iPod Cracked, But Does it Matter?

Bennett Haselton writes "The Associated Press is writing that "DVD Jon", known for breaking the copying restrictions on DVDs, plans to market a method for breaking the copy protection on songs purchased from iTunes Music. What's missing from the story is the fact that converting iTunes music into unrestricted formats like MP3 is already trivial. In principle it's impossible to prevent music from being copied anyway, because a user can always play a song through an audio output jack and use another device to record the sound; there are several other methods that work by reducing the same principle to practice. Bottom line: there's no reason yet to get excited about the iTunes-cracking technology (and, indeed, no reason to buy an iPod), when you can already convert songs this way." Bennett's full article on the subject is available below.

According to an Associated Press story, "DVD Jon" Johansen is planning to market a technology for cracking the copy protection on songs purchased from Apple's iTunes Music Store.

This technology will probably be much discussed in the press as the release date draws nearer, but it's a case of using a flame thrower to kill a fly. It's already possible to convert Music Store songs to MP3 without even using any functionality outside of iTunes.

Apple doesn't make this easy to find, of course, and in fact tries to make it look impossible -- if you set your preferred import format to MP3, then right-click on a song in your iTunes "Purchased songs" list and click "Convert selection to MP3", you get the error: "[song name] could not be converted because protected files cannot be converted to other formats". But you can easily burn a series of songs to a CD, then select the songs on the CD and import them into MP3 format. (Of course, if you don't like wasting a writable CD each time you convert your songs, then wait until you've purchased a few more songs and convert them all at once.) All of this is based on core iTunes functionality, which won't go away unless Apple decides to stop letting users (a) burn CDs or (b) import CD songs as MP3 files, neither of which is likely.

But suppose Apple does manage to block this path. (The easiest way I can see would be to write a hidden code on each CD burned from protected songs with iTunes, so that iTunes would refuse to re-import that CD into an unprotected format. Users could re-import the songs with another application, but at least they'd have to open two programs!) You can still use a program like Total Recorder that can capture any sound output on the computer and save it to an MP3 file.

And even if it ever becomes possible for the audio playback application to seize control of the operating system in order to stop programs like Total Control from working, you can always connect a portable MP3 recorder to the audio output of your computer.

It's a common misconception that if a copy-protection algorithm gets broken, it must be because the encryption was too weak or the algorithm was flawed. But the Achilles heel of any such copy-protection scheme is that in order for the content to be playable, the playback program has to "break" the encryption every time, in order to play it. If the content is encrypted using a key, the key has to be stored on the user's computer where the playback program can find it. (If you didn't have to store the key along with the encrypted content, you could use encryption algorithms that are believed to be impossible to break with today's computers, by 15-year-old Norwegians or anybody else.) But even though every copy-protection algorithm is breakable in principle, it's usually easier just to capture the content as it's played back, which is what the previous examples do.

Logically, I think the only algorithm that would help to fight music piracy would be one that embeds a unique "fingerprint" or "watermark" in each downloaded copy of a song -- in the audio itself. A good fingerprint would have these properties:

• it should not be noticeable enough to interfere with the user's enjoyment of the song
• it should not be possible to copy the song in a way that destroys the fingerprint, without degrading the song quality and diminishing its value

A good example is the "cap code" dots that appear in certain frames of a movie; these are supposed to be unique to each movie theaters so that pirated movies can be traced to the theater where they were filmed off the screen. This, of course, doesn't make the film traceable to the individual pirate who filmed it, but it makes the movie theater accountable, and incentivizes them to prevent piracy. Unfortunately the "cap code" dots tend to fail the first criteria above -- people do find them annoying, to the point where they're nicknamed "crap code". (It would also be easy to remove them from pirated copies, but few people bother, since the cap code only gets the movie theater in trouble; it doesn't incriminate the individual movie pirate.) We can only hope that any fingerprints embedded in song files are a lot less intrusive.

In the meantime, don't get taken in by the hype around a new way to "crack" the existed restrictions on copy-protected song files. They were never really protected.