Slashdot Mirror


iTunes 4.5 Authentication Cracked

fooishbar writes "Yesterday, Apple released iTunes 4.5, which deliberately broke the 4.2 authentication scheme, which had been successfully reverse-engineered. However, crazney has been at it again, and within 24 hours of downloading iTunes 4.5, has broken the new scheme, and added more features to this library along the way. If you want to incorporate iTMS support in your program, give libopendaap a go!" Reader ScottGant submits this story about the Pepsi/iTunes promotion: "News.com has this story about Pepsi's iTunes promotion give-away. The promotion, which is slated to end this Friday, was to have given away 100 million tracks through Apple's iTunes music site. But according to Apple on Wednesday, only about 5 million free songs have been redeemed."

5 of 725 comments (clear)

  1. Only five million? by Liselle · · Score: 5, Interesting

    That's way less than they anticipated. Only 5 million out of 100 knocked me flat. Since iTunes serves a pretty specific market, I guess that says a lot. Especially since the tracks are free. The question on my mind: how many of those 100 million winners actually reached folks? TFA mentioned something about distribution problems.

    Also, about the new authentication crack: I am curious how this will impact their deal to offer free weekly songs, I'm assuming it's some sort of deal with the record industry. Today is a fairly uninspiring Avril Lavigne track (but free! I got it anyway! :P), but I have to wonder.

    --
    Auto-reply to ACs: "Truly, you have a dizzying intellect."
    1. Re:Only five million? by OS24Ever · · Score: 5, Interesting

      According to a lot of posts on Macrumors.com and other Mac news sites there were a lot of posts from people in the *huge* markets like New York, LA, San Fran, etc who were posting that they never found a bottle with the promotion on it.

      Personally in Raleigh, NC I never saw a 'iTunes' bottle but then again I don't drink a lot of soft drinks anyway.

      --

      As a rock-in-roll Physicist once said, No matter where you go, there you are.

  2. 4.5 busted sharing with previous versions by crackshoe · · Score: 5, Interesting

    my main problem with 4.5 is that it no longer allowed sharing with other itunes running boxen on my home network - the one machine i had updated to 4.5 ( my parents imac) couldn't accesss my music on the g5. it seems like a fairly annoying thing that wouldn't be particularly hard to not break for no particular reason. while i personally think theres no reason to break apple's authentication or other security features in itunes (the current permisions are more than enough for me, and i have less than 20 pruchased tracks, and only 2 machines i play em on), its nice to know that work arounds do exist.

    --
    Don't worry - its just stigmata. Pass me a napkin and don't you dare tell my mother.
  3. Re:That was quick by pudge · · Score: 5, Interesting

    I hope apple didnt invest too much time/money in this new fixed drm. Will these media pimps ever learn?

    This isn't about DRM, it is about access to the music store, sharing, etc. outside of the iTunes application.

    And despite the poster's assertion, there's no real reason to think the authentication scheme was intended to break compatibility; as most developers know, sometimes you need to make changes for other reasons that force a break in compatibility. If this WERE about DRM, I'd say it was likely, but I see no reason to think this separate change was deliberate. It may have been, but no one's given any reason to think it.

  4. How is this authentication Cracked. by raptor21 · · Score: 5, Interesting

    If a person still needs a account to login to iTMS with this bit of reverse engineered method, the Authentication hasn't been cracked!!!

    Authentication cracked means that you cand take an encrypted password and retreive the plain text for and already existing account.
    All this guy seems to be able to do is figure out where and how iTunes sends its login information, so he can put it in his own application.