Slashdot Mirror

← Back to Stories (view on slashdot.org)

FairPlay v2 Reversed, Playfair Back Online

Posted by CmdrTaco on from the tag-you're-it dept.

An anonymous reader writes "Two weeks ago Apple released iTunes 4.5. The minor changes Apple made to their Music Sharing Protocol (daap) were reverse engineered after just one day. According to a post in the Doom9 forums FairPlay version 2 has also been reverse engineered. playfair has already been patched with the new code and is back online with FSF India providing legal support. How will Apple respond?"

3 of 621 comments (clear)

  1. big difference by green+pizza · · Score: 5, Informative

    I do not want to get flamed, but honestly, when I read this stuff I wonder how everyone can get so pissed off when someone breaks the GPL yet be so supportive of someone doing this kind of work?

    For all of the lofty talk in the community, is it at it's root support for whatever it takes to get "what I want, free"?

    There's a big difference here...

    PlayFair decrypts .m4p files into plain .m4a/AAC files. The reason people use PlayFair is to allow the use of iTunes-purchased files to be played back without having to use an iPod or iTunes. Sure this could lead to increased piracy, but so does buying a CD at Walmart.

    PlayFair still requires the music to be purchased in the first place. Apple's files (at the RIAA and record labels' demands) are still encrypted, even after "purchase".

    PlayFair users are generally working with their own, purchased files. They are not dipping into some secret Apple server full of encrypted, unsold songs.

    iTunes buyers simply want more freedom. They're using PlayFair to achieve this.

  2. more info by xandroid · · Score: 5, Informative

    According to MacWorld...

    • new version, and they're calling it a complete re-write (now fully GPL compliant, too)
    • new web host (in the US, surprisingly, and ballsy too: Babu (creator) says "This [host] is well aware of the DMCA and DRM issues and is very much willing to defend us in case Apple threatens to bring down the site")
    • now preserves the iTMS header files, including the user's Apple ID ("This proves that our purpose is for fair use and not for piracy and should help us in our legal battles")
    • "hymn" stands for "hear your music anywhere"
    • and the new site's not even slashdotted yet!



    (Not really karma whoring, just adding the info that was in my submission... bah.)

    --
    $ echo "ceci n'est pas une pipe" | sed -Ee 's/(eci n|pas )//g'
  3. Nope by Otto · · Score: 5, Informative

    Playfair actually decrypted the music directly, it didn't intercept it in Quicktime.

    The key to decrypting iTMS files lies in its keyring. See, when you get "authorized" by Apple to play your purchased music, a key gets downloaded to your machine. This key is used to decrypt your music. The key is stored inside a keyring, and the keyring is encrypted using other information specific to your machine (Windows key, chunks off the BIOS, etc, etc).

    The method to decrypt the keyring was reverse engineered, giving you the key, giving you the ability to decrypt the songs directly.

    Simple.

    --
    - Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.