Slashdot Mirror


DVD-Jon Breaks iTunes Encryption For Linux Users

McGruff writes "The Register has a story regarding DVD-Jon's new hobby, iTunes DRM. According to the story DRMed iTunes AAC files can now be played under Linux via VidioLAN Client thanks to some handywork by Jon. '"When you run the VideoLAN Client under Windows it will write the user key to a file. The user key is system independent and can thus be used by the GNU/Linux version of VLC," he explains.' Personally, this just means I will buy even more iTunes." (We mentioned in November Johansen's efforts to negate the iTunes restrictions on Windows.)

14 of 584 comments (clear)

  1. Key exchange ? by Jesrad · · Score: 5, Interesting

    How long before people start exchanging their keys ? Now that the key can be had and used under virtually any platform, in an easily copied or transmitted file format, the copy-protection is effectively cracked.

    --
    Maybe we deserve this world ?
    1. Re:Key exchange ? by lynxuser · · Score: 3, Interesting

      While exchanging keys sounds good, in theory, I believe the keys are limited to 3 PCs through the DRM. As well, they would need to be sent with the AAC DRM files that you want others to use, this sounds like a security risk to me. Finally, I suspect that Apple enabled some sort of hash, linked perhaps to your MAC address (or some other hardware) that would keep the key different for every single PC.

      --
      I read Slashdot in Lynx, I am a real geek.
  2. How long... by 3Suns · · Score: 4, Interesting

    Awesome, I was waiting for this. Definitely a reason to consider iTunes now.

    How long until someone writes a command-line AAC2mp3 converter?

    --

    -3Suns

    ~~~~
    The Revolution will be Slashdotted
    1. Re:How long... by Nasarius · · Score: 4, Interesting

      Exactly. That's why if you want me to buy music online, you had better be distributing it in a lossless format (FLAC, SHN, APE, whatever...I don't care as long as I can get the original WAV).

      --
      LOAD "SIG",8,1
  3. This is a wonderful breakthrough by lynxuser · · Score: 5, Interesting

    I am quite excited about this. VLC has always been my media player of choice, now the ability to play AAC DRM files in it just ups its ante.

    While booting to Windows is a slight disappointment, I am sure DVD-Jon will remove that step ASAP.

    --
    I read Slashdot in Lynx, I am a real geek.
  4. From the article... by Anonymous Coward · · Score: 3, Interesting

    Norwegian programmer Jon Lech Johansen, who broke the DVD encryption scheme...

    It was my understanding that DVD-Jon (as we're calling him now) did *not* actually break the DVD encryption scheme, but collaborated with some anonymous hackers who did. I think his involvement was more on the order of making it more accessible to the tyro. Could someone clear this up once and for all?

  5. What does this guy do for a living? by cacheMan · · Score: 5, Interesting

    What do any of these people do with free time to break encryption schemes, contribute to oss, and build robotic girlfriends? I'm serious, how do you earn a living and still have time to do things like this?

  6. iTunes on Linux by ZWarrior · · Score: 5, Interesting

    Somehow I think that this is an example of the way software restrictions will continue.

    Programmers will code the security so that the app only works one way, and some user will break it s it works elsewhere as well.

    We need to have more thought put into coding so that apps will work more platforms, and also be aware that it is envitable (sp?) that somebody will crack it.

    I broke a lot of digital clocks as a kid because I wanted to know what made them tick! I still got new ones, and broke them as well.

    --
    Here I come to save the da... *thud*
    I gotta get me a shorter cape.
  7. What's the point? by mr100percent · · Score: 3, Interesting

    What is the point here?
    Ok, so you can play iTunes AAC files on *Nix PCs, provided you have the key. Wouldn't it just be easier to download it off of Kazaa? You can find cover art with google, and you can use SoulSeek to find high quality rips. That gets rid of two arguements right there.

    iTunes DRM is WEAK, man. Burn it to CDRW and rip the sucker again, it's as easy as jumping over a subway turnstile. Why are we wasting time with a pointless thing like this, why not crack WMP or something harder with a better payoff?

  8. WMP by SJ · · Score: 3, Interesting

    So if this guy is so great, has he broken Windows Media yet?

  9. Sounds cumbersome for swapping by Bakafish · · Score: 5, Interesting

    Not that I would advocate such use. But this requires the key to be distributed with each file. Keep in mind that said key is *known* by apple, and directly tied to your account, it isn't something I would recommend sending out into the wild. On the other hand, using it on your own equipment to get around that creepy three machine registration limit seems like a good thing. If anything ever happened to Apple and your registered machine bit the dust, being able to back up a valid copy of your key seems like a good thing.

    The thing is that AFAIK VLC isn't set up to manage multiple key+file pairs. So it is useful for *your* library, but not various files downloaded off the net. For that reason, I doubt they will go after him.

    My question is, how does the iPod decrypt the file without a key? Or is it simply using the parent boxes key? It seems to me that if that's the case it should be trivial to recover the key from an iPod directly, no PC required (Just a Mac :-)

  10. Re:But by jared_hanson · · Score: 4, Interesting

    According to my understanding, his first "crack" would be possible to patch as it exploited the functionality of QuickTime that made an unencrypted AAC stream (or PCM stream?) out of the protected one. It then dumped this to a file absent of DRM.

    His new crack actually writes the decryption key out to a file. This key is written out using Windows and is apparently derived from hardware serial numbers, such as that on the hard drive. This key can then apparently be used to decrypt the protected files on any OS. I haven't given this a shot yet, but it should be interesting to find out.

    Personally, I don't care all that much, as I use iTunes on OS X and an iPod to listen to most of my music. However, I would like to serve up my protected AAC to my squeezebox, and this just might allow for on the fly transcoding to a PCM stream from SlimServer.

    It would be pretty tough for Apple to go and make another DRM scheme that avoided this without breaking backwards compatibility.

    --
    -- Fighting mediocrity one bad post at a time.
  11. This is the perfect time. by stuartkahler · · Score: 4, Interesting

    I'd bet he started working on the iTMS project a long while ago. He's just been acquitted twice for doing the same thing with DVD encryption. Now that he has rock solid precedent, he can practically walk into court without a lawyer if the recording industry sues him. He's got a great big whoop-ass stick, and it's time to use it.

    In Norway, that is... Americans are still screwed.

  12. Re:Jon wrote 1000 lines of code with no comments by IamTheRealMike · · Score: 3, Interesting
    Is it the output of a disassembler cobbled back together into C?

    Yeah, I think this almost certainly is. Huge amounts of bit manipulation, lots of magic numbers, meaningless variable names. No type safety? No comments?

    I've seen code like this before, when people have disassembled Windows DLLs back into C then tried to submit it to Wine.

    I'd say Jon is treading on very slippery slopes indeed with this code. It might be possible to show that it's been simply generated from the original code which is almost certainly copyright violation - laws against that certainly exist in Norway.