iTunes DRM Hole Closed

← Back to Stories (view on slashdot.org)

Posted by CmdrTaco on Tuesday March 22, 2005 @01:35AM from the closeahole-whacamole dept.

FrYGuY101 writes "As recently covered on Slashdot, there was a hole in iTunes which allowed music to be acquired from the iTunes Music Store without Apple's DRM applied. Well, Apple has just released an update which closes this exploit."

29 of 594 comments (clear)

Stops the RIAA... by datadriven · 2005-03-22 01:37 · Score: 5, Funny

from filling one of Apple's holes.

--
GETPKG - Package Management for Slackware
Impressive by Quasar1999 · 2005-03-22 01:37 · Score: 5, Insightful

I like how they handled that... no horrible punishments, no wagging their finger at the community... just fix the hole, force the update (for obvious legal reasons), and carry on loving your customers... I like...

Too bad napster to go couldn't be so accomodating... :P

--

---
Programming is like sex... Make one mistake and support it the rest of your life.
1. Re:Impressive by Anonymous Coward · 2005-03-22 01:41 · Score: 5, Insightful
  
  Only because it was pretty damn embarrassing and very difficult to pursue legally.
2. Re:Impressive by GigsVT · 2005-03-22 01:42 · Score: 5, Insightful
  
  loving your customers
  
  By forcing DRM onto them?
  
  --
  I've had enough abrasive sigs. Kittens are cute and fuzzy.
3. Re:Impressive by 0x461FAB0BD7D2 · 2005-03-22 01:44 · Score: 5, Insightful
  
  I think they've realized that DVD Jon is pretty much untouchable. He walks a fine line, but hasn't yet crossed it.
  
  It's not out of the goodness of their heart, but more because lawsuits are pretty damn expensive.
4. Re:Impressive by ray-auch · 2005-03-22 01:50 · Score: 5, Informative
  
  Note that (per previous news stories, and probably on /. too) the update they are now forcing has more limits on what you can do with the music.
  
  See eg. here.
  
  Note the comments about no one being forced to upgrade... well, not any more.
5. Re:Impressive by ElleyKitten · 2005-03-22 03:09 · Score: 5, Insightful
  
  Except, everyone already can do anything with music. Almost every song you could want you can find through pirating, and when you pirate you don't have to deal with DRM, you can get the music in any format you want and it will play in any player you want. The goal when selling music digitally is not to attempt to make sure your customers don't pirate, but to make sure that what they're paying for is better than what they don't pay for.
  
  --
  "What is Internet Explorer 7? Are you saying we can't access the normal internet?" - I love tech support. Really.
6. Re:Impressive by NEW22 · 2005-03-22 03:58 · Score: 5, Interesting
  
  The sad thing to me is relationship your are willing to put yourself in, in relation to the music industry. I mean, if you buy a CD you could rip it to any format very easily. Going through iTunes may save money in buying singles, but you get the music in a locked up format with mediocre quality (compared to CD), and the format doesn't even work on a lot of portable music players (such as my iRiver iHP-120). It would actually be easier for me to illegally download new music right now, if I wanted to actually use it the way I want. So, you put yourself into this appeasement relationship with the music industry that is basically limiting us and screwing us over for very flakey reasons. It's like "Daddy said we could get digital music if we are all good until Friday!".
  
  To hell with that kind of attitude. They can either lose money, or they can give us what we want. Its their choice. CDs are an open format you can use anywhere. Why is it so absurd or wrong or ridiculous to expect the same in downloading music over the internet?
7. Re:Impressive by Jah-Wren+Ryel · 2005-03-22 04:33 · Score: 5, Insightful
  
  You sir, are a very reasonable fellow.
  
  "The reasonable man adapts himself to the world;
  the unreasonable one persists in trying to adapt the world to himself.
  Therefore all progress depends on the unreasonable man."
  -- George Bernard Shaw
  
  --
  When information is power, privacy is freedom.
8. Re:Impressive by Sanity · 2005-03-22 04:39 · Score: 5, Insightful
  
  I love getting my music digitally, so I would prefer that a few bad DVD John-like people not ruin it for me.
  Yeah, those evil programmers hurting those poor multinational record labels by writing software that allows us to exercise our fair use rights under copyright law.
  Your bend over and take it attitude makes me sick.
Forces upgrade by danbond_98 · 2005-03-22 01:38 · Score: 5, Informative

Which of course requires that everyone upgrade their itunes to version 4.7. Apparently you can still use PyMusique to preview tracks, just not buy them.
What did Apple "just release"? by DavidLeblond · 2005-03-22 01:39 · Score: 5, Informative

iTunes 4.7 has been out for a year now. Apple didn't "just release" anything, they just made it so their servers required you to have 4.7.
Re:Who exactly... by crimguy · 2005-03-22 01:42 · Score: 5, Informative

Good question. Unfortunately, Apple will require the upgrade for continued use of the iTMS.
Believe it or not, Apple's DRM doesn't bother me by Anita+Coney · 2005-03-22 01:42 · Score: 5, Insightful

Considering you can burn Apple's song on CD and get rid of the DRM, who cares.

What I'd love is a way to download songs from Apple in a non-lossy format! If DVD Jon could do that, I'd give him a lifetime of gratitude!

--
If someone says he and his monkey have nothing to hide, they almost certainly do.
So then.. by TheVampire · 2005-03-22 01:45 · Score: 5, Insightful

..someone just releases a patch to PyMusique so that it looks like version 4.7 of ITunes to Apple's servers...
and the endless game continues....
Want a hole fixed? Publish to Slashdot! by unsung · 2005-03-22 01:46 · Score: 5, Interesting

Seems that Slashdot has become the standard bug-report mechanism across numerous OS's and companies.
Apple bias. by northcat · 2005-03-22 01:47 · Score: 5, Informative

It didn't plug a "hole". It modified things so that PyMusique won't work anymore. Like they did with Real.
Not really closed by Anonymous Coward · 2005-03-22 01:50 · Score: 5, Insightful

Of course the only change that Apple has made is to require iTunes 4.7 as the client. How long before someone figures out how to make PyMusique look like iTunes 4.7?

And as long as they are sending un-DRMd songs down to the client they are suceptible to man in the middle attacks (a proxy server which watches for iTMS traffic and saves the song streams to another file), or to someone directly pulling data out of the iTunes app (though the second would arguably violate the DMCA).
Re:No surprise by Anonymous Coward · 2005-03-22 01:51 · Score: 5, Funny

You forgot to mention The Man. The concept of The Man is essential to all sixties-flavored artistic-integrity rants.

Peace.
Re:Believe it or not, Apple's DRM doesn't bother m by Golias · 2005-03-22 01:55 · Score: 5, Interesting

I'm with you. I would cheerfully pay an extra ten cents (or so) per song and put up with the longer download times if I had the option to get iTMS stuff encoded with either FLAC or the "Apple Lossless Format."

In fact, I'm going to send an e-mail to the iTMS sales support folks saying exactly that, and I suggest you do the same.

--
Information wants to be anthropomorphized.
Shift by trueguru · 2005-03-22 01:59 · Score: 5, Funny

Maybe you just hold the shift key down when you download

--
for crying out loud
Re:No surprise by Zeneris · 2005-03-22 02:06 · Score: 5, Insightful

Only trouble is the label is only giving an advance (i.e. a loan) so in reality you will probably only see a tiny return or even be in debt, even after any nominal royalies, because so much gets sucked up as "expenses"! Wise up, even top 10 artists can be poor!
Re:Wouldn't that be crossing the line? by Anonymous Coward · 2005-03-22 02:14 · Score: 5, Insightful

Misrepresenting software to get around the DRM could be interesting legally. (Yes, I know browsers can do this -- but not to avoid DRM.)
Comment removed by account_deleted · 2005-03-22 02:22 · Score: 5, Insightful

Comment removed based on user account deletion
Re:No surprise by webbroberts · 2005-03-22 02:30 · Score: 5, Informative

If you really care about making money, then you definitely want to avoid the industry contract.

Steve Albini published an excellent rundown of how the industry screws signed bands. In summary:

The Balance Sheet: This is how much each player got paid at the end of the game. Record company: $ 710,000 Producer: $ 90,000 Manager: $ 51,000 Studio: $ 52,500 Previous label: $ 50,000 Agent: $ 7,500 Lawyer: $ 12,000 Band member net income each: $ 4,031.25
Re:No surprise by smcdow · 2005-03-22 02:33 · Score: 5, Informative

As the leader of a small-time garage band, I would LOVE to have a label come along and "exploit" us with a five-year, multi-million dollar record contract, even if it meant seeing every (crappy) song I ever wrote locked down by eeeeeevil DRM layers.
You have no idea what you're talking about. I know bands (I live in Austin, of course I know bands) that have not only didn't make money on their contracts, but ended up in debt to their record companies. The record companies charge their "expenses" to the band. Bands get a "statement" every month showing all the details and transactions, and the band has to arrange to repay any negative balances on the statement. The record company can use this to blackmail the band -- like not releasing an album and locking down the masters so that the band couldn't release the album under any circumstances. It's all legal because, well, the band signed the contract.
Word to the wise: If you do get a record contract, and your AR guy shows up one day to "take you out to lunch", just simply decline. Otherwise, you'll be the one paying for lunch, 'cause they'll just charge the band for a lunch "expense". It'll show up on your next "statement". Especially if you were signed by a major label. True story.

--
In the course of every project, it will become necessary to shoot the scientists and begin production.
Re:Imagine.. by sh00z · 2005-03-22 02:44 · Score: 5, Insightful

Sort of. He could only have violated the TOS if he had agreed to them through the iTunes EULA. Since this program wasn't using iTunes, the Terms of Service weren't invoked.
Re:so hymn no longer works then... by ndvaughan · 2005-03-22 02:51 · Score: 5, Informative

I just upgraded to iTunes 4.7.1 (after Apple released their "fix"), bought and downloaded a two tracks, and used j-hymn 0.7.5 to convert them. It worked flawlessly.
Parent is insightful? The mods are on crack! by Frodo+Crockett · 2005-03-22 04:50 · Score: 5, Insightful

I would prefer that a few bad DVD John-like people not ruin it for me.
WTF? Last time I checked, all Jon (there's no 'h' in his name) wants to do is watch dvds and listen to music purchased via iTunes on his Linux box. What Jon has done is indeed illegal in some countries (more extreme /. members would call them corporate states), but I don't think that any honest person can say it's unethical.
It's really quite simple. If you buy something, you can do whatever the hell you want with it, so long as your actions don't harm anyone. Don't give me that "indirect harm" bullshit, either. I'd give you ground if we were talking about releasing the plans for building an antimatter bomb, but not for something so inconsequential as circumventing DRM and copy protection.

--
"The newly born animals are then whisked off for a quick run through a giant baking oven." --heard on Food Network