Navio to Reverse Engineer iPod/iTunes DRM

[shadowfax]

Apple are now big enough in the music market to be subject to antitrust rules. The ability to shut out competition or control prices, and control of at least half of a market, is enough to qualify as a monopoly in the US court system.

Check out the previous article on MacRumors. Apple is #7. They don't have anything close to 50% marketshare in the music market. Of course, they do in the digital music market, but who cares? that market is quite small and still relatively irrelevant. there's a big difference between havind a monopoly in such a small, even special-interest market as that and having a monopoly on, say, public transit or oil supply in the US, or, of course, a monopoly on world operating systems. People don't depend on the digital music market, and it's still a sub-market of a larger market that provides the same thing, music, to customers. Apple is not anticompetitive or monopolistic in controlling their hardware and software platforms, they are competing with the other music sellers, primarily the physical music sellers.

 

[macFanDave]

Anyone else notice the coincidence?

Navio happens to be located in Cupertino!

I have a feeling that Apple won't be needing lawyers to stop Navio's criminal behavior. Steve Jobs will have a little chat with Ray Schaaf of Navio out in the parking lot after work, and that will be that.

 

[mkrishnan]

my comment was directed toward the post saying reengineering would violate the EULA. the EULA is for the end user, meaning me. if i don't use itunes i don't violate the itunes EULA whatever it may be. so the end user is absolutely safe.

Okay....I didn't think I was disagreeing with you.

 

[tutubibi]

"customers indicate what kind of DRM encoding they want and then we provide them with a solution"

ironically, customers don't want any type of DRM

Their customers are record publishers and they definitely want DRM.

 

[iMeowbot]

Check out the previous article on MacRumors. Apple is #7. They don't have anything close to 50% marketshare in the music market.

That's not the market where they have the monopoly. It's the digital music player market where Apple have their monopoly power.

Of course, they do in the digital music market, but who cares? that market is quite small and still relatively irrelevant.

Fair competition has nothing to do with the total size of the market. Are you at all familiar with the ongoing SCC v Lexmark saga? Antitrust action is still ongoing against Lexmark, and they don't own the overall printer market. They do, however, own a large piece of the market and have been attempting to shut out competitors.

 

[Kelmon]

I have to agree that I really wish Apple would open the iPod so that 2 major things can happen:

1. So that I can purchase music for it from any online store that I want and therefore introduce competition between stores.

2. So that I can play the music that I have purchased through any software that I want.

I'm thinking that the impact of #1 won't be that great since iTMS is already fine but a bit of price competition would be nice. The biggest impact would be from #2 and I'm particularly thinking about devices such as the Roku SoundBridge and the XBox 360. I find it insulting and unacceptable that I can purchase music but Apple will dictate how I can listen to that.

 

[g4cubed]

Navio happens to be located in Cupertino!

I have a feeling that Apple won't be needing lawyers to stop Navio's criminal behavior. Steve Jobs will have a little chat with Ray Schaaf of Navio out in the parking lot after work, and that will be that.

I'd love to see that...Steve kickin' the dog **** out of him.

 

[shamino]

Probably not. It is doubtful the DMCA would apply to this. The DMCA would likely make it illegal to sell something that can remove the DRM from existing songs. Selling something to add DRM to songs wouldn't fall under the provisions of the DMCA.

Adding FairPlay DRM to files is not a violation. Developing software to add FairPlay is not a violation. Reverse engineering iTunes or the iPod's DRM software for the purpose of developing this software, however, is prohibited.

The burden of proof, of course, would be on Apple to prove that their FairPlay-applying software was developed using knowledge gained from reverse engineering and not through other means. This may be difficult.

However, as someone else mentioned, it may violate Apple's terms of use of iTunes depending on how the reverse-engineering is done (an EULA provision against reverse-engineering was upheld recently - in the Diablo2 case - but the situation there was very, very different).

This is an extremely interesting case. The EFF has a page on this case.

The initial decisions by the Missouri courts ruled that click-thru licenses are enforceable without UCITA adoption. They also ruled that there were DMCA violations, because the bnetd server can be used to bypass the Diablo CD key restrictions.

The ruling was upheld by the 8th Circuit court. One of their key arguments is that the bnetd server doesn't validate CD keys or check for duplicate keys - meaning the program can be used to enable piracy.

Whether this is applicable to the FairPlay debate is arguable. In the Blizzard case, the program created (using reverse engineering and EULA violation) could be (and was) used to enable piracy. If the Navio software can only be used to apply compatible DRM to new documents, and not remove DRM from existing documents, then the precedent from the Blizzard case should not be applicable.

The ruling about click-thru licenses is much more disturbing, but this is still a matter of state law, not federal. I strongly disagree with the Missouri court's conclusion that the UCC makes them legally binding - the UCITA was drafted specifically for the purpose of making them binding, which implies that they are not in its absence.

 

[DCBass]

These guys are small fry. Apple should not be over-concerned. Rather, they should consider licensing FairPlay.

Right now the iPod is huge, but they should plan ahead to the day when they are again mainly reliant on computer sales. The iPod dominance can't last forever.

Agreed. Sure, iPod's are raking in the dough right now, but this won't last forever. iTunes, if Apple plays their cards right, has a much bigger future than the iPod ever will.

Given that, Apple should probably begin licensing out Fairplay sometime soon. They're already clearly the market leader in sales and brand recognition for online music. If they don't, coupled with their fast growth in the coming years (i'm sure of it), Apple will be seen as the new microsoft.

Blech... got a sour taste in my mouth after typing that.

 

[johnnyjibbs]

Hey Navio, say hello to Apple's lawyers! That said, I thought Real had to back out of the Rhapsody deal. I thought Apple threatened legal action and that was the end of it. Never realised you could still buy Real songs and play on iPod.

 

[finalcoolman]

How about letting to use other MP3 players with iTunes? I'd love to use my Sony player with songs purchased from the Music Store. I love iTunes but I HATE the iPod. Oh the dillema.

 

[dashiel]

Remember that the point of iTunes is not to sell music. The point of iTunes is to sell iPods.

that's the company line, but it's not true, or at least it's now completely accurate. the point of of itunes is to increase adoption of the ipod which in turn will increase sales on itunes. apple is already turning a slight profit on itunes at the anemic sales figures (compared to physical sales of CDs). as the user base increases and downloads increase apple's overhead goes up marginally, but their revenue increases exponentially. apple's major cost is bandwidth and servers; bandwidth is cheap and i suspect they get a pretty good deal on servers

 

[DGFan]

Adding FairPlay DRM to files is not a violation. Developing software to add FairPlay is not a violation. Reverse engineering iTunes or the iPod's DRM software for the purpose of developing this software, however, is prohibited.

There are arguments that can be made on both sides of that issue. It will take a few cases to hammer that out.

The burden of proof, of course, would be on Apple to prove that their FairPlay-applying software was developed using knowledge gained from reverse engineering and not through other means. This may be difficult.
This is an extremely interesting case. The EFF has a page on this case.

The initial decisions by the Missouri courts ruled that click-thru licenses are enforceable without UCITA adoption. They also ruled that there were DMCA violations, because the bnetd server can be used to bypass the Diablo CD key restrictions.

The ruling was upheld by the 8th Circuit court. One of their key arguments is that the bnetd server doesn't validate CD keys or check for duplicate keys - meaning the program can be used to enable piracy.

Whether this is applicable to the FairPlay debate is arguable. In the Blizzard case, the program created (using reverse engineering and EULA violation) could be (and was) used to enable piracy. If the Navio software can only be used to apply compatible DRM to new documents, and not remove DRM from existing documents, then the precedent from the Blizzard case should not be applicable.

The ruling about click-thru licenses is much more disturbing, but this is still a matter of state law, not federal. I strongly disagree with the Missouri court's conclusion that the UCC makes them legally binding - the UCITA was drafted specifically for the purpose of making them binding, which implies that they are not in its absence.

Just one additional note: the court applied the cd-key argument in the context of deciding whether the EULA should be ignored because it was an unconscionable contract.

 

[FoxyKaye]

Bully for them - FairPlay is a bunch of nonsense anyhow. Between the folks reverse-engineering it to make their stuff compatible with iPods and the Hymn/JHymn projects, someday Apple's going to wake up and smell the coffee. DRM is just another layer for folks to hack and no more - it's not going to stop piracy, and in fact just makes it more of a PITA for people to use the music they've legally purchased.

 

[iMeowbot]

Hey Navio, say hello to Apple's lawyers! That said, I thought Real had to back out of the Rhapsody deal. I thought Apple threatened legal action and that was the end of it. Never realised you could still buy Real songs and play on iPod.

Right. All Apple did in the end was to posture and make idle threats. That's about as much as they could do without opening themselves up to much potential hurt.

 

[inkswamp]

The DMCA is such a sham. If this had been a hacker working out of his own bedroom, you can bet the authorities would be all over his ass for it, but since it's a business doing it, then it's no big deal I guess.

 

[JW Pepper]

In what country is Navio being developed?

Do not forget that the DMCA is only applicable in the USA. America does not have jurisdicition outside of its own borders.

 

[longofest]

Do not forget that the DMCA is only applicable in the USA. America does not have jurisdicition outside of its own borders.

Only partially correct. For instance, if you take a Madonna song with DRM protection, move to Mexico, and then strip it, DMCA still applies because of where the DRM was applied to the song.

In this case, Navio is located in Cupertino, CA, so the argument is mute anyways.

 

[Quartz Extreme]

From the iTunes software licence agreement:
http://www.apple.com/legal/sla/itunes.html

Except as and only to the extent expressly permitted in this License or by applicable law, you may not copy, decompile, reverse engineer, disassemble, modify, or create derivative works of the Apple Software or any part thereof.

From the iTunes Music Store Terms of Service:
http://www.apple.com/support/itunes/legal/terms.html

You understand that the Service, and products purchased through the Service, such as sound recordings, videos and related artwork, include a security framework using technology that protects digital information and limits your usage of Products to certain usage rules established by Apple and its licensors. You agree to comply with such Usage Rules, as further outlined below, and you agree not to violate or attempt to violate any security components. You agree not to attempt to, or assist another person to, circumvent, reverse-engineer, decompile, disassemble, or otherwise tamper with any of the security components related to such Usage Rules for any reason whatsoever. Usage Rules may be controlled and monitored by Apple for compliance purposes, and Apple reserves the right to enforce the Usage Rules with or without notice to you. You will not access the Service by any means other than through software that is provided by Apple for accessing the Service. You shall not access or attempt to access an Account that you are not authorized to access. You agree not to modify the software in any manner or form, or to use modified versions of the software, for any purposes including obtaining unauthorized access to the Service. Violations of system or network security may result in civil or criminal liability.

 

[Stridder44]

How about letting to use other MP3 players with iTunes? I'd love to use my Sony player with songs purchased from the Music Store. I love iTunes but I HATE the iPod. Oh the dillema.

Any particular reason why?

 

[Quartz Extreme]

How about letting to use other MP3 players with iTunes? I'd love to use my Sony player with songs purchased from the Music Store. I love iTunes but I HATE the iPod. Oh the dillema.

What don't you like about the iPod(s)?

What's not to like?

 

[JW Pepper]

Only partially correct. For instance, if you take a Madonna song with DRM protection, move to Mexico, and then strip it, DMCA still applies because of where the DRM was applied to the song.

In this case, Navio is located in Cupertino, CA, so the argument is mute anyways.

I don't agree, if I am in Mexico I am subject to Mexican laws not American laws. Otherwise we are al citizens of the World and subject to the laws of all countries no matter where we are and that would be absurd.

Going slightly OT the USA has just applied to extradite a Man from England Babar Ahmad who is said to be, and may indeed be a member of al-Qaeda or he may not, I don't know. He is accused of posting a web site procuring funds for terrorists activity. If he has committed any crimes it would be in England that those crimes have occurred not the US. Some middle eastern countries have laws against Christianity, so they might want to prosecute US Christian web site owners for heresy. Clearly they would not have jurisdiction and it is only by taking an extreme position that you can see the absurdity.

Having said all that, clearly Navio, whilst they are based in America they will have to be mindful of US laws.

 

[longofest]

I don't agree, if I am in Mexico I am subject to Mexican laws not American laws. Otherwise we are al citizens of the World and subject to the laws of all countries no matter where we are and that would be absurd.

Going slightly OT the USA has just applied to extradite a Man from England Babar Ahmad who is said to be, and may indeed be a member of al-Qaeda or he may not, I don't know. He is accused of posting a web site procuring funds for terrorists activity. If he has committed any crimes it would be in England that those crimes have occurred not the US. Some middle eastern countries have laws against Christianity, so they might want to prosecute US Christian web site owners for heresy. Clearly they would not have jurisdiction and it is only by taking an extreme position that you can see the absurdity.

Read closer to what I said. It has to do with the origin of the content. Because in this theoretical situation, you took a US-purchased song that was protected with US-DRM, but simply went out of the country to strip it, you would still be liable to the DMCA. However, you wouldn't be liable to Sweden's DRM law (I don't even know if they have one... just making up an example) because Sweden had nothing to do with the process.

EDIT: As far as your example of extraditing the guy from England who gave money to the website. I am not familiar with the case, but he would have broken US law if the website or organization that he gave too was based in the United States. So even though he is a British Citizen, since he went to a US-based terrorist organization and gave supported them, he is accountable to US law. This is at least what international law says. You do not have to be on the soil of a country to commit an offense against it.

 

[BillyShears]

Other online music stores can offer MP3s or non-protected AACs if they want to be played on the iPod.

Of course the record companies won't like that.

But the iPod has market penetration. So the record companies can't flat out tell Apple to piss off if they get into a disagreement (as they have re: variable pricing). Apple has the upper hand. People aren't going to buy music they can't play on their iPod.

So this non-licensing is beneficial to Apple's negotiations with the record companies.

(But suppose the record companies got pissed enough at Apple to allow other services to use non-DRM music files just to gain iPod compatibility!)

 

[longofest]

From the iTunes software licence agreement:
http://www.apple.com/legal/sla/itunes.html



From the iTunes Music Store Terms of Service:
http://www.apple.com/support/itunes/legal/terms.html

These are in reference to iTunes and iTunes Music Store, not Fairplay. So, in other words you cannot reverse-engineer iTunes, and you cannot reverse-engineer the iTMS. However, it does not apply to the DRM, unless I'm missing something...

EDIT: The ITMS terms of service might be constricting for them, but they can totally bypass the iTunes terms of service.