Slashdot Mirror

← Back to Stories (view on slashdot.org)

Jon Johansen Breaks iTunes DRM Yet Again

Posted by timothy on from the bad-jon-naughty-jon dept.

ikewillis writes "Remember earlier today when Apple released an update supposedly blocking the hole in iTMS recently discovered by Jon Johansen? News.com reports that he has already worked around the update, and iTMS can now be accessed from non-Windows/MacOS X systems using the new version of his PyMusique software. You can view his blog entry on the issue (ironically titled So Sue Me). More power to you, Jon!"

11 of 1,286 comments (clear)

  1. A Name! by kryogen1x · · Score: 4, Interesting
    At least they called him by his name, not just "The iTunes back door guy."

    I wonder, did he work around it that quickly, or was he anticipating Apple's fix and already knew another way around it?

    1. Re:A Name! by RonnyJ · · Score: 4, Interesting

      It seems likely to me that he had already worked out the encryption for v4.7 of iTunes, but deliberately withheld it as he anticipated the forced upgrade to v4.7, and releasing such a 'quick fix' serves to gain him more notoriety.

    2. Re:A Name! by ikewillis · · Score: 4, Interesting
      Don't you get it? How does the server distinguish between a legitimate copy of iTunes or another program like PyMusick that talks an identical wire protocol? Various programs have attempted to block 3rd party servers and clients (i.e. AIM, Warcraft) and the only way they've managed to be successful is using the DMCA to prosecute the people doing the reverse engineering. There's no way to prevent a client or server from talking the same wire protocol.

      PyMusick could send the same public key, iTMS would send it the same song, and PyMusic could decrypt the song with its private key, yielding the same unencrypted, DRM-free file. Adding public key cryptography does nothing to solve the problem.

      They could use private key cryptography, but the key would have to ship with every copy of iTunes, where it could be discovered through disassembly of the encryption algorithm. This is the exact approach KaZaA used, and it was reverse engineered, but 3rd party KaZaA clients were halted thanks to the DMCA.

  2. More power to you, Jon, and I stand by that! by ikewillis · · Score: 5, Interesting
    Hi, I submitted this story.

    The music industry is plagued by an enormous problem of legacy. Creativity has been stifled by the labels' continuing drive towards commercialization. We have "artists" like Gwen Stefani releasing cover after cover, first covering Talk Talk's It's My Life then covering If I Were A Rich Man from Fiddler on the Roof, and both covers are atrocious. These are examples of an industry which is creatively bankrupt and where profit is the bottom line. It seems like nowadays the only place you can find creativity is in underground music, before the industry has commercialized and destroyed it.

    Music needs a new distribution model, one where the artist is in the driver's seat and has complete creative control over their work. The Internet has rendered traditional music labels obsolete, they're aware of this, and they're fighting their eventual downfall tooth and nail. They will lose.

    DRM is based around cryptographically unsound principles. In order to play DRM encrypted music you need the encrypted content and the key on your local system. Given this you have everything you need to unlock the encrypted data, it's only through obfuscation in the client that the key is hidden.

    Eventually the industry will have to come to terms with this fact and the fact that their distribution model is antequated and obsolete. We need people to continue proving DRM is an unsound technology so eventually they give up on it entirely.

  3. Re:Companies won't let us "Get over it" by jimbolaya · · Score: 5, Interesting
    Well, actually that's the doctrine of first sale. This doctrine prevents a copyright holder or vendor (such as Apple) from filing a claim against you for re-selling an item, but it doesn't say that the original seller (Apple, in this case) has to make it easy or possible for you to do so. They just cannot forbid you from doing so.

    In other words, your "rights" are not being violated by DRM.

    --

    There ain't no rules here; we're trying to accomplish something.

  4. Jeez... by sethadam1 · · Score: 5, Interesting

    Ok people, let's review the facts, since most people don't seem to know or read...

    1. DVD Jon lives in Norway, where the majority of this stuff, including the release of DeCSS which breaks DVD encoding, is illegal. The court case failed.

    2. Nobody broke Apple's DRM. All this does is retreive the music before the iTunes client adds the DRM. How is this possible? Apple's iTunes client adds the DRM because it needs the client to generate the key. Doing it any other way would likely be a tremendous processor increase on the iTunes servers.

    3. Apple can sue DVD Jon if they choose, but it will likely do no good.

    The way I see it, there's only one safe path for Apple. They should release an iTunes client for Linux along with a statement that any further attempt to block their DRM will be followed up with a lawsuit. Sure, the lawsuit part is either a bluff or a waste of time, but at least they eliminate the "It's just so we can run on Linux" argument.

  5. DRM threatens everybody by idlake · · Score: 4, Interesting

    Every time this gets cracked, it hurts online legal music.

    No, it only hurts schemes that rely on DRM. It doesn't hurt on-line music sales that don't rely on DRM.

    After all, we can't just NOT BUY THE SONGS if we don't like the DRM, right?

    The existence of DRM still threatens me because as long as people erroneously believe that they can make DRM work, they will be trying to put all sorts of bogus technological protections in my hardware.

    So, I don't buy DRM'ed music, but I still consider it very important, and applaud, that people break the hokey DRM schemes that companies try to build business models around.

  6. Re:Apple is the least of his worries... by soft_guy · · Score: 4, Interesting

    WIndows buyers can already purchase songs from ITMS using iTunes for Windows.

    What he is doing is helping people bypass Apple's terms of service on iTMS (i.e. no Fairplay DRM, no restrictions to 3 machines, etc.)

    --
    Avoid Missing Ball for High Score
  7. Re:So sue him? by mrpuffypants · · Score: 5, Interesting

    Interesting side note too: If you check the code for Apple's web pages, the CSS class for all of their tiny-text legal phrases is named "sosumi".

    Check it out: www.apple.com -> view source -> search for "sosumi" :)

  8. Re:Interestingly enough by Anonymous Coward · · Score: 4, Interesting

    Actually, while there were some discussions on whether hymn should do that, hymn now can create decrypted, watermarked, and playable-on-4.7.x AACs. The watermark is still there.

  9. Re:Yes, let's lump them together. by motherball · · Score: 4, Interesting

    yes, I have several sticks of PC133, but why the hell would anybody want them?

    This is the most classic display of public 'Disobeyance of Authority'. DVD-jon is like an evangelist or something. iTunes, I dont believe is the target, nor were the MPAA when he cracked DeCSS. Its more of classic CIVIL DISOBEDIANCE. I mean, something has to be done here. I'm not talking in the near future, but the slightly more distant. People have to stand up against the copyright enforcers. I mean, that's what we're here for right? We love linux, We love not getting told what to do constantly because we are smart enough to think for ourselves.

    DRM and iTunes or Microsofts or anybody's is becoming a ****ing nuisance. Digital technology just enables people to do this stuff. Its the way things are, and there will come a time when we are really going to have to confront intellectual property and its owners instead of just pissing around and wondering if Apple Legal are going to send him a letter tommorrow or not.

    He can get away with it, so he's doing it. To force their hand. To force all of our hands eventually. I mean, checkout what Lessig is doing. Checkout the Creative Commons and what it really means. We have to be free to do this stuff eventually.
    Or else the world is going to fall into contradiction.

    which I spose it is, .. or isn't in any given period of time....

    read this site:

    http://www.downhillbattle.org/itunes