Slashdot Mirror
DVD-Jon Breaks iTunes Encryption For Linux Users
McGruff writes "The Register has a story regarding DVD-Jon's new hobby, iTunes DRM. According to the story DRMed iTunes AAC files can now be played under Linux via VidioLAN Client thanks to some handywork by Jon.
'"When you run the VideoLAN Client under Windows it will write the user key to a file. The user key is system independent and can thus be used by the GNU/Linux version of VLC," he explains.' Personally, this just means I will buy even more iTunes." (We mentioned in November Johansen's efforts to negate the iTunes restrictions on Windows.)
How long before people start exchanging their keys ? Now that the key can be had and used under virtually any platform, in an easily copied or transmitted file format, the copy-protection is effectively cracked.
Maybe we deserve this world ?
Awesome, I was waiting for this. Definitely a reason to consider iTunes now.
How long until someone writes a command-line AAC2mp3 converter?
-3Suns
~~~~
The Revolution will be Slashdotted
I am quite excited about this. VLC has always been my media player of choice, now the ability to play AAC DRM files in it just ups its ante.
While booting to Windows is a slight disappointment, I am sure DVD-Jon will remove that step ASAP.
I read Slashdot in Lynx, I am a real geek.
Norwegian programmer Jon Lech Johansen, who broke the DVD encryption scheme...
It was my understanding that DVD-Jon (as we're calling him now) did *not* actually break the DVD encryption scheme, but collaborated with some anonymous hackers who did. I think his involvement was more on the order of making it more accessible to the tyro. Could someone clear this up once and for all?
I wonder if Jobs will say anything about this in tomorrows Macworld Keynote. I kind of doubt it.
What do any of these people do with free time to break encryption schemes, contribute to oss, and build robotic girlfriends? I'm serious, how do you earn a living and still have time to do things like this?
Somehow I think that this is an example of the way software restrictions will continue.
Programmers will code the security so that the app only works one way, and some user will break it s it works elsewhere as well.
We need to have more thought put into coding so that apps will work more platforms, and also be aware that it is envitable (sp?) that somebody will crack it.
I broke a lot of digital clocks as a kid because I wanted to know what made them tick! I still got new ones, and broke them as well.
Here I come to save the da... *thud*
I gotta get me a shorter cape.
I have an ipod, and use it together with the nifty GTKPod, Grip and beep to get my music onto the Pod and play tunes off it.
But I'm in Australia, and we don't have iTunes music store yet.
It it possible to use iTunes music store under Linux? Is it just a web site, with files you need iTunes to play, in which case I can use VideoLAN instead? Or otherwise?
In a worse case scenario, does iTunes work under Winex or Codeweavers Wine?
So where would a Linux user get purchased music from iTunes from? From his Windows or Mac computer. This is a what passes for win for Linux users??
It seems to be a cute exercise, but not a very useful thing, unless you hate Apple's horrific, evil DRM oh so much.
SIG:Slashdot: indymedia for nerds.
Christ, he just barely got away with the DeCSS thing. He should keep a low profile. They know where he lives. He's advertising to be arrested again.
What is the point here?
Ok, so you can play iTunes AAC files on *Nix PCs, provided you have the key. Wouldn't it just be easier to download it off of Kazaa? You can find cover art with google, and you can use SoulSeek to find high quality rips. That gets rid of two arguements right there.
iTunes DRM is WEAK, man. Burn it to CDRW and rip the sucker again, it's as easy as jumping over a subway turnstile. Why are we wasting time with a pointless thing like this, why not crack WMP or something harder with a better payoff?
So if this guy is so great, has he broken Windows Media yet?
...I'll be opening an iTunes account very soon, where previously I would not have considered it. The two primary computers where I listen to music are Linux PCs at work and at home. I'm unwilling to burn AACs to a CD and then re-encode them (with additional loss) into MP3s or Oggs.
I just hope Apple gets the message and removes all DRM from their music. At that point, I'd encourage others who do not have technical knowledge to buy music using the service as well.
I take it that it is the RIAA that mandates the DRM though and not Apple?
What has *science* done?!? -- Dr. Weird (ATHF)
Not that I would advocate such use. But this requires the key to be distributed with each file. Keep in mind that said key is *known* by apple, and directly tied to your account, it isn't something I would recommend sending out into the wild. On the other hand, using it on your own equipment to get around that creepy three machine registration limit seems like a good thing. If anything ever happened to Apple and your registered machine bit the dust, being able to back up a valid copy of your key seems like a good thing.
:-)
The thing is that AFAIK VLC isn't set up to manage multiple key+file pairs. So it is useful for *your* library, but not various files downloaded off the net. For that reason, I doubt they will go after him.
My question is, how does the iPod decrypt the file without a key? Or is it simply using the parent boxes key? It seems to me that if that's the case it should be trivial to recover the key from an iPod directly, no PC required (Just a Mac
You *did* buy a digital object. That was the original difference between Apple's store and the other DRM implementations: You have complete freedom to do anything you want with the file with the Finder. You just need authorization to use (play, burn) it in iTunes. You are free to, and Apple recommends that you, copy the file for backup purposes.
According to my understanding, his first "crack" would be possible to patch as it exploited the functionality of QuickTime that made an unencrypted AAC stream (or PCM stream?) out of the protected one. It then dumped this to a file absent of DRM.
His new crack actually writes the decryption key out to a file. This key is written out using Windows and is apparently derived from hardware serial numbers, such as that on the hard drive. This key can then apparently be used to decrypt the protected files on any OS. I haven't given this a shot yet, but it should be interesting to find out.
Personally, I don't care all that much, as I use iTunes on OS X and an iPod to listen to most of my music. However, I would like to serve up my protected AAC to my squeezebox, and this just might allow for on the fly transcoding to a PCM stream from SlimServer.
It would be pretty tough for Apple to go and make another DRM scheme that avoided this without breaking backwards compatibility.
-- Fighting mediocrity one bad post at a time.
Not all those hits could have been from personal Linux machines, as opposed to those at universities or workplaces, so the real figure of personal Linux machines is probably less.
Or maybe you were talking about Amiga support, which I'm sure made up most of the "Other" category. :)
I'd bet he started working on the iTMS project a long while ago. He's just been acquitted twice for doing the same thing with DVD encryption. Now that he has rock solid precedent, he can practically walk into court without a lawyer if the recording industry sues him. He's got a great big whoop-ass stick, and it's time to use it.
In Norway, that is... Americans are still screwed.
Actually, he's really smart. He's publicly claiming responsibility for doing something right after practically the same thing was found not to be illegal in his country. So Apple (or the RIAA) goes to Norway, and tells them to stop him, and Okokrim tells them that not only do they not want to prosecute, but they have legal precedent that what he's doing isn't a crime.
Sure, the litigation may have not accomplished much, but it did resolve that under current Norwegian law, it's perfectly fine for him to do what he's just done again. It would have been a bad idea for him to wait at all before bringing this to the attention of the public, because then he might be found out after laws are changed.
I bet he's glad now that he got an appeals court descision in his favor, instead of get the original court...
I bought portable mp3 player (not iPod) just to discover that I could not send to it melodies I've purchased via iTunes.
So apple wants me do buy iPod. But it is too expensive for my daughter (I got her now $140 player with 256Mb RAM).
So I hope, some day there will be program to unlock
my purchased AAC files to be able to listed then on my mp3 player. I think this is fair use and should be permitted!
Huh? The whole point is to allow Linux users to use the music that they legally purchased on the platform of their choice. Its exactly the same as the DeCSS stuff.
I use Linux as my primary desktop. DeCSS allows me to do the same things Windows users do, play DVDs on the platform of my choice. Every time I watch a movie on my monthly flight from Atlanta to Washington DC and back, I owe that to DeCSS.
iTMS is cool. There is no reason that only Windows and MacOS users should get invited to the party.
A deep unwavering belief is a sure sign you're missing something...
If you get in touch with Apple tech support, inform them of your plight, and politely ask them to let you redownload the songs, they will authorize your account to download new copies of the song files.
Yeah, I think this almost certainly is. Huge amounts of bit manipulation, lots of magic numbers, meaningless variable names. No type safety? No comments?
I've seen code like this before, when people have disassembled Windows DLLs back into C then tried to submit it to Wine.
I'd say Jon is treading on very slippery slopes indeed with this code. It might be possible to show that it's been simply generated from the original code which is almost certainly copyright violation - laws against that certainly exist in Norway.