AirPort Express Reportedly Cracked

[MacRumors]

ZDNET Netherlands reports that the public key used by Apple's AirPort Express has been revealed by Norwegian hacker Jon Lech Johansen, famous for developing code to bypass DVD encryption and bring DVD playback to Linux. Johansen also released JustePort, a program for Mac OS X, Windows, and Linux that reportedly allows third party software to stream music to an AirPort Express.

[MrSugar]

Quote:

Originally Posted by Macrumors

ZDNET Netherlands reports that the public key used by Apple's AirPort Express has been revealed by Norwegian hacker Jon Lech Johansen, famous for developing code to bypass DVD encryption and bring DVD playback to Linux. Johansen also released JustePort, a program that reportedly allows third party software to stream music to an AirPort Express.

whoa.. that's pretty intense. Windows media player streaming to an AE.. ewww

[KevanDual2.5]

If a human mind is able to create the encryption then another human mind can crack it. I don't think there is any such thing as 100% crack-proof!

[musicpyrite]

Yea, I saw this on slashdot.

I wonder how Apple will respond to this?

[friarbayliff]

That's intersting. Someone was bound to do it eventually though.

[ZildjianKX]

One word... sweet.

[D0ct0rteeth]

Quote:

Originally Posted by musicpyrite

Yea, I saw this on slashdot.

I wonder how Apple will respond to this?

I doubt apple really cares.. they probably prefer that it is cracked in order to sell more units and broaden its appeal.

However for legal reasons and to please the whiney biach that is the RIAA I am sure they needed it to be secure and will re-secure it proptly thru a software/firmware update just as they did with the fiasco re: sharing iTunes libraries last year.

- Doc

[NusuniAdmin]

Quote:

Originally Posted by KevanDual2.5

If a human mind is able to create the encryption then another human mind can crack it. I don't think there is any such thing as 100% crack-proof!

what if a computer generated it? Computer AI that would be designed to make encryptions would be pretty extreme. I have not heard of this yet, but im sure it will be popping up pretty soon. Only thing is the AI would have to be made VERY well.

[kingtj]

Why the heck are people rating this story "negative"? Is it so horrible to think a product you paid over $100 for could be given additional uses not on its original "compatibility list"?

All Apple has to (and IMHO really *should*) do about this is put some sort of disclaimer on the Airport Express boxes stating that applications other than the one below (list them all) are considered "unsupported products", and Apple does not guarantee their proper/reliable operation with this device.

Open source is what allowed Apple to build OS X to begin with. I think it's pretty "two-faced" of them to try to take legal measures to stop people from releasing open source that enables originally unintended uses of their products by their customers.

[LaMerVipere]

Quote:

Originally Posted by ZildjianKX

One word... sweet.

I second that.

[JoePike]

And soon we will all be able to watch a DVD on our PowerBooks and pump that audio wirelessly to the home stereo system. Money!

-Joe

[bob_the_gorilla]

Well, I haven't rated it. I'm ambiguous.

Cool - I could use it to get sound from Halo wirelessly. One less wire coming out of my powerbook.

Not cool - the RIAA won't be happy with Apple, and they'll have to fix it. More bad feeling in the music industry isn't good for our rights.

[dizastor]

This guy is amazing. I wish I had half the knowledge he does.

[stcanard]

Okay, this bugged me about the slashdot headline too, being way to sensationalistic...

This is not "CRACKED" in any way. He has disassembled iTunes (probably) and retrieved the public key.

This allows people to write programs that will send to airport express, but the encryption itself is still completely safe.

Breaking this is as simple as Apple putting out a firmware update with new keys, and probably tweaking things a bit so the public key is harder to find next time.

Since the music itself isn't encrypted except when it's being streamed, there is not even a worry about maintaining backward compatibility (like there is with CSS or FairPlay). Apple software developers could do this in their sleep.

[ryanw]

Quote:

Originally Posted by D0ct0rteeth

I doubt apple really cares.. they probably prefer that it is cracked in order to sell more units and broaden its appeal.

However for legal reasons and to please the whiney biach that is the RIAA I am sure they needed it to be secure and will re-secure it proptly thru a software/firmware update just as they did with the fiasco re: sharing iTunes libraries last year.

- Doc

Well, thats the thing. He hasn't really CRACKED the encryption, but more he's cracked AirTunes. So he can has figured out how to encrypt the traffic to talk to the Airport Express and have it play music. So this isn't really a leak or a deficiency in the encryption, but more a problem if apple doesn't want anyone to be able to use AirTunes except for iTunes. For all we know Apple might release an API to developers to use AirTunes into their applications and this might become a moot point.

[Blue Moon]

Quote:

Originally Posted by kingtj

Why the heck are people rating this story "negative"? Is it so horrible to think a product you paid over $100 for could be given additional uses not on its original "compatibility list"?

All Apple has to (and IMHO really *should*) do about this is put some sort of disclaimer on the Airport Express boxes stating that applications other than the one below (list them all) are considered "unsupported products", and Apple does not guarantee their proper/reliable operation with this device.

Open source is what allowed Apple to build OS X to begin with. I think it's pretty "two-faced" of them to try to take legal measures to stop people from releasing open source that enables originally unintended uses of their products by their customers.

As another member already pointed out, Apple has very little choice (if they want to protect their asses from being attacked by the RIAA) other than to take legal action and to create a patch.

[mikeyrogers]

I think this is good for two reasons:

1) Either we have an open ended audio device that allows us to use it how we intend to or
2) Apple will patch it like they do with most of their cracked products and in order to get people to download it, as an incentive, they will add a cool feature or two of their own.

With thought 2, that got me to thinking even more...Apple sure does get a lot of the hardware cracked...I wonder why.

[Mord]

Quote:

Originally Posted by Macrumors

Johansen also released JustePort, a program for Mac OS X, Windows, and Linux that reportedly allows third party software to stream music to an AirPort Express.

good to hear

[ryanw]

Quote:

Originally Posted by Blue Moon

As another member already pointed out, Apple has very little choice (if they want to protect their asses from being attacked by the RIAA) other than to take legal action and to create a patch.

As I stated in my other post, this has nothing to do with RIAA. The stream is still safely encrypted and has no way of being intercepted. This software lets you stream music ENCRYPTED to the Airport Express through other means than iTunes.

[lou tsee]

Quote:

Originally Posted by JoePike

And soon we will all be able to watch a DVD on our PowerBooks and pump that audio wirelessly to the home stereo system. Money!

-Joe

I'm afraid, you won't be able to do so. streaming audio in this way
causes a latency (delay) of around 1 second. so your movie soundtrack
will be out of sync badly

I had the same idea i the first place though....

[Spaceman Spiff]

Quote:

Originally Posted by NusuniAdmin

what if a computer generated it? Computer AI that would be designed to make encryptions would be pretty extreme.

Ah, yes, but this computer would have to be made by a human first. Which would bring it limitations again.

[bathysphere]

Quote:

Originally Posted by Blue Moon

As another member already pointed out, Apple has very little choice (if they want to protect their asses from being attacked by the RIAA) other than to take legal action and to create a patch.

i don't really understand why the riaa would have a problem with this. anyone care to fill me in? because i just don't see it.

[stcanard]

Quote:

Originally Posted by bob_the_gorilla

Not cool - the RIAA won't be happy with Apple, and they'll have to fix it. More bad feeling in the music industry isn't good for our rights.

If anything, it should be the opposite:

1) The content that can be played now is the same as the content that can be played before. Just that there are more options in the programs.

2) The stream is still as safe as it ever was.

3)Safer, actually now that we know Apple is using a trusted encryption method instead of creating their own.

Apple knew this was coming. You cannot hand people both ends of the encryption process and expect that they aren't going to be able to figure it out. That's the fundamental issue with encryption based DRM -- the necessary information for defeating it by definition has to be build into the player.

[supertex]

Quote:

Originally Posted by mikeyrogers

With thought 2, that got me to thinking even more...Apple sure does get a lot of the hardware cracked...I wonder why.

The PC world gets just as much stuff cracked, if not more, it's just that nobody is surprised when Microsoft security breaks down, lol (not that this is technically a break in security...)

[ryanw]

Quote:

Originally Posted by lou tsee

I'm afraid, you won't be able to do so. streaming audio in this way
causes a latency (delay) of around 1 second. so your movie soundtrack
will be out of sync badly

I had the same idea i the first place though....

Sure, but you could maybe integrate it into the DVD player to offset the video by 500ms or 1000ms or whatever to compensate for this issue. Make it even a user defined offset with a slider or something...