Apple AirPlay Private Key Exposed
An anonymous reader writes "James Laird has reverse engineered the Airport Express private key and published an open source AirPort Express emulator. 'My girlfriend moved house, and her Airport Express no longer made it with her wireless access point. I figured it'd be easy to find an ApEx emulator — there are several open source apps out there to play to them. However, I was disappointed to find that Apple used a public-key crypto scheme, and there's a private key hiding inside the ApEx. So I took it apart (I still have scars from opening the glued case!), dumped the ROM, and reverse engineered the keys out of it.'"
Score one for the good guys. This is just further proof that security through obscurity is a myth. You cannot expect that keeping everything locked inside your proprietary case is going to keep it secure. The best security is sunlight. Let the community poke and prod at your software and/or hardware and it will only improve your offering.
Social Engineering Expert: Because there is no patch for stupidity.
This guy should just meekly accept that his girlfriend's expensive gadgets don't work for her anymore. How dare he tinker around and fix things. (At least I think they imported some flavor of the DMCA down under.)
Now what the hell's an AirPlay and what good is it to me?
Oh, it's an Apple-proprietary media streaming protocol? Well, I give an A+ for l33tness, but an F for choosing a useful target.
"When information is power, privacy is freedom" - Jah-Wren Ryel
I wouldn't. I've got a wife and I can tell you first hand, it's HARD to have a girlfriend and a wife.
You're pro-open source, so that makes you a "good guy"? I like chocolate, you like vanilla, ergo, I am good, you are bad.
Does being pro-freedom make you a good guy? Does believing that everyone should have free access make you a good guy? Does helping your others make you a good guy?
Free software ideology isn't about the end product, it isn't chocolate versus vanilla, it is about process and access: how do we choose what gets made, how do we make it, who gets to make it and who gets access to what has been made?
Complexity Happens
how do we choose what gets made
By either making it yourself, or by purchasing something made by someone else only when it fits all your particular requirements.
how do we make it, who gets to make it and who gets access to what has been made?
If you truly value freedom, and not just freedom for you and those who agree with your particular worldview, you don't 'choose' those things. You allow people to be free to make whatever they like however they like and you react to those choices as above.
Apple's products are Apple's right up to the point where they sell them to you. If they choose to not make the source code for their software available and sell it only as a compiled version, that is their choice. If they choose to offer only their own means on installing additional software, their choice.
To argue they should be obligated differently is fine with me, but to cloak that under the guise of promoting 'freedom' is not.
"Sacrifice for the good of The State" - The State
Like IP or not, the Constitution speaks to patent and copyright. I happen to believe that IP laws can, but not always do in practice, increase innovation. As an Apple stockholder, I'd prefer people don't hack their products, and that Steve Jobs decides how Apple software will be designed. You might disagree, and think other people's intellectual property should be "free," but it doesn't make you a good guy, except, apparently here on Mod Abuse Central, where I got modded "flamebait" for daring to not toe the party line. Real flame there!
So no, you're entitled to your views, but imposing them on someone else does not make you good. It makes you kind of officious actually. And people who modded me flamebait for saying it, you are definitely not good.
Slashdot "libertarians": Small government for me, big government for those I disagree with. -1, I disagree with you