Update on Playfair

An anonymous reader writes "A few weeks back, Slashdot reported that Apple had sent a cease and desist letter to Sarovar.org, the Indian site hosting the Playfair project. This is the first incident in India where a corporation has used legal means to shut down a Free Software project. Some of the prominent members of the Open Source/Free Software community in India have issued an update on this situation. There is also an interesting post in the FSF-India mailing lists."

Coverage on K5 also.

Some nice discussion here.

Hmm..

[bigattichouse]

Need a good ol' fashioned Chinese to-hell-with-western-law hosting... works for spammers, why not legit projects that exist in that legal grey-zone?

Re:Hmm..

[gid13]

Yes, China, that world-renowned last bastion of free speech. They'll SURELY be the answer to our prayers. :P

Re:Hmm..

[Twirlip+of+the+Mists]

STOP USING DRM!! IT'S FLAWED LOGIC THAT WON'T WORK!!!

More than a year on, iTunes is going strong. If anything, from the numbers it seems to be gaining momentum. Seems to me like it works just fine.

Re:Hmm..

[Hatta]

Ironic, but no more ironic than the fact that the "land of the free" incarcerates a greater proportion of its population than any other nation. cite

Re:Hmm..

[finkployd]

Selling music over the internet is not the flawed model (people have been asking to be able to purchase single tracks at reduced prices for years, it is no surprise it is a success).

DRM, technically is a flawed concept though. It is basically PKI turned upside down. In PKI, you generate a private key and give out your public key so that people who want to send encrypted things to you can by encrypting them with your public key. This stuff can only be decrypted with your private key. You are the sole holder of your private key and should guard it effectively.

DRM is basically the same thing, but instead of you being the only with with access to your private key, they system tried to PREVENT you from getting at it. So with ITMS (and WMA9), MY computer is storing a private key and attempting to keep it secure from ME. This is basically impossible and will ALWAYS be broken over time since it can only be done in software.

And NOW we see why palladium exists... It is a way in HARDWARE (supposedly tamper proof) to let a system store a private key that is inaccessible to the owner of the key.

Finkployd

Re:Hmm..

[Twirlip+of+the+Mists]

iTunes is going strong--but would it be going any less strong if they had, by some magical miracle, convinced the RIAA to go with non-DRM protected AAC files?

Yes. Because they would not have the selection of music they have today. Many music copyright holders will not release their works digitally without some kind of technological protection.

Furthermore, do you think the DRM they do have stops anybody who wants to from copying the music?

Yes. Because it's easier, faster, and more convenient to just buy the damn thing.

Years ago, I read a book by Stewart Brand about the MIT Media Lab. In it, Brand interviewed Nicholas Negroponte on many topics. One of the topics was what Negroponte called the "digital paperback."

Nobody bothers to pirate paperback books. You could; there's nothing at all stopping you. But nobody bothers, because it's easier, cheaper, and faster to just buy your own copy.

What we need, Negroponte opined, is a digital paperback. He expressed the opinion at the time that the CDROM would be the digital paperback; obviously he was mistaken about that, because unencrypted CDROMs are just too darned easy to duplicate.

The encrypted M4P file, on the other hand, is a digital paperback. Yes, you can strip it of its encryption and make copies of it using any number of tools, not the least convenient of which is simply converting it to AIFF and back with iTunes and a CD burner. But it's just easier to buy your own.

But DRM will never, short of a police state, prevent people from copying DRM'd stuff.

Of course it will. All you have to do is make it more convenient to buy the real thing than to pirate it. Those who would pirate for profit will continue to do so, of course; those people are thieves, and rotten to the core. Let the police deal with them. For the average consumer, all you have to do is make it more convenient to buy than to steal. As we've seen time and again, people will pay a small price for a great deal of convenience: i.e., the paperback.

I haven't got a clue about Indian law..

[Kjella]

...but the creation of personal copies may not require authorization, as is the case with DeCSS in Norway. Depending on the accuracy of that statement "unauthorized copying" may mean "unauthorized copies made for distribution to third parties".

And regardless of what you might think, tools are hardly outlawed anywhere but in the US, due to the DMCA. I can make a key that fits your front door, and only your front door, which has no other purpose. It's still not illegal until I use it to gain unauthorized entry.

That brings up an interesting question, given that there's a strong legal precedent in Norway, why isn't it hosted somewhere there? I'd love to see if they'd have the balls to try another DVD-Jon style case before the EUCD (aka the Euro-DMCA) is in place...

Kjella

Re:Not agreeing with Apple here

[2nd+Post!]

You've still made ONE copy in that process, even if you delete the original.

I'm not saying this is right or wrong, since I believe it's perfectly within Fair Use to make a decrypted copy. What happens if Apple goes out of business? What happens if I don't have a suitable network connection to authorize my Macs? I paid for the music, and do have some right to listen to it at 100% quality.

However, all I am stating is the strict legality of the situation. Owning this tool isn't illegal, but using it is. I don't know, however, that is enough under Indian law to get them knocked off the servers.

Re:Not agreeing with Apple here

[2nd+Post!]

It all depends on whether you signed a contract when you bought the Sony drive that you would only use Sony blanks, doesn't it? Then it wouldn't be illegal to use the non Sony blanks, only that you would have violated your contract with Sony, and Sony then has the right to not honor any warranty with you (there is some wiggle of course, since you used a fairly extreme example).

All sales of Apple's music have implicit contracts, which you should have read before purchasing. There is authorized copying, which is streaming to three machines, converting m4p->CD->MP3 or m4a, and then there is unauthorized copying, which is streaming to unlimited machines and converting from m4p->m4a.

You can argue Fair Use, but they can argue that you willingly agreed to their contract, and all they are doing is enforcing it through vague laws.

Re:Software Lock-in

[iantri]

Aah.. but not true.

You might find this plugin quite helpful. This thread has more info.

must be legal off the coast of New Zealand

[kayen_telva]

Playfair

Read the "Terms Of Service"

[supercobrajet428]

A Quote from the "Terms Of Service" which you MUST AGREE TO in order to purchase tracks from the ITMS:

Any burning or exporting capabilities are solely an accommodation to you and shall not constitute a grant or waiver (or other limitation or implication) of any rights of the copyright owners in any content, sound recording, underlying musical composition, or artwork embodied in any Product.

You agree that you will not attempt to, or encourage or assist any other person to, circumvent or modify any security technology or software that is part of the Service or used to administer the Usage Rules.

The delivery of Products does not transfer to you any commercial or promotional use rights in the Products.

It's not really a question about whether it's ethical or not. If you have music from the ITMS, you bought it from Apple, and YOU AGREED TO THESE TERMS OF SERVICE. If you make a piece of software to "circumvent or modify any security technology or software that is part of the Service" than you are breaking your contract with Apple, and thusly breaking the law. It's pretty simple.

Re:Read the "Terms Of Service"

[Fnkmaster]

Well, there's no reason to believe that the person who wrote the software needed to violate this EULA - they didn't necessarily ever buy any music from Apple or agree to the EULA. Whether using such a piece of software that somebody else wrote constitutes violation of this EULA is a less obvious question based on that wording.

In any case, breaking an EULA without redistributing somebody else's copyrighted material is one of those offenses which you won't find much support for on Slashdot. People here generally support the concept of electronic freedom - data you've acquired legally is yours to do what you will with within the bounds of your own home and computer. It's like breaking the speedlimit on your own private racetrack - it may be illegal, but it shouldn't be enforceable. And even here in the grand ole' USA EULAs are of questionable enforceability (mind you, at SourceForge.net, the issue was the unconstitutional legislation we call the DMCA, it had nothing to do with the EULA which SF.net had certainly never agreed to).

Of course, in India, it doesn't matter, since the people distributing Playfair at sandovar.org didn't write it, AND because they lived in India, were almost certainly not iTunes customers. Thus we have no reason to believe they had ever agreed to this EULA in the first place - assuming such EULAs are even recognized under Indian law, which I seriously doubt. In most countries' legal systems, click through screens don't make legitimate contracts.

Re:Read the "Terms Of Service"

[supercobrajet428]

I guess I disagree. In my mind, if you agree to a TOS you agree to it. It is not the responsibility of the company (Apple in this case) to come up with a nifty TOS that everyone will like and agree to. Though that may be in their best interest. It IS the responsibility of the consumer to understand the contracts they sign before they enter into them.

Just look at what has happened with Kazaa and multiple other free/shareware examples where they expect you to blip right through their usage agreement which explicitly states that the Kazaa installer has the right to install whatever it wants wherever it wants. It's horse-sh*t, but millions of people subject themselves to it everyday.

Again, it doesn't make it right, it just makes us (the collective, consumer, public populous who does these things) pretty dumb sometimes.

Re:Let's face it...

[bryanp]

And portraying a cracker-program as an "open-source effort" is a bit like calling the NRA a grass-roots civil rights campaign.

They're at least as grass roots as the ACLU.

Anyway, you say that as if the 2nd Amendment portion of the Bill of Rights wasn't a civil right.

Join the ACLU & EFF to support Amendments 1 and 3-9. Join the NRA and GOA to support Amendment 2. Amendment 10 gets ignored selectively by everyone, unfortunately.

Re:Why is Apple involved with this?

[cioxx]

That's possibly the stupidest thing I've heard in a long time.

Apple is a computer company.

Also, content distributor, and a software company.

They do not own or control the copyrights on the music they are allegedly trying to protect.

But they control the method which facilitates AAC DRM, needed to let record companies to release their catalogues for distrubution. Without PlayFair DRM, it would be hard or next to impossible to persuade record labels to furnish iTMS with audio content (which they own).

If anything, the RIAA should be the ones to go after these guys, not Apple.

Again, it's the method not the content.

They should tell Apple straight out that since Apple does not own the copyrights to the works which are supposedly being illegally copied, they do not have the right to make this request.

Let me give you an example. Suppose you manufacture and sell locks and at the same time rent a storage facility where people keep their property. Someone comes along and makes a master key which defeats your lock mechanism, when it is illegal (by law) to reverse-engineer, or reproduce master keys or to otherwise tamper with the lock. In the end, the gatekeeper is liable for the stolen property and the burden to prosecute those who are manufacturing these master keys is on the lock manufacturer, not the owner of the property.

Get it? RIAA doesn't have anything to do with AAC DRM. Apple is the gatekeeper and they're trying to protect the well-being of their online music store.

You want fair-use? Go buy the CD or use less-restricted distribution channels who provide you with MP3s and OGGs. iTMS doesn't force you to purchase digital (restricted) files from their store. Abide by the terms of the contract you signed whilst registering. Any fair-use argument here is completely laughable.

What scares me...

[faaaz]

...is not the fact that Apple went after PlayFair, that was more or less expected. What scares me is the fact that a large part of the slashdot crowd are siding with apple and big media on this one. Hacking your DVD-player is okay, the right to fiddle with your own devices shall not be infringed upon. Media files, however, are sacred. You shall not use them in any way big media does not approve of.

And why? To please big media, otherwise they would not venture into this internet selling thingy, posts explain. Anyone who does not accept the control big media is forcing upon buyers is a damn dirty pirate, responsible for the thousands of plagues in the world and puts 'us' in a bad light. The brainwashing is apparently working.

Really, what's the difference between deCSS and PlayFair? I don't recall anyone posting that Jon Johansen was guilty.

Re:What scares me...

[IntlHarvester]

What scares me is the fact that a large part of the slashdot crowd are siding with apple and big media on this one.

Reality Distortion Field at work -- A lot of people feel the need to defend their favorite 'beleaguered' computer maker. Had it been MS DRM or Real DRM instead of Apple DRM, you would see hardly any of the same reaction.

Their story is that Steve did everyone a big favor by implementing a "fair" DRM system, but the reality is that FairPlay isn't any different than the other RIAA-approved online music store DRM systems, other than it has Mac support.

Furthermore, their opposition to PlayFair isn't very pragmatic, as there's a real argument that it will only help Apple's music & ipod sales and not significantly increase piracy. All they have is a reactionary argument that PlayFair is bad because Apple says it is bad, and it's bad to lie to Apple and break their EULA.

-----------

What Apple Fans should understand is that consumer electronics and music are now way more profitable than Macintoshes -- and that will invevitably leave Apple, Inc. to make decisions that are good for RIAA/MPAA and not necessarily good for personal computing or the Mac platform.

I think it's perfectly possible to be a Macintosh booster without going balls to the wall for every new business Apple gets into. There's nothing inconsistant about believing that the Mac is the greatest computer ever made without endorsing Apple & the RIAA's online business model.

So, try being an Mac Fanboy instead of a Apple Inc Fanboy. It's refreshing.

Re:Not agreeing with Apple here

[plj]

Apple fans on Slashdot (disclaimer: I'm writing this on my PBook) always seem to claim that everyone willing to use iTMS should just obey Apple's TOS and never crack their DRM, because their DRM is fair as it can be circumvented by burning and re-ripping.

Well let me tell you: It is not fair. If one is a Hi-Fi geek, like I am, one wants to get rid of DRM without any additional quality loss.

Oh, but what I hear now: "128 kbit/s is not enough for Hi-Fi types, they want CDs nevertheless, regardless of their price". Sure - if CD's are available. But many songs are very, very hard to obtain on CD, if available at all, although they can be found from iTMS. And though 128 kbit AAC is barely adequate to my ears (my own iTunes library is mostly ripped as 224 kbit AAC), I can stand it if the alternative would be not having that song at all. But like hell will I accept any additional quality loss! And I still want to be able to play that song on Linux, too.

So, what options do I have left now? PlayFair. Would my intented use for it be within the limits of fair use? Yes. Would it be possible within the limits of Apple's DRM? No. Thus, the Apple's DRM is NOT fair. Would it be in violation of Apple's TOS? Yes. Thus, the TOS is not fair either. As it is a B2C standard-term contract, I seriously doubt it would hold any water in most courts here in Europe.

Yes, I live in EU (Finland), so no iTMS here, and the question is purely academic. But may be iTMS will be here one day.

That said, the EUCD is going to be applied in Finland pretty soon, but although that will probably make distributing of PlayFair illegal here, it seems the Finnish implementation won't outlaw its private use.

And what would make Apple's DRM fair to me? If the songs would be losslessly compressed in first place. Now the quality would be good enough even if an analog re-recording would be required (that is, no CD burning would be allowed).

RTFA before you mod, please

[ronmon]

A "cracker-program"? Hardly. Just a snippet from the sarovar response:

PlayFair does not give the user any special facilities that Apple itself has not given the user:

1. PlayFair requires a valid key from Apple to convert the format of music downloaded from iTunes. PlayFair cannot convert downloaded songs' formats without authorized keys.

2. PlayFair is not a music distribution program. All PlayFair does is convert songs from one, restricted format to another, less restricted format.

3. PlayFair is not a method for making illegal copies of iTunes songs. PlayFair by itself cannot be used to copy music to CD, distribute on a peer-to-peer (P2P) sharing network, play music or edit songs.

4. PlayFair saves time in converting songs. The Apple iPod permits the iTunes user to make a music CD out of iTunes songs. After that the user can convert the songs in that CD to MP3 or another digital format for playing on portable, non-Apple music players. By converting iTunes songs directly to a common digital format, PlayFair shortcuts this sequence by eliminating the need to make a CD and then convert it.

So read it and think again.

Apple is taking a bad rap for this...

[Llywelyn]

In truth, however, this is probably a very good move on their part.

Apple knows this technology is completely irrelevant, that it is "no big deal" from a technical standpoint and they expected something like this to be created from the beginning (Steve Jobs said exactly this--that they couldn't protect digital content).

As a *political* move, however, it makes a lot of sense. They aren't actually suing people RIAA style and I doubt it will ever come to that--instead they are just shutting down the servers that host it via C&D letters. If they didn't do this, they would be at risk of the music labels deciding that they aren't doing enough to protect their interests and *backing out*.

If you get this off P2P or FreeNet then good for you, you are an irrelevant statistic as far as Apple is concerned.

The comparisons to DeCSS really miss the point. DeCSS was big in part because there was no way to watch DVDs under Linux and because the MPAA really wasn't expecting it and tried to shut it down completely. With FairPlay there is a way to play it under Linux (though yes, there is a loss of quality) and they did expect it, so what they are doing is protecting their interests with the RIAA by giving a good go at it.

It doesn't matter if they "succeed" so long as they are actively pursuing it to the extent of the law.

Re:Not agreeing with Apple here

[bnenning]

So what is wrong with building a business based on supplying music for the iPod only?

Absolutely nothing. But getting governments to enforce that business model is another matter.

Re:Not agreeing with Apple here

[alexo]

>You've still made ONE copy in that process, even if you delete the original.
> I'm not saying this is right or wrong, since I believe it's perfectly within
> Fair Use to make a decrypted copy. What happens if Apple goes out of
> business? What happens if I don't have a suitable network connection to
> authorize my Macs? I paid for the music, and do have some right to listen to
> it at 100% quality.
>
> However, all I am stating is the strict legality of the situation. Owning
> this tool isn't illegal, but using it is. I don't know, however, that is
> enough under Indian law to get them knocked off the servers.

Since when making a copy for purposes covered under fair use provisions (as you stated yourself) is illegal?

Indian law specifically protects PlayFair

[Sanity]

According to the FSF india post, Indian law specifically permits this kind of thing:

(ab)the doing of any act necessary to obtain information essential for operating inter-operability of an independently created computer programme with other programmes by a lawful possessor of a computer programme provided that such information is not otherwise readily available;

Moreover, it even deals with baseless threats such as Apple's:

Section 60. Remedy in the case of groundless threat of legal proceedings.- Where any person claiming to be the owner of copyright in any work, by circulars, advertisements or otherwise, threatens any other person with any legal proceedings or liability in respect of an alleged infringement of the copyright, any person aggrieved thereby may, notwithstanding anything contained in section 34 of the Specific Relief Act, 1963 (47 of 1963), institute a declaratory suit that the alleged infringement of any legal rights of the person making such threats and may in any such suit-
(a) obtain an injunction against the continuance of such threats; and
(b) recover such damages, if any, as he has sustained by reason of such threats.

So PlayFair may even be able to take action against Apple for this!