Slashdot Mirror

← Back to Stories (view on slashdot.org)

Johansen Cracks AirPort Express Encryption

Posted by michael on from the airport-express-sales-increase dept.

womby writes "DVD Jon has just announced that he cracked the encryption in Apple's AirPort Express. 'I've released JustePort, a tool which lets you stream MPEG4 Apple Lossless files to your AirPort Express. The stream is encrypted with AES and the AES key is encrypted with RSA.' No real details of the process employed in cracking the unit but newsworthy none the less."

9 of 459 comments (clear)

  1. Great News by Rura+Penthe · · Score: 5, Interesting

    This is great news. I want any application I own on any platform (OS X/Windows/Linux/Zeta!) to be capable of streaming to an Airport Express. I can't imagine that this would really upset Apple since you're still buying their hardware. It just lets you use the hardware with more applications. If iTunes is still the best and most elegant way, people will use that.

    Of course...Apple isn't always logical like that, and there may be some precedent set that would injure them in court some time later.

    1. Re:Great News by Rude+Turnip · · Score: 5, Interesting

      You can use an Airport Express and never buy anything from iTMS or purchase an iPod...just use your own MP3 collection. All three hardware products depend upon iTunes, but neither hardware item requires the other to use.

      To be honest, Apple's products become much more useful (and more desirable to purchase) when people come out with neat hacks like this. The only reason I spend big bucks in their music store is because the DRM has been broken through the Hymn project.

      --
      Bill Clinton: Pimp we can believe in. - The Shirt!!!
  2. This should be pretty cool by sith · · Score: 5, Interesting

    Since all he got was the public key, you can't actually decrypt streams that are being sent. What it means is that programs can now stream music to the AEx. This should be really cool, especially once something like AudioHiJack or Wiretap comes along that lets you redirect all your system audio to it. I'd love to be able to stream non-iTunes audio formats that way (real player radio stations and whatnot). Anyways, can't see how this hurts apple - more people have incentive to use the AEx, Apple doesn't have to support their use of it that way, and the protected music is still protected. Hizzah?

  3. WTF? by Philosinfinity · · Score: 4, Interesting

    Maybe I missed something, and I haven't been able to RTFA for obvious reasons. But doesn't the Airport Express take any stream sent to it from iTunes 4.6 or greater? What I am getting at is, on my iBook, I should be able to stream any file that plays from iTunes to the Airport Express. So what did I miss? Is this the ability to do that from other programs on other platforms? If so, why does the poster pick out the ability to transfer Apple Lossless files?

    1. Re:WTF? by PsychoSpunk · · Score: 5, Interesting

      This is a proverbial "last mile" problem: How do I get any sound to the Airport Express? The known elements are that the Airport Express plays Apple Lossless streamed from the client computer running iTunes. So the solution to the "last mile" is to figure out how to stream any Apple Lossless file to the Airport Express and not rely on a specific program. The conversion to Apple Lossless is left as an exercise for the reader, as they say.

      --
      ALL HAIL BRAK!!!
  4. Driver! by nuxx · · Score: 4, Interesting

    Now all we need is some sort of software-based audio out driver for OS X (like Cycling 74's Soundflower) which allows you to reroute OS X audio output to the Airport Express. This would be *ideal*, as then it'd be possible to stream audio from practically anything to your stereo. Digitally!

  5. He's not a big genius. by Anonymous Coward · · Score: 5, Interesting

    Maybe it appears that way to the layman, but to other programmers and computer scientists, he's just doing what comes naturally.

    Almost any good programmer can crack software. They just choose not to, or to keep quiet if they do. Jon is a skilled showman as well as a software cracker. Hey, he got his ass saved from jail by the EFF when all he was doing is fronting others code. Now he's pretty much bulletproof (he doesn't release compiled executables as that was the main DeCSS sticking point), it's only right that he should continue to champion fair use and stand against lazy attempts to be "DMCA compliant", by cracking pointless encryption schemes which only require a little reverse engineering to find the barely hidden key, not cryptanalysis.

    I think Jon's doing us a real service, which I appreciate. I don't worship his genius, as he's only doing something I've done myself, albeit on much more media-friendly targets. He could just be cracking Safedisc games in relative anonymity for the same amount of intellectual effort, but instead he's hounding high-profile DRM schemes, starting with the weakest (Apple). Worship him if you want.

  6. I don't see the threat to DRM media here... by Lurch00 · · Score: 5, Interesting

    Can somebody explain to me how _this_ hack threatens the DRM protected content? AFAICT, itunes decrpyts the content, converts it to this lossless stream, reencrypts it to protect it in transit, and streams it to the AE. There's no threat to the DRM media here at all, since you have to have an unprotected source to start with.

    The real threat is that somebody will take this and figure out how to fake being an AE, then you essentially have iTunes doing the work of defeating its own DRM for you. This would have the advantage (from a piracy standpoint) of being fairly hard for Apple to fix via "bug fix updates", unless they built a way to upgrade the AE firmware the same way. That's something I can see people getting into a tizzy about, but for this particular hack I think the useful purposes far outweigh the piracy ones.

    Just a thought.

  7. Re:From the Site... by SiliconEntity · · Score: 5, Interesting
    This RSA public key can also be expressed in hex as:
    000000 e7 d7 44 f2 a2 e2 78 8b 6c 1f 55 a0 8e b7 05 44
    000010 a8 fa 79 45 aa 8b e6 c6 2c e5 f5 1c bd d4 dc 68
    000020 42 fe 3d 10 83 dd 2e de c1 bf d4 25 2d c0 2e 6f
    000030 39 8b df 0e 61 48 ea 84 85 5e 2e 44 2d a6 d6 26
    000040 64 f6 74 a1 f3 04 92 9a de 4f 68 93 ef 2d f6 e7
    000050 11 a8 c7 7a 0d 91 c9 d9 80 82 2e 50 d1 29 22 af
    000060 ea 40 ea 9f 0e 14 c0 f7 69 38 c5 f3 88 2f c0 32
    000070 3d d9 fe 55 15 5f 51 bb 59 21 c2 01 62 9f d7 33
    000080 52 d5 e2 ef aa bf 9b a0 48 d7 b8 13 a2 b6 76 7f
    000090 6c 3c cf 1e b4 ce 67 3d 03 7b 0d 2e a3 0c 5f ff
    0000a0 eb 06 f8 d0 8a dd e4 09 57 1a 9c 68 9f ef 10 72
    0000b0 88 55 dd 8c fb 9a 8b ef 5c 89 43 ef 3b 5f aa 15
    0000c0 dd e6 98 be dd f3 59 96 03 eb 3e 6f 61 37 2b b6
    0000d0 28 f6 55 9f 59 9a 78 bf 50 06 87 aa 7f 49 76 c0
    0000e0 56 2d 41 29 56 f8 98 9e 18 a6 35 5b d8 15 97 82
    0000f0 5e 0f c8 75 34 3e c7 82 11 76 25 cd bf 98 44 7b
    a 2048 bit RSA public key. The exponent is hex 0x10001, which is decimal 65537, a very commonly used exponent for RSA encryption.

    The fact that he just published the public but not private parts of the key suggests that Apple's product merely wants to see its input data encrypted with this key. I.e. anything encrypted with this key, it will play.

    Normally a public key is just that, public, and available to anyone. It sounds like in this case Apple kept the key somewhat secret, and used knowledge of that public key as a form of authorization. Only Apple products knew the public key, so it would only play music from those products.

    Now that the public key is published, anyone could encrypt data using it and get Apple's device to play the music.

    Jon hasn't broken any encryption here. He has merely learned how to encrypt just like Apple does. It looks to me like the DMCA does not apply to this case.