Slashdot Mirror
FairPlay v2 Reversed, Playfair Back Online
An anonymous reader writes "Two weeks ago Apple released iTunes 4.5. The minor changes Apple made to their Music Sharing Protocol (daap) were reverse engineered after just one day. According to a post in the Doom9 forums FairPlay version 2 has also been reverse engineered. playfair has
already been patched with the new code and is back online with FSF India providing legal support. How will Apple respond?"
Can playfair be protected under the GNU GPL and be illegal in the US (under the DMCA) at the same time?
Evolution or ID?
I've read on several other Mac news sites (Macintouch, MacMinute, MacSlash) that FiarPLay is now called hymn (for hear your music anywhere). Why didn't Slashdot note this, or has there been a fork in the project?
BLING BLING. Meet the architecture that's changing everything.
Personally, I think Apple should hire the person(s) that keeps reverse engineering it. Then they get a knowledgeable staff member, and don't have to worry about a new version being cracked... At least for a little while. :)
The difference is you buy iTunes. All these programs allow you to do is to do what you want with your own music. I have an iPod and iTunes, so I have no real use for such a program. Some people may want to purchase songs then convert them to some other format for various other applications. Different music players, etc. If I were to use a copy of Photoshop that is illicit, I would be a pirate. If I reencode my songs from iTunes that I already bought, that is my own business, IMHO. But the iTunes DRM is unobtrusive to me anyway. You can always burn the songs to cd/dvd then reencode them to whatever you want.
I hate sigs.
We have DRM'd music, what about Public-Private Key Encrypt'd music? Won't it ultimately come down to that, where the key's are owned by a company and you have to be connected online to listen to your music? It must be depressing to sell any type of software online... wait till nanotech does the same thing to the "real world" that dd and cp have done to the electronic world. My guess is either capitalism will fall, or liberty... at that point where you can replicate matter with ease, I doubt they can coexist.
Matt Fahrenbacher
James Tiberius Kirk: "Spock, the women on your planet are logical. No other planet in the galaxy can make that claim."
Not necessarily. Engineering takes more creativity.
With reverse engineering you can watch the machine do its work, examine the input and output and compare them, etc. You have something to work with and you know when it is right...because it works.
The original engineers had to create something out of nothing...
Someone violating the GPL is using other people's work without giving them credit or compensation. It's copyright infringement.
Someone decrypting FairPlay'd songs has a whole host of reasons to do so, including using those songs in a fair use manner. You have to *buy* the songs before you can decrypt them.
Example: Say you want to convert the M4P's into MP3's for compatibility with your portable player. iTunes won't let you do that, without the tired hack of burning and reripping an audio CD. But if you FairPlay, you can decrypt the songs into M4A's and then iTunes will convert them to MP3's for you just fine. No (sane) laws have been broken, and it's perfectly ethical to do this. You're not giving away the music, you're just converting it to another format for compatibility with other devices. That's fair use, as I see it.
And frankly, getting iTunes store music, decrypting it, and sharing it isn't going to happen. Nearly everything you can get at the iTunes Music Store is *already* out there on the P2P networks. It's not like this creates more copyright infringement.
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
I think so also. As the couple of Slashdot articles in the past have stated, the more media coverage, the more your profits go up. Interestingly enough isn't it. Personally, I still think that iTunes was one of the better deals out there versus all those stupid excuses for companies tryin to imitate them. All we ask for is music that we'll buy that actually is worth what we pay for. Heck, what's the last "album" that you can remember worthwhile to pay for? Not many are out there when it comes to Top 40s.
-- Friends don't let friends buy Nokia.
Is there a way to emulate an iPod so those of us who don't have one can decrypt our songs?
That sounds great, but the music that people want to hear is only available in this way, currently. I'll be excited when "free music" gets to the quality/popularity that current popular music does, and because of that, I'll continue to support it where I see potential, but suggesting that people who really like what they hear on the radio not listen to it and instead listen to music which, in many genres is not as good, isn't realistic. Nor would I suggest it, as much as I want free music to succeed.
Imagine that every book you bought came in a different crypto script and you needed real, microsoft or apple glasses to read each different type of book - effectively a corporate tax on reading. Would you accept this? Would you call a person who circumvented this device a "criminal" with double standards?
No.
It has been proven time and again that there ARE economic models to make money that don't include vendor-lock-in. In fact not only is vendor lock-in anti communistic, it is anti competition and that makes it anti-capitalist.
Fuck DRM, fuck every sniveling executive whose job relies on just being a middle man who takes his little "tax" off everything that real people produce. These people are worthless to a communist society, and they are usless to a capitalist society. They are the dead weight every way you measure it and as far as I am concerned I am not going to let them slowly seal up cultural production across the globe into their little cabals.
Why would ANY society want that to happen? The ONLY society I can imagine that happening in, is one that is run by the self-same people who stand to make a profit off it. And that worries me, because I think there are deals being cut between big media and government for kick-backs. And we need to crush that type of non-citizen corporate lobbying. Why does a corporation have a right to lobby, or even meet with elected representatives? Only citizens should be allowed to meet with government, and only AFTER an elected rep has meet hundreds of citizens for hundreds of hours should he be ALLOWED (we own them remember) to talk policy with a PAID lobby employee of a company.
It doesn't seem all that wrong until you *really* think about what is going on. We need radical democracy to smash all these cretins off the face of the political landscape and start anew; with old-school right wing libertarians and old-school liberal humanists fighting it out for the CITIZENS. There is always corruption, but back in the early days of each democracy of the world there were people *who could not be bought*, I don't think any modern democracy can make that claim anymore. And it makes me sick.
with FSF India providing legal support. How will Apple respond?
The registered address of the hymn-project.org domain is in India, but for its "A" record I currently get the following:
OrgName: United Layer, Inc.
OrgID: LAER
Address: 1019 Mission Street
City: San Francisco
StateProv: CA
PostalCode: 94103
Country: US
So perhaps there remains a danger that Apple will simply DMCA this place as per usual.
- Brian.
The GPL says (in a tiny over-simplified, sure to get me in trouble with RMS nutshell): Take this, use it, have fun. If you make it better, let us know how. Or we'll take you to court.
The general slashdot take on this (and I'm in agreement) is that its a morally and legally responsible request to make.
Apple is saying: You can only use this music you bought in ways we approve of. You don't own it, you're just renting (licensing agreement). Yes, people agree to the license before hand, but slashdotters feel that fair use... such as the ability to listen to iTMS music under Linux or on a non-iPod MP3 player... is such a fundamental right that it can't be abridged even by a mutually agreed upon contract. An analogy would be if you and I, without any duress, entered into a contract wherein you agreed to never vote again if I give you $1. Voting is such a fundamental right that the contract is invalid, even though we both agreed on it.
Now, people can argue that the GPL is not a valid (legally... maybe morally although I'm not sure how) contract or that the iTMS license trumps fair use, and thats fine. But, the argument that the average slashbot's view on contracts is "gimme free stuff" is just RIAA-level "you're a pirate" FUD. Its just that we think one type of contract is fine and the other interferes with more basic rights.
And thats not even touching on the DMCA and whether code in and of itself can be a crime.
If we don't let our representatives know we are watching how they vote on this, Big Media will crush this legislation. If the /. community would spend a fraction of the time lobbying against laws like the DMCA as we do bitching about the companies that sue using it, PlayFair (and any other DRM cracker) would already be legal.
Don't forget that it continues to make the community look bad.
To which community do you refer? FSF people? GNU people? EFF people? Free-and-Open source (in general) people? Whitehats? Greyhats? Blackhats? Music lovers? Anti-corporate people? Slashdotters?
Put simply, it doesn't really matter how you answer. When something threatens corporate profits (you can see that I at least fall into the last category above), they spin it so we all manage to come out looking bad. Cracked DRM? Damn those anti-corporate open-source hippy weed-smokin' bastards! Leaked Windows source code? Damn those anti-corporate open-source hippy weed-smokin' bastards! A new worm that only affects Outlook or MSIE? Damn those anti-corporate open-source hippy weed-smokin' bastards!
We can't win the PR war, because "they" have a PR budget, and we do not.
Don't bother with DRM, RIAA sponsored music, and certainly don't bother with breaking it. Just ignore it and support free music.
While good in theory (and a stance I almost fully agree with), we all have a few RIAA-signed groups we enjoy. As a better choice than supporting DRM'd downloads, just buy the CD (preferably used so the RIAA doesn't actually profit from the sale, although on the down side, the artist doesn't get any money that way either). Then rip to whatever format you like.
Of course, the RIAA has already started working to plug that particular hole (via broken CDs), but so far have failed miserably. Aside from the overall pathetically weak nature of the DRM on CDs so far, broken CDs have failed for the only reason the RIAA cares about - Profit. The general poublic may have no idea about the trampling of their fair-use rights, but they do get annoyed when they buy a CD and it won't play in their car.
I have no problems with free music. I do listen to some artistes who put out their own mp3s for downloads, and are not out to gyp the listener.
But honestly, stop this free music spiel. What if some guys I like work with RIAA- affiliated labels? (think 60s-70s classics)
I will do the obvious -
a) P2P illegal downloads
b) sell my soul to the devil and buy it on iTMS, or on ebay, or on my trips to India, where you can buy them for cheaper ($4-$7).
Personally I think iTMS has the big drawback that you don't get CD inlays. I love the artwork, and lyrics, credits etc. that come with purchased CDs.
You want to show some support for Hymn? One way is to buy some iTunes songs, to show that increasing freedom of music only leads to more sales! If everyone from /. went and bought a song or two, that would show a nice jump.
I plan to buy a CD or two this week to show that just because I can free up my music doesn't mean I'm going to stop buying or shipping my music out to everyone on the planet.
You can also fill out a form to let Apple know you'd like Hymn to stay around and it will increase you purchases there.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
How come all it seems to take is the mention of Apple, and all the things slashdotters normally hate, such as DRM, and restrictive click-through agreements that prohibit reverse engineering, suddenly become the best thing since sliced bread?
Why? It's not like it's turning into a flame war or anything. What's Slashdot for if not debating things? ;-)
And the 'compression' argument doesn't hold water unless you have a $10k set of speakers to listen to it on powered by a McIntosh analog amp.
For some people that may be true, but hearing can vary widely from person to person. I don't claim to be an audiophile, but I can definitely hear the compression artifacts at the transcoded 112kbps MP3 level that you're suggesting. 128kbps AAC is just barely past the threshold of my hearing, so pretty much any transcoding is going to be too poor for my tastes. Not to mention that it's slow and inconvenient to burn and re-rip. With Hymn, it only takes about ten seconds per song.
Burn protected AAC to CD Media
Yes I could do that but it is just one more step I must do in order to play the music I purchased on my non-ipod player. I purchase music online because it is convenient. This is not convenient.
I'm sad to say that Apple may once again lose to Microsoft. Microsoft's DRM hasn't been cracked yet. If this continues the major labels may decide to back Microsoft and shun Apple.
I do not have any problems with Apple's implementation of DRM except only supporting the iPod. I love the ITMS. Finding the music I want is much easier for me than some other sites I have used.
I'm torn between supporting Apple, a company I respect, or using another music service where I can get my music cheaper and supports my portable player.
because i'm pretty savvy at getting rid of my 9-18 month old macs on eBay, i'm often turning over my computers.
twice now, i've had a machine leave me without deauthorizing it. once because i forgot to, and once because it died on me totally (iBook repair program).
So i have yet 1 machine that is authorized - and rather than do an XP-like "mother may I" call to Apple to pay for music i've paid for - i'd rather just run this app, move my music to whatever machine i've got - and keep buying more music.
there are lots of good reasons for this - few are bad - and since my ID is still attached - its not like i could easily get away with using it on a P2P anyhow.
I use iTunes because it works better than p2p, and will keep on doing so so long as Apple doesn't stop me from using what i've bought.
guns kill people like spoons make Rosie O'Donnell fat.
4) That's nice, but you cannot contractually sign away your rights. If the law grants you the right to make copies of something (again, this has not been shown to the best of my knowledge when it comes to digital downloads of music) then even if you sign a form which says you won't do that, not only are you still allowed to do so, but you cannot be said to be in breach of contract for doing so because you have a legal right. On the other hand you have no explicit legal right to, say, sell the track to someone else, so doing that would be a breach of the terms of the contract unless explicitly allowed by the terms of sale.
5> I don't know about itunes in particular but in some cases if you have the appropriate registry keys set (or other equivalent where appropriate) the system believes you have already agreed to the EULA and will never display it. The question then becomes, is adding those entries equivalent to clicking yes? I cannot answer it, of course, as IANAL.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Remind me again how Apple (or anybody) is forcing you to buy music with DRM included?
That's stupid.
Of course no one's FORCING you to buy something.
Even if there was only one place left on the planet to get food, technically you aren't being *forced* to buy food there, as you could always "choose" to starve to death.
I've got an idea, why don't you show me a site where I can legally download major-label music WITHOUT DRM?
Then there would be a real alternative.
Life is too short to proofread.
correct, it's now "-preset standard" AFAIK. but good point, r3mix needs to die as it's inferior to the new presets.
There's really nothing else that Apple can do. If they ignore PlayFair, the RIAA will surly pull the plug on iTunes.
Except for one thing - iTunes is making a LOT of money for the RIAA and associated companies! As iTunes grows in use and popularity, Apple has much more of a stick to brandish and show music companies that even with tools like Hymn, sales can continue to grow. I think that was Apple's plan all along, to start with the least restrictive DRM possible and then relax it further as time went on and the music companies became more comfortable with the whole thing (witness the recent relaxation of number of computers to five instead of two) - they only dislike Hymn because it accellerates the time table faster than they would like.
The RIAA could possibly pull the plug (not sure what the contracts are like) but will they do it if they throw away a ready cash flow in the process? You can argue other things they have done have hurt sales, but only from a theoretical standpoint - iTunes represents a very concrete flow of money that I'm not sure the RIAA would have the gumption to shut the valve on.
So now the question is - is Apple willing to undergo the expense of a legal battle they are pretty sure they will lose and not even agree with, or are they strong enough to tell the music companies they cannot fight it from the start?
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I really like this. Even more now that they leave the ID info intact.
This program is made to circumvent DRM, but not to pirate. As such it allows fair use as stipulated under copyright law
IANAL but I don't like this trend of locking in the user more and more. There was never any real action against people taping their LP's in the time when my back didn't hurt that much after sex.
I'm actually from the other side (involved with a label) I and don't think pirating stuff is in some weird way noble and nice, but like almost everybody on that side of the fence, I do like music - a lot more than most Britney Spear copying idiots I'm sure - and I do buy the stuff, and I can't foretell on what equipment I'll be wanting to play it on in a couple of years time. So the more options I have, the happier I am.
That doesn't mean I want Apple to support every music format possible, I like their focus on ease of use... When I was a kid I also had to find out how my cassette player and mixing desk had to be hooked up in order to copy. But nobody was actively trying to make my life difficult either.
On that: Apple needs to show it's "concerned" and needs to be seen to try and do something about this - it's a lawyer thing, else they don't uphold their part of the bargain - but really, do you think deep down they really care? There isn't a company that's more into music than Apple. They know very well what reality looks like and how consumers think.
I think, therefore I am...I think.
Congratulations, someone cracked the iTunes DRM. Honestly, good job. I wouldn't have been able to do it. But what would really be nice is if someone cracked the DRM on WMA files. Then, of the few songs that you can't purchase from iTunes, you could buy them from a WMA based music store and play those songs on any computer/music player too.
See, WMA is even more restricted. WMA-only music players using Windows operating systems.
The cracked iTunes DRM now allows for purchased music on ANY device capable of playing a music file. Complete compatability