FairPlay v2 Reversed, Playfair Back Online

← Back to Stories (view on slashdot.org)

FairPlay v2 Reversed, Playfair Back Online

Posted by CmdrTaco on Tuesday May 11, 2004 @03:51AM from the tag-you're-it dept.

An anonymous reader writes "Two weeks ago Apple released iTunes 4.5. The minor changes Apple made to their Music Sharing Protocol (daap) were reverse engineered after just one day. According to a post in the Doom9 forums FairPlay version 2 has also been reverse engineered. playfair has already been patched with the new code and is back online with FSF India providing legal support. How will Apple respond?"

22 of 621 comments (clear)

Obvious by thebra · 2004-05-11 03:51 · Score: 5, Redundant

"How will Apple respond?"
With FairPlay v3.
1. Re:Obvious by green+pizza · 2004-05-11 03:57 · Score: 5, Insightful
  
  >>How will Apple respond?
  >With FairPlay v3.
  
  Of course! Apple has to show the RIAA and record labels that they're trying to prevent "unauthorized decryption" of the .m4p files from the iTunes store.
  
  There's really nothing else that Apple can do. If they ignore PlayFair, the RIAA will surly pull the plug on iTunes.
  
  I'm waiting for Microsoft to start their MSN music store. I have a feeling MS will tell the RIAA what they can do with their wishes and desires. For one, MS will want to keep as much money to themselves as possible. They'll also want the RIAA to quick overreacting every time a weakness in DRM is exploited.
2. Re:Obvious by Bander · 2004-05-11 04:02 · Score: 5, Insightful
  
  Please don't be so naive, at least in public.
  
  Apple is not fighting this because they are evil, they are doing it becasue if they don't, record labels will be less interested in working with the iTunes Music Store.
  
  If you must blame someone, blame the RIAA. I agree that it's sad that Apple is playing along with the bastards, but if they aren't seen as vigorously defending the "right" of the labels to make egregious profits, they could stand to lose a critical revenue stream.
  
  Bander
  
  --
  What we need more of is science!
3. Re:Obvious by athakur999 · 2004-05-11 04:22 · Score: 5, Funny
  
  I'd say Apple will respond by paying someone to get the story submitted to Slashdot with a link to the offending website, thereby ensuring no one will be able to download it.
  
  --
  "People that quote themselves in their signatures bother me" - athakur999
4. Re:Obvious by Abjifyicious · 2004-05-11 04:28 · Score: 5, Insightful
  
  Apple is not fighting this because they are evil, they are doing it becasue if they don't, record labels will be less interested in working with the iTunes Music Store.
  That may be one of the reasons, but then there's also the fact that their DRM only works with iPods. The whole idea behind the music store is just to sell more iPods. If there was no DRM, people could use their music on non-iPod players that support AAC, but as it is they're locked into buying iPods forever unless they want to re-purchase all their music.
5. Re:Obvious by theLOUDroom · 2004-05-11 04:38 · Score: 5, Insightful
  
  Don't forget that it continues to make the community look bad. "See, we made this format so that people could legally download music for a nominal fee and they just keep breaking it so that they can pirate the tunes."
  
  See, but that's stupid. People can already download music for free without playfair.
  
  The only compelling reason for the existence of playfair is so that you can use the music you've legally purchased in whatever format you want. (Maybe you want to buy an Ipaq instead of an ipod for example).
  
  THIS ISN"T ABOUT PIRACY IT'S ABOUT CONTROL.
  
  It's like a "broadcast flag" for music. By claiming it's a pircacy issue, you only HELP the RIAA and hurt those who understand the big picture.
  
  --
  Life is too short to proofread.
6. Re:Obvious by kemapa · 2004-05-11 05:02 · Score: 5, Insightful
  
  I'm going to take this opportunity to show anything Apple does is rated absolutely great on Slashdot but anything similar Microsoft does is evil.
  
  The Slashdot article about "Janus", found here, contains a similar discussion about DRM, but with a focus on Microsoft (since "Janus" is Microsoft technology).
  
  There is a post very similar to the parent of my reply, stating that Microsoft is not the one pushing for DRM, it is the media giants (RIAA, MPAA). Of course, since it was defending Microsoft's DRM, it was not moderated very high. But the parent to my reply is rated +5 and says almost the same thing (but is defending Apple).
  
  And there was a lot of Microsoft bashing regarding the proposed DRM, moderated very highly of course, which can be found here, here, and here. But if you bash Apple on Slashdot for their DRM, you will be moderated -1 in a few seconds.
  
  I know this will get moderated straight to -1, but I am not attempting to start a flame war, I would actually like to start a discussion and have someone explain to me exactly why Apple DRM is wonderful but Microsoft DRM is wrong. Keep in mind that I am not trying to defend Microsoft's DRM, my position is that BOTH DRMs are bad. Anyway, my real question is, what makes Apple so perfect and Microsoft so wrong?
Maybe... by Plaeroma · 2004-05-11 03:55 · Score: 5, Funny

...Apple should hire the guys, as they are obviously at least as good as the guys they have now.
1. Re:Maybe... by wizarddc · 2004-05-11 04:03 · Score: 5, Insightful
  
  Plus they seem to be the best of show in reverse engineering, which would give Apple an insight on how they are doing it and what they could do to prevent it, or at least make it harder to do.
  
  As a side note, why can't Apple make it easy for their own client to download newer versions of the whole app, or at least the protocol code, automatically from the client? Downloading and updating seems so archaic nowaways. Upgrading directly from the client would be convienient and allows them to update their stuff with a lot of reliability amongst their userbase.
  
  --
  Th
How is this different? by palndron · 2004-05-11 03:57 · Score: 5, Insightful

I do not want to get flamed, but honestly, when I read this stuff I wonder how everyone can get so pissed off when someone breaks the GPL yet be so supportive of someone doing this kind of work?

For all of the lofty talk in the community, is it at it's root support for whatever it takes to get "what I want, free"?

I just would like to know the difference between these things which to me seem similar.

Looking for a better understanding.

--
a man, a plan, a canal, panama
1. Re:How is this different? by Just+Some+Guy · 2004-05-11 04:01 · Score: 5, Insightful
  
  If you break the GPL, you are committing copyright infringement. If you use this tool, you may not be committing copyright infringement.
  We can and should be upset with people using this to distribute cracked files, but there is no clear reason why using it to, say, play back legitimately purchased files on a Linux machine is morally or legally wrong.
  
  --
  Dewey, what part of this looks like authorities should be involved?
2. Re:How is this different? by Anonymous Coward · 2004-05-11 04:14 · Score: 5, Interesting
  
  Imagine that every book you bought came in a different crypto script and you needed real, microsoft or apple glasses to read each different type of book - effectively a corporate tax on reading. Would you accept this? Would you call a person who circumvented this device a "criminal" with double standards?
  
  No.
  
  It has been proven time and again that there ARE economic models to make money that don't include vendor-lock-in. In fact not only is vendor lock-in anti communistic, it is anti competition and that makes it anti-capitalist.
  
  Fuck DRM, fuck every sniveling executive whose job relies on just being a middle man who takes his little "tax" off everything that real people produce. These people are worthless to a communist society, and they are usless to a capitalist society. They are the dead weight every way you measure it and as far as I am concerned I am not going to let them slowly seal up cultural production across the globe into their little cabals.
  
  Why would ANY society want that to happen? The ONLY society I can imagine that happening in, is one that is run by the self-same people who stand to make a profit off it. And that worries me, because I think there are deals being cut between big media and government for kick-backs. And we need to crush that type of non-citizen corporate lobbying. Why does a corporation have a right to lobby, or even meet with elected representatives? Only citizens should be allowed to meet with government, and only AFTER an elected rep has meet hundreds of citizens for hundreds of hours should he be ALLOWED (we own them remember) to talk policy with a PAID lobby employee of a company.
  
  It doesn't seem all that wrong until you *really* think about what is going on. We need radical democracy to smash all these cretins off the face of the political landscape and start anew; with old-school right wing libertarians and old-school liberal humanists fighting it out for the CITIZENS. There is always corruption, but back in the early days of each democracy of the world there were people *who could not be bought*, I don't think any modern democracy can make that claim anymore. And it makes me sick.
shame ... by eatmadust · 2004-05-11 03:57 · Score: 5, Insightful

I would much prefer WMA and WMV to be hacked! I find that much worse than Apples iTunes!
FiarPlay name change? by Power+Everywhere · 2004-05-11 03:58 · Score: 5, Interesting

I've read on several other Mac news sites (Macintouch, MacMinute, MacSlash) that FiarPLay is now called hymn (for hear your music anywhere). Why didn't Slashdot note this, or has there been a fork in the project?

--
BLING BLING. Meet the architecture that's changing everything.
big difference by green+pizza · 2004-05-11 04:01 · Score: 5, Informative

I do not want to get flamed, but honestly, when I read this stuff I wonder how everyone can get so pissed off when someone breaks the GPL yet be so supportive of someone doing this kind of work?

For all of the lofty talk in the community, is it at it's root support for whatever it takes to get "what I want, free"?

There's a big difference here...

PlayFair decrypts .m4p files into plain .m4a/AAC files. The reason people use PlayFair is to allow the use of iTunes-purchased files to be played back without having to use an iPod or iTunes. Sure this could lead to increased piracy, but so does buying a CD at Walmart.

PlayFair still requires the music to be purchased in the first place. Apple's files (at the RIAA and record labels' demands) are still encrypted, even after "purchase".

PlayFair users are generally working with their own, purchased files. They are not dipping into some secret Apple server full of encrypted, unsold songs.

iTunes buyers simply want more freedom. They're using PlayFair to achieve this.
more info by xandroid · 2004-05-11 04:16 · Score: 5, Informative
According to MacWorld...
- new version, and they're calling it a complete re-write (now fully GPL compliant, too)
- new web host (in the US, surprisingly, and ballsy too: Babu (creator) says "This [host] is well aware of the DMCA and DRM issues and is very much willing to defend us in case Apple threatens to bring down the site")
- now preserves the iTMS header files, including the user's Apple ID ("This proves that our purpose is for fair use and not for piracy and should help us in our legal battles")
- "hymn" stands for "hear your music anywhere"
- and the new site's not even slashdotted yet!
(Not really karma whoring, just adding the info that was in my submission... bah.)
--
$ echo "ceci n'est pas une pipe" | sed -Ee 's/(eci n|pas )//g'
Keeps with Copyrights by seven5 · 2004-05-11 04:18 · Score: 5, Insightful

I think it should be noted that: The software is now called HYMN for Hear Your Music aNywhere. The software has now made it so that while the DRM is stripped it KEEPS the AppleID inside of the song so that the original song can be traced back to its original owner if it were to show up on a p2p network. I think this is totally important and a GREAT stance for HYMN to take. While it allows fairuse of the songs to let us play them on Linux, 3rd party players, and Xbox Media Center, it still keeps copyright protection in mind. I'm really impressed with the developers for doing this.
Reactions by RavenZ · 2004-05-11 04:19 · Score: 5, Insightful

Well, there are several opinions to that, so here's mine:

Fry this guy! Apple was the first to market with an online music store and is currently market leader. The Apple DRM system is probably the best out there when it comes to quality (AAC, much better than those crappy 128/192 KBps MP3s) and restrictions: Basically you can use the files on every computer in your household and iPod.

If you really want to hack a DRM system: Windows Media 9 is waiting for you and it will be the HD-DVD scheme both in coding and as DRM. Remember: If you break it now, make it to the press, the DVD Forum will not like using WM9. Clips are available here

What will Apple's reaction be? Well, the iPod has a lot of processing power (ARM core? Does anyone know the exact specs?) and it will survive the next generations of DRM change.
Nope by Otto · 2004-05-11 04:21 · Score: 5, Informative

Playfair actually decrypted the music directly, it didn't intercept it in Quicktime.

The key to decrypting iTMS files lies in its keyring. See, when you get "authorized" by Apple to play your purchased music, a key gets downloaded to your machine. This key is used to decrypt your music. The key is stored inside a keyring, and the keyring is encrypted using other information specific to your machine (Windows key, chunks off the BIOS, etc, etc).

The method to decrypt the keyring was reverse engineered, giving you the key, giving you the ability to decrypt the songs directly.

Simple.

--
- Give a man a fire and he's warm for a day, but set him on fire and he's warm for the rest of his life.
Re:If you don't like the terms of the iTMS service by The+Darkness · 2004-05-11 04:41 · Score: 5, Insightful

Don't use them. Buy your music from other providers. The music is owned by its creators and its distributors.
Bull! The music is owned by the public but the artists or whoever shafts them are granted by us a (supposedly) time limited monopoly on that work during which they can make money. This is incentive for people to actually create things.
Disney, et al. have perverted this system so that an artists grand-children can milk money from their works. They have also worked hard to mislead people about copyright. In your case they have succeeded.
If you want free music, buy from artists who choose to give their music out freely. Respect the property rights of others.
No argument.

--
There are two kinds of people: 1) those that need closure
Kinda funny by kilbo · 2004-05-11 04:56 · Score: 5, Insightful

Everyone here saying "but it only removes the copy protection, you still had to buy it" Same is true for CDs. Someone had to buy it somehwere. Didn't stop them from sharing them all over God's green earth. Expect the same with AAC files if this continues
obligitory steve jobs quote by cygnus · 2004-05-11 05:10 · Score: 5, Insightful

found here:
When we first went to talk to these record companies -- you know, it was a while ago. It took us 18 months. And at first we said: None of this technology that you're talking about's gonna work. We have Ph.D.'s here, that know the stuff cold, and we don't believe it's possible to protect digital content.

...

And it only takes one stolen copy to be on the Internet. And the way we expressed it to them is: Pick one lock -- open every door. It only takes one person to pick a lock. Worst case: Somebody just takes the analog outputs of their CD player and rerecords it -- puts it on the Internet. You'll never stop that. So what you have to do is compete with it.
apple *expects* this stuff to get hacked lickety split, people. they aren't even trying to protect it that much...

--
Just raise the taxes on crack.