How stupid, one can already do this by converting to aiff then reimporting in any way one chooses. There, I'm a big hacker! Put my name all over the internet and give me tons of press! What a joke.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
QTFairUse?
- Thread starter MacRumors
- Start date
- Sort by reaction score
I agree wholeheartedly. And who really wants to spend all the time digging around a peer-to-peer network for a lousy mp3? (And I mean lousy, as the quality of many mp3s is often much lower than those you can find on the iTunes Music Service.) The only real benefit of using Drumbeat and other P2P services is the wider collection of music--but forget about finding consistently great sounding (or even complete) songs on Drumbeat or Kazaa.
Take it from me--I've spent more time than you want to know trying to find consistently high-quality songs on P2P networks. It's a waste of time, IMHO.
--
H. J.
VoyagerRadio
Transmitting Downtempo Electronica to Earth
Site: http://www.VoyagerRadio.com Blog: http://voyagerradio.blogspot.com
QTFairuse and fair deal
I'm glad to see the system is being challenged, not being a user of ITunes I didn't realize there were copying limitations on the files. For the life of me I can't figure out why on earth ANYONE would be willing to spend $1.00 per song and get nothing more than a file. This seems to me that the consumer is being screwed royally by the RIAA. It works like this: I end up paying $15-20 dollars for a CD and get no physical product. The record company gets to sell it for the same price but pays nothing for manufacturing and distribution. No middle men to speak of, the public gets hosed. But that's what they've been doing for years anyway. Just curious, does the artists cut increase with online ditribution? Support the artists but boycott the RIAA and overpriced online music.
I'm glad to see the system is being challenged, not being a user of ITunes I didn't realize there were copying limitations on the files. For the life of me I can't figure out why on earth ANYONE would be willing to spend $1.00 per song and get nothing more than a file. This seems to me that the consumer is being screwed royally by the RIAA. It works like this: I end up paying $15-20 dollars for a CD and get no physical product. The record company gets to sell it for the same price but pays nothing for manufacturing and distribution. No middle men to speak of, the public gets hosed. But that's what they've been doing for years anyway. Just curious, does the artists cut increase with online ditribution? Support the artists but boycott the RIAA and overpriced online music.
Re: QTFairuse and fair deal
yeah - its obvious you aren't a user of iTunes. thanks for posting, though.
yeah - its obvious you aren't a user of iTunes. thanks for posting, though.
Yeah, uh hu suuuuure.
That's what this guy claimed with DeCSS too. Does anyone honestly believe he actually uses anything other than linux? He wants to break protection, that's it. If he truly just wanted everyone to be able to view dvd's on linux or listen to itunes songs on linux then he would have provided binary executables as apposed to source code. Or maybe some people just think they are above the law because they think their reasoning is just.
That's what this guy claimed with DeCSS too. Does anyone honestly believe he actually uses anything other than linux? He wants to break protection, that's it. If he truly just wanted everyone to be able to view dvd's on linux or listen to itunes songs on linux then he would have provided binary executables as apposed to source code. Or maybe some people just think they are above the law because they think their reasoning is just.
Actually.....
As a unix & windows administrator I can honestly say that outright hack attempts are more prevelant on unix systems than windows. (Largely due to the fact they are more common when it comes to real servers on the net and being text based so everything can be done via the command line once you do break in.) You hear more about windows because of it's horrible coding and the ease at which worms propogate.
As a unix & windows administrator I can honestly say that outright hack attempts are more prevelant on unix systems than windows. (Largely due to the fact they are more common when it comes to real servers on the net and being text based so everything can be done via the command line once you do break in.) You hear more about windows because of it's horrible coding and the ease at which worms propogate.
Re: Actually.....
And hackers can look for vulnerabilities in the source code of many Unix systems, not just experiment with the object code. Open source projects don't hide their flaws. Instead, they depend on the community for help in finding and fixing the bugs and security holes that show up.
Re: Re: Actually.....
You do know no UNIX (tm) system provides access to it's source code. Remember, linux & bsd are NOT unix. They are "unix alikes". They mostly function the same as unix, but there are differences. But, that's semantics.
When it comes to "Open Source" I see both it's positives and it negatives. Some things are well suited for an open source atmosphere, some are not. Of my mind, security mechanisms & OS'es do not fit well.
The more important question here: What does open source have to do with circumventing a copy protection method? Using "open source" & "copy protection circumvention" in the same sentance does not sound good for "open source."
NOTICE: These are my thoughts & do not necessarily relfect those of any others. Do not flame someone for their personal thoughts on a matter.
---EDIT---
I just thought I'd like to mention that the most secure operating systems on the planet are indeed closed source UNIX systems. Let's stop being an "open source" bandwagon jumper.
You do know no UNIX (tm) system provides access to it's source code. Remember, linux & bsd are NOT unix. They are "unix alikes". They mostly function the same as unix, but there are differences. But, that's semantics.
When it comes to "Open Source" I see both it's positives and it negatives. Some things are well suited for an open source atmosphere, some are not. Of my mind, security mechanisms & OS'es do not fit well.
The more important question here: What does open source have to do with circumventing a copy protection method? Using "open source" & "copy protection circumvention" in the same sentance does not sound good for "open source."
NOTICE: These are my thoughts & do not necessarily relfect those of any others. Do not flame someone for their personal thoughts on a matter.
---EDIT---
I just thought I'd like to mention that the most secure operating systems on the planet are indeed closed source UNIX systems. Let's stop being an "open source" bandwagon jumper.
Re: Re: Re: Actually.....
However, I was thinking of another connection. I think that protection schemes are better when they depend on a secure algorithm, as opposed to a secret algorithm. For example, you might beat DES or Blowfish encryption or public key cryptography with brute computing force, but I think such methods hold up better over time because they don't rely on keeping the method from "falling into the wrong hands". (Although, at the risk of mentioning a side issue while discussing a side issue, I think there's a major exception: I haven't heard yet that anyone has fully reverse engineered the VCR Plus system.)
However, unlike secure transmission of sensitive information, music distribution has the problem that the music has to eventually reach our ears. If it's encrypted, it eventually has to be unencrypted, and a copy can be made at that point. Which brings us to watermarking and the idea that you can harmlessly "tag" music even if you can't control its distribution. I still wonder if these are the only two choices, short of declaring all music free or trusting uses to pay for it whether enforced or not.
I think the thread got into the hacker discussion because of the idea that more people would be trying to break Apple's music protection scheme now that iTunes runs on Windows.
However, I was thinking of another connection. I think that protection schemes are better when they depend on a secure algorithm, as opposed to a secret algorithm. For example, you might beat DES or Blowfish encryption or public key cryptography with brute computing force, but I think such methods hold up better over time because they don't rely on keeping the method from "falling into the wrong hands". (Although, at the risk of mentioning a side issue while discussing a side issue, I think there's a major exception: I haven't heard yet that anyone has fully reverse engineered the VCR Plus system.)
However, unlike secure transmission of sensitive information, music distribution has the problem that the music has to eventually reach our ears. If it's encrypted, it eventually has to be unencrypted, and a copy can be made at that point. Which brings us to watermarking and the idea that you can harmlessly "tag" music even if you can't control its distribution. I still wonder if these are the only two choices, short of declaring all music free or trusting uses to pay for it whether enforced or not.
Re: Re: Re: Re: Actually.....
Ah ok... What RIAA and apparently others don't realize is that eventually EVERYTHING is circumvented. It's more a matter of how widely the circumvention can be used. The easier it is to do, the more widespread it will be. RIAA also seems to think it can prevent any type of copying (something MPAA thinks). This is a very foolish thought. There will always be people that will accept lessor quality products if they don't have to pay for them. To steal an earlier poster's statement.... It will just go underground. That is the best possible thing. If you can't erradicate it, minimize it.
Ah ok... What RIAA and apparently others don't realize is that eventually EVERYTHING is circumvented. It's more a matter of how widely the circumvention can be used. The easier it is to do, the more widespread it will be. RIAA also seems to think it can prevent any type of copying (something MPAA thinks). This is a very foolish thought. There will always be people that will accept lessor quality products if they don't have to pay for them. To steal an earlier poster's statement.... It will just go underground. That is the best possible thing. If you can't erradicate it, minimize it.
Re: Re: Re: Re: Re: Actually.....
Similarly, it seems that if you left it up to the RIAA, they'd choose methods that would cause a reasonable customer to want to circumvent the inconveniences that interfere with normal and legal use. Or to avoid buying their "products" at all.
Except, it seems, for VCR Plus! As far as I can tell, Gemstar has kept the wraps on it for over 10 years. There are programs available to generate and interpret VCR Plus codes for TV shows that start and end on the half hour, but none to handle the longer VCR Plus codes for arbitrary start/top times minute by minute. I gave up looking for one. My use was legitimate: I wanted to program my VCR to start a couple of minutes early and end a couple of minutes late in case my clock was off. Since my intended use of their encoding has been prevented, I don't use their product at all.
Similarly, it seems that if you left it up to the RIAA, they'd choose methods that would cause a reasonable customer to want to circumvent the inconveniences that interfere with normal and legal use. Or to avoid buying their "products" at all.
Re: Re: Re: Re: Re: Re: Actually.....
Agreed. But I do think the Apple DRM method is a good middle of the road solution. After all, you could still burn the tracks to CD and play in another computer and your car. I honestly was expecting the limitations to be a lot worse due to the 2 services which were available at the time were absolutely horrid.
Agreed. But I do think the Apple DRM method is a good middle of the road solution. After all, you could still burn the tracks to CD and play in another computer and your car. I honestly was expecting the limitations to be a lot worse due to the 2 services which were available at the time were absolutely horrid.
Gee, I wonder where the rest of the Earth's population went? It's just you and me left, Ysean! Oh yeah, the Thanksgiving holiday.
I know what the RIAA would like. Music reception & decryption devices implanted in your inner ear! With a RFID chip that identifies you. When an authorized listener passes close to an authorized computer storing an authorized tune, the encrypted sound can be transmitted into your head, still encrypted, then decrypted so your auditory system can be stimulated. This would minimize the danger of music being intercepted by those few unreasonable people who didn't want to submit to the music surgery!
Now we have to get to work inventing the imPod (implanted iPod), a storage device, also installed in your body, to store encrypted tunes for when you aren't near your computer.
I know what the RIAA would like. Music reception & decryption devices implanted in your inner ear! With a RFID chip that identifies you. When an authorized listener passes close to an authorized computer storing an authorized tune, the encrypted sound can be transmitted into your head, still encrypted, then decrypted so your auditory system can be stimulated. This would minimize the danger of music being intercepted by those few unreasonable people who didn't want to submit to the music surgery!
Now we have to get to work inventing the imPod (implanted iPod), a storage device, also installed in your body, to store encrypted tunes for when you aren't near your computer.
Haha yeah... I guess everyone else actually enjoys spending holidays with their families!
As for implants..... hahahaha! I'm all for technological advancements. But some things are just too much. But hey, you do what ya gotta do to "protect your property"
Re: I don't see the point.
The only concern that I can see here is that hacked AAC files can be redistributed on a large scale. That is, because AAC files can be stripped of DRM in one step, in software (as opposed to burning a CD, or ripping a lossy stream), it can now be an automated process. Say a ring of file sharers each set this up to happen automatically with any songs they download.
It's farfetched, however, and I personally don't think it should be a big problem, but lord knows the press will run with this and act as though Apple will surely go out of business after this "blunder".
Note that the guy who wrote this is the same guy who wrote DeCSS, the much maligned-by-the-industry utility which was actually pretty innocent. I doubt he intends to do anything malicious. Certainly if I had developed an extensive encryption system and it got hacked 2 months after I released into the wild [Window's world], I would be upset.
=2 cents
The only concern that I can see here is that hacked AAC files can be redistributed on a large scale. That is, because AAC files can be stripped of DRM in one step, in software (as opposed to burning a CD, or ripping a lossy stream), it can now be an automated process. Say a ring of file sharers each set this up to happen automatically with any songs they download.
It's farfetched, however, and I personally don't think it should be a big problem, but lord knows the press will run with this and act as though Apple will surely go out of business after this "blunder".
Note that the guy who wrote this is the same guy who wrote DeCSS, the much maligned-by-the-industry utility which was actually pretty innocent. I doubt he intends to do anything malicious. Certainly if I had developed an extensive encryption system and it got hacked 2 months after I released into the wild [Window's world], I would be upset.
=2 cents
Re: Forgetting something?
A lot of people still don't know the diffence between DRM strip-off (QTFair use) and reencoding (burn CD -> Aiff -> AAC).
For 128kbps range, the degradation when you decode - reencode is significant.
Originally posted by Ysean
And guess what?! You can do all of these things once you've burned the tracks to CD (which iTMS allows without question)
So much for that argument
A lot of people still don't know the diffence between DRM strip-off (QTFair use) and reencoding (burn CD -> Aiff -> AAC).
For 128kbps range, the degradation when you decode - reencode is significant.
Re: QTFairuse and fair deal
WOW. I didn't read the whole thread (but most of it) and this one opinion makes the most sense. It's about fair use. It's about using what you bought in any way you want (within the bounds of the law, which is much broader than what iTunes lets you do)
Applied to a physical media (aka a stipid CD) the idea of the DRM is this: You can play the CD on three designated CD players that support the DRM. Like, it will play ONLY on xyz brand cd player and only three of those that you pick. Yes, you have to stick to that brand of cd player (the iTunes player, the supported OS of iTunes, no unix support in sight) and too bad if you have a fourth one in the bedroom. It's not gonna play in your second car's player either. Nor in the kitchen. Nor on your neighbor's player. Nor can you trade it on the used market when you're tired of listening to it.
Yes consumer would be outraged. QTFairuse is definitely a good thing for fair use and might be a bad one for piracy (not too sure it'll make a difference though)
Good argument about no manufacturing costs, no distribution cost, no cut for the middle man, no best buy, no tower records no Borders to pay a cut.
They finally found a way to sell you some wind. Even better, they will restrict the direction and force in wich the wind will blow, how often and where it will happen. And people are buying it!
WOW. I didn't read the whole thread (but most of it) and this one opinion makes the most sense. It's about fair use. It's about using what you bought in any way you want (within the bounds of the law, which is much broader than what iTunes lets you do)
Applied to a physical media (aka a stipid CD) the idea of the DRM is this: You can play the CD on three designated CD players that support the DRM. Like, it will play ONLY on xyz brand cd player and only three of those that you pick. Yes, you have to stick to that brand of cd player (the iTunes player, the supported OS of iTunes, no unix support in sight) and too bad if you have a fourth one in the bedroom. It's not gonna play in your second car's player either. Nor in the kitchen. Nor on your neighbor's player. Nor can you trade it on the used market when you're tired of listening to it.
Yes consumer would be outraged. QTFairuse is definitely a good thing for fair use and might be a bad one for piracy (not too sure it'll make a difference though)
Good argument about no manufacturing costs, no distribution cost, no cut for the middle man, no best buy, no tower records no Borders to pay a cut.
They finally found a way to sell you some wind. Even better, they will restrict the direction and force in wich the wind will blow, how often and where it will happen. And people are buying it!
Re: Re: I don't see the point.
The fact that *ANY* software based copy crippling system can be circumvented is not widely spread knowledge. Probably because the makers of such systems don't like bad publicity, and the one using them want the good sheep-like consumers to stick to the path and not wonder if there could be a way around it. It's called marketing.
Think about it. However strong your encryption, however elaborate your system, it still needs to be decrypted, and unless you force upon consumers tamper-proof secure hardware, you still have to decrypt/decode/descramble the content before it is played on your computer. That happens with software, data lies in memory. Software can be tweaked, hacked, modified, changed, converted, emulated etc. And everything in memory can be read, written, overwritten. That's what computers do.
The QTFairUse exploit must not have taken more than 1 man day of work to develop. You need a good system level debugger and someone determined to find the point where the crippled stream ends and the good data begins. I'm not saying Jon Lech Johansen's work is not valuable, but it is not such a great accomplishment. However, it demonstrates that it can be done. Probably easily. It takes a lot of guts to make it public though, because this is plain fat illegal under DMCA (not only circumventing copy protection is illegal, but distributing means of circumventing copy protection is illegal, no matter how it's done or why) Kinda like outlawing hammers because they can be used to break windows for burglaries.
The solution to the software drm 'problem' of course is tamper proof hardware, or at least with deep roots in the OS. Microsoft version, the trusted computing innitiative, aka Palladium is supposed to deliver that and will apparently support hardware enforcing device. For those who think they won't buy the hardware, they might not have a choice. It'll come built in the motherboards, maybe cacked up by laws and regulations. We will have to wait, however to see how effective the system is. Microsoft does not have the cleanest track record regarding security and reliability.
The fact that *ANY* software based copy crippling system can be circumvented is not widely spread knowledge. Probably because the makers of such systems don't like bad publicity, and the one using them want the good sheep-like consumers to stick to the path and not wonder if there could be a way around it. It's called marketing.
Think about it. However strong your encryption, however elaborate your system, it still needs to be decrypted, and unless you force upon consumers tamper-proof secure hardware, you still have to decrypt/decode/descramble the content before it is played on your computer. That happens with software, data lies in memory. Software can be tweaked, hacked, modified, changed, converted, emulated etc. And everything in memory can be read, written, overwritten. That's what computers do.
The QTFairUse exploit must not have taken more than 1 man day of work to develop. You need a good system level debugger and someone determined to find the point where the crippled stream ends and the good data begins. I'm not saying Jon Lech Johansen's work is not valuable, but it is not such a great accomplishment. However, it demonstrates that it can be done. Probably easily. It takes a lot of guts to make it public though, because this is plain fat illegal under DMCA (not only circumventing copy protection is illegal, but distributing means of circumventing copy protection is illegal, no matter how it's done or why) Kinda like outlawing hammers because they can be used to break windows for burglaries.
The solution to the software drm 'problem' of course is tamper proof hardware, or at least with deep roots in the OS. Microsoft version, the trusted computing innitiative, aka Palladium is supposed to deliver that and will apparently support hardware enforcing device. For those who think they won't buy the hardware, they might not have a choice. It'll come built in the motherboards, maybe cacked up by laws and regulations. We will have to wait, however to see how effective the system is. Microsoft does not have the cleanest track record regarding security and reliability.
The way I see it is, you either agree to buy something at a certain price, or you don't buy it. If you do buy it, what you do with it is your own business--within reason. By reason, I think most of you know what I mean--most of us know the difference between right and wrong, and though everyone draws their own boundary line to determine that distinction, most of us make the demarcation close to the same place. You know when you're crossing most folk's boundaries and when it's hurting other's livelihoods--it's become clear that "sharing" MP3s is one of the reasons people in the music industry are losing their jobs--and though most of us have shared MP3s and/or other files at one point in time or another, and it's probably not hurting anyone to share a few songs with a friend or family member who isn't likely to buy the CD anyway, the mass distribution of MP3s via P2P apps is clearly harmful to the incomes of a certain group of people. I want free music, too--but unless an artist is willing to freely distribute their work, I'm going to wait until I can afford to buy their songs, or listen to the music that is already free. By subscribing to this policy, I've found that I have much more time on my hands to enjoy listening to the music I haven't yet heard, rather than monitoring a P2P network for countless silent and irrecoverable hours.