Slashdot Mirror
iTunes DRM Hole Closed
FrYGuY101 writes "As recently covered on Slashdot, there was a hole in iTunes which allowed music to be acquired from the iTunes Music Store without Apple's DRM applied. Well, Apple has just released an update which closes this exploit."
Well you all knew it was going to happen sooner or later. I'm surprised it didn't happen sooner than this.
My spoon is too big.
...is going to patch their system so they _can't_ get music without Apple's DRM? Why would a user knowingly restrict his capabilities to avoid copy protection?
-py
From the original story:
He explains that his program works by bypassing iTunes which adds the DRM itself at the end of the transfer.
I don't think it would be trivial to change the time that they add the DRM. So, is this a true fix that won't be broken again quickly? Or is this just a small patch that changes something just significant enough to break the Pymusique application?
I'm a big tall mofo.
Seems that Slashdot has become the standard bug-report mechanism across numerous OS's and companies.
The problem with this, though, is that the songs are already low quality (128Kbps, even though the AAC compression is pretty decent; I have a hard time hearing any artifacts in them). If you burn them, then re-rip them, you're compressing the audio even further, creating a lower-quality version of the song than you already had.
The thing I liked about pyMusique was that it would download the song and just not attach the DRM to it, therefore not requiring the file to be re-encoded. Even JHymn requires a re-encoding, which means that to prevent the file from having artifacts you'd have to encode at a much higher bitrate.
I'm with you. I would cheerfully pay an extra ten cents (or so) per song and put up with the longer download times if I had the option to get iTMS stuff encoded with either FLAC or the "Apple Lossless Format."
In fact, I'm going to send an e-mail to the iTMS sales support folks saying exactly that, and I suggest you do the same.
Information wants to be anthropomorphized.
With iTunes 4.7.1, there are restrictions placed on how many computers you can transfer the songs to. Now I'm forced to upgrade the damn thing on 3 of my computers.
Thanks for nothing, asshole.
What I'd like to see is iTunes to have a 'compress when copying to portable' option, and then have Apple sell lossless.
I don't mind wasting the gigs for lossless on my desktop, but I would object to wasting them on my 1st generation 5Gig iPod. Allowing this option would let me store the master copies at home, but still carry a fair amount of them around portably.
Cheers,
Ian
how big is an itunes install these days? 20MB? seems like every couple of months i'm getting forced to upgrade: and guess what: it doesn't usually mean i'm getting *more* features...
There's already an option for that for the ipod shuffle. I'd imagine that there's some way to either enable it for other ipods, or bug apple enough that they'll add it for other ipods like they did with the shuffle music and other options for the 4th gen ipods.
11 was a racehorse
12 was 12
1111 Race
12112
What about that story on free hosting for media for life by the Internet Archive people? Upload there, change slashdot homepage....instant promotion.
"Evil will always triumph because good is dumb." -- Dark Helmet
Not knowing exactly how itunes worked concerning it's downloads and DRM, I found this program to be somewhat of an eye opener to me. I imagine it will be the same for quite a few others, and we will see programs soon that do such things as lock the file right before DRM gets applied, or copies the stream but not the post download processing, etc... I imagine such would not be illegal, for you would merely be capturing data being sent to your computer.
loganavatar.com
*gasp* There's a community of people here. And *gasp* they pick whatever they want to be interested in. And *gasp* there's a bunch of other communities all over the internet for like-minded people to small-talk.
Yes, the community's interests might be moving in a different direction from yours. No, this isn't an event worth whining over.
I bet you're lying about being in a band. If you were in a band, you'd know very well that bands make next to no money from albums. The real money is in touring and selling shirts. CDs are just a way of promoting your band so that your fans will come and see you live.
I bet you've never heard of my band but we made a couple hundred bucks on a short little two week tour last year playing in people's garages...You don't need thousands of dollars in marketing to make your music heard. You need to be good. That's it (note: RVG is not good, it's actually a joke band). It's a lot harder to be good, and it takes a lot longer to achieve success, but in the end you've done a better thing artistically than being a sellout whore who makes generic whatever is popular today music.
And honestly, if money matters more than any thing to you, you shouldn't be doing that thing. Especially music (or any form of art).
HAL 7000, fewer features than the HAL 9000, but just as homicidal!
I'd prefer to see FLAC support in iTunes. I know its probably not something they'd support on the iPod, but a lot of live sets are offered in FLAC format and it'd be great to be able to import the FLAC files directly into iTunes and only convert them to MP3/AAC if I wanted them playable on the iPod.
But to make real money, or do it without the risk, it's the cartel or nothing.
Justin.
You're only jealous cos the little penguins are talking to me.
That was merely a light-hearted joke, followed by an honest question, not flamebait... but since there are some moderators out there acting like asses, I will fight fire with fire. I've got Karma to burn. Re-posting my currently -1 comment at 2. Mod me down, and I'll just do it again:
I imagine you could make 30-50,000 a year between sales of your music and merchandise and show tickets, if you had a decent content delivery system and you kept putting out good music the money would keep flowing in.. Just so you know i am also an indie rocker, and no, i wouldnt sign a contract with the RIAA...there ARE better ways, if youa are good and love the music you CAN make a living without being a whore.
Yeah, but then I would have to put the effort into making good music. I just want to force feed the crap I'm making now into the public conscious, become wealthy, and act like a total ass for the rest of my life.
So, do you make 30-50K per year as an indie artist, or are you just "imagining" that you can?
Information wants to be anthropomorphized.
Most countries? I would say violating a term of service/sale is not *illegal* in any country. Perhaps the USA, seems like anything is illegal there given a good enough lawyer.
Just a hypothesis: I suspect that, irrelevant of any DRM/RIAA/"The Man" issues, Apple might be reluctant to offer lossless encoding just on the basis of data transfer. You may be willing to wait a couple more minutes for your song, but on the supply side Apple would have to deal with the logistics of moving many, many more bits out of their store. That's not cheap; the consumer face of the Internet can belie the true costs of data transfer. I don't know for a fact that this is a knockout argument against lossless compression on iTMS, but it's certainly a serious concern.
"There are hundreds of game theorists at the gates, sir, and they want to hold an election!"
How was being able to PURCHASE something in a form that the user actually wanted an exploit?
How is circumventing the seller's terms and obtaining the goods in a form not intended for sale not an exploit?
Here's an idea: go to a restaurant with your favorite mug. Walk into the kitchen, ladle some soup into your mug. On your way out, leave the price of a bowl of soup on the counter. See what happens.
"It's a fine line that has been hotly debated since the days of Socrates, but there is an important qualitative difference between those who do things that are ultimately "functional" (i.e. produce a product which in some way furthers the aims of survival and reproduction) and those things which are "artistic" (i.e. things which do not further survival or reproduction). It has been argued by some (like Scott McCloud) that the moment one bleeds into the other (i.e. the money starts mattering more than the art), it's no longer art."
...
+3 points for quoting Scott McCloud (of Understanding Comics, for those just joining us), but -10 for totally mangling his point.
If I may quote, from page 168-169:
----------------
"Rare is the person in any occupation who expresses nothing, and rare is the artist who cares nothing for success, i.e., survival!
"The 'fine artist' -- the pure artist -- says to the world: 'I didn't do this for money! I didn't do this to match the color of your couches! I didn't do this to get laid! I didn't do this for fame or power or greed or anything else! I did this for art! In other words: 'My art has no practical value whatsoever!'"
----------------
The point that you missed in misquoting McCloud is that artistic merit is not exclusive of monetary value. It's entirely possible to create moving works of art, and want to be well-compensated for it. Michaeangelo painted the ceiling of the Sistine Chapel under commission, for instance.
To claim that there's any financial value where the art suddenly ceases to become art may be a claim you hold, but it's not one McCloud does.
Or, as he says it, "'Pure' art is essentially tied to the question of purpose -- of deciding what you want out of art."
Class dismissed. Alaren has to spend the next three nights re-reading Understanding Comics, and this time actually reading the words instead of just looking at the pretty pictures.
--R.J.
Electric-Escape.net
The sad thing to me is relationship your are willing to put yourself in, in relation to the music industry. I mean, if you buy a CD you could rip it to any format very easily. Going through iTunes may save money in buying singles, but you get the music in a locked up format with mediocre quality (compared to CD), and the format doesn't even work on a lot of portable music players (such as my iRiver iHP-120). It would actually be easier for me to illegally download new music right now, if I wanted to actually use it the way I want. So, you put yourself into this appeasement relationship with the music industry that is basically limiting us and screwing us over for very flakey reasons. It's like "Daddy said we could get digital music if we are all good until Friday!".
To hell with that kind of attitude. They can either lose money, or they can give us what we want. Its their choice. CDs are an open format you can use anywhere. Why is it so absurd or wrong or ridiculous to expect the same in downloading music over the internet?
So what happens if you download with iTunes, but are running a packet sniffer to grab all the data? Couldn't you then look at those packets and get the unencrypted music from them?
I suspect without the marketing and promotional work of the major labels the rock world would become more like the classical world. Mentally people would become much more aware of the contributions of composers / writers and not just those of performers. In rock Jerry Leiber & Mike Stoller (Love potion #9, Yakety Yak, Poison Ivy, Hound Dog) are about the only song writers where their fame has surpased the performers that made their works hits.
The net effect would be the more pure music market would become composer driven where a performer would be known for how well they handled a particular composition. On the other hand you would also have a performance drivern market where very good performers are known and have freedom to choose from a wide range of composers and thus lesser known composers get discovered first by well known performers and then by the general public.
I think far less music would end up being sold but I'm not sure quality wouldn't skyrocket. Such things are very hard to predict.
According to CVS for PyMusique a workaround was checked in 12 minutes ago.
It HAS been proven in court, decades ago, as part of the Betamax judgement.
Esentially when you "buy" copyrighted material, you are buying the PERMISSION to possess that material for personal use. What you do with it is completely pup to you, so long as you do not redistribute it as-is. Hence "fair use": the right to use the material in any way that does not infringe on the copyright holder's right to sell it.
You can print it out and wallpaper your living room in it, re-mix it and change the lyrics to something completley unrelated then distriute it as original work ("Wierd Al" Yankovic does this all the time), make multiple copies for each player you have (or even back-ups), and so on.
But with DRM...you can't. Your RIGHT to use the material in any way you see fit has been VIOLATED. Why? Because "it enables illegal distribution of the material"...er... so fucking what?!?!
The test of ANY policy or law is the use of it in extreme application: if the utmost manifestation of the policy/law is ridiculous to the public consciousness then the policy/law violates the social contract as set down in the Bill of Rights. You know the ones I'm talking about: "Life, liberty and the persuit of hapiness", ect. Essentially the whole thing is a social contract that we as a people agree to live by. It is this contract that is the foundation of our society, and it is this contract that assinine concepts such as DRM and software patents violate (hello McFly.."patents" apply to OBJECTS and PROCESSES..not "concepts" or "instructions"! sorry, pet peeve).
Yes, this means that DRM IS a violation of our basic civil rights, thanks to the Betamax decision extending those rights to cover "fair use" of conceptual/intellectual material. This also means that it CAN be used as a defense for "piracy" (the use of the term in this context cosnitutes slander btw, the PROPER term is "infringer". That alone could result in a case being found for the defender if he pushes the point enough), as long as you own a legal version of the item in question...by the TIME the case comes to court.
Yes, I just said that. The two BEST defenses against a charge of "piracy" by the RIAA or any other organization are:
1 - Once their representatives use the term "piracy" or "pirate" in reference to your case, SUE their asses for slander and file for a summary dismissal under those circumstances (it is legally tantamount to trying to win a theft trial by calling the defendant a child-molester).
2 - Purchase a legal copy of any infringed material before the case comes to court, then file for dismissal of charges based on "fair use" of material you already own.
And as a side-note, DO NOT ALLOW YOURSELF TO BE BULK-PROSECUTED! If you are being named as a defendant amoung a group of defendants, you have the LEGAL RIGHT UNDER THE BILL OF RIGHTS to have your case tried sepperately, in order to "recieve a fair trial". This is becasue the concept of group defendants is there to enable groups to pool thier resources for defense in order to be properly represented, but this fails to work in a large group of defendants, since the INNOCENT individual can be lost among the guilty GROUP and recieve punishment for a crime they did not commit.
And yes, I actually AM a lawyer, a copyright lawyer to be exact. Hence the "annonymous" post: I don't want to lose my job working for...a much maligned (justly) organization. I've seen inside the belly of the beast, and beleive me when I say that NO amount of "bad mouthing" these assholes comes CLOSE to what they actually are!
>You guys don't own the music you are buying
That doesn't make any sense. Buying means that you transfer ownership (in compensation for money usually). This is fairly well regulated though (consumer)sale laws. It is in fact a form of contract done in the shop were you exchange money and a product, and as a result, also the ownership is changed (see applicable sales law).
Hence if you buy (or sell) there IS a change of ownership and you own it, or you would not have bought it to start with.
>You are (and always have) bought a license to
>use a copy, and the rights you have on how you
>can use that copy are limited.
The only limitation would be the copyright law.
>You do not have, for example, distribution
>rights.
Yes, correct, since that is regulated by the copyright law. You usually do have redsitribution rights though since the distribution right would typically only apply for the first distribution, then it is consumed. In US copyright law I believe this goes under the "first sale doctrine".
>You do, however, have your fair use rights,
Again, this is covered through copyright laws. The "fair use" or similar concepts in other countries copyright laws is generally limitations in the exclusive rights of the copyright holder. That is, they are only almost exclusive and in some cases you can do those acts without permision.
>So all this bitching and whining about how YOU
>can't do what YOU want with YOUR music is drek.
>When you go produce your own music, then it's
>really YOUR music to do with what you want, and
>you can philanthropically hand it out on a web
>at your own expense all you want.
Since they sell copies of the music to you, you indeed can do what you want, except for what copyright law (and other laws) restrict. That is it. No need to produce your own music. If someone producing music doesn't like the concept of others owning copies of their music, the solution is simple, don't make copies and sell them to others. Keep them all for your self.