Slashdot Mirror
FairPlay v2 Reversed, Playfair Back Online
An anonymous reader writes "Two weeks ago Apple released iTunes 4.5. The minor changes Apple made to their Music Sharing Protocol (daap) were reverse engineered after just one day. According to a post in the Doom9 forums FairPlay version 2 has also been reverse engineered. playfair has
already been patched with the new code and is back online with FSF India providing legal support. How will Apple respond?"
from Macworld
I do not want to get flamed, but honestly, when I read this stuff I wonder how everyone can get so pissed off when someone breaks the GPL yet be so supportive of someone doing this kind of work?
.m4p files into plain .m4a/AAC files. The reason people use PlayFair is to allow the use of iTunes-purchased files to be played back without having to use an iPod or iTunes. Sure this could lead to increased piracy, but so does buying a CD at Walmart.
For all of the lofty talk in the community, is it at it's root support for whatever it takes to get "what I want, free"?
There's a big difference here...
PlayFair decrypts
PlayFair still requires the music to be purchased in the first place. Apple's files (at the RIAA and record labels' demands) are still encrypted, even after "purchase".
PlayFair users are generally working with their own, purchased files. They are not dipping into some secret Apple server full of encrypted, unsold songs.
iTunes buyers simply want more freedom. They're using PlayFair to achieve this.
Will I use the new Hymn/Playfair program? Oh, probably - my .Mac account runs out and I'm not going to renew, and it's how I bought my iTunes songs in the past.
.MAC account in order to purchase from their music store. Is there some other reason that you will stop buying/playing your music when your .MAC account runs out?
AFAIK you don't have to have a
Sir, there is a dragon outside with an armful of armor. He's inquiring if we offer free refills.
Will I use the new Hymn/Playfair program? Oh, probably - my .Mac account runs out and I'm not going to renew, and it's how I bought my iTunes songs in the past.
.Mac has absolutely nothing to do with iTMS.
If you somehow got the idea that your music is permanently tied to the email address you used when you bought the song, you might want to click on the "Account" button above the content when browsing the store. Note the "Edit Account Info" link that allows you to update your email address.
- Tony
Next to none of its use will be for piracy. Why? Because the music is already out there. It's not like iTMS has anything special that isn't already shared. Okay, they do have the iTunes "Exclusives" that show up every once in a while, but beyond that I seriously doubt most people will be buying music and sharing it with the world. Hymn (as I see it's now called) will be mainly use for compatibility reasons. You should see the Apple forums, where the majority of questions are about how to play back iTunes Music Store songs on this or that MP3 player..
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
They did not "reverse engineer" FairPlay. They just added some hooks into quicktime to catch the audiostream after its was decrypted but before it is send to your audio card.
Nothing totally insane going on here.
When will I end this grieving ? When will my future begin ?
And even if a bunch of butt-munches start "sharing" their music with others, that means more AAC files out there, which means a better chance we'll see more MP3 players that include AAC support in the future.
.m4a's up on Kazaa, tracing them back to the owner for major bustitude is trivial. Every file retains its signature. This should limit the appeal to pirates, at least the ones who don't put the files through a second process to remove it. And those guys will pirate things anyway no matter what format they're in.
And don't forget that FairPlay purposely leaves in the Apple ID used to purchase the song. So if people DO start putting their
I just wish I had either an iPod or a windows machine capable of running iTunes so I could use it. My G4s and linux boxen can't do it. And iPods are still way too expensive for me, so I guess I'm stuck with the CD -> mp3 method for now.
-- http://frobnosticate.com
According to MacWorld...
(Not really karma whoring, just adding the info that was in my submission... bah.)
$ echo "ceci n'est pas une pipe" | sed -Ee 's/(eci n|pas )//g'
Playfair actually decrypted the music directly, it didn't intercept it in Quicktime.
The key to decrypting iTMS files lies in its keyring. See, when you get "authorized" by Apple to play your purchased music, a key gets downloaded to your machine. This key is used to decrypt your music. The key is stored inside a keyring, and the keyring is encrypted using other information specific to your machine (Windows key, chunks off the BIOS, etc, etc).
The method to decrypt the keyring was reverse engineered, giving you the key, giving you the ability to decrypt the songs directly.
Simple.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
Never mind. I'm a moron.
I thought the point was that Playfair does not let you pirate the tunes (any more than any other method). It allows you to get past certain restrictions like not having to use an ipod as an mp3 player. I mean playfair is only useable by someone who has legally purchased a track after all.
One, EULAs have never shown to be legally binding.
For example, take a video game. Do you need to agree to the EULA to run it? Of course not:
1- Minors can't enter into contracts. Can only people 18+ buy games?
2- They are amending the terms of sale, after the sale has taken place. This is not legal.
3- Contract laws require that you actually receive something in exchange for what you are offering. Now, the theory behind the EULA is that your computer (and through extension, you) makes a copy when you run it, as such, you need a license to copy. However, Copyright law specifically allows fair use, which allows you to do more than the EULA anyway, and copyright law lets you make copies anyway. As such, you are literally getting nothing in return.
4- Click-through agreements have never been shown to count as a legal agreement
5- What if you just skip it altogether?
The reality is, the companies who use EULAs are abusing the system, and trying to treat a license like a contract. It is not. A license doesn't have any of the above issues (the GPL is, for example, a license).
For example, copyright law says that you may not distribute copies. However, a license can say "you can go ahead and distribute copies, but only if you do X, Y, and Z". A license giveth, a license does not take. As such, minors can use licenses, too.
For example, suppose I were to were to write some sheet music, and give it to you. Copyright law is fairly specific about what you can do with it. For the most part, it just means you can't distribute copies. Now, suppose I placed the text "You may make and distribute copies, provided this copyright notice is present on all copies". This is a license. It gives you rights you do not normally had. You do not need to "enter" into any agreement at all. If you don't want to use it, you don't have to.
MS probably does not have to make money selling music from the store itself. They will license the technology to the player makers and encoding places (chah ching!), ensure the decoding can only happen on recent versions of Windows (chah ching!) using IE (chah ching!) and probably tied into passport and MSN (chah ching, chah ching!). Hell, it might even tie into the XBox (chah ching!) and MS embedded devices (chah ching!).
Being a monopoly has its advantages.
Bad boys rape our young girls but Violet gives willingly.
This argument needs to go to sleep and fast.
;)
Burn protected AAC to CD Media.
Rip with VBR --r3mix -b112 with lame or your favorite encoder.
Play on whatever you want.
And the 'compression' argument doesn't hold water unless you have a $10k set of speakers to listen to it on powered by a McIntosh analog amp. And if you have that you're just a cheap a$$ bastard for not buying the music.
I burn all sorts of CDs and listen to them in my cars, my stereo, etc. I can't tell the difference between it and my lossless compressed burns when they are side by side. Granted I've not paid for a song I have and tried it but if you decompress a 128k AAC and a flac compressed one and play them on the same stereo they sound no different
As a rock-in-roll Physicist once said, No matter where you go, there you are.
One change mentioned on the page (if anyone actually read it) is that the new version strips the DRM, but leaves intact the Apple User ID who originally purchased the song. That is pretty cool - as it give them some legal justification. If people share stuff they can be ID'd. This is perfect for me, as I just wanted to be able to play my songs on whichever computer I use but wouldn't share them with anyone other than my wife. (Which for all I know, might be illegal, but WTF is with that?)
Cool
And here I thought that the authors were going out of their way to show that they're about fair use, not copyright infringement (even going so far as to NOT remove the purchaser's information from the files, just the DRM). I mean, what good is it if I want to buy a song from the iTMS, but then (since I don't really use Windows or MacOS) want to share that song out via MythMusic, or listen to it in RhythmBox.
Do you really need reason for beer? Wingman Brewers
The site is becoming slow. I have a fast Internet2-enabled University connection, so anyone can download quickly from these. This has enough bandwidth for all of you. :)
It's probably a DMCA-banned circumvention device, but these are my last days on ResNet. *sniff*
Here's a mirror:
UNIX-style source: http://128.220.38.69:8071/hymn-0.6.0.tar.gz
Windows binaries: http://128.220.38.69:8071/hymn-0.6.0.zip
Mac binaries (with GUI): http://128.220.38.69:8071/hymn-0.6.0.dmg
You can check my MD5SUMs against the official ones, http://hymn-project.org/download/MD5SUM .
Last I heard, you had to actually purchase the music and have a iTMS account for Fairplay to work. It won't work on that AAC file you grabbed off of Kazaa, because you don't have a valid key to begin with. This is clearly a fair use issue, not one of copyright infringement.
I just burned my ability to mod this discussion, but that had to be said.
When did the parent say anything about pirating music? He said the OPPOSITE! He said he would pay a buck if it was unencumbered with DRM. That sounds like exactly the market forces we WANT on our side, right?
You obviously think DRM is OK, that is fine for you. Many of us think it is very bad, and boycotting is the only way we have of telling anybody. It seems pretty retarded to say don't boycott because at least this DRM isn't that bad. You just wait...
BTW, any DRM war will be won by the hackers and script kiddies. As the restricions become tighter there will be more people willing to work on these projects and spread them throughout the net.
Apple was not the first to market with an online music store. There were several WMA format stores out there before anyone had even heard of iTunes. PressPlay was one of them.
As to your comparison of the quality of AAC vs. MP3. No online store with major label music has ever used the MP3 format so the comparison is silly. WMA is on the same par with AAC. Some would argue WMA is better.
The DRM system for WMA files is certainly far more versatile and far more secure than AAC. It allows the content owner to set up a wide variety of lisencing terms rather than the one-size-fits-all approach of iTunes. No one has a working crack - though the burn/rip approach works as long as the content owner allowed burning (which they generally do unless the songs are being given out as a free time limited promo - i.e. download this album for free, it will be playable for 2 weeks)
David
Keep in mind that I am not trying to defend Microsoft's DRM, my position is that BOTH DRMs are bad. Anyway, my real question is, what makes Apple so perfect and Microsoft so wrong?
It's a simple matter of history. For the past 10 years, Microsoft has behaved atrociously in any market where they have had a stake. They have run roughshod over consumer interests, antimonopoly laws, and have singlehandedly destroyed free market competition.
While no one can be sure, many of those who mod pro-MS DRM (or pro MS anything) negatively are relying on their historical knowledge of MSs behavior. Apple generally have not abused the markets in which they compete (though they have been known to do so: e.g. Final Cut Pro, though that is debatable given Adobe's letting Premeire languish).
So, long story short, people mod pro-MS posts negatively and pro-Apple posts positively because they recognize that the two companies are DIFFERENT. It's not only what you say, but of whom you say it, and let's be realistic. Given the chance, MS would almost certainly use any DRM scheme it controlled in a way that abused its monopoly position. Apple doesn't have a monopoly it can abuse. Its lead in digtial music sales is independent of its horrifyingly low desktop market share.
In context-sensitive debates involving IT, it does matter if you are talking about IBM, SCO, Apple or, Microsoft. Funny that you can't seem to understand that people use what they know when deciding whether to moderate up or down.
blog
CD's deliver a much better quality than iTune and are already the status quo for copying...
YES, unlike you I don't feel it's my god given right to read books.
Then you disagree with the authors of the Constitution. In the United States, we do have the right to read books. Works are public, but the author of the work has a temporary, limited, monopoly over the distribution of that work. That's how copyright was originally viewed by our founders.
I do feel I have a god given right to read books, exactly as the framers of the Constitution did. If you have a problem with that, please kindly leave my country.
But your iTMS account name still remains coded in the hymn-altered file.