Monday Releases Cause Crashes

The two big releases yesterday, Apple's Security Update and the DRM-canceling PlayFair, are causing problems. The Security Update appears to break cvs over pserver under some conditions (hangs for a long time, then quits with a malloc error), and ryanw writes, "according to the SF.net forum for playfair, the 'iTMS DRM stripping tool' destroys your purchased songs: the resulting files crash iTunes, the iPod, and QuickTime." Those who follow the rules -- wait a few days to install Apple's updates, and make backups of your iTMS files -- will be unaffected.

Er...ooops.

[System.out.println()]

I really need to learn to wait a few days before installing things. I'm so impatient.

Even worse, I check a dozen or so Mac sites several times daily, (yes I need a life) so I probably get every update within 8 hours or so of release, if that.

Re:Er...ooops.

[HTH+NE1]

I really need to learn to wait a few days before installing things.

But the coal mines of software updating need canaries like you. ;)

Re:Er...ooops.

[System.out.println()]

*chokes*
*sputters*
*death gurgle*

(jk, btw... I don't use any of the service that the update breaks, and I have tried to deDRM my iTMS songs)

that'll theach you...

...to install version 0.2 of some guy's software

Re:that'll theach you...

Yes but it fixes many bugs found in 0.1

Hmm

[gkelman]

I check everyday for updates as a matter of course and installed yesterday's security stuff. Luckily
being in the UK I _still_ can't buy music from iTunes, and I don't have an iPod so no problem really.

Annoying that they don't check these things more carefully.

Re:Hmm

[System.out.println()]

The security update is the only one worth complaining about - Come on, did you expect a copyright circumvention program to work perfectly?

Re:Hmm

[Endive4Ever]

Actually, I expected a loud FUD campaign from Apple to emerge within hours.

Which, it appears, has happened.

The fact that it's bundled with 'Bad News' about an Apple update release sorta 'shields' it's credibility some.

PlayFair 0.2

[ZackSchil]

The way PlayFair snags a decryption key doesn't always work, but it tries to decrypt the song anyway. If it finds a bad key and uses it, of course the files are going to come out as garbage! If you swap headers of an m4a file and an m4p file, QuickTime, iTunes and the iPod all crash while reading it also. It does not, as the post suggests, even touch your purchased songs. All decryption is made on a copy. Just more fear mongering.

I have, however, had no trouble decrypting my songs under Mac OS X. They work perfectly.

Re:PlayFair 0.2

[obijywk]

I had trouble with PlayFair at first too (on my Linux machine)... the same thing happened to me - if PlayFair doesn't find a valid key for your song, it goes ahead and creates a messed up file anyway. These files crashed every player I tried them in. After I moved my key into ~/.drms, where PlayFair could find it, the decrypted files came out fine.

I guess PlayFair needs some improved error checking. But I think it's great... now I can listen to my iTunes songs on my linux machine!

Re:PlayFair 0.2

[ZackSchil]

Upon further inspection, I've come across a few strange things. Only my more recent iTunes Music Store purchases decrypt correctly. The older ones make garbled files that iTunes tries to play for a minute, then crashes.

Re:PlayFair 0.2

[prockcore]

If you swap headers of an m4a file and an m4p file, QuickTime, iTunes and the iPod all crash while reading it also.

You know, an enterprising hacker would take this as a sure sign of buffer overflows being present in QuickTime.

Then again we all know hackers only use windows so there's nothing to worry about.

Re:PlayFair 0.2

[ZackSchil]

I got to the bottom of the freezing issue!!

Just delete the folder ~/.drms between each decryption. I wrote a GUI for Mac OS X that integrates with iTunes and I just had to make it delete the .drms folder between encodes to make it work properly.

Oh, and sorry for replying 2 times to my own post :)

Re:PlayFair 0.2

Just because it crashes doesn't mean it's a buffer overflow.

Brilliant move combining those two stories

Brilliant move combining those two entirely seperate stories into one article.

You just know some ignorant tinfoil-hat wearing /.ers are going to assume that the stories are related somehow, and that the Apple Security Update somehow sabotaged playfair. Sheesh.

Re:Brilliant move combining those two stories

[bfg9000]

You noticed the coincidence too, eh? The missing piece is the fact that Steve is a 33rd Degree Freemason and was roommates with a former director of the CIA in college. Throw in the strange map of Area 51 that is steganographically hidden within the default desktop picture, and I think the facts speak for themselves.

Steve is building an army of mind-controlled minions set to overthrow the alien beings who have taken over Western Civilization and are currently raising us for food.

Of course, give me a G5 PowerBook and I'll overlook all that.

Re:Brilliant move combining those two stories

[FredFnord]

> Of course, give me a G5 PowerBook and I'll overlook all that.

Don't be ridiculous. We'll just harvest you a little early...

-fred

Apple protects fair-use

[valmont]

The nerds behind PlayFair are doing nothing but harm the very thing they seek to protect: Fair Use. Apple *already* allows you to make an unlimited amount of regular Audio CDs from music you purchased on iTMS. Apple already allows you to listen to your music on any computer running their free iTunes software. THAT *is* fair use. Why go thru the trouble of breaking encryption? just so you could listen to your music on linux? if you're going thru all that trouble then why not create a few audio CDs from all your purchased music, so you could listen to it on your stereo and in your car, AND RIP UN-DRM'ed MP3s onto your linux box?.

This is all just silly. Why don't "freedom fanboys" either get a clue or stick to WMA, rather than bashing Apple on their attempt to make the RIAA play nice and bragging about circumventing a DRM scheme that has always been loose in the first place.

i still buy most my music off of amazon, i'm a big fan of physical goods in the mail.

Re:Apple protects fair-use

[hawkbug]

I agree with you - I have no interest in unencrypting my iTunes files. However, some people would argue that by burning a CD and then creating an mp3 from it, you are losing a lot of quality. My ears aren't the greatest, but I sometimes think I can tell a difference between an mp3 created in that fashion vs the original iTunes download. But then again, maybe it's just my imagination - either way, that's how I convert my music - by burning it to CD first.

Re:Apple protects fair-use

[NotoriousQ]

Sigh....did we not already talk about this? iTUNES -> CDAUDIO -> MP3 is extra loss. ITUNES-> CDAUDIO -> AAC also possibly extra loss. The CDAUDIO is same quality, but not portable, and I do not have an iPod, or disk space to hold the uncompressed ripped cd's. That is why I am also a big fan of physical goods in the mail.

So point by point:
THAT *is* fair use
It is also fair use to break their encryption. One fair use does not stop another. DMCA may make it illegal though, but that is a different story.

Why go thru the trouble of breaking encryption?
To avoid the loss incurred by ITUNES -> CDAUDIO -> MP3/AAC/OGG/LOSSY and still keep the file size low.

just so you could listen to your music on linux?
Yes. I have no non linux/bsd machines. I had to use my roommate's windows machine to download songs from iTunes via Pepsi promo.


if you're going thru all that trouble then why not create a few audio CDs from all your purchased music, so you could listen to it on your stereo and in your car
Swapping CD's is a pain.

AND RIP UN-DRM'ed MP3s onto your linux box?
Extra loss incurred. See above.

get a clue or stick to WMA
WMA is not any better. I already have a clue.

rather than bashing Apple
I have no problem with apple. They can do what they want, I can do what I want via fair use.

DRM scheme that has always been loose in the first place.
Not loose enough for what I am trying to accomplish.

i still buy most my music off of amazon, i'm a big fan of physical goods in the mail.
Ditto, however this is getting to be more annoying as the cd's are becoming more copy protected every day.

For the people who stumbled into this discussion late, see the previous discussion

Re:Apple protects fair-use

[pudge]

Apple already allows you to listen to your music on any computer running their free iTunes software. THAT *is* fair use.

Uh. I have five Macs in my house. I can only play music *I purchased* on three of them. It is quite clear: I am being denied my fair use rights. There's really no debating it. What to do about the problem is all that is under debate.

Why go thru the trouble of breaking encryption? just so you could listen to your music on linux? if you're going thru all that trouble then why not create a few audio CDs from all your purchased music, so you could listen to it on your stereo and in your car, AND RIP UN-DRM'ed MP3s onto your linux box?

You argue people should use DRM circumvention instead of DRM circumvention? You're quite confused. One method is no more or less legal or justifiable than the other. Both of them are methods to circumvent DRM, and in my case, perfectly legal, since the existing files prevent me from exercising my fair use rights.

Re:Apple protects fair-use

[Reducer2001]

Swapping CD's is a pain.
Eject, remove, insert, play. Have we gotten this lazy? Most music players have an eject button in the GUI and Mac's have one on the keyboard.

Re:Apple protects fair-use

[valmont]

interesting points

Could you please define not portable? When you use iTunes to burn an AUDIO CD, you get a real audio CD, that can be played on any CD player. My GF buys a lot of music off of iTMS and makes lots of CDs which she plays just fine in her car. I must be misunderstanding what you mean by "not portable".

Please also define for my slow brain what you mean by "extra loss". You mean audio quality loss? See, I believe this is where you and I disagree. From personal experience, and that of a few other people, creating an Audio CD from a bunch of purchased iTMS AAC music doesn't appear to yield any loss in quality (which I believe, we agree on), and ripping MP3's or AAC's from that same CD does not either seem to yield any loss of quality either. The quality of the result from Audio CD ==> MP3/AAC process, will of course depend on what compression settings your ripping software is set to. This would apparently be where you and I disagree.

I'm sure you are already aware of this and mainly making a point, but there is absolutely nothing legal about getting rid of DRM from music you purchased from iTMS. Most threads I've read about "Fair Use" and Copyright law seem to ignore one simple thing: When you download music from iTMS, you know ahead of time, what the rules are. You agreed to them when clicking "Accept" on the EULA screen iTunes threw at you upon installation. Apple offers you a contract, you accept it by using their service. It is that simple. All musings about "Fair Use" and "Copyright", from this point, are mainly scoped to whether or not Apple and the RIAA have a "moral right" to apply their DRM scheme, whether or not, from a consumer standpoint this is fair, and whether or not, as a consumer, you should choose to use their services and products. If you do choose to use those services, there is absolutely no law you can invoke to justify bypassing their DRM scheme. The only case where you'd have legal recourse would be if you were never warned in advance, if said companies never provided you with the information you needed as a consumer to make an educated choice as to whether or not you should use their services. Such as when certain CDs are sold with DRM built-in, yet advertised as AUDIO CD, which defines a precise digital format which those CDs technically don't conform to.

Re:Apple protects fair-use

[bjackson]

If you're really that concerned about the minimal audio quality loss going from AAC -> MP3 you should be buying your songs on CD / SACD / DVD-Audio and not downloading them in the first place...

Re:Apple protects fair-use

[log0n]

I'd mod you down but I'd rather share my thoughts instead.

Download music isn't a right, it's a privilege. Where do you get this sense of all-encompassing sense of entitlement?

What you're doing is rationalizing your process for circumventing this privilege of downloading music. You *choose not to support* or use the system Apple makes available for the product that you want to use, and somehow you think your intentional non-compliance justifies the right to 'fair use' how you see fit.

Just because something exists doesn't mean you have limitless access, control or influence with it. Cope.

You don't want loss imposed by transcoding between DRMAAC->CD Audio->mp3 (ogg,whatever). So then don't transcode; use the system that was designed for the format. Or, buy the CD or single that you're interested in and have a hard copy that bypasses all this DRM. Or better yet, don't buy anything - not for idealist Anti-DRM reasons, but because you realize that what you want to purchase isn't available for what you intend to do!

Swapping CDs is a pain? I see where the sense of limitless entitlement comes from.

Apple can do what they want. You can do what you want as well. But when it comes to who sets the rules for DRM AACs, it's Apple. If you don't like the rules they've set, there's no law that forces you have to buy/use a specific product that has rules you have fundamental disagreement with. Seek a legal alterative that works how you want it to work, or learn to cope with doing without.

Re:Apple protects fair-use

[NaugaHunter]

I am being denied my fair use rights. There's really no debating it.

Technically, it is debatable. You can set iTunes on a single machine to share its music, including purchased, with any Macs on the same network. The main reason Apple allows authorization on multiple machines is for fair use when traveling or at an office, and your main server wouldn't be available.

Whether or not this is convenient for you is a personal matter, but the technology already exists to share your music with any computer you could carry CDs back and forth to, without having to authorize/de-authorize.

Re:Apple protects fair-use

[blob.DK]

You, Sir, is a winer.

You are not being denied anything at all.
You can only listen to *your* music in one place at a time, right ? So, use the iTunes sharing and *your* music is available everywhere, right ?

Dont know if this is related

[goombah99]

I did the update and then had spinning-wheel-of-death four times in a row while trying to run an unrelated program installer and simultaneously burn a DVD. Had to do these operations sequentially to get them to work. (why was I doing both: I was simply multi-tasking my monthly maintainence chores.)

Remove Playfair?

1. Anyone who is good at reading the install scripts - How do we "remove" playfair? (especially since it doesn't seem to get a good decoding done - the resulting files all crash whatever app tries to play them. Maybe wait a version or two...)

2. Now this might be pretty basic, but does anyone have a favorite unix scripting tutorial so that I can learn how to script things like this to run on multiple files?

Re:Remove Playfair?

[absurdhero]

The crashing is because it can't find a key. Read some of the other posts explaining how to fix that. As for uninstalling it, download the source code, and in the Terminal, go to that directory. Then type: make uninstall

PlayFair Works!!!

[alatesystems]

It really does work. The crashing is caused by it not acquiring the key and decrypting it incorrectly with no error checking. This is what you have to do(the only way I know how, because I don't know how to compile it on windows).

Download it on *nix and do ./configure, make, make install(if you're root).

On windows, download VLC. Run it and open your encrypted m4p file.

Now, in c:\documents and settings\username(whatever you're logged in as)\application data\drms, you have the key file. Copy that key file to your ~/.drms dir(create it) on the *nix box.

Then on the *nix box run ./playfair whatever.m4p new.m4p.

WHAM! It now works. It grabs the key from your ~/.drms and decrypts it to new.m4p. It works! I've tried it. This is great. Now I can actually buy music(Until apple "fixes" this).

If someone could compile this on windows it would cut down this process to 2 steps: 1. Run VLC with the file. 2. Run playfair.exe in.mp4 out.m4p

Thanks,
Chris Benard

It DOESNT mess with your iTunes songs!

[da_dho]

Firstly, this tool never touches the original so unless you deleted the original before testing the new one, you are fine. For Example: /usr/local/bin/playfair Secondly, the tool works fine most of the time. At least the mac version, but likely the pc one too. For me, its spits out 3/4 properly drm'd songs then spits out the rest garabage that crash iTunes/Quicktime. Try it yourself people, all you need is a mac with an ipod hooked up to it or just a windows pc.

Re:Remove Playfair? (script)

Save everything after this (start at #!/bin/bash), and chmod +x it.
Run with ./saved-file m4p m4a
This finds all m4p files in current dir (copy them first!) and saves the files in no-drm/.
Also, run playfair first (and have /usr/local/bin in your path) to get your key.

#!/bin/bash

DIR=no-drm

usage () {
echo "Usage: $0 suffix newsuffix [converted-dir]"
exit
}

if [ "$1" == "-h" ] || [ "$1" == "--help" ]; then usage; fi

if [ -n "$1" ] && [ -n "$2" ]; then
SUFF1=$1
SUFF2=$2
else
usage
fi

if [ -n "$3" ]; then
DIR=$3
fi

mkdir -p $DIR

for FILE in *.$SUFF1; do
BASE=`basename "$FILE" .$SUFF1`
playfair "$FILE" "$DIR/$BASE.$SUFF2" 2>&1 > /dev/null
done

CVS over pserve broken?

[XbainX]

I installed the security update this morning on my 15" AlPB and I use CVS over pserver at work and have seen no problems.

Just did a commit and an update for the hell of it, works fine...

What Luck!

[aflat362]

I just bought a brand new PowerBook and got it yesterday. Being the good computer owner that I am, I of course ran the updates to get me up to speed. Damnit!

Crashes!?!?!

[nullhero]

How come everytime that Apple has an update people report that there have been crashes. I have updated Mac OS X since 10.2.2 when I bought the machine and never once had it...okay I lie it did crash - ONCE! - but that had nothing to do with any update file that I installed. I'm still not sure why it crashed considering it hasn't crashed since the ONE TIME CRASH!

I'm just emphazing that little fact because my Windows Box at work crashed two to three times a week...I mean 2 TO 3 TIMES A WEEK!!

Anyways, the DRM on the iTunes is really relaxed because I've never had a problem with converting the AAC files to MP3's (for those of my friends who don't use AAC files - since none of the MP3 players support them but iPod does.)

Later

It's a real shame.

[kiwioddBall]

Its a little sad that a forum that generally celebrates Apples acheivements has a whole pile of posts on how to correctly configure the tool that will easily destroy them.

I can appreciate it from the technical point of view, but perhaps a post on what this is now going to do to Apples future fortune now that AAC is not secure is more appropriate, especially as Apples growth recently has been on the back of achievements in the audio area.

Rendevouz

cant you just stream the music between all five macs. Saves disk space too.

Fair use and the iTMS

[nsayer]

1. People keep talking about "Fair use." It's a moot point. Fair use is what you can do with intellectual property that you posess (note I did not say "own") WHERE THERE IS NO OTHER GOVERNING AGREEMENT. When you started up iTunes, you clicked through a license that spells out what you may do with the songs you purchase. That is the difference between the iTMS and a CD - CDs don't have shrinkwrap licenses.

If you are in the United States, giving PlayFair to someone else or posting it on a web site probably violates the DMCA: It is not authorized by the rights holder, and it defeats an effective means of copy control.

Using PlayFair to decode your purchases to use on machines that don't have iTunes (such as Linux machines) probably is legal under the reverse engineering for compatibility sections of the DMCA, but that law is very full of contradictions and has not been fully tested in the courts.

I have a suggestion for the PlayFair authors: As you decrypt each song, put the account information in a hidden or comment section of the output file. Anyone using PlayFair to simply use their purchased content themselves would not be hurt by this, and it would provide an additional deterent against putting decoded content up on $P2P_NETWORK_DU_JOUR. It would bolster your eventual defense in court that you were not making a tool for piracy.

pserver

[Onan]

Uh, pserver is unencrypted, and using it is actually _more_ work than doing it the Right Way (over ssh). There's just no good reason for anyone anywhere to use it.

So, yeah, I'd consider breaking pserver to be a valid security enhancement.

Stop Your Whining, You Guys!!

[bfg9000]

I just installed the patch and I don't know what you're all whining about! Everything's working per

Simple.

[ZxCv]

How come everytime that Apple has an update people report that there have been crashes.

Because, typically, Apple users expect things to Just Work(tm). So, when things don't Just Work(tm), most Apple users will complain loudly.

Conversely, most Windows users don't have such an expectation. So when an update comes along that does break something, I imagine not nearly as many Windows users are inclined to complain loudly about it.

Of course there will be a small number of users that are adversely affected by an update, whether it is for Windows or OS X. What really stands out sometimes is just who complains louder. And like I said, because of their high expectations, I think Apple users are far more inclined to complain about things breaking.

FWIW, I have never had a single problem with OS X updates, and I've installed every single one issued by Apple from 10.1.1 up to the current 10.3.3. And in 8 years of updating Windows, I've only had a single problem with an OS update (though it did require a complete reinstall).

Surely it does allow it.

[scruffyMark]

Yes, it does. As long as it's always just you using it, yes. If I really like roundelays, and I want to listen to a song I bought on seven different stereo systems, each half a verse behind the other, that's my right.

And, more importantly, it's my right to listen to the music on any brand of device I want. If I can figure out a way to get NetBSD on RISC-Toaster to recognize a sound card, it's my right to use a tune I bought as the "toast is ready" theme song.

As for contract law vs. copyright law - that may be the case, but (a) I can't sign away rights. No matter how many slavery contracts you sign, you can't sell yourself into slavery. (b) It's up to Apple to verify their contract, or to designate someone to verify it. (c) The issue of whether clicking "I Agree" confers a contractual obligation is currently very unclear indeed.