Apple AirPlay Private Key Exposed

An anonymous reader writes "James Laird has reverse engineered the Airport Express private key and published an open source AirPort Express emulator. 'My girlfriend moved house, and her Airport Express no longer made it with her wireless access point. I figured it'd be easy to find an ApEx emulator — there are several open source apps out there to play to them. However, I was disappointed to find that Apple used a public-key crypto scheme, and there's a private key hiding inside the ApEx. So I took it apart (I still have scars from opening the glued case!), dumped the ROM, and reverse engineered the keys out of it.'"

Slashdotter already

[tolydude]

Or was it taken down by Apple's request?

Re:Slashdotter already

[hellfire]

Slashdotted. The entire server appears down, not just the page.

Re:Slashdotter already

[HungryHobo]

well the whole server seems to be down so I'd go with a simple slashdotting.

Re:Slashdotter already

Here's the key on the VideoLan boards.

Airport RSA Key

Re:Slashdotter already

[Runaway1956]

I can load that article from a number of sources that Google throws up - but none of them actually give the key.

Re:Slashdotter already

[xded]

Google cache for blog entry, sources on original website (these still work to me).

Re:Slashdotter already

[Hazel+Bergeron]

And here's a post which may or may not receive a takedown notice from Apple. Remove the extra spaces inserted to evade the lameness filter.

-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA59dE8qLie ItsH1WgjrcFRKj6eUWqi+bGLOX1HL3U3GhC/j0Qg90u3sG/1CUt
wC5vOYvfDmFI6oSFXi5ELabWJ mT2dKHzBJKa3k9ok+8t9ucRqMd6DZHJ2YCCLlDRKSKv6kDqnw4U
wPdpOMXziC/AMj3Z/lUVX1G7W SHCAWKf1zNS1eLvqr+boEjXuBOitnZ/bDzPHrTOZz0Dew0uowxf /+sG+NCK3eQJVxqcaJ/vEHKIVd 2M+5qL71yJQ+87X6oV3eaYvt3zWZYD6z5vYTcrtij2VZ9Zmni/
UAaHqn9JdsBWLUEpVviYnhimN VvYFZeCXg/IdTQ+x4IRdiXNv5hEewIDAQABAoIBAQDl8Axy9XfW
BLmkzkEiqoSwF0PsmVrPzH9Ks nwLGH+QZlvjWd8SWYGN7u1507HvhF5N3drJoVU3O14nDY4TFQAa
LlJ9VM35AApXaLyY1ERrN7u9AL Kd2LUwYhM7Km539O4yUFYikE2nIPscEsA5ltpxOgUGCY7b7ez5
NtD6nL1ZKauw7aNXmVAvmJTcuP xWmoktF3gDJKK2wxZuNGcJE0uFQEG4Z3BrWP7yoNuSK3dii2jm
lpPHr0O/KnPQtzI3eguhe0TwUem/e YSdyzMyVx/YpwkzwtYL3sR5k0o9rKQLtvLzfAqdBxBurciz
aaA/L0HIgAmOit1GJA2saMxTVPNh AoGBAPfgv1oeZxgxmotiCcMXFEQEWflzhWYTsXrhUIuz5jFu
a39GLS99ZEErhLdrwj8rDDViRVJ5s kOp9zFvlYAHs0xh92ji1E7V/ysnKBfsMrPkk5KSKPrnjndM
oPdevWnVkgJ5jxFuNgxkOLMuG9i53 B4yMvDTCRiIPMQ++N2iLDaRAoGBAO9v//mU8eVkQaoANf0Z
oMjW8CN4xwWA2cSEIHkd9AfFkftuv8 oyLDCG3ZAf0vrhrrtkrfa7ef+AUb69DNggq4mHQAYBp7L+
k5DKzJrKuO0r+R0YbY9pZD1+/g9dVt9 1d6LQNepUE/yY2PP5CNoFmjedpLHMOPFdVgqDzDFxU8hL
AoGBANDrr7xAJbqBjHVwIzQ4To9pb4B NeqDndk5Qe7fT3+/H1njGaC0/rXE0Qb7q5ySgnsCb3DvA
cJyRM9SJ7OKlGt0FMSdJD5KG0XPIpA VNwgpXXH5MDJg09KHeh0kXo+QA6viFBi21y340NonnEfdf
54PX4ZGS/Xac1UK+pLkBB+zRAoGAf0 AY3H3qKS2lMEI4bzEFoHeK3G895pDaK3TFBVmD7fV0Zhov
17fegFPMwOII8MisYm9ZfT2Z0s5Ro3s5r kt+nvLAdfC/PYPKzTLalpGSwomSNYJcB9HNMlmhkGzc
1JnLYT4iyUyx6pcZBmCd8bD0iwY/FzcgN DaUmbX9+XDvRA0CgYEAkE7pIPlE71qvfJQgoA9em0gI
LAuE4Pu13aKiJnfft7hIjbK+5kyb3TysZvoyD nb3HOKvInK7vXbKuU4ISgxB2bB3HcYzQMGsz1qJ
2gG0N5hvJpzwwhbhXqFKA4zaaSrw622wD niAK5MlIE0tIAKKP4yxNGjoD2QYjhBGuhvkWKaXTyY=
-----END RSA PRIVATE KEY-----

Re:Slashdotter already

[agentgonzo]

I read TFA before it got slashdotted. The summary is the entire blog entry. Nothing more to miss.

Re:Slashdotter already

[Fex303]

That's amazing! I've got the same combination on my luggage!

Re:Slashdotter already

[Shakrai]

No one time pad. Less space than a TrueCrypt container. Lame.

Re:Slashdotter already

[MonsterTrimble]

What the hell do you have in your luggage that needs THAT?!?

Re:Slashdotter already

[LordNimon]

Whoosh!

http://www.youtube.com/watch?v=K95SXe3pZoY

Re:Slashdotter already

Except this: http://mafipulation.org/static/shairport-0.02.tar.gz

Re:Slashdotter already

[jank1887]

wow. that combo lock must be HUGE.

Re:Slashdotter already

[hey!]

Thanks for that. One thing about getting older is that your memory doesn't dish up all the bits you need on time. So you end up having conversations like this:

Me: Hahaha!
Wife: What's so funny?
Me: Look what this guy wrote: 'That's amazing! I've got the same combination on my luggage!' Haha!
Wife: Why is that funny?
Me [frowning]: I don't know.

Re:Slashdotter already

[Lumpy]

Maybe the server busted a move and is making it with the internet?

"My girlfriend moved house, and her Airport Express no longer made it with her wireless access point." I still dont understand this...

Re:Slashdotter already

[capmilk]

What the hell do you have in your luggage that needs THAT?!?

An Airport Express Station.

Re:Slashdotter already

[Lunaritian]

Did anybody else notice the part "Lie Its"?

Re:Slashdotter already

[dgatwood]

What is there to understand?

His girlfriend was the director of programming for Fox and changed the time slot for House. This made her Airport Express mad at her, so it is withholding sex with her other wireless access point as punishment.

I mean, jeez. How hard can it be to understand? Seems pretty straightforward to me.

Re:Slashdotter already

[kevinmenzel]

http://www.youtube.com/watch?v=a6iW-8xPw3k&feature=related has the context that makes it even funnier.

Re:Slashdotter already

[dgatwood]

I guess obtaining the key must have been a piece of cake....

Re:Slashdotter already

[gumpish]

Well... I didn't realize it was a Spaceballs reference and it's still funny.

The idea that any suitcase would be capable of accommodating a combination that long (using a conventional suitcase locking mechanism) is comically silly.

Re:Slashdotter already

[maestroX]

:-) Try and explain 'sudo get me coffee'

Re:Slashdotter already

[tater86]

If it's funny because it's a Spaceballs reference, was it funny when it was just in Spaceballs?

I would say yes, it was actually funnier when it was just in Spaceballs. Not having seen Spaceballs, you probably found it almost as funny as a first time watcher of Spaceballs. Unfortunately, when you see Spaceballs, its humor will be diminished. It's a net humor loss for you, gumpish, and I am sorry.

Re:Slashdotter already

The idea that any suitcase would be capable of accommodating a combination that long (using a conventional suitcase locking mechanism) is comically silly.

That's just the thing - it isn't a conventional locking mechanism. It has only one button, and he types the combination in Morse code.

Re:Slashdotter already

[dgatwood]

Too subtle? :-D

Interesting...

[Retron]

How long before we see some hacked firmware for normal routers, I wonder?

Re:Interesting...

[jimwelch]

Huh? Do you mean like the DD-wrt project or a hundred other projects or something else?

Re:Interesting...

[Stavr0]

How long before we see some hacked firmware for normal routers, I wonder?

That's a great idea... but I can't seem to find the audio-out on my Linksys router ...

Re:Interesting...

[camperdave]

How long before we see some hacked firmware for normal routers, I wonder?

That's a great idea... but I can't seem to find the audio-out on my Linksys router ...

You need wifi-enabled headphones.

Re:Interesting...

[Mia'cova]

You can get a cheap USB sound card for $15 that'll give you outputs. Presumably if you're running a linux-based firmware, there should be some acceptable driver/hardware combination for this. I have a switch behind my stereo to split things up for the 360, ps3, etc. It'd be rather nice to have airplay support going directly from the router into the receiver. I can't wait to see someone hack this together!

Re:Interesting...

[.tekrox]

Lost of Asus routers have USB and work with OpenWRT/DD-WRT/Tomato.
OpenWRT and DD-WRT already even have *working* USB-Audio class drivers...

Apple-time

[sanosuke001]

Apple is going to make life a royal pain in the ass for this guy for releasing this publicly...

Re:Apple-time

[Midnight+Thunder]

You mean he is going to have to go on vacation as well?

Let's see whether Apple or Sony works out to be the biggest pains when it comes to having their keys exposed.

Re:Apple-time

[Mia'cova]

Let's see someone add airplay support to the ps3. See how many companies can get pissed off at once. If you play it right, they could be goaded into fighting each other. Fingers crossed! Maybe these companies will finally deliver something entertaining to watch :)

Re:Apple-time

Add AirPlay support to the PS3 with DRM'ed-WMA capabilities and you got the big three all at once!

Oh wait, nobody's using WMA. Never mind.

Re:Apple-time

[ceoyoyo]

I doubt it. I think Apple has gotten tired of encrypting AirTunes anyway. Despite the title of the article, AirPlay is not encrypted - only the music portion which is really AirTunes. So it was easy to write an AirTunes receiver for video and photos but not music, I suspect due mostly to historical reasons.

Re:Apple-time

Why, for making a public key public? Come-on, even a lawyer will have trouble with that...

Re:Apple-time

And Groklaw won't cover it!

Re:Apple-time

Sony aren't interested in what's best for the consumer. The PS3 won't touch modern ipod thanks to how apple require proprietary protocols instead of the far simpler and more user friendly external drive. So in this case, Sony won't care in the slightest.

Re:Apple-time

[jimicus]

Hmm.

Music. Being streamed in realtime from one wireless device to another.

Do you know, I rather suspect the reason for the encryption might be less to do with Apple and more to do with a certain industry we all love to hate. Last two initials of the organisation that represents them are AA.

Re:Apple-time

[ceoyoyo]

Probably. The RIAA had a lot more clout against Apple when the airport express and AirTunes was introduced than they do now though. Apparently Apple isn't worried about the MPAA objecting to their recent negligence in not encrypting the video (and audio associated with video) portion of AirPlay.

Re:Apple-time

[sabt-pestnu]

With Groklaw going off the air mid-may, I'll be losing shows like "SCO on Ice" and "Fun with Hotz and Sony". Maybe the new "Battle of the Corporate Stars" will fill my evenings.

Re:Apple-time

Stack on top of it access to Amazon's Cloud Drive and you have a winner!

Re:Apple-time

[guruevi]

AirTunes (the predecessor to AirPlay) was also 'hacked' and released with even a commercial distributor of software that would work with it (Rogue Amoeba I believe). Apple doesn't so much care about the hacking of their systems, they're probably happy somebody finally did while on the other hand they can claim to the **AA - we implemented your precious DRM so we can keep selling your crap.

Re:Apple-time

Got to burn them all!

Re:Apple-time

[plover]

Why, for making a public key public? Come-on, even a lawyer will have trouble with that...

No, he made a private key public. RTFT. Not that Apple didn't already make it public by sending him a copy embedded in the ROMs of the machine he purchased from them.

Please tell me

[MarkRose]

If you extract the ROM out of an Apple device, is that a core dump?

Re:Please tell me

Well played sir!

Re:Please tell me

[ScrewMaster]

If you extract the ROM out of an Apple device, is that a core dump?

It's a bit slice.

real easy innit

[amn108]

I like how easy he makes it sound :-)

Things you need to hack the Airport Express:

1. Girlfriend
2. A pinch of dissappointment
3. Wilingness to break open glued Apple casing

Re:real easy innit

[Runaway1956]

1. Girlfriend

That leaves out most slashdotters, right?

Re:real easy innit

[grub]

s/Girlfriend/RealDoll/g

There you go.

Re:real easy innit

[BigDish]

Have you ever tried to open one of the glued-together cases? That's by far more difficult than getting a girlfriend

Re:real easy innit

[johnsnails]

got to love vi... although cannot remember off hand what the /g does. im such a n00b!

Re:real easy innit

[0100010001010011]

Have you ever tried hooking up with a girl after a long August day? #3 is much easier.

Re:real easy innit

[leehwtsohg]

Are you kidding? I did it in an evening (apple aluminum keyboard...). Girlfriends are in a totally different league.

WOOSH for me, I guess....

Re:real easy innit

[gstoddart]

1. Girlfriend
2. A pinch of dissappointment

Don't know about you, but I've found that #1 can lead to #2 -- and has on several occasions.

Re:real easy innit

[hoggoth]

/g/=global, ie: substitute all, not just the first occurrence

Re:real easy innit

[erroneus]

I wouldn't. I've got a wife and I can tell you first hand, it's HARD to have a girlfriend and a wife.

Re:real easy innit

[clickclickdrone]

>2. A pinch of dissappointment
The considerably less lethal version of Spock's death grip.

Re:real easy innit

[initdeep]

it's ok.
it's not the size that matters.

Re:real easy innit

[somersault]

Regular Expressions are used in a lot more than just vi..

Re:real easy innit

[Midnight+Thunder]

1. Girlfriend

That leaves out most slashdotters, right?

Yeah :'( I am starting to wonder whether I'll find one I want to be with before I'm 60. I am starting to wonder whether I am simply v-sexual - only able to have any relationships with virtual entities. I don't want to be an expert in the theory of human relationships. This is one place where an applied subject is of more interest.

Re:real easy innit

[__aaqvdr516]

s/vi/perl/g #for example

Re:real easy innit

But there's crazy hot sex while the GF tries to lure you away from the wife. Mmm, desperation lovin'!

Re:real easy innit

There is no Vulcan death grip! (although there is a Vulcan technique for breaking necks).

Re:real easy innit

[Shakrai]

Yeah :'( I am starting to wonder whether I'll find one I want to be with before I'm 60

Stop despairing and get out there and date. Even Geeks can find true love. With 6.7 billion people on this rock there is literally somebody for everybody. Do you doubt what I say? Head over to your local Wal-Mart sometime and observe how many of less than desirable natives are holding hands or wearing wedding bands. You are going to lay down and accept a world wherein those people get to reproduce and you don't? Rest assured there are plenty of geek chicks on this planet. Do you think they would rather wind up with one of those Wally World men or a fellow geek like yourself?

Re:real easy innit

[Provocateur]

Is this where Spock does you a favor by using his left hand instead of his right?

Re:real easy innit

[alexborges]

You are supposed to be smart enough to afford buying one.

Re:real easy innit

[gstoddart]

Yeah :'( I am starting to wonder whether I'll find one I want to be with before I'm 60. I am starting to wonder whether I am simply v-sexual - only able to have any relationships with virtual entities. I don't want to be an expert in the theory of human relationships. This is one place where an applied subject is of more interest.

Dude, they even have web sites nowadays which are designed to make the process easier ... some of them even give you matches based on some personality scores that they use to determine you might get along.

So, you're either an impossibly difficult to get along with person, tremendously ugly, or expect that you're going to get a Playboy Playmate. Girls wouldn't be walking around with "Talk Nerdy To Me" t-shirts if the geek wasn't at least something of a desirable demographic.

Go to match.com or eHarmony or something ... you might find that stably employed, educated, and not criminally insane actually act in your favor. :-P

Why does everyone on Slashdot sound so helpless when it comes to meeting people? The extent to which being tech savvy has increased hugely over the years -- if 50%+ of relationships are people who met online, you should have a leg up in terms of understanding how to begin the process.

Start looking for possible places here.

Re:real easy innit

[Lumpy]

Betting your problem is that your expectations are too high for your assets. I know several super nerdy friends that say...

"I'll only date HOT chicks!" yet they weigh 380 pounds and dont shower... Guess what, my super nerdy friends have never had any dates let along girlfriends.

To up the ante and nab the attention of women in your asset range... Clean more often than you think you need it. Yes a shower daily is required, as is teeth brushing and deoderant... try a nice light and popular scent as well.

Learn to be funny and outgoing. Be someone that talks to others first being a great guy.. buy and read twice "how to win friends and influence people".

Update your wardrobe. For whatever Clique you like get some updates for what you wear. If the new Brass and green glass steampunk glasses are the rage in your steampunk life, then that is what you need. DONT attempt to date outside your style... A goth-grunge pothead is not going to score a abercrombie wearing chick in daddy's convertible.

Learn about the other sex.. do you know the signs that she likes you or is at least not repulsed? Hint: she is not going to tell you. you need to read human reaction.

Finally, re-assess your reality with your goals.... Again, if you are not a perfectly crafted example of the human male, you have ZERO chance of landing a mega hottie unless you can over come it with buckets full of money. And then you only have arm candy with no brain who only wants your cash. Dont get me wrong, it's fun to see how far arm candy will go, but they are not a "keeper" past the first few weeks.

Now: here are some secrets... if you are a uber Nerd, there ARE hot uber nerd girls out there, they just dont dress hot, or even know they are hot. One in the SCA group I know looks like a dog most of the time until I caught her changing her clothes, she wears baggy everything to hide that she is actually smoking hot, and if she actually did something with her hair and got that giant mole cut off her face she would be something to behold... Problem is if you help them out of their "uglify myself" shell and let them realize how hot they are, they realize how hot you are not if you dont transform yourself as well.

Hot nerdy girls are rare as hell, you have a 1 in 10000 chance of seeing a hot nerdy girl. so Lower your sights. start at "not a mouth breather" and work up from there.

Re:real easy innit

[Lumpy]

That's because you used the wrong software..

you need to upgrade girlfriend to mistress. but this requires first finding a wife that is not tied down to Quaker and Puritanical ideals. I know a guy that has a wife and 3 mistresses, and yes the wife knows about them and he knows about her men...

Sometimes pagan women are so hot.....

Re:real easy innit

[Lumpy]

Not if you freeze them with dry ice and hit them with a hammer...

Yes it works with glued together cases as well.

Re:real easy innit

[dev.null.matt]

Even more amazingly, there are even geek dating site out there. One of my friends from college has been dating a girl that he met on Geek 2 Geek. He didn't want to admit where he met her at first, but everything seems to be going well (she even server transferred her WoW toon so she could raid with his guild).

Re:real easy innit

[Gruturo]

Not if you freeze them with dry ice and hit them with a hammer...

We're not still discussing girlfriends, right?

Re:real easy innit

[StikyPad]

Seriously... what's a guy gotta do to find a deity worthy of the pedestal he puts her on?!?

Re:real easy innit

[StikyPad]

Marriage: It's a lot of work, but in the long run, eventually one of you dies.

Re:real easy innit

[iampiti]

It's not that hard. You just have to lower your expectations. It sounds sad but it's true. It's the only way us not rich-and-or-handsome men can get girls. Good luck.

Re:real easy innit

That's not a very nice way to treat a girlfriend.

Re:real easy innit

[Herr+Brush]

>2. A pinch of dissappointment The considerably less lethal version of Spock's death grip.

That made me laugh but I have no mod points I'm afraid. Well played!

Re:real easy innit

[russotto]

Stop despairing and get out there and date. Even Geeks can find true love. With 6.7 billion people on this rock there is literally somebody for everybody.

That would be statistically unlikely, and the greater the number of people the less likely it becomes.

Re:real easy innit

Applied by your girlfriend to your balls.

Re:real easy innit

[SockPuppetOfTheWeek]

That depends... are you Hans Reiser?

Re:real easy innit

[ScrewMaster]

Marriage: It's a lot of work, but in the long run, eventually one of you dies.

LIfe's a bitch, then you marry one ... and then you die.

Re:real easy innit

[mattack2]

It works for Jerry Weintraub.

(Amazingly, I googled "producer with girlfriend and wife" and the first result had his name.)

Re:real easy innit

[bill_mcgonigle]

Agreed except for this part:

Rest assured there are plenty of geek chicks on this planet. Do you think they would rather wind up with one of those Wally World men or a fellow geek like yourself?

Geeks shouldn't reproduce with geek chicks. Spread the genes around a bit. Too much of a good thing is a bad thing.

Re:real easy innit

[Festeron]

LOL, literally. Some tears of laughter.
And no mod points, or you'd get them all.

Still giggling.
Thank you.

Hooray!

[RobbieThe1st]

If only we had more people like this around; people willing and able to void the warranty and hack things. I know there are a few, but every story like this is great. James, good work!

Re:Hooray!

[CharlyFoxtrot]

You mean people with the disposable income to be able to trash perfectly good hardware instead of flogging it on eBay ?
Nevertheless, interesting hack.

Re:Hooray!

[fuzzyfuzzyfungus]

Arguably, extracting the private key that serves as the artificial restriction preventing 3rd party software and/or devices from serving as airplay sinks is a much more value-creating activity than just reselling the widget.

Re:Hooray!

[CharlyFoxtrot]

This is like the argument I had with a colleague who extracted the SID-chips from used c64's to use in some kind of synthesizer. He claimed he was giving them a second life but all I could see was him murdering a perfectly good computer and leaving a desecrated mangled corpse. I guess it depends on your POV :-)

Re:Hooray!

[fuzzyfuzzyfungus]

I'd be inclined to look more favorably on this case. Airport Express units are still in active production, so supplies are limited only by your budget for them, and the sacrifice of a single one has now allowed a much greater pool of devices to incorporate a useful feature(since every other aspect of airplay has interoperable replacements written, but the lockdown key was missing).

An analogous case would be somebody decapping the chips in a C64 in order to produce a fully accurate emulator: the sacrifice of a single unit would provide the data needed to produce an unlimited number of replicas.

Open source win

[jhigh]

Score one for the good guys. This is just further proof that security through obscurity is a myth. You cannot expect that keeping everything locked inside your proprietary case is going to keep it secure. The best security is sunlight. Let the community poke and prod at your software and/or hardware and it will only improve your offering.

Re:Open source win

Because if Apple would have published this information it would have stopped this how exactly?

Re:Open source win

[walshy007]

You cannot expect that keeping everything locked inside your proprietary case is going to keep it secure.

I don't know about that... there are plenty of ways to build a really strong case as such that if it's broken open whatever is inside is completely destroyed.

Re:Open source win

Score one for the good guys. This is just further proof that security through obscurity is a myth.

Um.. ((knowingly?) poorly implemented?) public key crypto?

"Proving" such makes you a good guy??

Re:Open source win

[zill]

But will these techniques be employed in a product that costs $20 to manufacture and retails for $100? Probably not.

Re:Open source win

[agentgonzo]

This is just further proof that security through obscurity is a myth.

Unfortunately, you can boil the entirety of information theory to 'security through obscurity'. Airplay uses public key encryption and is in that sense 'secure'. Everything that needs to read the encrypted content (in this case the airplay device) needs to have the key to decrypt it. Thus you can argue that the whole system is 'security through obscurity' because it is relying on the 'obscurity' of the private key that the end-user can't get access to (unless the pry it open with a butterknife and dump the ROM).

Re:Open source win

[Mia'cova]

Since when has public/private key encryption been consider obfuscation? The protocol is shared with companies building airplay products. Presumably different products get different but valid keys. If you want to emulate a device, you need to reverse-engineer the hardware to find the key. Since it's a consumer product, eventually someone will be able to extract the key. It's about protecting the product from duplication. Making it open doesn't exactly stop people from making cheap knockoffs.

Re:Open source win

The good guys? If I was depending for my livelihood on the stuff I had written, would I be happy to see someone else disassemble it and publish my private datato the world?

Wait, I do depend on code.... And my code has been disassembled and used to build other products. And I know I lost money as a result. A lot of money.

And you call people who do this sort of thing "The good guys"? It's one thing to examine code to improve it, it's another thing to extract private keys and use them to circumvent someone's hard work.

Re:Open source win

there are plenty of ways to build a really strong case as such that if it's broken open whatever is inside is completely destroyed.

There are plenty of ways of bypassing such protections as well, especially if you have many such devices to play with. Just open one up. Unless the mechanism involves explosives (unlikely in a consumer product) you can figure out how it works and how to open it without triggering the self-destruct mechanism, then you have plenty of tries to do it.

Re:Open source win

[rsilvergun]

I haven't read the post, but my understanding is cracks like this are possible because companies cut corners to get their code running on low end embedded devices. As chips get faster they stop cutting those corners and the hacks go away :(

Re:Open source win

How exactly is posting the private key and source code for a SOFTWARE emulator of a HARDWARE product circumventing someone else's hard work? They server two different purposes. He's not stealing the code or the hardware itself.

Sure, some knockoff company can use the key to make a knockoff, but that's nothing they aren't (and have been for some time) able to do themselves.

Get off your high horse. Just because you've been burned doesn't mean everyone's carrying a lighter.

Re:Open source win

[queazocotal]

Yes. Eventually.
Reverse engineering and hacking closed stuff is ____NOT___ a victory.
It sends the wrong signals.
'Protected stuff sells just fine'.
'We don't need to worry about little guys stealing our market as the nerds can hack our cheap boxes'.
'Appeasing content providers is an easy buisness model'

The problem with hacking is that it's getting easier to protect stuff.
A decade ago, if you were making a router, you had little choice to make it from a CPU chip, a ROM chip, and a RAM chip.
All soldered to a board, with comparatively accessible traces.

Ok - worst case, you needed to desolder the flash, and it was really annoying to do.

There is almost no way to protect keys in this beyond the 'normal' code obfuscation methods.

Now, increasingly security architecture is moving on-chip, and becoming cheap. Partially as a
side-effect of making devices more flexible.
Many or even most small 32 bit chips now have a small area of ROM that handles the initial boot,
and some user-settable one-time writable memory.

Because it's 'free' (a K or two), these often now include routines that will let the user on initial flash
(or in production of the a large number of chips) say 'only boot from a bootloader with key authenticated
by the in-ROM key'

To get to this key is practically very hard - especially if the vendor has taken measures - covering the few
bytes of ROM in question with metalisation - to prevent this.
You can't get at it with a soldering iron.
You can't often now even get at the off-'chip' RAM or ROM easily now, as it's not on seperate chips, it's on
chips laminated to the CPU.

Geohot - for example - did nothing at all clever cryptographically.
He exploited a basic bug in the implementation that is the sort of thing you get when someone reads the
manpage on a crypto function, and implements it, not really understanding all of the twiddly bits, and leaving
some out.

Getting crypto right with modern chips is getting increasingly easy - it is not more expensive or needing more
hardware to get it right, it simply needs employing someone with a clue to look over your code.
Drop 20K on http://www.schneier.com/ - for example - or basically anyone that's actually understood crypto,
and is not just writing it as a 'normal' program.

The only 'right' way to respond to this is to buy open platforms.
Unfortunately, this is often hard.

Re:Open source win

[YesIAmAScript]

You repeat the mantra, but do you understand it?

How would the open source community solve this problem?

What version of device authentication doesn't involve having a critical secret key on the device being authenticated? Such a secret is the very basis upon which authentication works.

The only possible solution to this that I know if is different hardware that guards the key better and I don't know that the open source community is going to provide that.

Re:Open source win

[Hatta]

An open source implementation would not have locked the user out of his own device with public key crypto in the first place, making this hack entirely moot.

Re:Open source win

[metamatic]

What version of device authentication doesn't involve having a critical secret key on the device being authenticated?

For the purpose of streaming audio between two devices on my home network, a user-assigned password would be more than sufficient; there was no need for private key crypto. The private key was not for authenticating that the device was authorized by me, it was for authenticating that the device was sold by Apple.

Re:Open source win

[sjames]

Except that this isn't what is meant by security by obscurity. Knowing the RSA algorithm doesn't allow you to read anything as long as reasonable keys are chosen. Using rot13 for "security" would be security by obscurity. So would using an undocumented protocol or port number.

This is a related problem that you can't distribute a key widely and keep it to yourself at the same time. You can TRY to limit the uses of the key, but eventually someone cracks the case and obtains it anyway.

Sony's problem is related but different. They didn't implement the key security properly, so someone was able to derive the secret key from the public key.

Re:Open source win

[PingXao]

"Security through obscurity is a myth."

It works just fine assuming you get the details right, and while it's true most implementations don't, some do, and they are wildly successful. Saying that it's a myth is a generalization that is simply wrong.

When was the last time you heard about Firewire 1394 DTCP encryption getting cracked? Millions of people have cable STBs with firewire 1394 output. DTCP has been protecting firewire video streams for a dozen years, and no serious attack on it has ever been revealed. DTCP relies a great deal on security through obscurity. Details of the M6 cipher it uses are unknown. Selection of the ECC curve is unknown.

You might think that maybe someone IS working on it, after all, the related (but not the same) HDCP has been cracked wide open, but there is no evidence anywhere that indicates DTCP has been cracked. If it was cracked in some underground lab somewhere you would at least expect to see HW or SW available somewhere that would take advantage of the crack.

But there is nothing, only crickets chirping in the dark while a great example of security through obscurity continues to perform flawlessly year after year after year. And that's no myth.

Re:Open source win

[chgros]

information theory
You probably mean "cryptography". Information theory is related but different.
Anyway, cryptography makes a distinction between "obscure" and "secret". The idea is that good cryptography requires a secret. If something is in your possession (like a program on your disk), it's not secret to you (exception could be made for some secure chips that are designed specifically so that you can't read their secret).

Re:Open source win

[Chrontius]

The only 'right' way to respond to this is to buy open platforms. Unfortunately, this is often hard.

This is more often than not impossible in my experience, not having particularly deep pockets.

Re:Open source win

[Thomas+Shaddack]

Big deal. So take a few years developing homemade microprobing systems. Quarter-watt lasers are in every DVD writer, electromagnetic lens actuators in DVDs routinely achieve submicrometer accuracy... Amazing things can be done if we don't consider them impossible.

I wouldn't be surprised if in couple years a microprobing kit is being sold on seeedstudio or sparkfun.

So go after the very principles and make the playing field equal. Few years ago SMD would be an obstacle. Few years before then, programmable chips would be an obstacle. Few years in the future, everything-on-a-chip will not be an obstacle.

Hack the planet. It's ours anyway, so let's take it back.

Re:Open source win

[queazocotal]

You can't microprobe under metalisation.

Re:Open source win

[AmiMoJo]

I think you don't give enough credit to some of these guys. Apple's implementation was very poor but Sony's wasn't that bad, all things considered. It kept the best commercial hackers out for years and when it was being designed the technique used to break it was unknown. Basically Geohot glitched the memory bus by attaching probes to it in order to corrupt the memory allocation table maintained by the Hypervisor. He was then able to access the protected parts of the PS3s memory and someone else used that access to find the flaw in the USB driver that allowed jailbreaking.

The glitching technique is fairly new, the first reference I saw to it being a year or two back when another hacker used it to access the protected ROM inside a Gameboy CPU. Until then that ROM had never been dumped, in other words it remained secure for what, 20 years?

Side channel attacks where you exploit the implementation rather than the algorithm itself are difficult to defend against. I can't think of a single popular consumer device which has not been hacked now, bar some very recent ones which I'm sure will fall given time. Realistically you can't win so the best thing to do is try to last long enough for the failure to be irrelevant.

Re:Open source win

DTCP relies a great deal on security through obscurity. Details of the M6 cipher it uses are unknown.

Could you elaborate on this, please? Wikipedia's article on M6 does not mention any unknown details and even documents some known cryptographic weaknesses that look relatively serious compared to ciphers like e.g. AES that do not rely on any form of obscurity at all.

Re:Open source win

[pilot1]

Unfortunately, you can boil the entirety of information theory to 'security through obscurity'. Airplay uses public key encryption and is in that sense 'secure'. Everything that needs to read the encrypted content (in this case the airplay device) needs to have the key to decrypt it. Thus you can argue that the whole system is 'security through obscurity' because it is relying on the 'obscurity' of the private key that the end-user can't get access to (unless the pry it open with a butterknife and dump the ROM).

Yes, you can boil it down to that, but in doing so you ignore the meaning of "security through obscurity" and replace it with a definition so broad that it loses any meaning. Name a system you consider secure that does not rely on "security through obscurity" by your definition.

See http://en.wikipedia.org/wiki/Security_through_obscurity and http://en.wikipedia.org/wiki/Security_by_design

engrish?

"...her Airport Express no longer made it with her wireless access point..."

I hate it when that happens.

Re:engrish?

[alta]

Yeah, exactly what I was thinking... here in the U.S. 'made it' implies sex.

So, her AE was no longer having sex with her access point.

We knew this was all make-believe when he started talking about his 'Girlfriend'

Re:engrish?

[Xacid]

Glad that wasn't just me.

Re:engrish?

[hedwards]

So, that's how my computer got that virus. From now on, I assume it's going to use protection.

Re:engrish?

[White+Flame]

It should be "no longer _mated_ with her wireless..." but then I realize that's no less of an innuendo.

Don't you mean the airport express private key?

[mkraft]

I don't see anywhere where is says it's the AirPlay private key. I thought that was on a per device basis anyway.

Re:Don't you mean the airport express private key?

[Morth]

Even if it is per device, iTunes will accept it wherever it's used. Until Apple blacklists it of course.
If it's not per device, it's possible that they can update it with a firmware update, but the new one has to be in the downloaded firmware in that case, and could be intercepted. Plus they had to convince people to actually update the firmware.

But I've been prefering Spotify over iTunes for quite a while now anyway, so meh.

Re:Don't you mean the airport express private key?

[ceoyoyo]

There is no AirPlay private key. Only an AirTunes private key, and no, I don't think it's on a per device basis.

AirPlay, except the subset of it that was AirTunes, isn't encrypted. There's a free AirTunes receiver here: http://ericasadun.com/category/airplayer/

Cue lawsuit in ...

[gstoddart]

I fear this guy will likely get himself a lawsuit or a restraining order for his troubles.

Pretty much any major company is going to react badly to you publishing their private keys for their encryption.

Re:Cue lawsuit in ...

[camperdave]

If they don't want their private keys being made public, perhaps they should not be giving them out. Private keys are meant to be kept private.

Re:Cue lawsuit in ...

[jrumney]

The DCMA has an exception for reverse engineering for compatibility. In this case, the private key is not protecting content, it is protecting Apple's monopoly on interoperating with iDevices in a particular way, so it was fair game.

Re:Cue lawsuit in ...

[_0xd0ad]

Private keys have to be distributed in this case.

You mean in the case of "I've encrypted your music with my public key, and now you want to play it". Well, duh, you have to distribute the private key. You've encrypted their music with your public key, and they need your private key to decrypt it so they can hear it.

That does beg the question, though, of why you're using public/private key encryption in such a retarded way to begin with.

("Your" music in this specific case meaning only that you're licensed to listen to it. It obviously doesn't actually belong to you; it belongs to the RIAA.)

Re:Cue lawsuit in ...

[camperdave]

Private keys have to be distributed in this case..

Private keys are not meant for distribution. Period. If you are embedding them in a device and selling it to the public, then it is no longer a private key.

Re:Cue lawsuit in ...

[sabt-pestnu]

You may be right, but that doesn't mean that he would not be required to prove it in a court of law. 's why SLAPP legislation exists as well. Don't like what someone is doing? Sue them. Either you run them out of money and roll over them in court, or they settle "your way".

Re:Cue lawsuit in ...

[Kamiza+Ikioi]

Since when has that ever stopped companies from initiating pointless lawsuits?

Re:Cue lawsuit in ...

[Radium+Eyes]

In this case, the private key is not protecting content

It does protect content, somewhat—iTunes decrypts (and decompresses and recompresses as Apple Lossless) DRMed audio before sending it to an Airport Express. Emulating an Airport Express allows one to obtain the decrypted audio, though not in its original oompressed form; it's no more of a hole than burning to a CD.

Re:Cue lawsuit in ...

[Warwick+Allison]

Interoperating, such as supplying power to a Macbook? Private keys seem a little more protected than 5 wires and a magnet, and yet Apple won't let you interoperate there.

Re:Cue lawsuit in ...

[ScrewMaster]

("Your" music in this specific case meaning only that you're licensed to listen to it. It obviously doesn't actually belong to you; it belongs to the RIAA.)

Actually it belongs to the copyright holders, whether that be some giant music conglomerate, or an individual artist or group. The RIAA started out being a standards body, but is now nothing but a bunch of lawyers who lobby Congress to pass treasonous and un-Constitutional laws, and front for foreign-owned media companies. Oh, and sue music-lovers as well.

Re:Cue lawsuit in ...

[_0xd0ad]

Actually it belongs to the copyright holders, whether that be some giant music conglomerate, or an individual artist or group.

That's a fairly meaningless distinction. The record companies are the licensed representatives for the artists they've signed, and the RIAA is a trust composed of representatives from the record companies.

Re:Cue lawsuit in ...

[ScrewMaster]

Actually it belongs to the copyright holders, whether that be some giant music conglomerate, or an individual artist or group.

That's a fairly meaningless distinction. The record companies are the licensed representatives for the artists they've signed, and the RIAA is a trust composed of representatives from the record companies.

The RIAA is a bunch of lawyers and lobbyists. They don't hold copyright, they're just paid to a particularly sleazy job, to do what their lords and masters tell them. And because they've been so spectacularly unsuccessful at deterring mass copyright infringement via P2P, those masters aren't exactly thrilled, given the cost. BMG, for example, announced some time ago that it was going to cut substantially its share of the operating funds given to the RIAA every year. Why? Because BMG's management felt that the RIAA lawsuit mill wasn't serving its intended purpose. So, it is a meaningful distinction: if the big copyright holders eventually perceive that the RIAA is what we all know it to be, a liability, it (and similar organizations worldwide) my find themselves cut off at the balls.

DMCA violation

[sideslash]

This guy should just meekly accept that his girlfriend's expensive gadgets don't work for her anymore. How dare he tinker around and fix things. (At least I think they imported some flavor of the DMCA down under.)

Editor ?

Holy crap, Editors, this copy looks like it rolled straight off of the translation software. I don't feel like I am being a copy nazi when I say an 11th grade journalism teacher would give this teaser an F.

Re:Editor ?

[Majik+Sheff]

Two things that appear to be true about the author of the article and not about you:

1. The author's first language was not English
2. The author has a girlfriend.

Between English tenses and a hot European chick, I know which one I'd prefer to be conjugating.

Re:Editor ?

[zach_the_lizard]

This being Slashdot, we know the answer is English tenses.

Re:Editor ?

Yeah a hot European chick for sure.... who the author dreams about every night after a hard day fixing all of her computer problems... and he knows, REALLY REALLY knows, that getting on Slashdot is going to be the final piece that pushes her into finally letting him take her to dinner.

Girlfriend indeed.

found this

Obviously, the main site is down, but I found this by digging around a bit. http://permalink.gmane.org/gmane.comp.video.videolan.vlc.devel/77383

open-source library sharing incoming?

[gblues]

Does this mean we can finally get an iTunes-alike that can work with iTunes 7+ library sharing?

Re:open-source library sharing incoming?

[Nerdfest]

Aren't there *open*, non-proprietary protocols that are a better choice for streaming music and video?

Re:open-source library sharing incoming?

[root_42]

Yes, there are nice, open protocols. But sometimes you've gotta work with what you get: for example, I own an iPhone, and I really do like it. My music library at home however is served by a nice 50€ OpenWRT WiFi router with an attached USB thumb drive and a USB sound card. At the moment I use mpd on the router and MPoD on the iPhone for playing the music. Thus the iPhone is merely a remote control. This is already nice, but what I'd really like to do is this: Since a number of revisions I can use the iPhone (or my MBP for that matter) to stream music (and video) to AirPlay enabled speakers/displays (e.g. AppleTV, AirPort Express). However, I cannot stream to my OpenWRT router. This has changed, and in the future I will be able to use mpd with the iPhone, as well as AirPlay. Or if some people come over with their iPod Touch or other iOS devices, they can also stream some music to my stereo. You can do this with 3rd party apps etc., but if it works out of the box for iOS devices, I am all for it.

Re:open-source library sharing incoming?

[ari_j]

Don't ask. Tell. What protocol should we be using that allows us to use one relatively clean user interface on the computer to purchase, play, and stream audio and video content including movie rentals and television show subscriptions (iTunes) that quickly and easily, without nerd intervention, can also send content to our television through an inexpensive set-top box (Apple TV), to our stereo through a reasonably-priced wireless access point (Airport Express), or to our hands through a tablet (iPad)?

Re:open-source library sharing incoming?

[MachineShedFred]

I'm hoping this is the first step on a ladder that leads us to plugins for NAS software that allows "iTunes Home Sharing" support, much the way they have now-defunct DAAP services.

Being able to serve video to an AppleTV / iPad / iPhone without having iTunes running 100% of the time would be great.

Re:open-source library sharing incoming?

[0xdeadbeef]

> But sometimes you've gotta work with what you get: for example, I own an iPhone, and I really do like it.

So you lick the boot that kicks you.

Re:open-source library sharing incoming?

What doesn't? As long as you get rid of your expensive crap, you can use any standard component and they can stream to eachother. I personally use bluetooth for wireless, and usb for wired, but that are other alternatives if you want longer range, but these two are widely supported in ANY consumer electronics, excepts Apple's of course.

Re:open-source library sharing incoming?

Yes, but iTunes is a lot more useful because it is used by everybody who isn't a techy, and those people outnumber techies 10 to 1.

Re:open-source library sharing incoming?

[Chrontius]

Well, frankly, I have no bleeding idea. I've seen a lot of utter shit that claimed to do the job, and I particularly suggest avoiding the Mvix box.

I'm going to give a few criteria, because Ari J wasn't quite clear enough.

1. Streams from PCs
2. Has on-board storage for when my laptop is absent
3. Doesn't suck.

Re:open-source library sharing incoming?

[ari_j]

No, seriously. Tell me the exact, specific components - hardware and software - that are necessary to purchase music, television, and cinema content quickly and easily from my computer or my couch, then stream it to my television and surround sound system via HDMI carrying both audio and video. It must be capable of configuration and use by someone without substantial technical skills or knowledge. So far it's all just claims that such things exist with not one specific example being named. Bonus points for not having any noisy fans in the TV-end set-top box and extra bonus points if it fits in the space of a paperback novel.

Re:open-source library sharing incoming?

No such thing exists yet.

The only reason it doesn't exist, of course, is that companies like Apple, Sony, etc. have a vested interest in making sure it doesn't, to avoid having to face real competition in a free market. So they keep all their peripherals proprietary, and sue anyone who tries to make compatible software or hardware.

And the barrier to entry to this market is sky-high. Even if you build the hardware, what good will it do you? All the content is on iTunes. You won't persuade the people who own it to let you stream it until you have a market share that makes it worth their while, and you won't get that market share without any content! Essentially, the use of proprietary interfaces, particularly by Apple, is actively preventing you from having the choice and competition that make the free market work.

TL;DR: if you want everything to "just work" today, buy Apple products. Just don't come crying to us when you find yourself locked into buying Apple products forever.

and how many people use Airport?

[alen]

i know it's more than just a cheap wifi router, but how many people care and are willing to pay the $180 price tag?

Re:and how many people use Airport?

[characterZer0]

I bought one once. I set up the network for a small organization and every time there was any kind of problem they blamed the WiFi router and called me. I bought a Airport and threw that in there instead. Now they have just as many problems but they assume that the Apple product cannot possibly be the issue, and I have not received a complaint from them since. It has been a almost two years. It was well worth the $180 to me.

Re:and how many people use Airport?

[necro81]

He was specifically referring to the Airport Express, which retails for $99. [link]

And for that pricetag, you get the ability to stream music from basically any device on the network (server, laptop, iPhone, etc.) to wherever the Airport is. You also get wireless printing.

I shouldn't be surprised that a guy, when confronted with a broken Airport Express, would go through all the effort of breaking it open, dumping the ROM, and reverse engineering the private key. People get curious, people like to tinker, and the human race is better for it. But, on the other hand, you can pick up an Airport Express for $25-$50 on craiglist or ebay and saved yourself a whole lot of trouble.

Re:and how many people use Airport?

Same thing happened after I bought my wife a Macbook pro to replace her. No complaints or support requests ever since. Whenever there are problems she will not ask me to fix it but will google out the answer herself. APPLE=MAGIC

Re:and how many people use Airport?

[mR.bRiGhTsId3]

The airport express is $99 and is one of the few consumer routers that properly supports ipv6

Re:and how many people use Airport?

And for that pricetag, you get the ability to stream music from basically any device on the network (server, laptop, iPhone, etc.) to wherever the Airport is. You also get wireless printing.

I am very serious when I say I honestly don't understand what you're really saying here. Of course the Airport lets you do that, because every wireless access point or router or bridge in history lets you do that. It sounds like you're saying that with Car Brand X, for the pricetag you also get the ability to drive to grocery stores. (Is there an implied "unlike other cars"?)

Obviously, I don't "get it." I'm confident that you didn't really say something stupid, but it sounds like you did, because there must be something really weird about Apple's router such that your statement actually makes sense. But damned if I can figure out how that could be.

Let's approach this from another direction: Has someone else invented a router that, for its pricetag, you don't get the ability to stream music or print? Are there routers that detect streaming and printing and when it sees those, then as a special case, it decides to drop the packets? (This has got to be a dumb question, but once someone answers it, I think I'll start to understand how the Airport is special.)

Re:and how many people use Airport?

[snowraver1]

I replaced my wife with a laptop too! The sex has never been better!

Re:and how many people use Airport?

[samkass]

For traveling the $99 new (a lot less than that used) is awesome for those hotels that are stuck in wired land. It's a light, small, full-featured wireless router that turns your hotel room cat5 connection into something for all your devices.

Re:and how many people use Airport?

i know it's more than just a cheap wifi router, but how many people care and are willing to pay the $180 price tag?

It IS more than just a cheap wifi router. It's an expensive cheap wifi router.

Re:and how many people use Airport?

[necro81]

By "streaming music" I mean that it has an audio-out port: you can plug it directly into a stereo and play the music from your computer (or other wireless device on the local network) to your stereo. Most wireless routers don't do that: you usually need some additional piece of equipment to bridge from the network to your audio gear (e.g. a Sonos player). Also, the bit about wireless printing also isn't facile: the Airport Express has a built-in print server and a USB port for connecting printers to it. There are other wireless routers with that feature, but it is hardly universal. So in addition to being a fine wireless router for slinging bits around the aether it also has some very useful network-to-real-world features that make it more useful than a commodity router. And, when the Airport Express first came out 5-6 six years ago, this combination of features was unique in a wireless router, particularly at that price point.

Re:and how many people use Airport?

[Albanach]

(This has got to be a dumb question, but once someone answers it, I think I'll start to understand how the Airport is special.)

Not dumb. You're assuming it's just some sort of wireless router or access point. It does more.

It has audio out and a USB connector. Audio out can be connected to speakers, so you can take music that you're listening to on your iPod and say, play this in the Living Room. The airport express in the living room can then start playing your audio to the hi-fi. I'm not sure if you can do it from the iPad, but paying from iTunes you should also be able to play multiroom audio if you have several Airport Express.

Similarly you can print to a printer attached by USB to an airport express.

Re:and how many people use Airport?

Because the audio jack fits just right?

Re:and how many people use Airport?

[dkuntz]

Most WiFi routers do not have a 3.5mm audio out jack. A vast number do not have USB ports which will recognize printers and drives (and even work with USB hubs so you can have both).

He doesnt mean you can stream from 1 PC to another, or print to a network printer, or a printer attached to another PC. Plug speakers into Airport Express. Stream music to Airport Express. Music comes out of speakers. No further PC required.

Re:and how many people use Airport?

[Christian+Smith]

I bought one once. I set up the network for a small organization and every time there was any kind of problem they blamed the WiFi router and called me. I bought a Airport and threw that in there instead. Now they have just as many problems but they assume that the Apple product cannot possibly be the issue, and I have not received a complaint from them since. It has been a almost two years. It was well worth the $180 to me.

Why not just sell them a per-call support contract?

Re:and how many people use Airport?

[MoonBuggy]

It's not about the ability to perform those actions over the network, it's about the hardware to do so. The print server is built in (with a USB port to hook in standard non-networked desktop printers), as is the audio streaming hardware and line out. Whether or not those are worth $99 to you I don't know, but they are features that the vast majority of other routers do not provide.

Re:and how many people use Airport?

[MachineShedFred]

Most WiFi routers do not have a 3.5mm audio out jack

Much less one that has optical out, for allowing a receiver to do the decode instead of amplifying an analog signal. The AirPort Express has that too.

Re:and how many people use Airport?

I have 2 of them and an Airport Express that's hooked to an 8-port switch and the SPDIF input on my receiver. Very satisfied customer, have had zero problems with them, though I do run a 5ghz-only 802.11n extended network with them and hang a Buffalo wireless router for 2.4ghz and connection to my DOCSIS modem.

Re:and how many people use Airport?

[jsdcnet]

iDevices do not have multi-output (yet?). Only iTunes running on a computer.

Re:and how many people use Airport?

I replaced my wife. Can't have anything Apple in my house. It's against my religious principles.

Re:and how many people use Airport?

[herojig]

Bought 2, and after a few years both are dead - the power supply inside will not handle 220v systems found in India and Nepal (unstable, even with inverters/stabilizers/surge protectors). So now I am thinking about freeze drying them (or the girl) and whacking with a hammer to see what's useful inside. Anyway, I don't really understand what this is all about but I think I get the gist: it's good for us and bad for DRM - yea! Now let's see what Apple does to Final Cut Pro...then I can really get mad.

Re:and how many people use Airport?

[Albanach]

That appears to be the case. You can remotely control iTunes from the iOS device, but not stream directly from it to multiple speakers.

posted to vlc-devel list

[pinkishpunk]

he did a post to the vlc-devel list here, http://mailman.videolan.org/pipermail/vlc-devel/2011-April/079616.html It private rsa key is there, might be a good thing to download, if you are worried apple might do something stupid.

Re:posted to vlc-devel list

[PhunkySchtuff]

The private RSA key is also in the perl source he's posted to his blog

Nonchalant

[CasualFriday]

The guy sounds pretty casual about the whole thing. I hope he knows that Apple is not going to be happy about this. He should probably start getting rid of his hard drives.

Re:Nonchalant

[daid303]

If Apple follows the same tactics as Sony, then he doesn't need to worry. People will come around to remove his harddrives for him soon enough!

FILE MIRROR

Managed to nab the download, mirrored it here if anyone does want to try it >> http://www.mediafire.com/?r5pdcxdcbqkrpcb

Kinky!

"My girlfriend moved house, and her Airport Express no longer *made it* with her wireless access point."

Hot stuff!

Can't read the article right now (slashdotted), but I doubt either of them bothered to reset the ApEx properly.

SHAirport 0.01 backup copy

[pixline]

Here's the code you would have find on that page. I saved it earlier, here you go: http://www.multiupload.com/0EUN2QKDMT (Yes, it does include something like a private key. Don't ask me if it's THAT key, I don't know.)

THE KEY

[Spritzer]

Mod Up. Nice find AC.

Good guys? Really?

[unassimilatible]

You're pro-open source, so that makes you a "good guy"? I like chocolate, you like vanilla, ergo, I am good, you are bad.

Good for you that you believe in open source, but do we have to make it a religion?

Re:Good guys? Really?

[hduff]

Good for you that you believe in open source, but do we have to make it a religion?

Nothing supernatural about FOSS..

Re:Good guys? Really?

[Squiggle]

You're pro-open source, so that makes you a "good guy"? I like chocolate, you like vanilla, ergo, I am good, you are bad.

Does being pro-freedom make you a good guy? Does believing that everyone should have free access make you a good guy? Does helping your others make you a good guy?

Free software ideology isn't about the end product, it isn't chocolate versus vanilla, it is about process and access: how do we choose what gets made, how do we make it, who gets to make it and who gets access to what has been made?

Re:Good guys? Really?

[countertrolling]

I like chocolate on vanilla, ergo, you both suck...

Re:Good guys? Really?

[Hijacked+Public]

how do we choose what gets made

By either making it yourself, or by purchasing something made by someone else only when it fits all your particular requirements.

how do we make it, who gets to make it and who gets access to what has been made?

If you truly value freedom, and not just freedom for you and those who agree with your particular worldview, you don't 'choose' those things. You allow people to be free to make whatever they like however they like and you react to those choices as above.

Apple's products are Apple's right up to the point where they sell them to you. If they choose to not make the source code for their software available and sell it only as a compiled version, that is their choice. If they choose to offer only their own means on installing additional software, their choice.

To argue they should be obligated differently is fine with me, but to cloak that under the guise of promoting 'freedom' is not.

Re:Good guys? Really?

[CharlyFoxtrot]

Does being pro-freedom make you a good guy? Does believing that everyone should have free access make you a good guy? Does helping your others make you a good guy?

Free software ideology isn't about the end product, it isn't chocolate versus vanilla, it is about process and access: how do we choose what gets made, how do we make it, who gets to make it and who gets access to what has been made?

Two words : Hans Reiser. If you want to claim some sort of moral high ground because of your position on how software should be made then it *has* turned into a religion.

Re:Good guys? Really?

[tsm_sf]

Are you honestly suggesting that he killed his wife over open vs. closed source?

Re:Good guys? Really?

[CharlyFoxtrot]

Are you honestly suggesting that he killed his wife over open vs. closed source?

What ? No ! I was refuting the assertion that liking open source makes you a good guy. You can be an open source guy and still be a murderous asshole. So :

Q > Does being pro-freedom make you a good guy? Does believing that everyone should have free access make you a good guy? Does helping your others make you a good guy?

A > No (or more accurately: not necessarily)

Re:Good guys? Really?

[E+IS+mC(Square)]

Have you ever heard of "context"?

Re:Good guys? Really?

[CharlyFoxtrot]

Yes thanks.

In fact my argument is that the language and attitude employed often puts open source into a pseudo religious context : making your software open source is Good and The Right Thing To Do, it makes you one of the Good Guys which is one us Us not Them, the enemy are a bunch of Zealots and we regularly engage in Holy Wars over what is the one true license and the most Free. While in fact it's a pragmatic and slightly dull decision that carries with it some benefits in some cases.

When people start talking about being pro-Freedom (a redundant phrase if ever I heard one) good guys helping others you can practically hear the battle hymns in the background and see the waving flags.

Re:Good guys? Really?

[ScrewMaster]

When people start talking about being pro-Freedom (a redundant phrase if ever I heard one) good guys helping others you can practically hear the battle hymns in the background and see the waving flags.

I usually hear hollow breathing overlaid upon the Imperial March. Both sides believe that the other is the Evil Empire.

Re:Good guys? Really?

[Thomas+Shaddack]

Along the same line of reasoning, at the moment I buy a device, I am free to choose to reverse-engineer it and publish the findings. Everything can be made open-source, every device is its own documentation. The art of reverse-engineering is the knowledge how to read that documentation.

Re:Good guys? Really?

[_0xd0ad]

Along the same line of reasoning, at the moment I buy a device, I am free to choose to reverse-engineer it and publish the findings.

Not true - you'd violate copyright, and anyone building their own device based on your findings would undoubtedly violate multiple patents. However, a private key is neither patentable nor copyrightable.

Re:Good guys? Really?

[Thomas+Shaddack]

Violate copyrights and patents? WHO CARES? The big players are free to buy these laws. The small players should therefore be free to have technical means to ignore them (and get away with it, which is likely if you don't run a business with that), in order to maintain the power parity on the chessboard. Only that will maintain the balance in the world, and force the big players to give the people what the people want. It's a war, so let's leverage the principle of 4tg-gen warfare and become a distributed enemy, too numerous to track, too dangerous to piss off too much, too uncontrollable to control. And, most important, have fun doing so.

The only way to get the megacorps to give us what we want is to give them choice between doing so vs us taking it anyway. Would there be iTunes without Napster?

The plebs will not make much difference. For example they will happily buy a zoned DVD player, because they do not know and do not care (and that is unlikely to change). Only afterwards they will seek help of a friend, or a friend of a friend, to get the device "repaired".

Re:Good guys? Really?

[MeateaW]

They shouldn't be *obligated*, but they can go to hell if they try to sue someone for playing with something they own.

Re:Good guys? Really?

[MeateaW]

pervert.

The best part

[AK76]

From the README:
"Thanks also to Apple for obfuscating the private key in the ROM image, using a
scheme that made the deobfuscation code itself stand out like a flare."

Re:The best part

[tivoKlr]

This kind of snark is exactly why Apple legal will be conversing with this fellow shortly. It's too bad really, airplay should be incorporated into every device both as a "pitcher and a catcher", regardless of the typical end use of the device.

Re:The best part

[TheRaven64]

I never understood why this wasn't built into iTunes. You can stream music from iTunes to iTunes in either direction, but you have to initiate the streaming at the receiving end. On the other hand, you can stream from iTunes to an AirPort Express base station and you can initiate the streaming at the sending end. When Apple first demo'd this, I thought it looked great: I could plug an old Mac into my hifi and then stream to it from my laptop. Unfortunately, this wasn't supported.

Re:The best part

[Fnord666]

I could plug an old Mac into my hifi and then stream to it from my laptop. Unfortunately, this wasn't supported.

It is now. wink wink, nudge nudge...

Re:The best part

[gmhowell]

I could plug an old Mac into my hifi and then stream to it from my laptop. Unfortunately, this wasn't supported.

It is now. wink wink, nudge nudge...

Is she a goer?

"Reverse Engineering" how?

[njfuzzy]

Is it actually "reverse engineering" if you scrape the data off the ROM? It sounds like the phrase "reverse engineering" is just being used to avoid a DMCA attack.

Re:"Reverse Engineering" how?

[_0xd0ad]

The ROM doesn't just contain data; it contains both code and data. Reverse engineering the code was necessary to determine where in the code/data the private key was located. They could have put it anywhere on the ROM.

Re:"Reverse Engineering" how?

[maxume]

Yeah, sure. The definition of the phrase is pretty much investigating a device directly to figure out how it works. That's what he did.

Re:"Reverse Engineering" how?

[daid303]

The key was obfuscated in the ROM. So having just the ROM data wasn't enough.

Re:"Reverse Engineering" how?

[hedwards]

I'm not sure that the DMCA applies, but then again I haven't got a copy of the ROM to compare the code he's released with. The key itself isn't going to have anything to do with the DMCA.

Re:"Reverse Engineering" how?

[Hatta]

Yes, taking something apart to figure out how it works is the reverse of figuring out how something works so you can put it together, which is normally called "engineering". Hence "reverse engineering".

Re:"Reverse Engineering" how?

[petermgreen]

Before he could read out the key he had to pick apart the rom to find out where it was stored and how to decode it that sounds like reverse engineering to me. Further it seems pretty clear he did it for the purposes of interoperability.

Of course just because it's reverse engineering doesn't nesacerally make it legal. In particular apple could try to invoke the DMCA by claiming what was cracked was a copy protection scheme.

Finally a use for all those obsolete PDAs

[Stavr0]

Time to get out that old Pocket PC, or Palm devices which have WiFi + audio out in them.

Very cool hack!

[GameboyRMH]

Now what the hell's an AirPlay and what good is it to me?

Oh, it's an Apple-proprietary media streaming protocol? Well, I give an A+ for l33tness, but an F for choosing a useful target.

Re:Very cool hack!

Considering there is a really small, hockey puck sized device that displays content over HDMI that uses it, I'd say it was a great target.

Re:Very cool hack!

[ceoyoyo]

It's a media streaming protocol supported by a lot of phones, music players and the majority of tablets out there. And now it can be supported, sender and receiver, by anything that can run custom software.

Sounds like a pretty good target to me.

Re:Very cool hack!

[guzziguy]

As someone who owns an AirPlay-enabled Denon AV receiver, I can tell you from first-hand experience that AirPlay is a pretty useful and slick feature. By selecting the Denon as the output in my iPod/iTunes/Whatever and hitting "play", the Denon will automatically wake up, switch to the correct (network) input, and start playing the stream. If the TV is on, song info is displayed there (as well as on the front of the AVR). Also, you can adjust the volume of the AVR simply by using the normal volume controls on whatever device is doing the streaming.

Now, is this any good to you? Maybe, maybe not. I was impressed by how well the integration worked, though.

Re:Very cool hack!

[GameboyRMH]

But there are already so many non-proprietary ways of doing it, why use a closed protocol? As far as I can tell, the only feature Airplay has that any other open method doesn't is that you can push content to a remote device with AirPlay (if there's an open system that can do this, I can't find it).

Re:Very cool hack!

[ceoyoyo]

Well, you've got one. And it's a big one.

Other reasons I stated - AirPlay is supported natively by millions of phones, music players and tablets. And also by one of the leading media players.

Re:Very cool hack!

Now what the hell's an AirPlay and what good is it to me?

Oh, it's an Apple-proprietary media streaming protocol? Well, I give an A+ for l33tness, but an F for choosing a useful target.

This comment is annoying on so many levels.

1) The hack was performed by someone who wanted to improve his life. Believe it or not he's not obligated that *you* find it useful.
2) If you don't want or need it, why the heck are you complaining about *his* effort?
3) What are you contributing?
    3A) Something...
        3ai) Oh, you are contributing!? My bad. Thank you for your effort!
    3B) Nothing!?
        3bi) STFU

It just irks me to no end when someone complains about something that is of no interest or use to them. Just give a nod a move on, already.

Re:Very cool hack!

4) The retarded mods on thus shitty site modded him Insightful.

So why am I here? Habit. Why aren't I logged in? Because I can't be arsed anymore.

I use airport express. Several.

[tivoKlr]

The airport express is 99 bucks I believe. If my stupid work firewall didn't block the "apple everything" then I could look and see. I know I've seen them for $89 and $79 at times... Throw 3 or 4 around your house, they're awesome just for the airplay aspect, regardless of the other features (router, printer sharing).

Re:I use airport express. Several.

[colinnwn]

I thought the printer sharing only worked with a very few "supported" printers, and wasn't actively being updated. Is this not true?

Re:I use airport express. Several.

[tivoKlr]

I only tried the printer sharing portion with one printer, and a non-standard type printer at that (one of the Epson 4x6 sized photo printers) and it did not work well. This was say 4 years ago though, so things might have improved. As my real printer is on ethernet, I cannot speak to how other printers may or may not work with the Airport Express. I always thought it was lame they didn't include the usb hard drive sharing, ala the Airport Extreme, as I would have used that feature. Either way they rule for streaming music around the house.

Re:I use airport express. Several.

[jsdcnet]

I thought the printer sharing only worked with a very few "supported" printers, and wasn't actively being updated. Is this not true?

I think it works with everything. We have two airports at the office, one sharing an HP Photosmart and one sharing a Kyocera laserprinter. They just show up as regular printers on the Mac, and you select the driver in the Add Printer dialog as you would any directly-connected printer. I think the Airports just work as a 'pass thru' type of thing.

Link to the source code and perl script

[sheetzam]

http://mafipulation.org/static/shairport-0.02.tar.gz. c source code and perl script included. Link still working as I post this.

Re:Link to the source code and perl script

coral cache http://mafipulation.org.nyud.net/static/shairport-0.02.tar.gz

$99

[Henriok]

The AirPort Express cost $99 as do an Apple TV.

Apple-time

Burn the apple flag

Slashdoted : Here is a mirror

here is a mirror of the original site : http://www.brouchier.com/shairport-itunes

Key question

[jamescford]

So, was she impressed?

Re:Key question

[bev_tech_rob]

DMCA nastygram in 3...2...1...

Lawsuit in 3...2...1...

Oh, wait... It's not a large evil empire like Sony or Microsoft. These are the Good Guys(tm).

Re:Lawsuit in 3...2...1...

[Scott64]

Exactly. They're all about openness and interoperability.

What does it do?

[the_other_chewey]

Could someone familiar with Apple stuff please explain
what exactly this key is for?

Why would a wifi AP need a secret key?

Re:What does it do?

[pixline]

It need a key to somehow encrypt the stream and let out unwanted devices, like not-original ones or not-apple ones..

Re:What does it do?

The Airport Express has an audio out and can play streamed audio from iTunes. Unfortunately, it uses a public key protection scheme, so other software could send streams but not receive them. This dude pulled the private key from the hardware so open source software can act as the remote "speakers".

Re:What does it do?

[ceoyoyo]

The Airport Express AP has an audio out jack. An iPhone, iPod Touch, iPad or iTunes can route music to that device. Unfortunately when it was introduced Apple decided to encrypt the stream so only Airport Expresses were valid receivers. Now anything that has a network connection and can run a program can be the receiver.

Re:What does it do?

What is the key for? To encourage you to only buy more Apple products if you want to get the full functionality from your existing Apple products.

Re:What does it do?

[guzziguy]

Actually, 3rd-party devices can support being AirPlay receivers as well - not just Apple devices. Google "Denon AVR-991".

Re:What does it do?

[ceoyoyo]

Not when the Airport Express was introduced. I believe Apple only started licensing it when it became AirTunes, quite recently.

Re:What does it do?

[ceoyoyo]

Whoops, should be: when it became AirPLAY....

Re:What does it do?

Why would anybody need that? If you've got unwanted devices on your network, aren't there better ways to kick them off, than to build stuff into streaming protocols? They are still listening to your web accesses, imap passwords, etc.

I'm all for application protocols using crypto, but that ought to be the second or third line of defense. If anyone is ever going after your apps, you're already in big trouble, whether they succeed at breaking into your apps or not.

It seems doubly-silly because if someone else listens to the music I listen to, they might learn a little about me, but not much. What a strange and arbitrary thing to worry about.

Re:What does it do?

[LoganDzwon]

The device can do a bunch of things, it's actually fairly limited as an AP. In this case she was using the device as device to enable her to send the audio output of iTunes to something else, such as a stereo or a pair of powered speakers. It has a 3.5-mm audio minijack for analog or optical digital sound. http://www.apple.com/airportexpress/features/airplay.html

Re:What does it do?

[LoganDzwon]

the "secret" key is a thing they are obligated to support to comply with their contracts with the music companies. You can always tell when it's something like that because they will put the bare minimum effort into it.

Re:What does it do?

Not quite Mr Apple defender. Other companies stream and display protected audio and video without using vendor specific lockdown methods and without excessive or very restricted licensing costs to implement them. Look at how many different companies make devices capable of displaying a Netflix stream? I can stream my subscription Rhapsody audio service to MANY devices, including the old Nokia N800. Although it requires a Windows OS, you can stream with Media player it to any number of devices as well without the need for additional MS hardware in between them or at the listening end for that matter.

Re:What does it do?

Here comes Apple fanbois. Steve just let them out of his bedroom... Run!! Run like hell!!!

Re:What does it do?

[Chrontius]

Generally, Apple did it first, got locked into contracts requiring some kind of DRM, and the **AA is perfectly happy to leave it that way so that Apple cannot become a natural monopoly by making a product that utterly shames everyone else in the market. It's the **AA's way of maintaining power over Apple, so that they can't dictate terms to the recording companies by dint of selling 90% of all music sold.

Remember when Amazon got a license to sell DRM-free MP3 years before Apple, and they only got permission to sell DRM-free files by giving up the one-size-fits-all pricing model that made the store practical?

Re:What does it do?

[An+anonymous+Frank]

I'd love to see/gain the ability to direct sound from the operating system out to the Airport Express, (instead of only from iTunes itself,) such as when watching a movie on a DVD or even a video on YouTube.

Re:What does it do?

[ceoyoyo]

http://www.rogueamoeba.com/airfoil/mac/

https://www.ohloh.net/p/axStream

http://nanocr.eu/software/justeport/

http://raop-play.sourceforge.net/

First two should do the trick for Mac and Windows. The third is DVD Jon's reference implementation. The last one looks like it can pretend to be a second sound card on Linux.

Dumped the ROM

Once you get the case open, how does one "dump the ROM" of a device?

Re:Dumped the ROM

[_0xd0ad]

Either by plugging into a programming interface, or if there is none by removing the ROM chip from its socket or de-soldering it and then reading it with a special device. You do know the basic gist of how a ROM works? You give it voltage, a clock, and an address, and you get a single unit of memory (byte or word). You record the contents of that memory cell, increment the address counter, pulse the clock, and you get the next unit of memory. Etc. Obviously you use a computerized device that does that automatically.

Re:Dumped the ROM

What type of "special device" are you referring to? link?

Re:Dumped the ROM

[_0xd0ad]

There's a few different names... I think they're typically just called ROM readers or ROM dumping utilities, or just about any EEPROM programmer would also be able to read back the contents of ROM/EEPROM chips. You'd probably be better off asking on a hardware hacking forum, as the method of reading a ROM depends upon the exact type of ROM chip you're trying to access. (Pin layouts are different, voltages are different, etc. - getting it wrong can damage the chip, or the reading device.) I did find this, which lists a ROM programmer presumably compatible with the EEPROM chips in automobile computers (automobile hardware hackers reverse-engineer the code running in their auto's on-board computer and load it with custom chipsets to tweak things like fuel injection, etc.)... you'd really have to search for a reader for the specific type of ROM chip you're trying to access, though.

Re:Dumped the ROM

[petermgreen]

Depends on the type of rom and the design of the rest of the device.

Afaict most embedded systems at this level (the really small stuff uses on-chip flash) use a paralell flash chip connected direct to the main processor bus. To dump this you attatch a JTAG cable and use software on the PC to take control of the processors busses and read out the chip.

I beleive some systems use a serial flash chip that is copied into ram. I would expect this could be read out in a similar manner by using JTAG to control the interface pins.

Software for accessing flash chips in this manner is usually readilly available because it is what is used to program the chips during development and possiblly during production as well.

Some systems attempt to protect their firmware against such readout attempts but router vendors tend not to bother.

Desoldering the flash chip and reading it out directly would be another option but afaict that is usually a last resort.

Getting iTunes to talk to remote speakers

[martijnd]

From: http://www.cocoadev.com/index.pl?AirTunesEncryption

The Apple-Challenge / Apple-Response is iTunes' method to verify that it's talking to an Airport Express; it may be similar to the DAAP one which has been reverse-engineered. These headers are optional when talking to the Airport Express, so it's possible for other programs to talk to the Express but it'll be difficult to get iTunes to talk to something other than the Airport Express.

Until we get the private key out of the AirPortExpress, it's not possible to convince iTunes to send anything to a non-AirPortExpress client (say, another computer pretending to be an AirPortExpress).

Seems that problem has now been solved.

Re:Getting iTunes to talk to remote speakers

[hedwards]

Ah, so this is just another case of Apple abusing its market position to the detriment of the consumers. Which is why I generally avoid them, which is a shame because with all the companies I avoid for doing crap like that I'm running out of hardware suppliers to buy from.

Re:Getting iTunes to talk to remote speakers

[Chrontius]

You're lucky. I've already completely run out of that set of companies that produces hardware that doesn't suck and isn't (at least a little) evil.

[speculation] Apple's reaction

[Stavr0]

I expect the next version of iTunes come with a new private key which will require a new firmware flash on all Aiport Express. Then James will need to find another girlfriend with an Airport Express, crack that open and dump the key again.

Re:[speculation] Apple's reaction

[MoonBuggy]

He said he pulled the key from the ROM - by definition that can't be updated. Perhaps they could manage some kind of workaround in the firmware, but I don't know that they'd bother - apart from anything else, it's hardly their flagship device.

Re:[speculation] Apple's reaction

[Spykk]

Then he will just need to pull the new key out of the firmware update. The cat is already out of the bag so to speak.

Re:[speculation] Apple's reaction

[petermgreen]

He said he pulled the key from the ROM - by definition that can't be updated.

As someone who does embedded stuff the term "ROM" is often used very losely to include things like EPROM, EEPROM, flash (of the type that acts as a rom) etc.

No

[unassimilatible]

Like IP or not, the Constitution speaks to patent and copyright. I happen to believe that IP laws can, but not always do in practice, increase innovation. As an Apple stockholder, I'd prefer people don't hack their products, and that Steve Jobs decides how Apple software will be designed. You might disagree, and think other people's intellectual property should be "free," but it doesn't make you a good guy, except, apparently here on Mod Abuse Central, where I got modded "flamebait" for daring to not toe the party line. Real flame there!

So no, you're entitled to your views, but imposing them on someone else does not make you good. It makes you kind of officious actually. And people who modded me flamebait for saying it, you are definitely not good.

Re:No

[fuzzyfuzzyfungus]

Unless Feist v. Rural has been dramatically overturned recently, I'm fairly sure that neither copyright nor patent are remotely applicable to an RSA key.

Re:No

[waives]

As a slaveholder, I'd prefer that negroes not be allowed to run away from their masters. You might disagree, and think that other people's property should be "free", but it doesn't make you a good guy.

Re:No

[Man+On+Pink+Corner]

Slashdot "libertarians": Small government for me, big government for those I disagree with.

That's rich. A government that is big enough to give companies like Apple all the IP rights they want is big enough to take them away from the rest of us.

As an Apple stockholder, I'd prefer people don't hack their products

OK, I'm with you there 100%. I promise not to sneak into any Apple stores at midnight and 'hack' any of their products.

The thing is, though, once I buy the product, it isn't Apple's anymore, and I can and will do with it as I please.

Re:No

[ScrewMaster]

Slashdot "libertarians": Small government for me, big government for those I disagree with.

That's rich. A government that is big enough to give companies like Apple all the IP rights they want is big enough to take them away from the rest of us.

As an Apple stockholder, I'd prefer people don't hack their products

OK, I'm with you there 100%. I promise not to sneak into any Apple stores at midnight and 'hack' any of their products.

The thing is, though, once I buy the product, it isn't Apple's anymore, and I can and will do with it as I please.

And the likes of Apple and Sony (along with hordes of willing Congressmen) have and will do whatever they can to prevent you from learning how to do anything with that device but what the manufacturer wants you to do. Well ... they'll try.

Re:No

[unassimilatible]

That's rich. A government that is big enough to give companies like Apple all the IP rights they want is big enough to take them away from the rest of us.

Actually, the Constitution guarantees both Apple and you certain rights. But if you only want yours protected, you're a hypocrite - and short sighted. Once the camel's nose is under the tent, he doesn't care whose sandwich he eats.

The thing is, though, once I buy the product, it isn't Apple's anymore, and I can and will do with it as I please.

The DMCA or other IP laws might disagree. Ignore laws at your own peril. Flaunt them publicly, and invite even more peril. If you're really willing to test your dogma at the risk of prosecution or lawsuit, good for you. But I'll bet you're just the kind of guy who would complain if his boss read his e-mail on work servers, arguing for the privacy of your proprietary words.

If you're not an Apple user, why do you care what they do, officious boy? If you are, you bought it eyes wide open. In the latter case, you're like the person who buys cigs with the big nanny warning label, then sues after he gets cancer.

Re:No

[Man+On+Pink+Corner]

Actually, the Constitution guarantees both Apple and you certain rights

Pull the other one. It has a bell attached!

If apple wants to lock things away...

[HalAtWork]

If Apple wants to lock things away, how does going public help? Would the public shoot themselves in the foot by improving the protection on Apple's tools? Would the public help perfect DRM to keep the important stuff locked away from themselves? Or would we just take it and do what *we* want with it? Opening everything may be for the ultimate good, but that's not what Apple cares about. So of course they're going to go with obscurity. Which for-profit businesses are altruistic?

Lawsuit

Lawsuit in 3 .... 2 .... 1 ....

PWND!

Did this guy even read the license the device is sold under?!

Re:PWND!

[tomhudson]

Did this guy even read the license the device is sold under?!

No, it wasn't his device, and it was no longer working, so he fixed it.

It would seem to me that fixing a broken device should be allowed under at least some circumstances.

If Apple is smart, they'll ignore this, and watch as their sales increase, same as happened to Linksys when their routers got hacked to enable linux to run on them. Now, of course, you can buy linksys routers already running linux and with a usb port,

LOL @ Lawsuit

[Ryanrule]

Im sure whatever eastern european country with guy is in will be happy to extradite. In 2100.

Re:LOL @ Lawsuit

Im sure whatever eastern european country with guy is in will be happy to extradite. In 2100.

Isn't that the same year that the copyrights on the very first (mono) Beatles albums are set to expire?

I use a Time Capsule...

[alispguru]

... as my gateway router / print server / wifi node / backup for all notebooks in the house.

The good news is that it's one device, drawing little power.

The bad news is that it's a single point of failure. After my first one died just outside of warranty, my current one sits on top of a cheap USB-powered notebook cooling fan.

Isn't this just one piece of the puzzle?

[guzziguy]

OK, so the private key is now exposed, but isn't there much more to getting AirPlay to work than simply having a key? Or, does this just follow the model:

1. Install private key
2. ???
3. Stream music!!!

Personally, I wonder if this was done simply to lock down what devices can be streamed to, or if there are other issues at play here. For instance (think movie rentals), if content providers allow you to rent content and stream it in your house, won't they probably require some sort of encryption such as this to to be used to prevent unauthorized capturing/copying of the stream? Just wondering.

I'm just trying to figure out the real value of this - given the fact that AirPort Expresses can be had rather cheaply.

Girlfriend?

[stoyannn]

"My girlfriend ... dumped the ROM, and reverse engineered the keys out of it." Hmmm, something does not compute here :-)

Lets see an Android implementation

[Gyorg_Lavode]

When you think about it, there's one device that has VERY similar hardware to an airport express... your cell phone. (processor, wifi, audio out). An android app implementing this would breath new life into almost any old cell phone. Now that old G1 you lovingly gave up can take on a new life as your audio interface. Here's to hoping some intelligent developer decides to make this happen. I'd certainly buy it.

Re:Lets see an Android implementation

[Chrontius]

That old G1 you lovingly gave up is ten times better than the crap some of us are stuck with. Consider flogging it on eBay, and using the proceeds to buy a similarly used Airport Express.

Look at the forest, not the trees

[awtbfb]

Everyone is looking at the tree, not the forest. While everyone is going to jump on the "Apple did this to make money" argument, you know a major reason for this key was Apple's way of keeping content providers happy. Now that it's broken, there is a new "analog hole" for audio and video content. It is easy to imagine a computer using this to create a digital media file rather than routing to speakers. I suspect it won't be long before content providers pressure Apple into using secondary data to confirm iTunes is talking to a legit device.

Re:Look at the forest, not the trees

Why bother doing that when you can simply hook up to the headphone jack on the computer itself?

Re:Look at the forest, not the trees

[PhunkySchtuff]

You can't stream video to an AirPort Express, so there's no new analog hole for video content.
Even with protected audio content, you could still burn this to a CD as Red Book CDDA audio, which you could then freely "Rip, Mix, Burn" so it hasn't really enabled anything new for audio either.

What it does allow for is replacing a dead AirPort Express with something more reliable. Those little fuckers (earlier models at least) had a very bad habit of just randomly dying, and usually after a bit more than one year old, conveniently out of warranty. The fault was 200V rated capacitors used in the power supply that were fine in a 110V supply area but eventually died when on 240V...

Re:Look at the forest, not the trees

While technically true, in reality there are already much easier (and faster) methods for extracting content from iTunes than "playing" and pretending to be a wireless speaker while actually recording the resulting stream...

Re:Look at the forest, not the trees

[billatq]

That's not completely true. You could always get TOSLINK audio digitally (yes, it actually supports digital audio, I have one plugged up to a receiver over a fiber) and unencrypted out of the Airport Express. You could also always burn a CD from iTunes and get the red book audio. Practically speaking, this enables you to do things like to stream from an iPhone to something other than the Airport express.

Re:Look at the forest, not the trees

considering itunes store sells songs without drm i doubt that this is a major issue.

Asterisk

I would love to see this adapted for the asterisk MOH

Yeah no

[unassimilatible]

Not analogous. Try again.

Re:Yeah no

[MeateaW]

It is completely analogous.

Back before The War, it was legal to own slaves. The law said you could, and if a slave ran away the police would drive them back to your house (given they could prove that the slave was the slave in question).
The analogy isn't that you can have slaves NOW, it is that things can change. That what is considered "Right" now, and that what is considered "Good" by the law changes. (don't forget it was also considered "good" by (at least some) popular perception, I mean they fought a WAR over this issue among others ofcourse).

Sure, slaves are odd, but the argument that: "The law says its good, and I agree" doesn't necesarily make it right. Because the law has considered "good" and "right" some odd things (according to us) in the past.

.ssh/authorized_keys

interesting. my private key is exactly the same!

no longer made it?

"her Airport Express no longer made it with her wireless access point."
wtf does that even mean?

Lame!

>> But sometimes you've gotta work with what you get: for example, I own an iPhone,

Oh. That's like trying to prove something exists by assuming it exists. Lame.

Get rid of itoys. You will suddenly feel less urge to 'break' things, because they will just work.

How is it worse than any audio cable

The data stream to my headphones isn't exactly encrypted (last time I checked). Why would decrypting airplay be a bigger hole in a DRM scheme?

that's non-responsive

[YesIAmAScript]

That's great. I agree with your assessment as to what the authentication is for.

But this isn't about changing the definition of the problem, it's about solving the problem before you.

How would open source have solved the problem of authenticating this device as being from Apple?

Re:that's non-responsive

If Apple had used open source software, it would have been a lot easier to locate the key.

You said it yourself

Sure, some knockoff company can use the key to make a knockoff, but that's nothing they aren't (and have been for some time) able to do themselves.

If that isn't enabling piracy, what is?

Dumping ROM

[theamarand]

Storing permanent keys in memory is great for us, and bad for the companies that want to keep things hidden. I'd say "Please, keep doing that!" Well, I mean, both to the type of person who's willing to go through this process and reverse engineer things, and the companies that add lame security to their products. One might ask: "Why add the security in the first place?"

What I'd like to see is a well-defined and documented, open-source released method for "dumping ROMs." I'm sure it's out there on the Internet. While this is a great example of someone taking the time to rip something important (to them) out of a closed-system, it might be nice to actually document how he did it.

Open-source the world! :)

Ha, way to win hearts and minds

Yeah, really winning over the masses there with your charm and debating skills.

Look, little dweeb in your parents' basement, you're real tough behind your keyboard. I am very impressed. But in the real world, where non-virgins actually roam, and will stuff geeks like yourself in trash cans (or fire your socially inept ass), were you brave enough to run your mouth in person as you did in the post above, Linux is dead. Proprietary software won. Sure, we "fascists" (learn the definition, simpleton - Hitler was a socialist who executed profiteers) will use Apache to save money and sell our proprietary goods (e.g., software) on Websites or to run certain enterprise infrastructure, or to sell crappy cellphones to the cheapos out there who don't buy apps or content anyway, but non-nerds do not want to be troubled with your geeky little open source religion. They don't care about the dogma of geeks. They just want their products to be useful and elegant.

And here's the kicker: Even the dogmatic open sourcers (i.e., losers) are subject to human nature, i.e., greed. Those who buy Android phones are either geeks like you who don't pay for shit because you think it should be "open," or cheapos who don't buy apps or anything else. So any developer who wants to make a buck had better code for iOS, or he'll be telling mom to come down to the basement and bring him some more hot cocoa. but this time with more marshmallows.

So STFU and get in your cubicle and code like a good little monkey, or we'll import an Indian to do it who is smarter and better educated than you and who has an attitude of gratitude and isn't half an Asperger's retard like yourself. You're a walking argument for "closed" software - and insourcing.

Love,

Unass

The private key is accessible through software?

[patniemeyer]

Does anyone know what was involved in "dumping ROMs"? I would have assumed that the private key was buried in the hardware and not directly accessible via software... From his description it sounds like it was just stored in ROM and software obfuscated. If that was the case it seems odd that it took six years for someone to find it...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion