New Tool Cracks Apple's FairPlay DRM
goombah99 writes "PlayFair is an integrated utility that removes the DRM from AAC music files protected by Apple's FairPlay encryption. Information is limited, but the source code is on SourceForge.net and it appears to actually remove the encryption itself and not simply hijack the QuickTime audio stream as earlier methods did. The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery. If you choose to redistribute these songs you will be violating the contract you bought them under: better hope they aren't watermarked or you might end up paying for releasing one in the wild. To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."
Apple bought VeriDisc. They didn't license FairPlay; they own it.
At the moment, it's illegal in the US under the DMCA. You might not like it, but that's a different question.
The most rabid believers in American Exceptionalism are the exact same people whose policies are destroying it.
Although Sourceforge have pulled the .tar.gz mirror, you can still login into the CVS and get it:
/ playfair login
/ playfair checkout playfair
cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot
cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot
You can still get the previous version, which was released a scant 5 days ago. It's nothing special, just a clever way to get at the private keys that breaks the PKE scheme.
I mean, all "hacks" on DRM of this nature (single authority source, encrypted carrier, hardware or firmware enforcement) will be exactly the same technique. The question is how do you get at the unencrypted scheme or your session keys... this is an example of how to do that under Fairplay w/iPods.
Point being, at some stage you have to store a decryption key somewhere, and all you need to is intercept it or extract it. It checks your iTunes for it's user key, or generates the one the iPod would (eventually) use. Apparently using this and MD5 hashing of information from each protected song, you get a session key which can decrypted the DRMS atom (AES if you were wondering... figures). And that's it.
I wouldn't really call it hacking... it's reverse engineering and re-implementation of Veridisc's algorithm.
Point is, I was waiting for someone to finally hunker down and pick it apart. Now I know... so if I ever run into a situation where I need the unprotected stream, I can get it, but you're not going to see me giving these unprotected streams to my friends... I paid for them! I just need to increase my value.
Now I can use the AAC streams in my car (got a laptop rigged up... OGGs, MP3s, and now iTunes... heee heee!)
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
Google finds links, but doesn't do your research for you. Windows Media Player for Mac currently only supports up to WM8 codecs. WM9 is not yet playable on Macs. Microsoft will get around to it eventually, but WM9 codecs have been out for a while.
Quit yer trolling...who said anything about violating copyright laws? If I'm working on my car and want to refer to some pages out of the shop manual, I'll make a copy of the relevant pages and work from those so the manual doesn't get dirtied up. That is fair use. Another example of fair use is dubbing a CD to tape so I can play it in my car (which doesn't have a CD player). That's also fair use. How, then, is stripping the DRM off an .m4p so I can convert it to Ogg Vorbis for playback on my Palm (an example of format-shifting analogous to the aforementioned CD-to-tape dub) not fair use? It's only copyright infringement if I turn around and put the resulting .m4a files up on $P2P_NETWORK or otherwise distribute them to others.
20 January 2017: the End of an Error.
Songs bought and downloaded from iTMS are watermarked with your account information. Checking out the source for the song with a simple text editor I was able to clearly see my name and email address used for purchasing from the store. I don't know yet if these are stripped when playfair strips DRM, but it's worth verifying before you start playing pirate again.
Besides, CD quality is still better audio.
==========
support the arts!
www.smadness.com
Here you go.......
Fellowship 9/11
Not to further fuel the flames, but it's not quite that straightforward.
I think part of the problem is that folks are looking at AAC as 'Apple's format.' It's not. AAC -- Advanced Audio Coding -- is an open standard; there's an ISO number for it, and it was come up with by the MPEG standards group. AAC is to MPEG4 what MP3 (MPEG1 Audio Layer 3) was to the original MPEG. AAC itself is quite widely played by software players -- more than just iTunes -- and is more or less the intended successor to MP3. (NOTE: Intended. I make no predictions about whether or not it will actually happen.)
Where you can point the finger at Apple is on their DRM implementation on top of AAC; that's not part of the AAC specification, and so means that while an un-protected AAC file can play on iTunes, WinAmp, etc., a protected iTunes Music Store one cannot. THIS is a little unfortunate; I'd love to be able to load protected AAC onto my NetMD minidisc player without having to burn it to CD first.
WMA makes me more nervous as a format, because as far as I know it's controlled by a single entity (Microsoft) instead of an open group (MPEG standards group). However, it can't be discounted that WMA's integration of DRM has made it the more attractive commercial option for folks, since it's possible to make differing players handle the same DRM-protected files.
Whether or not AAC with some form of DRM will catch on remains to be seen, I guess.
--Rachel
It is just as illegal. Actually, more so. Downloading copyrighted music is simple a copyright infringment. (at the moment) This means it falls under civil law.
However, creating a tool like this circumvents a copyright protection scheme. This is a criminal act punishable by up to 5 years in prison or $500,000, under the DMCA of 1998. (section 1201)
As an aside you mention if Apple had it's way...Even at the risk of appearing as an Apple apologist...Apple didn't want DRM at all. They struck a deal with the RIAA. Essentially the RIAA said, NO DRM, NO MUSIC. Apple said, okay...we'll put in a little DRM. I wish I could find the quote from Steve Jobs but he essentially said, "DRM is stupid, users want control of their files and rightly so, DRM will kill the market."
As an addendum, everything I've ever read -- including the PlayFair website linked to in this article -- says that FairPlay was licensed from Veridisc. So before anyone points fingers to tell me that Apple didn't write FairPlay, yes, I'm aware of that; they took an open standard and a publicly licensed DRM technology which can wrap digital files, and put the two together.
:)
In theory, anyone who wanted could use the FairPlay DRM and thus play Apple iTunes Music Store music. However, AAC not having an inherent DRM seems to have discouraged everyone but Apple from using it commercially, whereas WMA has the DRM right there so if you're using WMA you don't have to go shopping for separate DRM solutions.
That was the point I attempted to make in the earlier post.
--Rachel
For the n^th time, WMP for OS X does not support WMA's DRM scheme. Or, to be a bit more specific, it only supports it's first version, which never became generally used and is now practically obsolete.
Every online music store out there uses version 2 of WMA's DRM.
“Wait for Hurd if you want something real” –Linus
My problem with Apple's DRM is that it counts individual users on a computer as "separate" computers in the licensing scheme, meaning that a song I purchase from their store, won't work on all my machines.
There's my work machine, my home machine (two users, my wife and I), her 20GB iPod, my iPod Mini, and my laptop. Oh, whoops, can't do that, just ran out of licenses, and that's not even counting the old Pentium II that keep around as a print server/backup machine.
Or, are my wife and I not allowed to share one download? We can own a house together, but not an audio file?
Fortunately, via m4p2mp4.exe you can strip the DRM out of them as necessary, or do the old m4p->CD audio->mp4 conversion, though recreating metadata is a bit of a pain in the arse.
When in danger or in doubt, run in circles, scream and shout. --Robert A. Heinlein
Stealing = taking something with the intention of permenantly depriving its owner of possession
Copyright violation = making an unauthorised COPY of something
YOU CANNOT STEAL SOMETHING BY MAKING A COPY.
Read Pynchon.
Apart from the Mac WMP's inability to play WMA files (mentioned by six replies already), iTunes always allows you to burn on CDs. (Up to 10 copies per playlist. If you need more, change the playlist. But if you do, you are probably pirating the music.)
Dont talk trash unless you really know what you are talking about....
I keep US copyright law bookmarked :)
TITLE 17 - COPYRIGHTS
There's a clause in USC 117 (copyright law) that says that ephemeral copies aren't supposed to be infringing.
The ephemeral clause is Sec. 112. It is extremely narrowly drawn and effectively worthless. Ephemeral uses obviously fall within fair use, so the fact that the exemptions listed in the text are absurdly narrow is irrelevant.
The librarian of congress apparently has some power to craft exemptions here (perhaps we should be lobbying there, more?)
There are two possible kinds of exemptions to the DMCA. There are absolutely useless exemptions, and there are exemptions that will effectively and totally gut the DMCA. Thus far the library of congress has been good little librarians and very careful not to allow any exemptions that might irritate anyone. Lobbying there has been a waste of time.
fair use... something like four factors
The for factors are listed in Section 107.
(1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
(2) the nature of the copyrighted work;
(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
(4) the effect of the use upon the potential market
An important point to note is that it says "factors to be considered shall include ". The four factors are merely examples that shall be considered. The courts routinely consider other factors. For example "transformative" use weighs in favor of fair use. Things like collages and parody are transformative.
you guys should Google for USC 117
Link to 117
The mess with 117 is that it reffers to an "owner of a copy of a computer program". They are trying to play word games by claiming that you never actually own a copy, they try to claim that copies are always "licenced" under EULA's. However an EULA is really just a contract. If you buy a box of software and don't willingly bind yourself to that contract then you get no benefits from that contract, but you are not restricted by it either. You can then simply install and run the software you now own on the disk you now own. If there's a click-through licence agreement you could always make the effort to tweak your machine to bypass it. This is why they are lobbying to get a law passed to make EULAs binding.
The few very rare cases upholding EULAs have been based purely on arguments that the buyer somehow willingly agreed to be bound by it.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
ahem, NONE of those 500+ devices will play WMA files that HAVE ENCRYPTION...
big difference bucko.
I know, I have 3 of those 500+ devices... and the DAMNED things wont play the protected ones.
Do not look at laser with remaining good eye.
VideoLan can already decode/play back M4P iTunes-purchased files. It stores the system's key in the \Documents and Settings\\Application Data\drms\ folder -- you can copy that folder to other computers that aren't authorized via iTunes, and still play the M4P's with VideoLan. And since VideoLan supports streaming, you can set it to output the raw AAC into a new MP4 container. The only downside is that it's realtime, and that you have to do each file one at a time. But I wrote a Visual Basic app to loop through a directory recursively and call VideoLAN to convert each M4P file.
Hopefully someone takes this new code and makes a windows version, that can do process large amounts of files at a time...
Not All Who Wander Are Lost