Slashdot Mirror

← Back to Stories (view on slashdot.org)

iTunes DRM Hole Closed

Posted by CmdrTaco on from the closeahole-whacamole dept.

FrYGuY101 writes "As recently covered on Slashdot, there was a hole in iTunes which allowed music to be acquired from the iTunes Music Store without Apple's DRM applied. Well, Apple has just released an update which closes this exploit."

27 of 594 comments (clear)

  1. Forces upgrade by danbond_98 · · Score: 5, Informative

    Which of course requires that everyone upgrade their itunes to version 4.7. Apparently you can still use PyMusique to preview tracks, just not buy them.

  2. What did Apple "just release"? by DavidLeblond · · Score: 5, Informative

    iTunes 4.7 has been out for a year now. Apple didn't "just release" anything, they just made it so their servers required you to have 4.7.

    1. Re:What did Apple "just release"? by Anonymous Coward · · Score: 2, Informative

      iTunes 4.7, released 10/26/04. Welcome to Slashdot, where a year lasts five months.

  3. Re:Who exactly... by crimguy · · Score: 5, Informative

    Good question. Unfortunately, Apple will require the upgrade for continued use of the iTMS.

  4. Apple bias. by northcat · · Score: 5, Informative

    It didn't plug a "hole". It modified things so that PyMusique won't work anymore. Like they did with Real.

    1. Re:Apple bias. by mmkkbb · · Score: 2, Informative

      It's not quite what they did with Real. This update was already out there, but iTMS did not require it. The only change appears to be server-side.

      --
      -mkb
  5. Re:Impressive by ray-auch · · Score: 5, Informative

    Note that (per previous news stories, and probably on /. too) the update they are now forcing has more limits on what you can do with the music.

    See eg. here.

    Note the comments about no one being forced to upgrade... well, not any more.

  6. Re:No surprise by tepples · · Score: 3, Informative

    As the leader of a small-time garage band, I would LOVE to have a label come along and "exploit" us with a five-year, multi-million dollar record contract, even if it meant seeing every (crappy) song I ever wrote locked down by eeeeeevil DRM layers.

    What if the label's affiliated music publisher instead sent you a cease-and-desist letter, claiming that "every (crappy) song [you] ever wrote" is an infringing copy of one of its own songs? Hey, it could happen.

  7. Re:Impressive by AlexTheBeast · · Score: 3, Informative

    Napster did the same thing actually. If you remember the "winamp/napster free music hack", napster quietly stopped that hole. They have also closed the virtuosa hole without press nor fanfare.

    Napster closed those holes efficently and quietly.

  8. All your DRM music are belong to us. by Anonymous Coward · · Score: 1, Informative

    Puh-leeze. When will Napster, Apple and the RIAA learn?

    Anyone with functioning ears can bypass DRM.

    Got an old copy of Goldwave? (The new version might do it too).

    Simply create a new .WAV, press play on your DRM-enabled player and record on Goldwave.

    Ta-da. DRM-less WAV file.

    Use Nero to burn the .WAV to your CD or use the LAME encoder to convert it back to .MP3.

  9. Re:Imagine.. by DaHat · · Score: 2, Informative

    He violated the iTunes Music Store Terms of Service and Terms of Sale, breach of contract as it were, which is illegal in most countries. Apple could easily sue him for such things, not that they will.

    --
    Help Brendan pay off his student loans
  10. Don't noun your verbs by BadMrMojo · · Score: 2, Informative

    Exploit (the transitive verb): to make productive use of : to make use of meanly or unjustly for one's own advantage

    Exploit (the noun): a notable or heroic act

    It's understandable that people abuse words (as in the subject) but can't we all at least try to avoid doing so when the word as a noun already has a distinct meaning?

    1. Re:Don't noun your verbs by mlyle · · Score: 2, Informative

      Ah; someone wants to be pedantic based on their little dictionary. I'm sorry to say that, when it comes to a dictionary, size matters.

      From the OED (rekeyed by hand for definitions only):

      exploit. sb. Forms: (...) The etymological sense is thus 'something unfolded, brought out, or put forth'; the action of unfolding or developing.

      1. Advantage, progress, speed, success, furtherance. Const. of to make exploit: to make speed, to meet with success.

      2. The endeavour to gain advantage or mastery over (a person or place); an attempt to capture or subdue; hence, a military or naval expedition or enterprise.

      3. An act or deed; a feat; in modern use, an achievement displaying a brilliant degree of bravery or skill.

      4. Carrying out, execution, performance. to put in exploit: to put in practice.

      5. Law. A citation or summons; a writ.

      So it's hardly inconsistent with historical usage of the noun exploit; besides, words gain new meanings with time. The term 'exploit' you're bitching about is in wide usage. I guess because some of these other uses have gone out of fashion that you, the dictionary nazi, will singlehandedly keep us from choosing to adopt them again.

      Some usage notes I like from OED:

      1393 Gower Conf. II 258 The sail goth up, and forth they straught, But none esploit therof they caught.

      1483 Caxton Gold. Leg. 87/4 He began to helpe them in theyr exployte of the see and anon the tempest cessed.

  11. Re:No surprise by webbroberts · · Score: 5, Informative

    If you really care about making money, then you definitely want to avoid the industry contract.

    Steve Albini published an excellent rundown of how the industry screws signed bands. In summary:

    The Balance Sheet: This is how much each player got paid at the end of the game.

    Record company: $ 710,000
    Producer: $ 90,000
    Manager: $ 51,000
    Studio: $ 52,500
    Previous label: $ 50,000
    Agent: $ 7,500
    Lawyer: $ 12,000
    Band member net income each: $ 4,031.25
  12. Re:No surprise by smcdow · · Score: 5, Informative
    As the leader of a small-time garage band, I would LOVE to have a label come along and "exploit" us with a five-year, multi-million dollar record contract, even if it meant seeing every (crappy) song I ever wrote locked down by eeeeeevil DRM layers.

    You have no idea what you're talking about. I know bands (I live in Austin, of course I know bands) that have not only didn't make money on their contracts, but ended up in debt to their record companies. The record companies charge their "expenses" to the band. Bands get a "statement" every month showing all the details and transactions, and the band has to arrange to repay any negative balances on the statement. The record company can use this to blackmail the band -- like not releasing an album and locking down the masters so that the band couldn't release the album under any circumstances. It's all legal because, well, the band signed the contract.

    Word to the wise: If you do get a record contract, and your AR guy shows up one day to "take you out to lunch", just simply decline. Otherwise, you'll be the one paying for lunch, 'cause they'll just charge the band for a lunch "expense". It'll show up on your next "statement". Especially if you were signed by a major label. True story.

    --
    In the course of every project, it will become necessary to shoot the scientists and begin production.
  13. Re:Impressive by Anonymous Coward · · Score: 1, Informative

    I think the original phrase is "I could care less about X", and it is meant to be sarcastic.

    It's controversial. There is little doubt that "couldn't care less" was the original form, but "could care less" is now in fact commoner in the USA (though not elsewhere). The "sarcasm" interpretation of the illogical form is likely folk etymology, however. It's just a phrase that has lost its original meaning and then been corrupted.

  14. Re:Believe it or not, Apple's DRM doesn't bother m by swb · · Score: 2, Informative

    The problem with this, though, is that the songs are already low quality (128Kbps, even though the AAC compression is pretty decent; I have a hard time hearing any artifacts in them). If you burn them, then re-rip them, you're compressing the audio even further, creating a lower-quality version of the song than you already had.

    You're not making the lossy original lossier, though. I can't think of too many (any?) audio transcode applications that don't essentially decode the original format into what amounts to an uncompressed waveform and then compresses it into the new format. This is exactly the process for AAC->CD->MP3, since iTunes requires a conversion to physical media.

    While its true that iterating this process many times will ultimately have a degrading effect on audio quality, the point at which this is the case is dependent on the codec, bitrate and strategy (VBR, etc). Even 5-6 years ago it was believed that dozens of analog copies between minidiscs were required to show generational effects of transcoding.

    I seriously doubt that a single AAC->WAV->MP3 conversion at quality bitrates would show any noticable degredation, especially not in the usual listening environments (cars, mass transit, urban areas, most home audio setups) due to the quality of the equipment and the noise floors associated with the locations.

  15. Re:so hymn no longer works then... by the_2nd_coming · · Score: 3, Informative

    jHymn addresses that. what Hymn did not do was remove the uid atom and some other atom that when iTunes saw them, it would not play the song. removing the atoms makes iTunes blissfully unaware.

    --



    I am the Alpha and the Omega-3
  16. You guys don't own the music you are buying by Anonymous Coward · · Score: 3, Informative

    You are (and always have) bought a license to use a copy, and the rights you have on how you can use that copy are limited.

    You do not have, for example, distribution rights.
    You cannot buy a copy of a movie or song and then broadcast it. That requires a different type of license.

    You do, however, have your fair use rights, which, I agree, are being eroded and trampled upon. Sure, we can just burn to CD and then rip the MP3s back to get rid of Apple's DRM, but using any technique to bypass DRM or copy protection is a Federal Offense (tm) via the DMCA.

    So all this bitching and whining about how YOU can't do what YOU want with YOUR music is drek. When you go produce your own music, then it's really YOUR music to do with what you want, and you can philanthropically hand it out on a web at your own expense all you want.

    But you are buying a license from somebody with this stuff, and that license clearly delineates what rights do and do not come with it. If you don't like it, then don't friggen buy it.

    You're like the people who bitch about gas prices going up but keep driving your cars. Or even worse - the people who plan a one-day "drive-out" where NOBODY BUYS GAS! That'll show those evil oil companies! That'll MAKE them listen!

    1. Re:You guys don't own the music you are buying by lantenon · · Score: 3, Informative

      I don't mean this as a troll, it's an honest questioning of the often-touted belief that what we're buying is a license to use the "information" (ie: listen to the CD):

      If I'm buying a license to use it (in this case, the cd), and not actually buying what's on the item itself (the music that's stored on that cd), why can't I take my cracked CD to a CD store, pay a nominal materials fee to cover the cost of re-burning, packing, shipping, etc. this new CD, and have my broken one replaced? I have, after all, already purchased the rights to listen to the CD -- it's just that my physical medium has been destroyed. Isn't a complete disregard for the physical medium, and instead a focus on the right of the user to make use of the product, what's being focused on in arguing that it's a license for use, and not a license of ownership?

      I'd appreciate anyones responses to that, legal, philosophical, or otherwise. I believe that some software companies offer this option, but I've never heard of the RIAA offering to replace broken cd's.

  17. Re:so hymn no longer works then... by ndvaughan · · Score: 5, Informative

    I just upgraded to iTunes 4.7.1 (after Apple released their "fix"), bought and downloaded a two tracks, and used j-hymn 0.7.5 to convert them. It worked flawlessly.

  18. Re:Impressive by Life2Short · · Score: 2, Informative

    But Apple was already tightening the screws. The 4.7 version of iTunes prevents DVD Jon's hack from working. It's been out for months now. In addition, with version 4.7.1 Apple "fixed" the program so that instead of sharing my iTunes with 5 people simultaneously over the network at a time, I am limited to 5 people per day. Apple was in the process of tightening the screws already. I don't think these actions invalidate your position, but I just think it's difficult to separate cause and effect here.

  19. Re:No surprise by cens0r · · Score: 2, Informative

    Actually that isn't true. Big Black and Negativland where on indie labels and were self recorded and produced. Steve also still will record ANY indie band who will pay is fee and as long as you truly are indie the fee is very manageable. Whoa is the band who comes to him after signing to a major label though, that fee will sky rocket.

    --
    Jack Valenti and Orrin Hatch will be first up against the wall when the revolution comes.
  20. Re:No surprise by Ubergrendle · · Score: 4, Informative

    From a mid-90s interview with Neil Young on Canada's Much Music...

    Pop-tart interviewer: "How do you feel about the commercialisation of rock music? How do you feel when a Bob Dylan song is used to sell cars?"
    Young: "I hold no illusions. We lost. Long ago."
    interviewer:"Did you sell out?"
    Young:"Well, I'm here on your show..."

    --
    John Maynard Keynes: "When the facts change, I change my mind. What do you do?"
  21. Re:So this is what we come to by dant · · Score: 4, Informative
    So, the music executives have forced DRM on Apple and so they have to provide it in their files.

    Please stop perpetuating this myth. Apple have publicly stated that they would continue to use DRM even if the music labels didn't ask them to.

    FairPlay is about stifling competition as much or more as it is about protecting copyrights.

  22. It's not that simple by metamatic · · Score: 3, Informative

    ...the truth is that the "loan" for studio time comes out of your future cut of the profits, and if none exist you simply walk away.

    Sure, if you don't mind your musical career being over.

    See, the big labels put in an exclusivity clause. Sure, you can "simply walk away", but you can't then release music commercially, even as part of another band, until you've paid them back what you owe and they've given you permission to record for someone else, or the duration of the contract you signed has expired.

    And that's not the worst of it. It's not necessarily you who gets to decide whether to "simply walk away"; the record label can decide that it's not going to bother releasing anything you record, but you're still under contract and can't record for anyone else.

    I know a couple of musicians who got fucked that way. They signed with a major label (Polygram). After a couple of singles, the label decided the musicians hadn't been profitable enough, so nothing more would be released. However, they couldn't go back to their indie label, because they were under contract for the next 8 years. So, that was the end of their musical career as artists; they worked as producers for a while, then found jobs outside the music industry.

    I guess if all you care about is making money, and you don't mind your musical career ending totally if you fail to make big bucks, then a major label contract would seem like an OK deal.

    --
    GCHQ Quantum Insert installed. If only our tongues were made of glass, how much more careful we would be when we speak
  23. Re:Rip to a virtual CD? by Knobby · · Score: 2, Informative

    There are a number of utilities (for example Audio Hijack) that allow you to do this on the Mac.