http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

Jon Lech Johansen, or "DVD Jon", is getting back into the ring with Apple's Fairplay (http://featured.gigaom.com/2006/10/02/dvd-jon-fairplays-apple/) according to GigOM's Liz Gannes. This time, however, Jon plans to replicate Fairplay so that other companies can sell songs in iPod-compatible formats (similar to what Navio (http://www.macrumors.com/pages/2006/05/20060522152531.shtml) and Real's Harmony (http://www.macrumors.com/pages/2004/07/20040725235143.shtml) have previously attempted). According to the article, at least one unnamed company is already on board.

Earlier this summer, Jon joined with Monique Farantzos to create DoubleTwist Ventures, the company face to Jon's recent endeavor. Apparently, Apple's recently announced iTV (http://www.macrumors.com/pages/2006/09/20060912161621.shtml) has spurred Jon and Farantzos' entrepreneurial spirit:

[Jon] and Farantzos were giddy about the prospect of Apple’s iTV, hoping companies will pay up to get movies on the set-top box when it comes out, after seeing the ill effects of being shut off the iPod. Spurned by Apple? Step right up.

Jon has apparently already spoken to Steve Jobs on vague terms about his business ideas.

Jobs apparently warned that while Apple was not a litigious company, other tech firms might not take kindly to whatever DVD Jon might be up to.

DVD Jon had previously circumvented Fairplay's DRM in 2003 (http://www.macrumors.com/pages/2003/11/20031122001549.shtml), and since then multiple other tools have appeared to provide similar functionality for updated versions of Quicktime/iTunes. Jon is also credited for developing an algorithm named deCSS to strip a DVD of its encryption (called Content Scrambling System, or CSS), hence his nickname.

*cough*

1. It's GigaOM.
2. I suggest that more people read GigaOM. Om Malik is great.

"Unnamed company"


We all know who that is....Real.

As usual, any hack that will come out will probably be hard to use, and <1% of the general computer-using population will ever use it. I don't see this as a big threat, really...

I'd say less than 10% of the general computer-using population even *heard* of the previous iTunes 'Play Fair' stuff (such as Hymn, Harmony, etc.), much less even thought of using it. Don't believe me? Ask your Mom, Grandma, non-geek friends, etc.

More people have heard of the 'DeCSS' programs, but, again, how many have actually used them? I'd say less than 1% of the computer-using public. And most of these people, like me, would only use it to exercise 'fair use' rights (i.e. I'm going on a plane trip, and I rip a DVD I own to my HD to save battery power, then I delete the files after watching it).

So when will Real be dead? I have a feeling that after our inevitable nuclear war, it'll just be cockroaches, twinkies and them. At least they'll be in good company.

As usual, any hack that will come out will probably be hard to use, and <1% of the general computer-using population will ever use it. I don't see this as a big threat, really...

I'd say less than 10% of the general computer-using population even *heard* of the previous iTunes 'Play Fair' stuff (such as Hymn, Harmony, etc.), much less even thought of using it. Don't believe me? Ask your Mom, Grandma, non-geek friends, etc.

More people have heard of the 'DeCSS' programs, but, again, how many have actually used them? I'd say less than 1% of the computer-using public. And most of these people, like me, would only use it to exercise 'fair use' rights (i.e. I'm going on a plane trip, and I rip a DVD I own to my HD to save battery power, then I delete the files after watching it).

Here's the thing... he isn't making a crack for FairPlay. He is giving a "copy" of FairPlay to other stores, etc, so they can also sell FairPlay encrypted songs and movies. It is basically opening up the iPod (as far as non-programed content goes).

Of course, Navio and Real have done similar things, and we haven't heard from either for a while. Only real difference now is that he's a big name.

So Apple will figure out a way to block it, and just Sue him

Since when is Apple not a litigious company?

Since when is Apple not a litigious company?


They sued over the asteroid thing, and that wasn't even a new idea. Tons of devices do what the asteroid was going to do.

Since when is Apple not a litigious company?
That's right!
When? Since they decided anybody can use the term POD to virtually anything!!!
Podcasts for all!!! horay!!! :rolleyes:

Think about this: Apple is in hot water with some European countries for the "monopoly" Apple has with its iPod and iTunes Store.

Could DVD Jon's venture help alleviate some of those country's worries?

-Aaron-

They didn't sue over JustePort or AirFoil (did they?), both of which sould very much like the kind of think they are talking about here...

What is the status of Real's Harmony? It used to say that it would only work on certain firmware revisions, now it just says that it'll work. Weird. Of course that doesn't help iTunes, only the iPod.

B

Think about this: Apple is in hot water with some European countries for the "monopoly" Apple has with its iPod and iTunes Store.

Could DVD Jon's venture help alleviate some of those country's worries?

-Aaron-

Good point. Of note, I'm not aware of any pending lawsuits against Navio.

Also the article had a decent point. This all could help push Apple's hardware sales (aka, push iTV sales), which are the crutch of it all for Apple. Of course, I'm sure Apple won't be too crazy if hackers end up doing a bang-up job and ruin the experience for the end user (hence the reason why Apple hasn't allowed UI themes in OSX??? Let's not go there...)

"Unnamed company"


We all know who that is....Real.

Or microsoft

You'd expect Jobs would have some sympathy for the guy, what with his phreaking days before Apple.

ATM, Apple is making its money on the hardware device, so this really shouldn't hurt their profits too much, even if it does hurt the Store. Would it really be so bad if there were dozens of stores that sold content for (effectively) only the iPod? When Apple will freak out is when the Zune plays Fairplay content. With Microsoft flooding the market with billions of dollars of losses to kill its competition, don't expect this to take too long.

Apple is still committed to DRM. When they offer Apple Lossless files for download with CD-writing still enabled then I'll accept that Apple is DRM-ambivalent. Right now they aren't. And with $2 TV shows the bandwidth argument no longer holds water.

You'd expect Jobs would have some sympathy for the guy, what with his phreaking days before Apple.

No honor among theives... :cool:

Think about this: Apple is in hot water with some European countries for the "monopoly" Apple has with its iPod and iTunes Store.

Could DVD Jon's venture help alleviate some of those country's worries?

-Aaron-

Not really. Apple isn't in "hot water" with "some European countries", France has very strict regulations as far as their TV broadcast formats go and they wanted to try and cross that over into the music territory.

You'd expect Jobs would have some sympathy for the guy, what with his phreaking days before Apple.

How do you know he doesn't? Back then, he wasn't a CEO responsible for a company's success and having to answer to board members and shareholders. He has other responsibilities. I love how famous people get every little detail of their lives held up as a an "a ha!" kind of thing for every move they make. The stuff he did when he was younger is sort of not relevant anymore, is it?

ATM, Apple is making its money on the hardware device, so this really shouldn't hurt their profits too much, even if it does hurt the Store.

You're exactly right. To me, the refusal to license FairPlay is the single most puzzling thing about Apple right now. With one move, they could have potentially hundreds of content providers wrapped around their finger in the same way MS had so many PC vendors wrapped around theirs in the past two decades. They could lock down the market for many, many years if they did it right. (BTW, I don't advocate that kind of thing, but they could do it and most companies would jump at the chance.) The iTunes music store would probably disappear or gradually fade away but then, Apple doesn't make the bulk of their money off that anyway and perhaps the FairPlay licensing money would cover that loss. Think of the iPod with hundreds of licensed content providers out there trying to outdo each other. I can't imagine why Apple hasn't done it yet.

I can't believe that people are disgruntled that we are forced to use iTunes with iPod.
iTunes is brilliant.
It's not as if we are forced to use something really crummy like WMP with the worlds favourite MP3 player.

"Unnamed company"

We all know who that is....Real.

& Microsoft.

Think of the iPod with hundreds of licensed content providers out there trying to outdo each other. I can't imagine why Apple hasn't done it yet.
I can't believe that people are disgruntled that we are forced to use iTunes with iPod.
iTunes is brilliant.
It's not as if we are forced to use something really crummy like WMP with the worlds favourite MP3 player.
That's the problem.

ITunes+iPod succeeds because of its inherent simplicity. Unfortunately choice isn't that simple. Opening up Fairplay isn't enough, since it opens up the iPod, but not iTunes.

EDIT: This was the biggest problem with Real's Harmony. You could add songs to your 'Pod, but as soon as you synced with iTunes, you'd lose the Real songs. Not simple. You'd end up chosing iTunes vs. Real.

B

You're exactly right. To me, the refusal to license FairPlay is the single most puzzling thing about Apple right now. With one move, they could have potentially hundreds of content providers wrapped around their finger in the same way MS had so many PC vendors wrapped around theirs in the past two decades. They could lock down the market for many, many years if they did it right. (BTW, I don't advocate that kind of thing, but they could do it and most companies would jump at the chance.) The iTunes music store would probably disappear or gradually fade away but then, Apple doesn't make the bulk of their money off that anyway and perhaps the FairPlay licensing money would cover that loss. Think of the iPod with hundreds of licensed content providers out there trying to outdo each other. I can't imagine why Apple hasn't done it yet.

My knowledge on these areas is pretty slim but would Apple be able to license FairPlay content only or would that open up the risk of other companies creating MP3 players that could read FairPlay content and, hence, compete with the iPod? ...or is that some sore of seperate licensure?

-Clive

As usual, any hack that will come out will probably be hard to use, and <1% of the general computer-using population will ever use it. I don't see this as a big threat, really...


This isn't a consumer-end hack, it is a retailer-end re-implementation of Fairplay (presumably clean room) for interoperability purposes (legal in Europe, I don't know about the USoA since the DMCA etc).

If it works, Joe Public will see more online services selling iPod (and iTV) compatible media. They'll also see more players and software capable of playing Fairplay protected content.

I'm sure the real purpose is to encourage Apple to license Fairplay to other companies and thus open up the platform. It remains to be seen whether this would be beneficial to Apple, on the one hand their popular on-line store could sell to the other few percent of players on the market, but other stores can compete for Apple's customers, and it might cloudify the neat iPod,iTunes,iTMS integration.

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

I'm glad to see this DRM stuff getting hacked. I hate the DRM and would buy way more music, movies, and TV Shows from iTunes if there was no DRM in the files.

I'm glad to see this DRM stuff getting hacked. I hate the DRM and would buy way more music, movies, and TV Shows from iTunes if there was no DRM in the files.
You didn't read the article, did you? This time Jon's working on adding iPod compatible DRM to files not originally from Apple.

B

I'm surprised how many people are interpreting this wrong.

The point of this is that Amazon can go to this new company and license Fairplay-compatable DRM. That way they can sell movies/music on their website (Unbox) and sell it with DRM that is iPod/iTV/iTunes Compatible.

This could mean, for example, Napster could be iTunes/iPod compatible.

Or Vongo (unlimited movie downloads $9.95/month) could be iPod compatible.

Personally, I'm not sure how long it will go. Either Apple will shut them down (if legally capable) or simply start licensing Fairplay themselves and cut out the middleman (which could be an inadvertant positive result of this effort)

OR

[edit: as pointed out below, this is probably not possible]
Microsoft licenses it so Zune can play iTunes Music/Movie store content. That could be a huge boost for Zune.

arn

The point of this is that Amazon can go to this new company and license Fairplay-compatable DRM. That way they can sell movies/music on their website (Unbox) and sell it with DRM that is iPod/iTV/iTunes Compatible.
The problem is that I don't see how it can be iTunes compatible without Apple's involvement. (See above post on Real Harmony). iTunes will only query ITMS for validating a DRMed file, not DoubleTwist or Amazon. Without iTunes things get a lot less compelling.

B

The problem is that I don't see how it can be iTunes compatible without Apple's involvement. (See above post on Real Harmony). iTunes will only query ITMS for validating a DRMed file, not DoubleTwist or Amazon. Without iTunes things get a lot less compelling.

B

perhaps true... but depends on how it works. if it's just tied to an email address, if they can encode that same email address into the files, it would probably work. Alternatively, it could also mean that someone could come out with a non-iTunes media player that doesn't validate against a server.

arn

perhaps true... but depends on how it works. if it's just tied to an email address, if they can encode that same email address into the files, it would probably work. Alternatively, it could also mean that someone could come out with a non-iTunes media player that doesn't validate against a server.
Maybe they should just work with Rockbox and make a third party firmware that opens up the iPod to a new open DRM and forget Fairplay compatibility...

(Note, like the Airport Express, the iTV may be an easier nut to crack than iPod+iTunes).

B

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

Well, he currently eyeing selling the tech to companies, presumably some of which are willing to spend big bucks to jam their way into the iPod + iTunes ecosphere. At least now, it's clear it's mostly about making moola.

Maybe they should just work with Rockbox and make a third party firmware that opens up the iPod to a new open DRM and forget Fairplay compatibility...


But what's the point of that? So a few geeks can hack their iPod to play whatever?

Opening Fairplay to other companies opens the iPod to other services. The biggest risk to Apple is the opening of Fairplay to other MP3 manufacturers.

Besides... the more I think about it, the more I don't see why iTunes wouldn't play the compatible Fairplay songs. Apple can't make any major changes to the existing DRM in files to break compatible Fairplay files.... since they would have then have to reencode all of those files sitting on people's hard drives.

arn

This isn't a consumer-end hack, it is a retailer-end re-implementation of Fairplay (presumably clean room) for interoperability purposes (legal in Europe, I don't know about the USoA since the DMCA etc).

The DMCA would have nothing to do with this. This doesn't remove any copy prevention, it adds it. I just can't see what anyone would want to do with this technology. The only scenario that makes sense: If you are a music band without any record contract, and the iTunes Music Store refuses to sell your music, you could use software like this to add Fairplay DRM to your music, and you could offer the music on your webpage and sell it to anyone who uses iTunes - which would be about 90 percent of all people who are interested in music and computers at all. Of course you could sell the music without any DRM.

DVD Jon had previously circumvented Fairplay's DRM in 2003 (http://www.macrumors.com/pages/2003/11/20031122001549.shtml), and since then multiple other tools have appeared to provide similar functionality for updated versions of Quicktime/iTunes. Jon is also credited for developing an algorithm named deCSS to strip a DVD of its encryption (called Content Scrambling System, or CSS), hence his nickname.

Similar for updated iTunes? Is there something that hacks the DCC in recent/current versions of iTunes? I thought they broke a few versions back and recent DRM hasn't been hacked.

They sued over the asteroid thing, and that wasn't even a new idea. Tons of devices do what the asteroid was going to do.

They sued over the release of specific inside information. It doesn't have to be a "new idea" for product info to have value.

Apple is still committed to DRM. When they offer Apple Lossless files for download with CD-writing still enabled then I'll accept that Apple is DRM-ambivalent. Right now they aren't. And with $2 TV shows the bandwidth argument no longer holds water.

Of course they're committed. The issue isn't bandwidth, it's that it's a condition the content owners insist on in exchange for apple being able to sell their product.

The iTunes music store would probably disappear or gradually fade away but then, Apple doesn't make the bulk of their money off that anyway and perhaps the FairPlay licensing money would cover that loss. Think of the iPod with hundreds of licensed content providers out there trying to outdo each other. I can't imagine why Apple hasn't done it yet.

It's obvious why. The biggest selling point for both iTunes and iPod is the ease of integration. With other online stores, you have users who have problems getting music onto their iPod, and end up angry and blame the iPod. Apple isn't willing to risk letting that user experience degrade.

...the more I think about it, the more I don't see why iTunes wouldn't play the compatible Fairplay songs. Apple can't make any major changes to the existing DRM in files to break compatible Fairplay files.... since they would have then have to reencode all of those files sitting on people's hard drives.

arn

Maybe Apple could do a Fairplay "freeze" where all Fairplay v2 media purchased after a certain date is deemed invalid by iPod + iTunes.

Not that Apple would automatically do such a thing...way I see it, we're all heading towards murky waters as crappy tech companies (Real, Microsoft, etc.) try to jam their way into Apple's iPod + iTunes ecosphere.

The only scenario that makes sense: If you are a music band without any record contract, and the iTunes Music Store refuses to sell your music, you could use software like this to add Fairplay DRM to your music, and you could offer the music on your webpage and sell it to anyone who uses iTunes - which would be about 90 percent of all people who are interested in music and computers at all. Of course you could sell the music without any DRM.

I can't think of a case in which a band or musician would want to sell their music with Fairplay DRM without gaining access to the iTunes store. You might as well just sell the music without DRM, as you said.

I'm surprised how many people are interpreting this wrong.

The point of this is that Amazon can go to this new company and license Fairplay-compatable DRM. That way they can sell movies/music on their website (Unbox) and sell it with DRM that is iPod/iTV/iTunes Compatible.

This could mean, for example, Napster could be iTunes/iPod compatible.

Or Vongo (unlimited movie downloads $9.95/month) could be iPod compatible.

Personally, I'm not sure how long it will go. Either Apple will shut them down (if legally capable) or simply start licensing Fairplay themselves and cut out the middleman (which could be an inadvertant positive result of this effort)

Napster (and Vongo, never heard of them) couldn't do that. Fairplay doesn't have any time limit. If you buy a song from the iTunes Music Store, it will work forever (or as long as Apple Computer exists). If you have a Napster subscription, and Napster made it possible that you download a song and add the Fairplay DRM to it, then iTunes would play it today and forever.

The DMCA would have nothing to do with this. This doesn't remove any copy prevention, it adds it. I just can't see what anyone would want to do with this technology.

Napster/Amazon would want this technology so they could sell their music/movies to anyone with an iPod.

It's not like Napster necessarily choose WMA DRM. They couldn't license Fairplay from Apple.

arn

Napster (and Vongo, never heard of them) couldn't do that. Fairplay doesn't have any time limit. If you buy a song from the iTunes Music Store, it will work forever (or as long as Apple Computer exists). If you have a Napster subscription, and Napster made it possible that you download a song and add the Fairplay DRM to it, then iTunes would play it today and forever.

you may be right about that. subscription services might not be useable at the moment.

arn

Zune won't be able to play iTunes/FairPlay content because all this software by Dvd John does is let others ENCODE their content with FairPlay DRM, not DECODE.

Decoding is illegal but providing an alternative encoding is murky and there is history that suggests it's legal (Compaq's IBM PC clone).

So this only hurts the iTunes store not the iPod. It's also easy enough for Real to license this technology and provide a front end to their own store that then downloads the files to your computer and tells iTunes where they are so you can just open up iTunes and drag them to your iPod from a Real smart list (much the way LimeWire adds its own Smart List to your iTunes playlists side bar).

So no, Zune will never be able to play iTunes content with this software nor will any other non-apple device.

I'm for open standards, but I'm sorry I selfishly want to see Real die a horrible painful death. Oh and I also want a T-shirt that says "DVD John cracked my butt." :)

Oh and I also want a T-shirt that says "DVD John cracked my butt." :)

Ouch. Ew. Gross.

:eek:

I can't believe that people are disgruntled that we are forced to use iTunes with iPod.
iTunes is brilliant.
It's not as if we are forced to use something really crummy like WMP with the worlds favourite MP3 player.



& Microsoft.

Hmm...personally, I don't have a problem with the 'iTunes' part, I have a problem with the 'forced' part. Any company (yes, even Apple) is capable of making a big mistake, at some point...

well. i wish apple would allow record companies to sell cd's that are copy protected, with copies of songs in AAC fairplay protected. so that people can also use them digitally.

psh, you all are mistaken. this is the best evidence YET that Merom MBP's will be released at Photokina, with updated chassis and everything under the sun included.


*sigh*

on another note, my friends that have other-branded mp3 players and sometimes lament that they can't purchase off of iTunes. also they'd like to switch from their mp3 player to an iPod but they don't want to deal with re-encoding all their files from wma to mp3.

You'd expect Jobs would have some sympathy for the guy, what with his phreaking days before Apple.
I had a roommate in college that had an actual Jobs/Wozniak-built blue box. It was about 10 years old at the time, but still worked fine.

Besides... the more I think about it, the more I don't see why iTunes wouldn't play the compatible Fairplay songs. Apple can't make any major changes to the existing DRM in files to break compatible Fairplay files.... since they would have then have to reencode all of those files sitting on people's hard drives.
The "key" to unlocking the FairPlay DRM is your iTMS account.

One factor that DVD Jon already uncovered once before is that the actual encoding of the DRM to your account is done locally by the iTunes client. This might help in their current effort. Previously the transmitted file was unenencrypted, while now it appears to be given some common form of encryption. Perhaps the easiest way they could make it work would be to see if they can fool iTunes into encrypting the file for them.

Since the files are already decrypted and encrypted locally in faster that real time, it doesn't seem too farfetched that Apple could decide to "upgrade" the DRM on the files locally whenever you access them, or in one swell foop as they did to detect gapless tracks.

Even if iTunes did the encrypting Apple could still break this by releasing a new iTunes client and mandating its use as they have done before. Most probably they would not want to deal with the hassle of dealing with support calls from folks who lost their protected files since they didn't have a backup but didn't buy the files from ITMS in the first place....

I personally don't see the net positive for Apple, but DVD Jon has surprised me in the past.

B

But what's the point of that? So a few geeks can hack their iPod to play whatever?

Opening Fairplay to other companies opens the iPod to other services. The biggest risk to Apple is the opening of Fairplay to other MP3 manufacturers.

Besides... the more I think about it, the more I don't see why iTunes wouldn't play the compatible Fairplay songs. Apple can't make any major changes to the existing DRM in files to break compatible Fairplay files.... since they would have then have to reencode all of those files sitting on people's hard drives.

arn

Perhaps DVD Jon's business model in this instance primarily revolves around getting Apple to pay him off...

Jobs apparently warned that while Apple was not a litigious company

Well, that has to be the funniest thing I ever heard.

Perhaps DVD Jon's business model in this instance primarily revolves around getting Apple to pay him off...
LOL. I am a bit surprised that they haven't made him a job offer already w/ decent options.

B

I'm surprised how many people are interpreting this wrong.

The point of this is that Amazon can go to this new company and license Fairplay-compatable DRM. That way they can sell movies/music on their website (Unbox) and sell it with DRM that is iPod/iTV/iTunes Compatible.

This could mean, for example, Napster could be iTunes/iPod compatible.

Or Vongo (unlimited movie downloads $9.95/month) could be iPod compatible.

Personally, I'm not sure how long it will go. Either Apple will shut them down (if legally capable) or simply start licensing Fairplay themselves and cut out the middleman (which could be an inadvertant positive result of this effort)

OR

[edit: as pointed out below, this is probably not possible]
Microsoft licenses it so Zune can play iTunes Music/Movie store content. That could be a huge boost for Zune.

arn

Exactly my point. If windows iPod users could transfer their iPod media to Zune and Windows media player, it would be a huge plus for them. Remember, most iPod owners don't belong to the church of Mac. We already know they are more than willing to live outside accepted ethics if it suits them.

He's just another guy trying to make a quick buck...

Well, that has to be the funniest thing I ever heard.

Heh. I literally laughed out loud when I saw that line.

Jobs apparently warned that while Apple was not a litigious company, other tech firms might not take kindly to whatever DVD Jon might be up to.
LMFAO. In case there is any doubt--Apple is a litigious company.

If Jon is able to get this working, selling Fairplay DRM files from other sites, it will be bad for buyers. Right now Apple forces the record companies into a set price format (ie $.99 per song etc.). The record companies have already fought with Apple over this during the last contract renegotiations, wanting to charge more for some material. Apple won because they have a near monopoly on the market, but if other stores can sell iPod compatible music Apple's bargaining power is gone and prices will rise. Ug, I can't believe I just defended a monopoly.

Well, he currently eyeing selling the tech to companies, presumably some of which are willing to spend big bucks to jam their way into the iPod + iTunes ecosphere. At least now, it's clear it's mostly about making moola.

Yes, we all know the moral high-ground corporations take. Regardless of any moral principals involved, it is 'can we get away with it?', or even more disgusting, 'can we make enough profit to justify the legal settlement?'. It is truly a sorry state of affairs we find ourselves in; where the moral fiber of our country is solely based on the personal pursuit of wealth. Personally, I find this individual loathsome.

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

Hello "lawyer". No legal permission is required for reverse engineering.

http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)


Earlier this summer, Jon joined with Monique Farantzos to create DoubleTwist Ventures, the company face to Jon's recent endeavor. Apparently,

Having read a few messages in this thread, why doesn't Apple simply BUY Doubletwist. That seems their basis for calling Steve, who didn't give the idea the time of day.

Doubletwist should make an offer to Apple. Apple might be precluded from even making/initiating the offer for anti-trust reasons. Doubletwist should not go down this road to a vastly inferior consumer experience.

Rocketman

Hello "lawyer". No legal permission is required for reverse engineering.
The DMCA changed that, and until it's tested in court anything where encryption is used or even potentially used is not "safe" to reverse engineer in the US.

B

When will this hacking nerd do something REALLY positive and productive to the world?

Well, if you've ever ripped a DVD you bought to watch it on the iPod, a non-DVD laptop, etc., he's the guy who made that possible. Legal grey area? Possibly. Useful, positive and productive? In my mind: Hell, yeah!

Baumi

The DMCA changed that, and until it's tested in court anything where encryption is used or even potentially used is not "safe" to reverse engineer in the US.

B

Not "anything where encryption is used." But if something is encrypted, it can only be reverse engineered under 1201(f):

(f) Reverse Engineering. -

* (1) Notwithstanding the provisions of subsection (a)(1)(A), a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been readily available to the person engaging in the circumvention, to the extent any such acts of identification and analysis do not constitute infringement under this title.
* (2) Notwithstanding the provisions of subsections (a)(2) and (b), a person may develop and employ technological means to circumvent a technological measure, or to circumvent protection afforded by a technological measure, in order to enable the identification and analysis under paragraph (1), or for the purpose of enabling interoperability of an independently created computer program with other programs, if such means are necessary to achieve such interoperability, to the extent that doing so does not constitute infringement under this title.

* (3) The information acquired through the acts permitted under paragraph (1), and the means permitted under paragraph (2), may be made available to others if the person referred to in paragraph (1) or (2), as the case may be, provides such information or means solely for the purpose of enabling interoperability of an independently created computer program with other programs, and to the extent that doing so does not constitute infringement under this title or violate applicable law other than this section.

* (4) For purposes of this subsection, the term ''interoperability'' means the ability of computer programs to exchange information, and of such programs mutually to use the information which has been exchanged.

But right now, the whole thing is a gray area in a world rule by black and white. How gray you might ask....

charcoal gray.

charcoal gray.
That was my point, until it's thoroughly tested in court (or repealed or modified) it remains up to interpretation, which makes most encryption/DRM reverse engineering related work in the US (somewhat) risky business.

DVD Jon may have found a way around this in that he's not currently trying to circumvent the access control, he appears to be trying to apply a compatible access control to files that would not otherwise have one.

B

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

A lot more useful than lawyers :rolleyes:

Wouldn't it be ironic if the once closed iPod+iTunes ecosystem suddenly became open to every music store except the Zune Marketplace? Fairplay would effectively replace PlaysForSure, the only closed DRM would be the Zune's, and every other music player manufacturer would be left with no music store compatibility at all until they slowly die... And the mythic Apple vs Micro$oft war would rage once again.

As others have mentionned, I see 2 negative things with this:

The software integration between iTunes and the other online music stores would probably not be ideal.
It may open up the possibility of higher prices for certain songs. Some record studios may start selling some songs for more to the other online stores and stop selling those same songs on the iTMS.

All this talk is great. Only on macrumors can you see so many people ignoring the 800 lb. gorilla in the room - namely, the fact that a huge majority of users still get their music from sources other than buying it online. 83% don't buy music at least once a month from the itms. 5% of the music on ipods is from the store.

I know it's the in thing in these forums to profess love for the itms, and curse its competitors and would-be hackers, but the fact is, the store exists for one reason - to give Apple a legitimate entity to point to when the RIAA accuses it of producing devices that encourage piracy - namely, iPods. Don't get me wrong - I love that they did that, and the success of the store ensures I will be able to buy DRM-free mp3 players for quite some time.

But don't kid yourself into thinking that reverse-engineering of the Fairplay tech will make a rip of difference one way or the other. In case you haven't noticed, it's already easy to get DVD-quality movies and TV shows online for free. Yes, yes, I know, that's illegal, and we're all going to get sued by the MPAA and the RIAA and NCAA and AARP. Just let me know when I should actually start worrying about it.

All this talk is great. ... ... ... In case you haven't noticed, it's already easy to get DVD-quality movies and TV shows online for free. Yes, yes, I know, that's illegal, and we're all going to get sued by the MPAA and the RIAA and NCAA and AARP. Just let me know when I should actually start worrying about it.

The moment you've got a life to lose if you're sued and you have your hds full of pirated movies, music and stuff would be a good point to start being worried. About that life of yours if you're having a job and a family and things like that. Could get nasty if you're having a criminal record and things like that, you know.

Just my thoughts.

Ug, I can't believe I just defended a monopoly.

Bear in mind, there is nothing inherently bad in a company having a monopoly, not even Microsoft. What's bad (and illegal) is when a company in such a position abuses its monopolistic power. I have to remind MS defenders of this fact as many of them don't seem to grasp the nuance here. MS wasn't in trouble for being a monopoly (rightly so--being one is not illegal.) MS was in trouble for abusing that power.

Speaking of MS defenders, is it my imagination or are there an awful lot of Macrumors newbies on the board now who seem to bash Apple pretty quickly and at every turn? What's that all about?

Bear in mind, there is nothing inherently bad in a company having a monopoly, not even Microsoft. What's bad (and illegal) is when a company in such a position abuses its monopolistic power.
Occassionally it can be beneficial to have one company setting certain standards. However, the value of competition is that the stronger/better thrive (while the weak adapt or die out). If you have a monopoly, that disappears.

The most important thing is that we don't create a system where the weaker stuff can survive because a monoply throws more money into it, while the better one can't make it.

How does this relate to everything? I don't know... maybe I lost the point... oh no here it is.

At the moment Apple competes as an entire ecosystem (iPod/iTunes/iTMS) against other combinations... and everything is still improving for consumers. So that's a good thing. Apple is using its muscle to force open some new markets, which again is good. I think we need Apple to do what it's doing with the iPod, for now, but it also needs the flexibility to know when to work with everyone (like MS does). I think they'll have to open up the iPod/iTunes/iTMS trifecta soonish, but they might not realise till it's too late.

And on a personal note - iPod/iTunes/iTMS is great if you've got all 3. If you don't have iTMS movies, where do you buy movies from? What about if you're a BIG movie renter, but never buy them - what choice do you have?

The single option both forces big change, and stops flexibility.

Since when is Apple not a litigious company?

Apple is not frivilously litigious, but they have been known to fiercely defend their intellectual property.

Hello "lawyer". No legal permission is required for reverse engineering.

Really? Which jurisdiction you talk from? And what kind of IPR are we considering here? Have ya ever heard of the DMCA, which forbids reverse engineering except for very limited purposes?

If you don't really know legal issues, please spare us from such glib comments.

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

Right, there are only billions of people who can watch DVD's on computers of their choice now because of his efforts who couldn't before, spawning all kinds of video editing, DVR, and high-quality conversion systems that couldn't have existed without his work.

He defeated a system designed to take away fair use rights from the citizenry and hasn't done anything productive? OK, if you don't care about your rights maybe you have a point.

More people have heard of the 'DeCSS' programs, but, again, how many have actually used them? I'd say less than 1% of the computer-using public. And most of these people, like me, would only use it to exercise 'fair use' rights (i.e. I'm going on a plane trip, and I rip a DVD I own to my HD to save battery power, then I delete the files after watching it).

You'll be surprised at the number of people who use VLC, as it's an excellent DVD player that usually has some advantages over {Whatever DVD player came with your computer}, notably that you don't always get {Whatever DVD player came with your computer} to begin with, it's free, it works, it's reliable, and if you have a good DVD drive, it's multi-region.

VLC uses various libraries that were derived from DeCSS.

I wonder how many people would suddenly notice the DMCA if we started seeing thousands of people arrested and thrown in jail, as is theoretically possible, because they downloaded and used an unauthorized DVD player, like one of the Free Software programs such as VLC, to watch DVDs they own?

You'd expect Jobs would have some sympathy for the guy, what with his phreaking days before Apple.


Yeah, right.

When Real Networks did something similar, they were accused by Apple of "using the same tactics of a hacker", and that wasn't intended as a complement. When I read that, my first thought was "Where is Woz when you need him?"

Right, there are only billions of people who can watch DVD's on computers of their choice now because of his efforts who couldn't before, spawning all kinds of video editing, DVR, and high-quality conversion systems that couldn't have existed without his work.

He defeated a system designed to take away fair use rights from the citizenry and hasn't done anything productive? OK, if you don't care about your rights maybe you have a point.

Billions huh? There are scarcely a billion personal computers out there, forget the linux numbers, they are in the low millions. And you honestly think that there are tons of people using Open Source just because we do? No, the masses are content to use Windows Media in all its crappiness to play all their DVDs. We, my friend, are few and far between.

The way I imagine Apple liscensing/opening up the iPod/iTunes/iTMS system would be for Apple to completely control what the user sees, how the user gets content, even if it doesn't control what the user gets. Like how you can choose which country to set the Music Store to, adding maybe an Amazon.com store to the list, Real.com, etc. But as a "reward" for opening itself up to competition, Apple would recieve a slight liscence fee, an teensy bit of the price of whatever's sold. This way Apple could control the look of the iTMS no matter where it comes from by supplying a template, a "user interface guideline" sort of thing for this new multi-store, and all media from Apple or Amazon or wherever could all happily coexist in iTunes. If the other companies want to sell to players other than the iPod, they can use their own system or work out a similar situation with Microsoft and fair play and such.

I don't really like leaving this in the hands of DVD Jon. Maybe Apple will wait and see what kind of response he gets and then take it from there, but I think Apple and especially iTunes still need to be part of the picture.

Maybe Apple could simply provide an easy "Add to Library" handle in iTunes, even if the stuff comes from some browser based store, you buy it and it goes to iTunes and thus the iPod. The whole multi-store thing is to me the ideal that I'd be willing to let go of.

V. L. C.

don't tell me you haven't use this magnificient software? (on mac, linux and win32)

Jobs apparently warned that while Apple was not a litigious company

HAHAH tell that to think secret :X

Good luck Jon.

When will this hacking nerd do something REALLY positive and productive to the world?

Last time I heard, his occupation was to break into companies' IPR without any legal permission to do so...not commendable, to say the least.

It's currently the only way to get non-Disney movies onto an iPod and many other similar devices. It's also a way for users to get the videos they've paid for onto media devices that don't have a DVD drive. For the movie industry to say that they have to buy the movie again is completely ludicrous on their part.

His work allowed people to use the media and devices they paid for in the way that they want to use it. I would call that productive.

I know you probably don't agree with it but frankly, I think the movie industry is being too greedy here.

The DMCA changed that, and until it's tested in court anything where encryption is used or even potentially used is not "safe" to reverse engineer in the US.

DVDJon is in the EU, which I don't think has such a law yet. The DMCA only applies to the US. Counterpart laws are in the works.

There might be some trouble if he decides to come to the US. Adobe had some Russian guy arrested when he came to the US for making a program that applied ROT13 to Adobe's "encrypted" files to make them useable.

He's just another guy trying to make a quick buck...

I think that's a bit of an ignorant comment. It's taken him long enough to get around to doing so, so I don't think "quick" applies. He's been breaking encryption systems for maybe ten years now, I'm not sure if he's made any money on it so far.

My knowledge on these areas is pretty slim but would Apple be able to license FairPlay content only or would that open up the risk of other companies creating MP3 players that could read FairPlay content and, hence, compete with the iPod? ...or is that some sore of seperate licensure?

I doubt that licencing the format would have to mean that it allows competing players. The licensing contracts can be very specific such that it allows only encryptors, not decryptors, and be limited to certain circumstances.

The moment you've got a life to lose if you're sued and you have your hds full of pirated movies, music and stuff would be a good point to start being worried. About that life of yours if you're having a job and a family and things like that. Could get nasty if you're having a criminal record and things like that, you know.

And how exactly would they know to sue you in the first place?

And how exactly would they know to sue you in the first place?

And since when can you get a criminal record from a civil lawsuit? Since never, that's when.

The problem is that I don't see how it can be iTunes compatible without Apple's involvement. (See above post on Real Harmony). iTunes will only query ITMS for validating a DRMed file, not DoubleTwist or Amazon. Without iTunes things get a lot less compelling.

I guess it depends how much of FairPlay they end up replicating. If they replicate the server too, then it'll probably be simple to tell iTunes to look at the third-party server (just capture the data going to Apple's IP address and send it off to DoubleTwist).

I guess it depends how much of FairPlay they end up replicating. If they replicate the server too, then it'll probably be simple to tell iTunes to look at the third-party server (just capture the data going to Apple's IP address and send it off to DoubleTwist).
If they do that it probably wouldn't work with iTMS purchased tracks. This leads to the same kind of issue as Real faed, sure you can use the Real Store, but not at the same time as ITMS. ick.

(FWIW. They could probable accomplish a simple redirection just by adding an entry to the local hosts table, since Apple most likely addresses their servers by name not IP.)

We'll see if anything comes out of this, good or bad.

B

In case you haven't noticed, it's already easy to get DVD-quality movies and TV shows online for free. Yes, yes, I know, that's illegal, and we're all going to get sued by the MPAA and the RIAA and NCAA and AARP. Just let me know when I should actually start worrying about it.

The moment you've got a life to lose if you're sued and you have your hds full of pirated movies, music and stuff would be a good point to start being worried. About that life of yours if you're having a job and a family and things like that. Could get nasty if you're having a criminal record and things like that, you know.

Just my thoughts.

And since when can you get a criminal record from a civil lawsuit? Since never, that's when.

And how exactly would they know to sue you in the first place?

Okay, you've got me. Pirating stuff is fun and nobody will ever get to you. And if they do it's still fun since you don't get a criminal record. And if you got one then it would be totally unfair. Man, I am a total idiot for even considering to buy stuff. You know, pay money for it.

Let me just say the following: I do not like being restricted in what I do with the stuff I pay for. But I know what I am allowed to do in advance (that is before I pay money for it). Therefore I can DECIDE to pay or not. And to use it or not. And if I am not willing to pay for the package I get, I don't pay. AND DON'T USE IT. That is even if I do not like being restricted.

But nevermind, that is just me. (I thought like you on this matter a few years ago)

Okay, you've got me. Pirating stuff is fun and nobody will ever get to you. And if they do it's still fun since you don't get a criminal record. And if you got one then it would be totally unfair. Man, I am a total idiot for even considering to buy stuff. You know, pay money for it.

Don't put words in our mouths. If you're going to make the moral argument against piracy, make it. I just don't agree with trying to fearmonger by saying that the feds are going to bust your door down and impound your hard drives.

Don't confuse condoning piracy with pointing out incorrect statements.

If they do that it probably wouldn't work with iTMS purchased tracks.

Indeed, there would need to be a "helper" that checks to see where the track came from, and redirects it to DoubleTwist if necessary.

I'm interested in seeing where this all goes, it'll hopefully silence the complaints of the lack of an NZ iTMS.

I actually work as a programmer for a DRM provider. Here's what our legal wonks have told us with regards to the DCMA:

1) If we want our player to be able to read files protected by a competitor's DRM, we are entitled to do so. This means that if we had a new iPod-killing mp3 player, we would be legally within our rights to reverse engineer iTunes to crack the DRM, and then re-implement the same algorithm in our own player (it would have to be cleanroom reverse engineering of course, but that's for IP reasons, not the DCMA)

2) However, our player must not give the user more rights than the original player. So, we can't provide an option to rip to mp3 for example. All we can really offer is another player, or, at the absolute limit, a convertor that removes FairPlay DRM, and replaces it with ours (or another provider's). The new DRM should provide exactly the same restrictions on copying/transferring of files as the original. The legal eagles tell us that this last bit is really a bit too grey at the moment to be safe, so we would be better off restricting ourselves to just a player.

This of course makes liars of all those people that spread FUD about the DCMA and DRM in general. All DRM is crackable, and the provisions in the DCMA make it legal to do so, if the reason for doing so does not infringe fair-use....

Indeed, there would need to be a "helper" that checks to see where the track came from, and redirects it to DoubleTwist if necessary.

I'm interested in seeing where this all goes, it'll hopefully silence the complaints of the lack of an NZ iTMS.

Not necessarily. We don't know exactly how FairPlay works. Lets say I download my favorite song from iTMS. iTMS encrypts the song and adds my AppleID to it. When iTunes wants to play the song, it calls iTMS, gives it my AppleID, the iTMS returns a key to decrypt the song, iTunes decrypts it and plays it. Most likely iTunes will actually send both my AppleID + some ID for the song, so that if I crack the key for one song I cannot copy _all_ my songs.

Now the question is: Does iTMS keep track of all the songs that I bought or not? If it doesn't keep track of all the songs then the following would be possible: DoubleTwist adds a a random song id to the song. Then it adds _my_ AppleID and encrypts the file. When iTunes wants to play the song, it notices that it is encrypted, and takes my AppleID plus the song ID and sends it to iTMS. If iTMS doesn't keep track of songs then it will calculate which key would decrypt the file (if Apple had sold me a song with that song ID). And that key could be used to decrypt the song.

Another possibility: DoubleTwist could take the song ID and my AppleID from _any_ one song ABC that I bought from iTMS. It could be possible to find which key was used to encrypt that song from that information; nobody would have tried to make it difficult to find out. The decryption key is top secret, not the encryption key. So with this information, DoubleTwist could encrypt any song XYZ with exactly the same key as the one song ABC that I bought from iTMS. When I try to play any of those songs, iTunes will find the my Apple ID and the song ID of ABC attached to the song, sends it to iTMS, which returns the key to decrypt ABC, and uses it to decrypt XYZ. And since XYZ was encrypted with the same key as ABC, it will decrypt and play.

The decryption key is top secret, not the encryption key.
Methinks you don't have a good grasp of public key encryption. (Or at least how it's supposed to work).

The encryption key is the one that is top secret because it's the one you keep private, and is the one which would allow DoubleTwist (or anyone else) to masquerade as iTS. The decryption key, by it's very nature, is vulnerable and in effect "public" (since it must be on the client machine, so it can be discovered). There is a flaw in the FairPlay system that Jon has exploited before (as I mentioned earlier in the thread) which has to do with the fact that the files are personalized locally on the client machine, so if they can fool iTunes into personalizing third party files, they're in like Flynn. (This also has the effect of making a private key or equivalent available on the system which may be the chink in FairPlay's armor).

Essentially, the FairPlay system is one that implies a certain amount of trust. Once you authorize a machine all of the purchased tracks from that account on the machines can be decrypted. Even if they are not on the machine at the time of the authorization and the machine is not on the network at the time (I have played back encrypted videos on DVD-R on my iBook while it was not on the 'net.)

I don't know how often it needs to "phone home" so you can't just load up 5 machines with protected content, detach them from the network and deactivate all of your machines at iTMS... Then spend the next year working on 5 more systems...

B

Apple needs to start working on a new business model while the studios are still suing their customers and the TV boom is still on. If they dont they're going to be beaten overseas. Enough with the legal rhetoric damn it, evolve your business model or you'll lose.

Methinks you don't have a good grasp of public key encryption. (Or at least how it's supposed to work).

The encryption key is the one that is top secret because it's the one you keep private, and is the one which would allow DoubleTwist (or anyone else) to masquerade as iTS. The decryption key, by it's very nature, is vulnerable and in effect "public" (since it must be on the client machine, so it can be discovered). There is a flaw in the FairPlay system that Jon has exploited before (as I mentioned earlier in the thread) which has to do with the fact that the files are personalized locally on the client machine, so if they can fool iTunes into personalizing third party files, they're in like Flynn. (This also has the effect of making a private key or equivalent available on the system which may be the chink in FairPlay's armor).

Essentially, the FairPlay system is one that implies a certain amount of trust. Once you authorize a machine all of the purchased tracks from that account on the machines can be decrypted. Even if they are not on the machine at the time of the authorization and the machine is not on the network at the time (I have played back encrypted videos on DVD-R on my iBook while it was not on the 'net.)

I don't know how often it needs to "phone home" so you can't just load up 5 machines with protected content, detach them from the network and deactivate all of your machines at iTMS... Then spend the next year working on 5 more systems...

B

good lord, if anyone actually got through reading all this, can there be any doubt left that all consumers want is DRM-free content??? There's a simple rule that exists - the more complicated the DRM you put on your content, the less likely that people are going to buy it. Hence, people are downloading music and movies for free, and ripping Netflix DVDs to their hard drives to burn their own copies.

You can't put the genie back in the bottle. Until there's DRM-free movies and music for sale online, so-called pirated downloads will continue to dwarf legal downloads. End of story.

good lord, if anyone actually got through reading all this, can there be any doubt left that all consumers want is DRM-free content???
Actually what many consumers want is DRM transparent downloads. They don't want to constantly be reminded of their restrictions and they don't want the restrictions to get in the way or have to know any of the technical details.

Fairplay does a fairly good job at that, which is why it has been successful.

OTOH Amazon unbox seems overly restrictive with its two machine and 48 hour limitations. Zune's 3x3 DRM also seems to miss the boat as it'll probably annoy more users than get them to buy tracks...

B

Essentially, the FairPlay system is one that implies a certain amount of trust. Once you authorize a machine all of the purchased tracks from that account on the machines can be decrypted. Even if they are not on the machine at the time of the authorization and the machine is not on the network at the time (I have played back encrypted videos on DVD-R on my iBook while it was not on the 'net.)


I'm pretty sure that that's not how FairPlay works. I think it goes something like this...

When iTunes tries to play a protected media file, it asks for an ID of the device that it is trying to play on (serial number, or something like that). Each media file contains a list of devices for which it has been authorised. If the current device is not in this list, iTunes offers the possibility to add the device to the list of devices authorised for this media file. There is a limit of five devices for any given media file.

In principle, you could put an encrypted file onto a service like [website name removed], and it could be used by millions of people. Of course, you would have to be an idiot to do so, because your ID is embedded in the file, allowing the legal eagles to nab you. And of course, anyone USING the file runs the risk of iTunes calling home to notify Apple if it detects a known pirated file...


Apple gives you the option to clear the list of authorised devices for all files in an iTunes library once a year.

Actually what many consumers want is DRM transparent downloads. They don't want to constantly be reminded of their restrictions and they don't want the restrictions to get in the way or have to know any of the technical details.

Fairplay does a fairly good job at that, which is why it has been successful.
B

Whom are you kidding? Nobody cares that Fairplay's DRM is better than other DRM. Do you think it being "successful" (and that word ONLY applies comparing it to other pay services, not overall downloads) has anything to do with the fact that 70% of all mp3 players are ipods, and only work with the itms? Gee, I wonder.

And even if there's a causal relationship here (which is ridiculous), extend that out to all downloads. 5% of all music on ipods is from the itms. Sounds like the "successful" formats are the non-DRM ones, whether they be so-called illegal downloads or music obtained from CDs, or just copied from a friend's library of DRM-free music.

Your average ipod owner could not possibly give a flying %^@$ about how Fairplay's DRM compares to other mp3 players' DRM. Talking about "DRM transparent" like its something that Joe Consumer has any clue about is delusional at best.

Your average ipod owner could not possibly give a flying %^@$ about how Fairplay's DRM compares to other mp3 players' DRM. Talking about "DRM transparent" like its something that Joe Consumer has any clue about is delusional at best.
That's the point, if they don't "see" the DRM, hence the transparency, it doesn't bother them one bit. I haven't seen the need for things like hymn since the DRM doesn't stop me from doing anything I want to do with the files, such as burn a CD or move it to another machine.

I'm pretty sure that that's not how FairPlay works. I think it goes something like this...
Definitely not per file, Wikipedia has a pretty good summary of how it actually works here: http://en.wikipedia.org/wiki/FairPlay#How_it_works . More that a database of all files the device can play is downloaded from the store...

B

I can certainly vouch for the sentiment expressed that people out there like the iTunes application without regard to how they have obtained their music. I have lots of music on my computers that I have accumulated over many years; and of all the media players I've used over the years, iTunes is without a doubt the nicest and best of the lot.

However, when it comes to the task of extracting audio from CDs and then encoding them as MP3s, I still prefer Audion. I like the specific controls it gives me. Also, the cost of the user interface experience in Audion for that particular set of tasks does not exceed the benefits of having used the program.

I fully understand someone's desire to protect the means of their own financial income. Clearly, the general public's acquisition of music or movies "for free" does not contribute to the artist's income from his/her creative efforts. However, I have two basic issues with present models (both the traditional "brick-n-mortar" as well as the digital DRM'd ones):

1. I feel the labels are by-and-large ripping off artists. Yes, I fully understand that label companies have much more invested in the business of making music than any single band or artist does; however that doesn't entitle them to make a king's randsom from each CD or DVD and pay the tiniest fraction of those monies to the artist. Due to my personal objections to this, I refuse to be party to this practice.

2. I object to having my usage rights in any way restricted. I do not like to be hemmed in (even in principle). I have not and never will sign any kind of license agreement (figuratively or literally) just for the benefit of possessing entertainment content.

A separate issue I have (which only applies to having to buy an entire CD at once instead of individual tracks) is that it's well known that most CDs have only a few good tracks on them; the remaining ones being largely "filler". I'm not saying there aren't ANY CDs out there where all the tracks are good. However most of the ones I've heard over the years have maybe 2-4 good tracks, and the rest are garbage.

The following is, admittedly, a bit off-topic, but it is pertinant to the subject at hand (that is, the licensing issue). It really gets me that you have the RIAA and ASCAP/BMI going after businesses which have music playing in their shop environment, especially when the music in question is NOT a live performance nor intented as a means of deriving additional income. And the crux of that issue, for me, is that the restaurants (and offices in many cases) have never signed any kind of licensing agreement with anyone (and moreover ASCAP/BMI and the RIAA try to turn this into a criminal issue when clearly it should more properly be tried as a civil issue -- on which I feel is baseless and that they should be laughed out of court over).

</rant>

Methinks you don't have a good grasp of public key encryption. (Or at least how it's supposed to work).

It seems that you got encryption and decryption mixed up.

It seems that you got encryption and decryption mixed up.
How so. Please elaborate?

The decryption keys are everywhere and not top secret. Each iPod and iTunes has access to them. If you can get your hands on them you have something like hymn or FairKeys. Where does one get the encryption key?

EDIT: BTW I'm quite serious, if I got it wrong please help me understand where you're coming from.

B

How so. Please elaborate?

The decryption keys are everywhere and not top secret. Each iPod and iTunes has access to them. If you can get your hands on them you have something like hymn or FairKeys. Where does one get the encryption key?

EDIT: BTW I'm quite serious, if I got it wrong please help me understand where you're coming from.

B

Ok. Explain how Jon from Norway has now for the second time managed to crack Apple's _encryption_ and nobody has yet found any way to crack the _decryption_? (For those who don't remember, the encryption between Mac and Airtunes has been cracked, and now the encryption method of iTunes songs has apparently been cracked).

Ok. Explain how Jon from Norway has now for the second time managed to crack Apple's _encryption_ and nobody has yet found any way to crack the _decryption_?
In case you've missed it, decryption is (once again) hacked QTFairUse6 (http://www.hymn-project.org/forums/viewtopic.php?t=1553)

I don't know how or even if Jon has cracked FairPlay 2.0 encryption. You tell me. How?

Here's what I believe:

In the case of AirTunes/JustePort, it's actually quite simple (for Jon and those of his talents), because the iTunes client software was the one encrypting the content for the AirPort, so the private key for that encryption was on the PC or Mac that was sending the content to the AirPort Express. Once you have the private key, you can portray yourself as the iTunes client and away you go.

These kind of hacks involve on of two things. 1) gaining access to the keys (DeCSS, playfair/hymn, JustePort) 2) Finding places in the software where the encryption is "off" or at least weaker than before (QTFairUse, and PyMusique).

B

So when will Real be dead? I have a feeling that after our inevitable nuclear war, it'll just be cockroaches, twinkies and them. At least they'll be in good company.LMAO:D :D :D :D

How so. Please elaborate?

The decryption keys are everywhere and not top secret. Each iPod and iTunes has access to them. If you can get your hands on them you have something like hymn or FairKeys. Where does one get the encryption key?

EDIT: BTW I'm quite serious, if I got it wrong please help me understand where you're coming from.

B

No, you are WAAAAY off base.

The encryption key is public, the decryption key is private. The decryption key used in iTunes is hidden away to the very best of Apple's ability from the eyes of prying hackers. (at least, one assumes so - it's illegal for me to even try and confirm that.... thanks DCMA)

If I want to exchange confidential information with someone, I am going to need their public key. They can send this to me unencrypted (normally as part of a "certificate" to prove who they are at the same time...). I then use this key to encrypt the secret message, and send the encrypted message to them. They in turn can decrypt this message by using their private key....

Normally, the messages exchanged in this manner are actually symmetric keys (keys that can be used for encrypting and decypting a message). This is certainly the case for iTunes, which uses AES, a symmetric encryption system to encode it's media files.

Contrary to what you seem to think, the keys in iTunes are not freely available. Both the private assymetric key, used to communicate with the server (to obtain the symmetric keys) and all of the symmetric keys, used to decrypt the actual media files, are hidden inside iTunes. Try looking for them on your harddrive, I promise you that you won't find them (unless you are an expert pirate with a few months of your time where you have nothing better to do....)

BTW, that article that you linked earlier about FairPlay has internal consistency problems. If what it says about retrieving keys from the Apple Store is correct, then what it says about VLC can NOT be correct. one or the other is wrong. My money is on the info about retreiving keys is wrong. I do this stuff for a living, and it's certainly NOT how I would do it....

Apple needs to start working on a new business model while the studios are still suing their customers and the TV boom is still on. If they dont they're going to be beaten overseas. Enough with the legal rhetoric damn it, evolve your business model or you'll lose.

Beaten overseas by who? Who is making it big selling TV shows overseas?

good lord, if anyone actually got through reading all this, can there be any doubt left that all consumers want is DRM-free content??? There's a simple rule that exists - the more complicated the DRM you put on your content, the less likely that people are going to buy it. Hence, people are downloading music and movies for free, and ripping Netflix DVDs to their hard drives to burn their own copies.

You can't put the genie back in the bottle. Until there's DRM-free movies and music for sale online, so-called pirated downloads will continue to dwarf legal downloads. End of story.

Wow, that's incredibly naive. People don't get free content because the free content is "simpler". It's because they're too cheap to pay. If people want no drm, they can just buy cd's and dvd's and rip them. People who download free content, or rip rented discs are just cheapskates who are stealing.

There IS DRM free music for sale online. And in contrast to your theory, people are still stealing it.

Whom are you kidding? Nobody cares that Fairplay's DRM is better than other DRM. Do you think it being "successful" (and that word ONLY applies comparing it to other pay services, not overall downloads) has anything to do with the fact that 70% of all mp3 players are ipods, and only work with the itms?

But if iTunes' DRM was annoying to users, it never would have made it to 70%. Users absolutely care about DRM. But they're not aware of it unless it's too restrictive or inconvenient - if you give them *bad* DRM they will totally notice it and hate it.

I noticed some of the same issues you did with the Wiki article, but didn't find a better general one. You? Cody Brocious had a blog post on the iTunes 6 process a while back but it doesn't seem to be available anymore...

Both the private assymetric key, used to communicate with the server (to obtain the symmetric keys) and all of the symmetric keys, used to decrypt the actual media files, are hidden inside iTunes. Try looking for them on your harddrive, I promise you that you won't find them (unless you are an expert pirate with a few months of your time where you have nothing better to do....)

My point was exactly that. All the keys for decryption have to be on your PC/Mac/iPod.

It's the keys used to encrypt the actual media files, which are more closely guarded at Apple. It's much easier to pick the locks on the local system you have under your control than a remote server somewhere... The decryption keys are definitely stored locally since you can play protected files while offline. The one chink in the armor that I see that Jon may be using is that the personalization of the files is done locally, so this step may be exploitable.

Finding where the keys are on your HDD is the easy part, accessing and using them is the task that takes months... [Simple way to find the location of the keys. Image your HDD. Purchase file from iTunes. Image your HDD compare the two images. The new key(s) (and the file itself) must be in the bits that changed.]

As someone who does this for a living, can you comment on my read of the hacks that have been released in the later post http://forums.macrumors.com/showpost.php?p=2917258&postcount=96. It still seems to me that where DRM has been hacked has relied on key retrieval or finding the weak spot in the chain.

But they're not aware of it unless it's too restrictive or inconvenient - if you give them *bad* DRM they will totally notice it and hate it.
Exactly my point about DRM "transparency". If the DRM is simple enough that it doesn't get in the way, it's as if it didn't exist. That doesn't mean people want DRM, just that they can live with it if it stays out of the way.

B

"Jobs apparently warned that while Apple was not a litigious company ..." This must be a hoax. We can't seriously be expected to believe that Jobs would say such a thing. Apple is infamous for suing or threatening suits on the most trivial matters ....

Finding where the keys are on your HDD is the easy part, accessing and using them is the task that takes months... [Simple way to find the location of the keys. Image your HDD. Purchase file from iTunes. Image your HDD compare the two images. The new key(s) (and the file itself) must be in the bits that changed.]


Sure. Of course, the guys working on DRM at Apple aren't idiots. If you were an engineer charged with defeating this type of attack, what would you do? I can tell you what I would do, I would start changing a whole load of bits on your harddrive, not because it's necessary, but because it makes it that much harder for you to find the stuff that changed.

It's a moot point anyway. Any file that you download from iTunes is going to be at least a few megs in size. The key is going to be somewhere in the order of a couple of hundred bytes. Which bytes amongst the several megs are the key? They aren't necessarily contiguous, they're almost certainly encrypted by another key hidden elsewhere in the system, and they may even be fiddled by a virtual machine after decryption, just to muddle things up a little bit more.

Finding the approximate location on the HD is simple. Fiding the actual key in the right order is an extremely difficult task.


As someone who does this for a living, can you comment on my read of the hacks that have been released in the later post http://forums.macrumors.com/showpost.php?p=2917258&postcount=96. It still seems to me that where DRM has been hacked has relied on key retrieval or finding the weak spot in the chain.
B

Um, of course DRM hacks rely on either retrieving the key, or finding the weak link. They are the only two attacks possible - grab the data after the program has decrypted it for use, or find the key/algorithm so that you can do the decryption yourself. At the moment the first attack is nearly trivial to implement, although that will change a bit when the manufacturers start moving on to a "Trusted Computing" style platform. All you need to do is write your own audio driver that sits between the computer and the real driver. It picks of the data and stores it as it's sent to the speakers.

The second solution is much more difficult, but far more elegant. It allows you to keep intact all of the metadata associated with the file (track name, lyrics, album name etc etc). BUT, you have to be clever enough to recover the key.

But if iTunes' DRM was annoying to users, it never would have made it to 70%. Users absolutely care about DRM. But they're not aware of it unless it's too restrictive or inconvenient - if you give them *bad* DRM they will totally notice it and hate it.

Again - 70% of the DRM market, not 70% of all music obtained online. And that number doesn't figure in (obviously) any music obtained from a site like allofmp3. The legality of allofmp3 may be dubious, but there's an example of DRM-free music, that people are paying for (at a rate of .10 on the dollar, I'll grant you) - and it's trouncing any other pay service. I would continue to shop there even if they made the prices comparable to the itms, simply because I can be confident that once I purchase an album, I'll be able to play that album on any computer, any mp3 player, anytime, far into the future. Not so with the itms; you need an ipod and itunes, and while those are my current items of choice, who's to say they will continue to be my software and/or player of choice 5, 10, 15 years from now? I still have CDs I bought 15 years ago - I should be able to buy music now with the same confidence, that I can play it forever if I want to.

And by the way, before I hear the same wrongful accusations about how people are breaking the law by going to allofmp3 - guess what, they're not. Distributing copyrighted material is against the law - every single RIAA lawsuit was brought against someone for THAT offense, being that people were running Kazaa, or other p2p software, and naturally everyone is distributing while downloading. They haven't sued anyone for using allofmp3 simply because technically, it's not illegal to download music from them. Are the operators of the site in violation of the law? Yes - US copyright law, and they're not inside the US. I know it's a shock to some of you, but people not living in the US aren't subject to our laws.

Support your artists, not the record companies. Buy from DRM-free sites online and see the bands when they tour - that's where 90% of the bands make 90% of their money anyway.