Slashdot Mirror
"DVD Jon" Reverse Engineers FairPlay
breun writes to bring us up to date on the doings of Jon Lech Johansen, known as "DVD Jon" after he cracked CSS encryption at the age of 15. As reported by GigaOM's Liz Gannes, Johansen has now reverse-engineered Apple's FairPlay DRM — but not to crack it. Instead Johansen's company, DoubleTwist Ventures, wants to license the tech to media companies shut out by Apple from playing their content on the iPod. And, soon, on the iTV. Johansen could end up selling a lot of hardware for Apple.
What's that smell..
Oh that's right.. a lawsuit.
Hold on to your hats boys and girls, its going to get fun.
God made the Idiot for practice, and then He made the School Board -- Mark Twain Look for http://Thebar.steelbeachca
Apple will snarl and bite yet another hand. Anyone that thinks Apple is consumer friendly is an idiot.
My karma is not a Chameleon.
DRM will ALWAYS be able to be broken. The idea is to prevent casual abuse en masse and provide a show of good faith to content owners on the part of technology companies like Apple, both of which are exactly what it does.
Now that we've gotten that out of the way, Apple isn't utterly retarded like Microsoft, doing things like making "PlaysForSure" content NOT work on their own devices, and doing other ridiculous and confusing things with DRM. Apple's DRM is unobtrusive enough to most customers that most customers DON'T CARE, and will NEVER "get screwed" by it. Period.
Note I said "most". And ultimately, that's all that counts.
Also, DRM isn't necessarily intrinsically evil. I know there's a lot of belief here that copyright law is hopelessly corrupted, content owners are greedy bastards, the laws surrounding DRM are horrid, and I could go on and on. And all of that may be true. But as long as there is some level of legal protection for someone who generates content and/or their agents, or their agent's agents, or trade groups that represent them, etc., there is nothing intrinsically wrong with using some level of technological means to protect that content from misappropriation under the current body of legal frameworks that cover such use. Everyone who buys content from, e.g., iTunes, knows exactly what the restrictions are. No one is forcing them to buy it.
DRM will never die. Shitty, overly restrictive DRM that pisses off massive amounts of customers will die. But "DRM" in general won't.
Yeah, you missed something. The implication is that Apple will sell a lot more hardware because Johansen will increase the amount of Fairplay protected content available.
Just because I doubt myself does not mean I find your position compelling.
Hah. Nice comeback.
Hey, you were the one who made yourself look like a tool when you posted what you did...these issues couldn't possibly be more unrelated, and just as Apple did nothing to Real (because it can't), nothing will happen to DVD Jon. Sorry to disappoint.
Currently if I want to get my music on iTunes, I can approach apple with it, and get it DRM'd and then sold on iTunes.
Talk to me when DVD Job offers other MP3 player manufactures that ability to use a FairPlay DRM'd song on there own MP3 player. That is the lock in I would like to eliminate (and apple wants to keep).
He is so getting sued & this time his home country's laws will not protect him.
TFA does make an interesting point: he isn't stripping DRM, he's adding it... but isn't that exactly what Apple is licensing?
[Fuck Beta]
o0t!
The author of this article seems confused, or at least implicitly blames Apple for "closing off" the iPod.
The iPod can play non-DRM'd media formats, in mp3, non-FairPlay AAC, etc...
If content from other music stores can't play on the iPod, it's not Apple's fault. It's their own fault, most probably because of the RIAA, for clinging to their own proprietary DRM.
On the other hand, it is Apple's(and the RIAA's) fault that iTMS content cannot play on other devices, and this is why we really need a way to strip FairPlay DRM.
It looks like this technology just benefits the record companies, who want to force all their music licensees into developing proprietary DRM technologies that make every single media device mutually incompatible with every other one.
Sigh.
Luckily, this is old news - Johansen had already circumvented the FairPlay encryption algorithm. He just wanted to develop something which was marketable to other music stores who want to compete with iTMS and who have the RIAA's proverbial gun to their heads. This seems like good news for everyone but the people who are buying the music, and (as I see it) the people who create it, who are tethered to an unfair distribution model.
This is yet another example of why DRM is nothing more than a snakeoil-based totally flawed concept. You CANNOT turn the concept of public key cryptography upside down like that.
Not just public key crypto, but crypto itself.
Cryptography is concerned with making it so that Alice can send a message to Bob, without Charlie being able to read it even if he intercepts the message en route.
DRM is concerned with the same thing, except Bob and Charlie are actually the same person.
In crypto, both the sender and intended recipient are assumed to be trusted (or more precisely does not try to deal with the case where they are not). In DRM, the intended recipient is assumed to be untrustworthy. DRM pretends to be an extension/application of crypto, but it fundamentally breaks the most basic assumptions of cryptography.
The enemies of Democracy are
Not because I agree with either side -- DVD Jon is a bastard for not simply releasing this to the public -- but it looks like it's shaping up to be hilarious and fun to watch in the same way the ending of Dune was. You think you have me surrounded? Beaten? Then, out of nowhere: "If I am not obeyed, the spice will not flow."
Don't thank God, thank a doctor!
All of those changes and restrictions are made possible only because of DRM. So it does actually have everything to do with DRM. Then there's the point that, regardless of what Apple has done so far, it is entirely possible and legal for them to add restrictions at any time on media that you have already purchased. So the GP post was correct that while you may know what the restrictions are now, you have no way of knowing what they'll be tomorrow.
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
All he's done is reverse engineer for the sake of interoperability. Now you'll be able to download songs from, say, Walmart for 88 cents and play them on your iPod.
The next step would be to reverse engineer the iPod, so that you can play iTMS tracks on your Zune or iRiver or whatever other device is out there.
As long as the DRM on these other players works just as well as the iPod, the only thing that changes is that the single-vendor lock-in that Apple has worked so hard to create gets shattered. This is good for the consumer, and may perhaps be what finally moves DRM from the "evil" category over to "annoyance" in the mind of consumers, thus increasing the market size.
Only an idiot would voluntarily lock themselves in to a single vendor (Apple, Zune Marketplace) if they had the choice. PlaysForSure was Microsoft's shot at creating an open marketplace for players along with an open market for media players, which, if DRM must exist, is the best market situation from the consumer perspective: you get to pick the best music store (or several of them) and the best player (or several of them). Music and players are interchangeable commodities.
I still don't like the fact that downloaded music is licensed in stead of purchased (as with a CD), but if all DRM were made interoperable (as France recently tried to do), the difference would be tolerable.
I still plan on purchasing CDs for the foreseeable future, but this developement is definitely welcome.
...because "hacker" sounds way sexier than "code drone."
Agreed. And this is why they're going to come down hard on Jon, not because they really care that much about the iTMS, but because it might encourage sales of other MP3 players at the expense of the iPod.
If Apple really was interested in running an online music venture and making their money there -- as in, really having that be their core business -- they would have tried to license out FairPlay as widely as possible and make it a de facto standard. (Which it already practically is, without licensing; given that the iPod is the de facto standard MP3 player.)
However, since the iTMS is really only there to grant legitimacy to the iPod as a device (does anyone remember how the music industry was screaming bloody murder about iPods being "piracy machines" back before the music store existed?), it makes no sense for them to share this "excuse" with anyone else's MP3 players. They benefit more from a consumer who buys an iPod than they do from a consumer who buys a few iTMS songs -- you'd have to buy a LOT of music to give Apple the same amount of profit that they get from a single iPod, and most people don't buy that much.
I think you'll see Apple go after this in the courts if it can, or just start a vicious cycle of "upgrades" and "enhancements" to the format if it can't.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
The fact that you can be a "content owner" rankles.
Back in the old days, the only way to get music was to have musicians in house. The only way to have a play was to have players in house. The performers had control of the content.
Thanks to recording and physical media became distributable without the original producers. Tough break for the musicians and players. The performers lost control of the content, the distributers gained it. Do you really think the distributers gave a shit about the performers?
Now, thanks to electronic media, the music is distributable without even the distributers. Tough break for the distributers. They lost control of the content. Do you really think the public cares about the distributers?
Your business model is obsolete. Grow up and find a new one instead of lobbying for laws to prop it up with.
All people are doing is cutting out the middleman - evil or not, technology has passed them on and they don't like it one bit that the shoe is now on the other foot.
Question everything
Just because he cracked the fairplay scheme doesn't mean he has seen the code.
You seem to think that "cracking" something of this sort doesn't involve reverse engineering it. In fact, all of the "cracking" that I can recall DVD-Jon doing (CSS, FairPlay) has been the result of him reverse engineering available implementations.
Nice try though.
There is no -1 Disagree mod. Slashdot.org/faq defines mod options. USE IT.
Wrong. None of those changes had anything to do with DRM. They applied to the behavior of the software in general, regardless of whether files had DRM or not. These were intrinsic to the behavior and featureset of iTunes, and had nothing to do with, nor were they enabled by, DRM.
Yes, it is the iTunes software that has the behavior irrespective of whether the file has DRM.
However it is the DRM that prevents you from bypassing the iTunes software and its behavior by using some other software that does not have the same limitations.
Thus while the behavior is part of the software, it is the DRM that restricts you to using that particular software, and thus turns a behavior into a restriction. Thus any changes in iTunes behavior in the future is made into a future restriction by DRM and DRM alone.
I have a hard time believing you don't actually understand this.
So, we can only go on Apple's track record, which has so far been positive and has included negotiating aggressively with content owners for the least restrictive DRM possible.
Right, as I say in another post, they have found a very nice compromise. Who knows if this is temporary or not, and the whole point is that because of DRM -- and only because of DRM -- we are subsequent to any future changes thay make whether they are nice or not.
The enemies of Democracy are
IANAL. However:
DVDJon and his company are not just circumventing DRM. They are eviscerating meta-DRM:
On one hand, they are circumventing FairPlay's copyright protection technology. Seems like a clear-cut violation of the DMCA, doesn't it?
However, as long as they don't publicize their circumvention method, but instead make it available under NDA to legitimate customers, they are providing an avenue for Apple's legitimate competitors to enter the iTMS market. Competition has been explicitly protected w.r.t. the DMCA.
DVDJon &co. are "crossing the streams" and make DRM itself the subject of competition. DMCA may make circumventing copyright protection illegal, but the 6th Circuit said that you can't use the DMCA to stifle competition. So, can you use the DMCA to stifle DRM competition?
If the court says that DVDJon can't [enable someone to] make a legitimate iPod clone, the DMCA is set up for a major anti-competitive argument, complete with precedent, all the way to the SCOTUS.
If, one way or another, competition (legitimate, not free "competition" from unauthorized downloads) is upheld over this meta-DRM that DVDJon is attacking, then any DRM moves closer to commodity status. That reduces the incentive for tech companies to invest in DRM - a Very Good Thing by itself. But it also opens holes to, hypothetically speaking, the MPAA members' wet dream of having your HD-DVD/Bluray player ask the mothership for permission before it plays the next episode of The Sopranos.
All in all, very well played.
What is not clear is how the reverse engineered FairPlay will be marketed. If it is marketed to the online music retailers so they can offer iPod compatibility, then Apple probably doesn't really care enough to take action. If it is marketed to the portable music player hardware manufacturers, then Apple will definitely care because the iPod sale is its bread and butter.
The first scenario makes a lot more overall financial sense because the iPod dominates the market as an end user device. The reason that other portable players have been crushed in the market is not because there is a lack of online music retailers who sell content that is compatible with those devices. It is actually the opposite - there are tons more online music retailers who sell content for non-iPod devices. The reason is that the device of choice is the iPod, and the only online music retailer who sells content from the major music publishers that can be licensed for the iPod is iTMS. If the other online music retailers could also license DRM'd music from the major music publishers for the iPod, then the only threat is to the revenue stream of iTMS - not the iPod.