Slashdot Mirror


New Tool Cracks Apple's FairPlay DRM

goombah99 writes "PlayFair is an integrated utility that removes the DRM from AAC music files protected by Apple's FairPlay encryption. Information is limited, but the source code is on SourceForge.net and it appears to actually remove the encryption itself and not simply hijack the QuickTime audio stream as earlier methods did. The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery. If you choose to redistribute these songs you will be violating the contract you bought them under: better hope they aren't watermarked or you might end up paying for releasing one in the wild. To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."

27 of 1,126 comments (clear)

  1. Lies by monstroyer · · Score: 5, Insightful

    1) My computer, my data, my choice. DRM snake oil providers can deal with it. The future won't tolerate the crap these copywrite perverters are trying to enforce, may as well wake up now before it's too late.

    2) Downloading music does not affect sales. DRM is only there to appease the record industry, still scared shitless that artists can have direct contact with their fans who still provide them with income. This cuts them out as the middleman. Like the landlord of times before us, they will be replaced or burnt to the ground. Again, deal with it.

    3) The previous two paragraphs are both 'revolutionary' premises. Vandals these coders are not.

    1. Re:Lies by Alsee · · Score: 5, Insightful

      You have a license to use it.

      No such thing. Doesnt' exist.

      You can only licence the right to create new copies and derivative copies and to distribute those copies and for public performances. Those are the only licences that exist (at least under US law anyway).

      You don't need any licence at all for any sort of fair use.

      Apple's DRM is pretty benign... They worked out a lot of rights for their customers.

      It doesn't matter WHAT rights that "worked out". The fact is that ALL fair use is perfectly legal and legitimate, and a copyright holder has absolutely no legal right to say squat when I make fair use.

      Unauthorized use and unauthorized copies are perfectly legal and legitimate when they are fair use.

      -

      --
      - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
    2. Re:Lies by Anonymous Coward · · Score: 5, Insightful

      Whatever. I can play the songs on my Macs, my Dell and my iPod. I can burn CDs and play it in my car, on my stereo, in my portable CD player. Not very restrictive at all. That works for me.
      Great. Sounds like you've found something that is still more restrictive than WMA music, but you're happy with it.

      Besides, I can buy MP3s from anywhere else. Oh wait. Who sells those?

      http://www.magnatune.com/ for starters.

    3. Re:Lies by badasscat · · Score: 5, Insightful

      Except that it's NOT your data. You have a license to use it.

      Bullshit. If it's on my hard drive, which is a physical platter that I purchased at retail, then it's a physical thing that exists in the real world and it's mine. You're telling me my hard drive is mine but its contents aren't? I don't buy that for a second, whatever some RIAA lackey wants to say to convince me. If it somehow found a way (legally) into my house and onto my hard drive, it belongs to nobody else but me, and as long as I keep it for myself, I'm allowed to do whatever I damn well please with it.

      In fact, DRM exists because copyright holders know this. Otherwise, there wouldn't be a need for DRM! The whole point of DRM is to keep you from doing things you are legally entitled to do as specifically written in copyright law. The RIAA does not like the way copyright law is written so they are doing their best to usurp it with DRM (which they seem to think gains them additional protections under the DMCA that they don't otherwise have under regular old copyright law). I see no problem in breaking DRM in order to exercise my legal rights.

      Now, as for this sob story about WMA becoming a "standard" because of this... I mean really, cry me a river. Neither AAC nor WMA will ever be considered a "standard". The only thing close to a "standard" is MP3 (only because so many people have already ripped their music to it, so every piece of hardware has to support it) and it obviously isn't used for many applications where real compression efficiency or the best absolute sound quality are required. MP3 will always be around - I'm sure not about to re-rip all 2,000 or so CD's I own, and doubt many others will either - so whatever gets declared a "standard" for any specific use doesn't really matter anyway.

      WMA's DRM will be broken in time just as FairPlay apparently has been, in any case. It's the nature of digital data. Anything that's expressed in bits can and will be cracked, so WMA has no advantage here. Eventually these companies will hopefully accept that all DRM is doomed to fail, and just go back to allowing their customers to exercise their rights under the law, as they used to do many years ago.

    4. Re:Lies by zcat_NZ · · Score: 5, Insightful

      Not 'fair use'; 'unregulated use'

      Fair use relates to things that would have been covered by copyright; derivative works, quoting, etc. They're allowed, even though technically they're a little bit of the 'copying and redistribution' that copyright is supposed to regulate.

      Unregulated use relates to things that have nothing to do with "copying", and should never have been covered. Transfering a work 'I own' into another format, playing a DVD on a non-standard platform, etc. If I bought the work, I should have the right to do anything I want short of making copies and giving them to my friends. Playing DVD's under Linux, converting AAC's into MP3's, etc -should- all be unregulated uses. It's none of the copyright-holders business what I do with the disc after I bought it, unless they can PROVE that I'm redistributing unauthorised copies!

      --
      455fe10422ca29c4933f95052b792ab2
    5. Re:Lies by Kelson · · Score: 5, Insightful
      If it's on my hard drive, which is a physical platter that I purchased at retail, then it's a physical thing that exists in the real world and it's mine. You're telling me my hard drive is mine but its contents aren't?

      I own a lot of books. The paper, the ink, the glue - I own those, uncontested. I own that instance of the book. I can lend that particular book to a friend, I can sell it to someone, I can throw it in the trash, put it in a barbequeue, whatever. I can take the book down to Kinko's, photocopy it and write all over the photocopies. But if the book is still in copyright, I can't legally give those photocopies to someone else, nor can I legally typeset it, publish a new edition, and start selling it. Even though those words are physical objects in my possession.

      The whole point of DRM is to keep you from doing things you are legally entitled to do as specifically written in copyright law.

      More bull. Companies pushing DRM don't give a damn whether you make copies for yourself, they just want to make sure you don't upload it to the net and share it with a few thousand of your closest friends. And it's easier for them to prevent you from doing anything than it is to only prevent you from handing out free copies everywhere. That's why most DRM is so draconian - not because they want to lock you into only listening in one room, but because they just don't care.

      Apple at least made an effort to compromise.

    6. Re:Lies by DeltaSigma · · Score: 5, Insightful

      But that copy does belong to him if he acquired it legally. If I'm the only occupant in my living space and I have twelve individuals computers comprising an obscene amount of redundant backup storage, and I make twelve freaggin' copies of every piece of data legally acquired by myself, plus a DVD for the television, and a CD for the stereo, it still shouldn't make a lick of difference to musicians, game makers, virtually everyone who creates information for a living, because they succeeded in selling one copy to one consumer.

      End of story, no "ifs" "ands" or "buts" about this license restriction crap.

    7. Re: Lies by cft_128 · · Score: 5, Insightful
      As countless other pointed out, the WMP on Macs does not support v2 of the DRM, not to mention WMP on Macs sucks. Really sucks. Bad UI. Uses up way too much CPU time. With MS adding a 'time bomb' to WMA it's not looking like I'm going to be sending them a lot of love. When I buy music, I want to be able to play it forever. Hopefully market forces will do to this what it has done to previous attempts at this.

      Also of note HP has licensed Apple's iPod, so add one more player to the market. (albeit a iPod clone as far as I can tell). HP will use iTunes so there will still only be one software player, but from what I can tell iTunes wipes the floor with WMP when it comes to managing and playing my music on both my Macs and my PCs.

      You might want to do your own research before accusing others of not doing it.

      --

      Underloved Movies and Pub Quiz: donotquestionme.org

    8. Re:Lies by rampant+mac · · Score: 5, Insightful
      "I wasn't aware the labels were paying the artists a large part of the iTunes income."

      Last time I checked, positive income was better than NO income.

      "Anyone you know getting a check from RIAA?"

      Yes. Me.

      "Artists - don't - get - money - from - labels. Artists PAY labels for the privilege of making money for the labels."

      People - don't - get - money - from - their - employers. Employees sign a contractual agreement that they WILL perform the work assigned to them, or are you not on salary?

      It works both ways...

      --
      I like big butts and I cannot lie.
  2. We can only hope WMA will win! by SeanTobin · · Score: 5, Insightful

    Wouldn't it be wonderfull once the WMA standard becomes available everywhere? All online music stores will use it because it will be so secure. On-demand video companies will spring up from this new found industry standard. Portable players and home stereo systems will all support it. Every media file on your computer will fall under one standard.

    And then a code monky from Argentina will be codeing at 3am and have a Mountain Dew inspired breakthrough, and WMA will be broken wide open forever.

    Software companies continue to forget the days of dongles, code wheeles, and manual page/paragraph/word lookups. All it will do is annoy real consumers.

    --
    Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
    1. Re:We can only hope WMA will win! by __aagctu1952 · · Score: 5, Insightful

      Unfortunately, if that happens it will only bring the age of gov't mandated hardware DRM even closer - and then you can say goodbye to actually owning your own computer. What it's really time for is a property revolution - and I'm not talking about the Lenin/Che Guevara kind, I'm talking about actually giving people control over what they legally own. My computer? Then let me hack it as much as I want - software as well as hardware. My DVD? Then let me play it however I want (skip trailers, play it backwards, make my own "phantom edit"). All those things are already restricted by the DMCA and other laws, and it will only get worse unless somethings is done, soon...

  3. Monkey See, Monkey Do by ackthpt · · Score: 5, Insightful
    To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."

    The problem with incredibly clever people is inevitably they come up with something you don't want. Who's to say they weren't WMA or even (shudder) RIAA proponents, bent on showing the public can't be trusted and DMCA is the right approach?

    --

    A feeling of having made the same mistake before: Deja Foobar
  4. Is FairPlay really better than WMA? by Anonymous Coward · · Score: 5, Insightful

    To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

    If DRM is offensive to you, than FairPlay is no better than WMA.

    If you don't particularly mind DRM, then what's your complaint about WMA? I think it is the iTunes contract you like, and not FairPlay itself.

  5. DeCSS by Jeffrey+Baker · · Score: 5, Insightful
    Lots of ignorant comments already. PlayFair is the same as DeCSS: it removes restrictions on fair use, and allows compatibility. Now I can play my paid-for iTunes songs wherever I wish, just as DeCSS allowed me to play DVDs anywhere.

    It's a good thing.

  6. I think this is good by shadowcabbit · · Score: 5, Insightful

    Contrary to the knee-jerk reaction (and incidentally, also contrary to the blurb), I think that this tool is a blessing. Since it only works on songs that you have a valid license for (ie stuff you bought), it removes the burn-to-cd step from the "buy from ITMS, burn to CD, re-rip to MP3" process for those of us who don't have an iPod. I've bought quite a bit of music from the store, and I relish the opportunity to use it on my Lyra. This, I think, was the developers' intention with this tool-- not infringement. This is the only use I will have for this tool. Others may use it improperly or illegally, but that does not mean I should be denied access to the tool.

    --
    "Why Subscribe?" Good question...
  7. This is like a selling point by AtariAmarok · · Score: 5, Insightful

    Having this available is like a selling point for ITMS. I've been rather resistant about buying songs there because they place restrictions about what I can do with my own data on my own machine. (and no, I'm not talking about selling them).

    --
    Don't blame Durga. I voted for Centauri.
  8. Re:What was the point? by Ziviyr · · Score: 5, Insightful

    Maybe they wanted to play their paid for tunes on something other then iTunes or an iPod.

    --

    Someone set us up the bomb, so shine we are!
  9. watermarking? by ziggy+the+zagnut · · Score: 5, Insightful

    Well, what are we waiting for? Let's diff two cracked AAC's of the same iTune bought by different people to see if there's any encoding!

  10. So maybe it's not secure... by raehl · · Score: 5, Insightful

    But is that a bad thing?

    What if sales of music in this format increase, because people are more likely to buy songs they can use as they please instead of buying songs that have annoying DRM restrictions on them?

    The bad assumption here is that by removing DRM, people won't want to buy a product, because they'll just copy it instead of paying for it. The problem with that assumption is it ignores the fact that copying itself has a cost, even if it's not a financial one: You both have to have a copy of what you want to make a copy of, and you then have to actually distribute that copy to whoever actually wants it.

    Or you could just go to a central store of digital copies, pay your paltry 99 cents, and get your own copy. For most people, 99 cents is worth the convenience of having whatever they want on demand.

    Before you start thinking this won't work, look at DVD sales nowadays. VHS tapes were priced to cost many, many times more than the price of a rental. Rentals were attractive. DVD's are priced at about $20-$30 each. Result? Even though people could fairly easy copy DVDs if they REALLY wanted to, it's just "easier" to walk into Best Buy and plop down the $20 - so much so that many many more people buy DVD's than used to buy VHS tapes.

    For most people, trying to find and download a copy of something off the internet just isn't worth the $20 to buy the copy at Best Buy, or the $20/month to have Netflix mail it to you.

    Very little of the cost/value of content is the content itself - most of it is the distribution. Efficient distribution can distribute content at prices low enough to be competitive with comparatively inefficient illegal distribution while still creating enough revenue to pay content providers.

  11. Re:FoulPlay by Slack3r78 · · Score: 5, Insightful

    Honestly, this is borderline, but I can understand the logic behind it. What happens if it turns out the trolls are right, Apple does die, and you need new hardware? Or play your AACs under Linux? Or any number of other scenarios that could call for legitimate fair use?

    Here's the thing you and many others are missing - PlayFair only strips the DRM if you already own a legal copy. If you read so much as the single paragraph summary on their site, you'd see that in order crack the DRM, PlayFair extracts your key from either your iPod or your iTunes software. So if you don't already have legal access to the music, you're not going to be able to strip the DRM.

    Yes, it can be used as a piracy tool, but really the argument for this isn't really any different than the one for DeCSS. This can be, and very much is, a tool for fair use.

  12. Just a GUI by m1a1 · · Score: 5, Insightful

    These guys didn't do anything special. The libraries they used have been out and available in a simple command-line form for quite awhile. They apparently just made it more accessible to the public. The libs are available at http://www.audiocoding.com/. I've played with the command-line version before and it works fine.

  13. Re:Not Apple's problem by Hawthorne01 · · Score: 5, Insightful
    Given the iPod's approach to piracy (an admonishment not to steal music on the package), I'm quite certain Job's didn't push the security of iTMS as a selling point to the labels. Rather, I can see him stressing the ease of use and karmic value to the user.

    So it's been cracked. Does this affect the massive quantity of illegal MP-3's out there in the least? No. If you needed a copy of a song that was on iTMS, you could always find it elsewhere if you weren't worried about copyrights.

    I use iTMS because of:

    • Download speed
    • Gauranteed Results
    • Gauranteed Quality
    • Ease of use
    The DRM affects me not in the least. I have no reason to crack what I've bought from iTMS, and won't do so.
    --
    "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
  14. Re:What was the point? by ctr2sprt · · Score: 5, Insightful
    To you, Apple's DRM system is distinct from "other DRM" because it doesn't prevent you from doing the things you want. To me, Apple's DRM system is exactly like every other, because it does prevent me from doing what I want. (At least, as far as I've heard; I'm not going to pay for something that may or may not work, even if it is only a buck.)

    Maybe the guy who did this project is like me. He needed to something with AAC that "FairPlay" wasn't allowing him to do, so he found a way around it. Or maybe he was just being a geek and wanted to see if it could be done.

  15. What's the problem by smartin · · Score: 5, Insightful

    This only works if you already have a key, so you aren't stealing anything, it just makes it possible to get better use out of music you paid for. Such as putting it on your slimserver etc. I don't think that the availability of such a tool is going to cause people to go hunting for protected aac files to crack, and if you are going share them, you could just rip them as mp3 (yes i know lesser quality yada yada). I think this tool is useful for people that do buy iTunes an i for one will probably buy more now that i can get better use out of them.

    Think of it as the same thing as cracking a game you already bought so that you don't have to put the CD in the drive every time you want to play it.

    --
    The difference between Canada and the USA is that in Canada healthcare is a right and gun ownership is a privilege.
  16. Re:I agree that they are vandals and scoundrels... by daw · · Score: 5, Insightful

    What if the next version of WMA encryption were as secure as AES? It's certainly not likely, but I wouldn't say it's impossible either. I understand that there are fundamental differences between DRM and plain encryption, but the point is that uncrackable systems are possible.

    This is nonsense. Encryption systems may be practically uncrackable. Encryption systems that have to decrypt the "protected" contents for you so that you can listen to them will never be in the least bit secure. If you can hear it you can record it. There is no getting around this. The entire idea of DRM is, on the face of it, futile.

  17. Wow, whats with all the hoopla? by msimm · · Score: 5, Insightful

    To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

    Vandals? Really? Wow, because the first thing that came to my mind is: wow, I can unencrypt MY files and put them on my MythTV box, or trascode them to use in my cars mp3 player or send them through my Slimplayer. People are getting a little weird about DRM. Vandals is probably the most ridiculous thing I've hear yet. Itunes is great, but if we are going to continue to have fair use we are going to have to stop buying in to all the hype and realize that using a product we bought isn't criminal. I'm a fucking consumer, not a pirate.

    --
    Quack, quack.
  18. well, a point is missed, that's for sure by N3wsByt3 · · Score: 5, Insightful

    Your first three paragraphs are quite true, but have no bearing at all on what I was saying. I was saying that the claim those companies make that 'It is just the same as stealing from a shop' (actual quote) is false.

    It does not matter what kind of contract they have with the musicians, nor if they are owners, nor if I or anyone else agreed to the licence. The *statement* is false. If I go to a shop, see some vase, let's say, and I copy that vase at home, can the shop or the owner accuse me of stealing his vase? No. (at least not icn the jurisdiction I live). I *could* be breaking copyright or some patents, yes, but I would not be charged with stealing it from the shop.

    The RIAA claims one could, if one does exactly the same, but instead of a vase, with one of their CDs. THAT is what is absurd, and what I was arguing.

    The problem with your line of reasoning, is that it starts from the established point of copyrights that we have developped into today, and do not try to see outside the framework that is now almost considered a natural right. but it isn't, and, in fact, it never was. It's very clear (whatever the Supreme Court says about it) that the founding fathers meant it to be a right of limited scope and duration, to *stimulate* new and innovative works, and then bring it to the public good.

    This, clearly, has been perverted and corrupted in a system that has virtual no limitations anymore, and which main goal is the squeeze as much money and profit out of it by and for the middle-man; corporations that have huge profits but hardly create anything innovative themselves, and, in fact, try their best to stiffle innovation when they feel threatened.

    You think 'asking to reform' will do actually amount to anything, since it would mean they practically vanish from the scene? Me thinks not. I think the chance of that happening is as big as it was if the serfs would have 'asked' the aristocracy if they would please give up their powerbase.

    This line of reasoning shows an apparent lack of sense for reality.

    Unjust laws are most often overruled by breaking them en masse, and what's more, I do not think that that is an immoral act on itself, on the contrary. Far from me to entice anyone in doing something illegal, but I still can say what I think (unless Free speech has been abolished too?), and I think that the law, as it was original conceived and intended was just, but what it is and has become today is unjust and immoral, and should not be used to make ppl guilty, let alone criminalised, when they are disregarding those perverted laws.

    --
    --- "To pee or not to pee, that is the question." ---