSS, and recently with the iTunes crack. We want to use our legally purchased stuff however we want, and even though bad apples (that first group again) will misuse it, that doesn't mean that it should be illegal.

It is ironic how Sony went to bat for the consumer in the BetaMax case with VCRs, and is now on the RIAA's side for music. These companies need to realize that if iTunes distributed music in OGG format, that piracy would not go up much, if at all. People would be HAPPY with what they have, and any distribution of such files would be 100% illegal, with NO legal middle ground. (For those who don't know, in the early da

Re:QuickTime hacked, not Apple DRM cracked

[adrianbaugh]

That comment shows why DRM is nothing to do with fair use.
If you bought a DRMed track then fair use probably allows you to re-encode it as a non-DRMed track for personal listening on a machine that can't cope with DRMed tracks.
However, being able to remove the DRM from a file doesn't give you the right to redistribute the content (via kazaa or whatever) whether you bought the track or not.
DRM systems that can be rendered useless by the breaking of a single version of a single player application are useless as a means of prevention of the redistribution of copyrighted material - you can bet that if a vulnerable application exists the big-business pirates will get a copy of that application. As it stands the DRM on DVDs has been rendered useless; the DRM on Apple's AAC files may be about to be rendered useless; I wouldn't bet against Microsoft's WMA being broken at some point (it only takes one faulty version of Windows Media Player, remember). DRM has not, does not and will not prevent commercial 'piracy'; it just restricts the utility of digital media formats to the average consumer.
This is why, even back in the day, the DeCSS case[0] was so important. It demonstrated that DRM mechanisms were only as robust as their most fragile player application (and therefore, given that software is inherently buggy, fundamentally unsound as an honest business method).

Negative Impact..

[spence2680]

Hopefully this doesn't have any negative impact for the end users. It's always sad when the generic end user gets screwed because someone decided to hack/crack a product to give them additional functionality.

Re:Negative Impact..

[LittleBigLui]

quick, we better make CDs illegal!

Re:Negative Impact..

[Nucleon500]

What about DVDs? They were cracked, and DVD sales are just the same as before. When CDs were created, nobody expected equipment to rip and burn them would be accessable to consumers, and yet CDs are still around. Audiocasette recorders caused legislation reinforcing a consumer's right to make personal copies. There was legal controversy about the Xerox machine, and about player piano tapes.

Ever since there's been 'content,' there's been demand to copy it, and human ingenuity has 'cracked' whatever protection there was. But this doesn't harm the medium, in fact, it makes it more valuable to honest people. There will still be a demand for iTunes and friends, so the MPAA won't stop. There isn't a consumer demand for draconian hardware DRM, so I don't think it'll happen. This is driven by greed, but in the end, consumers want cheap, legal downloads with minimal (hopefully nonexistant) DRM, so that's what'll happen.

This 'crack' won't affect Apple's relation with the RIAA, nor the service, nor even the software, in any way. Why? iTunes lets you burn CDs, and CDs can be ripped. This crack only gives people slightly better quality and saves them a CD-RW. It also makes it a bit easier to get the files off a Bochs or VMWare system. Even if it did allow something that wasn't trivial before, it wouldn't impact iTunes sales or piracy significantly.

Next up

[quizwedge]

DRM in iTunes is changed. Please repurchase all of your old songs. Seriously, the DRM with Apple's music wasn't that bad. Why make it so that they have to change things around? Remember iTunes Music Sharing? You use to be able to stream from any computer to any computer. Since people didn't use it for personal use, they forced it to only work on the same subnet (thereby not allowing users at work to access music from their home machine). I wouldn't say Apple is perfect, but they're more on our side than Microsoft is.

Re:Next up

[Krach42]

Apple has consistantly had a stance against DRM, and this is the first time I've ever heard of the copy-protection in iTMS as DRM.

I suppose at SOME level, every copy protection qualifies as DRM, but come on. I view DRM with the connotation of "draconian" restrictions on what a user can do with it.

Apple doesn't prevent you from making a backup copy of the file, or distributing the file to other computers, it just restricts certain computers from playing it, if they haven't purchased it.

I personally don't see anything wrong with such an approach, it's called LEGAL.

Now, writing a system that breaks the second you touch the file with anything but a DRM approved player, or for that matter, working it into the OS so you CAN'T do anything with it at all. That's stepping over the line.

People have to make money at this at some point, and for the almost painless restrictions that iTMS puts on their music, it's one our side, and their side. A good comprimise in convienence and protection, where if you REALLY want to get it free, then you can get online and grab it anywhere else easier than you can break their protections. And they make money because you pay for the convience of being able to just *click* and download.

Why do this?

[Offwhite98]

By breaking the means the industry hopes to use to make their business viable you are only going to force them to cancel future projects which make music and other media easy for consumers to buy. Not everything can be free. Do you expect to get paid for a days work? And if Apple is forced to end their service because everyone just steals the music, then what will be left with? I will tell you. Microsoft will push a DRM-based protection scheme which is based on hardware and locks out non-Windows users.

Stop screwing these companies!

Re:Why do this?

[Frac]

People just want to use their personal private property which they bought and paid for in whatever way they see fit, such as playing their songs on a non-Apple, non-Microsoft platform. What's the problem with that?

Bullshit. You can already do that within iTunes. Just burn to a CD.

Apple's DRM attempts to lock out non-Apple, non-Microsoft users.

Bullshit. Apple's DRM doesn't attempt to lock out anything. Burn it to a CD, and you can do whatever you want with it.

Re:Why do this?

[shark72]

"Music CDs are now "enhanced" to try to prevent people playing them on their computers; paid-for, downloaded music is now DRM-wrapped so it can't be burned to music CDs and played on home stereos or in cars."

But in this case, music purchased from iTMS can be burned to CD and played on home stereos and in cars.

Perhaps the question is "what specific problem does this hack address?". For practical purposes, the big one is:

1. iTMS users were prevented from taking the music they'd downloaded, and then distributing it freely and widely by e-mailing it to all their friends or posting it on Kazaa.

Are there any others? Is there something I'm missing? I'm aware that the iTunes software requires you to re-order your playlist after burning it ten times, but is downloading a DRM stripper really a better solution than just reordering your playlist?

For now, I'm siding with what some others have said: Apple has gone out of their way to create a usable, affordable service with easy-to-live-with DRM. Their success has hopefully helped convince rightsholders that online distribution can work. Apple doesn't deserve to be pissed on like this.

Whats the point?

[GabrielF]

There are plenty of programs out there that will capture your computer's audio output. WireTap for example is a free Mac utility from Amrbosia that does this. You can also burn your music to audio CD and re-rip it as an MP3. I don't see why this is a big deal. Apple's DRM is fair and people who buy songs from iTunes already have the opportunity of using something like KaZaA but have chosen not to. This isn't going to make any exclusive content available on KaZaA or anything. Reading the description I think the whole point is just to try to humiliate Apple and the music industry. If thats the case its a bad thing, because Apple is FINALLY turning the music industry around on digital music.

I don't know about this

[marderj]

Apple has been pretty liberal with their protected aac files compared to some other digital music retailers. Play on up to 3 computers, burn to cd, play on iPod. I've bought about 250-300 songs from iTMS and have never been inconvenienced by their DRM. Do you think their DRM being cracked might change any of this? I can just imagine the RIAA trying to use this as an excuse to implement some sort of draconian measures. For years now people have been screaming for fair online digital distribution. We finally get something that works well and is fair on both sides and some jackass cracks it. I sort of feel like next time the RIAA dupes some ignorant senator into introducing some insane bill that completely infringes on our rights we're not going to have a leg to stand on. Apple gave people what they asked for, then got shit on. What does everyone else think?

Re:He must enjoy court

[SuperBanana]

Why release it with your name attached to it? Didn't he learn something after the whole De-CSS trial?

Yep. That his lawyer need only reach for his notes for applicable case history should Apple- or anyone else for that matter- choose to try him again.

Re:Sweet

[jizmonkey]

On a Mac, try this:

#open itunes
#begin playing music
netstat | grep 3689
#look for multiple connections to the same computer, that's his address
#on the right and yours on the left
setenv him HISADDR
setenv me MYADDR
#en1 = wireless, en0 = wired
sudo tcpdump -i en1 -s 0 -w itunes.log src $me and dst $him
#begin playing each of the songs you want (only need to play a second or two)
#don't close itunes!
#hit ctrl-c in terminal with tcpdump running, it should say it captured some number of pkts
strings itunes.log | egrep "(GET.*update)|(GET.*databases)|Validation" > songs

#songs now has a list of magic cookies, each alternating line is the file or the password
grep GET songs > get ; grep DAAP songs > daap ; wc get daap
#the first two lines of first column should be the same (tested under iTunes 4.1.0)
paste get daap | egrep "GET.*items/" | sed "s|.*GET|./get_one|" > get_all
cat > get_one
#then type these next two lines, hit return, and hit ctrl-d
wget --header="Client-DAAP-Access-Index: 1" \
--header="Client-DAAP-Validation: $4" "http://$him:3689$1"
chmod +x get_one get_all
./get_all
#close itunes

#now to rename the songs to have sensible extensions
mkdir tmp
mv *mp3*session* *m4a*session* tmp
cd tmp
ls | grep session > old
tr '?=' '\t\t' < old > new0
cut -f1 new0 > new
cut -f2 new0 | sed "s|session-id|mv|" > new1
paste new1 old new > fix_all
chmod +x fix_all
./fix_all
rm old new new0 new1 fix_all
mv *.mp3 *.m4a ..
cd ..
rmdir tmp

#after loading into itunes, can use one of several applescripts to rename the filenames from 454.mp3
#some of the scripts rename *.m4a to *.mp3 - then the songs don't play. to rename them back
#move the *.mp3 AAC files to their own directory, then
ls *.mp3 | sed 's/\\/\\\\/g' | sed 's/\$/\\\$/g' | sed 's/"/\\"/g' |\
sed 's/`/\\`/g' > files
cat files | sed 's/^/mv "/' | sed 's/\.mp3/.mp3" "/' > old
cat files | sed 's/\.mp3/.m4a"/' > new
paste "-d\0" old new > fix_all
chmod +x fix_all
./fix_all
rm files old new fix_all

What DRM issue does this really fix, though?

[snStarter]

I don't get it. You can burn your own CD from the QT files you buy from the iTunes store right? And after they are on CD you can make MP3s of them and do what you will, no DRM associated with them.

So, beyond the rather adolescent desire to hack the encryption, what problem does this solve? There's just no reason. Once they're on CD it's as if you bought them at the store.

It's just ego.

Similar reason as for DeCSS available ?

[Animaether]

I'm curious.. did he do this for a similar reason as the one he claims he created DeCSS for - namely to play back DVDs on Linux ?
I can't seem to find it in any of the articles, nor in his blog.

If there is no similar reason, does that mean that the reason of DeCSS's existence should be reviewed ?
Was 'hollywood' right, and he really just wanted digital dumps of the movies, just as - seemingly - he just wants a non-AAC'd digital dump of the music here ?

Not inciting a discussion on whether people should be allowed to do this in the first place - that's a whole other discussion :)

Apples Fence

[fsterman]

The _very_ nice thing about Apple is that this stuff doesn't matter too much. It would be simple to convert all those AAC's into something else (be it mp3, AIFF, or even a higher AAC and back down) to get rid of the DRM. It's called a fence, you can jump it or you can respect it. Unlike most schemes that require complicated check in and out Apple had the guts and financial sense to do something that will satisfy both sides. It will be interesting to see if the notorious Apple legal will go after this. From what I remember they didn't bust down on people that extended the iTunes music sharing beyond the LAN.

Compressor

(posted anyonymously for the usual reasons)

Another way to do this is with the Compressor program (by Apple) included with Final Cut Pro. Just drag the DRM'd AAC file into Compressor, choose AAC from the menu, and watch as it transcodes to unencrypted AAC. You can convert that to MP3 from iTunes if you want, or write up a little AppleScript to automate it. The only downside is that you lose the metadata tags (you could probably decode that format and write an application to convert them to IDv3 tags), but it works pretty well.

Note: I'm posting this not because of any hatred for Apple, but because I like to be able to listen to my music on my SliMP3 and this is the only way to do so besides burning and ripping from a CD.

NO!

[herrvinny]

No, people, this is NOT a good thing! Can't people figure out when there's a good thing happening, that they should sit the hell down and let it be? Think about it. Apple's DRM was pretty easy to break, just write the songs to CD and rip them back, without DRM. But the RIAA will use this as an excuse to put more and more DRM, more and more legislation. They'll say, "Well, whatever the computer industry puts out, hackers break it, so we need more legislation." And the Senate, House, and Bush will sign anything into law! Come on people, this is a bad THING!

Re:BFD

[joekra]

t's also noteworthy that similar code has been circulating quietly for quite some time on the Mac side. Anyone with even moderate knowledge of the QuickTime APIs could implement code to do this with minimal effort. It's trivial. I myself have written code that re-encodes the protected AAC's to MP3 so that I can play them on an old Rio that I still use sometimes.

No! No! No!

You don't think this is interesting because you do not understand what it does.

The Mac tools/code you talk of takes Protected AAC, decodes it to raw Audio (PCM/AIFF) and then Reencodes it.

This takes Protected AAC to Unprotected AAC. No transcoding (no loss of quality) involved.

Re:Maybe they'll figure this out someday

[X_Bones]

I don't think that computers remove the profit from producing music, just from distributing it. As long as there's a demand for music, artists can sell it for some price and make a living from it. But with iTMS, Amazon's recommended lists, fan bulletin boards, and so on, there's no need any more for a massive information and distribution network like the RIAA. People can find what they like and hear about other music from people with related tastes, and they can do this on their own. I think that's probably the biggest threat to the RIAA: informed consumers.

But I guess as long as they have money and are able to buy politicians, they'll stick around.

But its probably irrelevant...

[tkrotchko]

Because if you're intent on pirating commercially, you'll just buy the CD in the first place. What's $12 for a CD if you're intending on ripping off the thing and selling it illegally?

This is kind of a tempest in a teapot, really.