Slashdot Log In
Cracking iTunes' DRM with JHymn
Posted by
michael
on Fri Jan 28, 2005 06:30 PM
from the nuclear-escalation dept.
from the nuclear-escalation dept.
comforteagle writes "Howard Wen has interviewed 'FutureProof' of the JHymn project, a DRM removal application for iTunes song files laden, or 'crippled' as some say, to prevent filesharing. FutureProof tells us how Apple's DRM works, how to rip it out using JHymn, how they build on the work of 'DVD' Jon Johansen, and how to upgrade to that brand new iShuffle safely."
Related Stories
[+]
News: iTunes v6 FairPlay DRM Cracked 421 comments
luaine writes with an Engadget article claiming the cracking of iTunes v6 FairPlay DRM. From the article: "[A] new app called QTFairUse6 looks like it can now be used (with some amount of difficulty) to dump iTunes version 6.0.4 - 6.0.5 files of their chastely protection." At present this is a Windows-only tool for those who are "not afraid to get [their] hands dirty with a little python." Engadget does not provide a link to QTFairUse6, and neither will we. We've run several DRM stories recently, but it's been 19 months since Cracking iTunes' DRM with JHymn.
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
You know... (Score:5, Funny)
It's much easier to use the five-finger discount.
Re:You know... (Score:5, Insightful)
Parent
Re:You know... (Score:5, Funny)
Remember kids, stealing music helps the artists!
Parent
I love this shit (Score:5, Insightful)
If it's digital, and the end user can see / hear it, it can be copied. Perfectly. Deal with it, and make it interesting to buy instead of pirating.
Re:I love this shit (Score:4, Informative)
Parent
Re:I love this shit (Score:4, Insightful)
You just can't keep digital media from being pirated. It's as simple as that. Try a different aproach.
For example, i like buying CDs. I like having a nice, pressed, shiny CD with a good looking booklet. I like buying books, and i like buying DVDs.
I also download a lot, even though i usually end up buying what i really like. I would buy a lot more, but the thing is, music/dvds and even books are still way too expensive. Why not lowering the price, knowing that you'll still make a profit? (no, i don't beleive $20 for a CD is reasonable)
Parent
Re:I love this shit (Score:4, Insightful)
"So why bother a paying user if your product is going to be pirated anyway? It's a battle you can't win; you might as well accept it as a price of doing buisness."
Accepting it is not the same as not taking measures to reduce it. Ask any retailer; they'll tell you that there's always going to be a certain amount of shoplifters, but rather than simply give up trying to fight it, retailers put anti-shoplifting measures into place. These, too, can bother paying users, but retailers have evidently done careful analysis to understand that it's worth the tradeoff. Case in point: Costco (or whatever your local club store is) has chosen the route of inspecting your reciept on the way out, rather than just simply giving up and "accepting" shoplifting. Perhaps Slashdot users know better, but I doubt it. It's a complex situation that cannot be resolved with simple bromides such as "piracy will happen, so give up on DRM."
"I also download a lot, even though i usually end up buying what i really like. I would buy a lot more, but the thing is, music/dvds and even books are still way too expensive. Why not lowering the price, knowing that you'll still make a profit? (no, i don't beleive $20 for a CD is reasonable)."
Huh? CDs haven't been $20 in years, and prices have been falling rapidly. The average price of a new CD dropped 4% last year [bandradio.com], to $12.95. The record companies are way ahead of you on this one.
I've lost you on the "knowing you'll still make a profit" part, though. The record industry gets by with pretty shitty margins in general, and many CDs lose money.
Parent
Re:I love this shit (Score:5, Interesting)
It was pirated the same; in fact, there was a NO-STEAM a day after release. So you could argue it was less of a hassle for pirates to play it than it was for some users from what i've read
Parent
What is that old saying... (Score:5, Funny)
Why crack it? (Score:5, Insightful)
Admittedly, without the thrill of "fighting the man", but in this case "the man" is giving you virtually everything you asked for (inexpensive music you can try before you buy with the ability to download exactly what you want and make mix CDs, which you could then rip as well without needing this tool.) Now Apple is going to have to crack down again.
What does this win us? The music industry can point to this as another example of why the restrictions need to be in the hardware and the hardware manufacturers are already in their pocket as far as the next generation of motherboards are concerned. Thanks to the pirates, those of us who buy the stuff again have to pay with further restrictions.
Re:Why crack it? (Score:5, Insightful)
I wasn't aware you were able to get custom made mix CDs at stores with tracks numbering in the 100s of thousands. Cool.
Obviously iTunes is popular because some people don't like to spend $13+ on an entire album when they only want one song. They want to make their own mixes and still not have DRM on them I guess.
Parent
Re:Why crack it? (Score:4, Insightful)
Why should I buy an entire CD when I can buy the two or three songs I want via a brillant interface that's better than any other online music service? And its not a hassle. One-time setup of account, 99c a song and a quick run of Jhymn is hardly a hassle.
"but in this case "the man" is giving you virtually everything you asked for (inexpensive music you can try before you buy with the ability to download exactly what you want and make mix CDs, which you could then rip as well without needing this tool.) "
So circumventing Apple's DRM one way is okay but another way isn't? Wow, great logic. Let me ask, if I record to a tape from my audio out of a DRM file is that illegal as well? If the end result is the same what's the difference? Who is being harmed when the end result in a unencrypted file in EVERY SINGLE CASE. What because your taking the extra step of going DRM-CD-RIP and someone else goes DRM-RIP your method is somehow better for Apple? In what way? Why are you even suggesting Burning and Ripping? Are you one of those people who upload all of your Itunes music to P2P? Oh no wait, that's what you Apple defenders are constantly accusing us paying customers of doing.
"What does this win us? The music industry can point to this as another example of why the restrictions need to be in the hardware and the hardware manufacturers are already in their pocket as far as the next generation of motherboards are concerned"
Or they could point to the built in loophole of ripping from CD which rendered Apples DRM useless from day one.
"Thanks to the pirates,"
Excuse me? Pirates? Who? The people who PAID APPLE for each and every song and use a program which ONLY works if your the one who purchased the music in the first place? Yea those bastards!
The Pirates are on P2P sharing songs they never bought. The people using this tool aren't pirates. Get it straight already. And get over your holier than thou, how you dare use a product in a way other then intended attitude. You've benefitted more from reverse engineering and people using products in ways not intended then you could possibly imagine.
Parent
Re:Why crack it? (Score:4, Interesting)
No per-track at all. A flat-rate or collective license model would work. The collective-license model would work best, since in that case, they could simply allow P2P to operate legally. The users would, in that case, absorb the costs of bandwidth, distribution, and manufacturing of the CD's if desired. All the labels would have to do is sit back and collect the money.
Of course, given that, they could no longer -control- distribution. Might that be the reason for the resistance to something which in every other way is pure profit for them?
However, a flat-rate model would also work. And I'm not talking "RealRhapsody"-I'm talking a per-month flatrate for downloadable, burnable, DRM-free content, with EVERYTHING available, not just whatever few labels they can get to sign on, in (within reason) a format of choice-perhaps choices between .mp3, .flac, .ogg, and a raw uncompressed format.
When they offer that (provided the fee isn't astronomical), I'll have my credit card ready. Until then, I'll keep right on downloading. And by the way, guys-DRM is trivial to break.
Parent
Re:Why crack it? (Score:5, Informative)
These are people who make a business running artists into the ground. The cartel has effectively monopolized the music industry, shooting themselves in the foot in the process.
Think about it: what's the RIAA's big justification for the high cost of CDs and the reason they financially destroy so many artists? They claim they have to take a big risk on artists, as it's expensive to produce, tour, promote, etc.
Who said rockstars need to have their every whim catered to? Who drove the cost of music videos through the roof? Who demands artists pay $20,000/hour for some "big name" producer to hit a few buttons in Pro Tools? Who demands artists pay thousands an hour for studio time? Who created this bloated, overinflated, cookie cutter music market where it's ridiculously expensive to get exposure? Who helped create the radio station conglomerates like Clear Channel and Infinity? Who created this situation where it's prohibitively difficult for non-affiliated artists to get more than small, local exposure?
The whole point, is the industry is solely responsible for this situation they're in. They flat-out lie in press releases. They slander their own customers, and treat them like criminals. They charge too much for a lackluster service, and now we're supposed to feel sorry for them? When's the last time the industry showed any good will towards its customers?
No, the RIAA isn't listening; they're oblivious and out of touch. No one wants DRM. Yet they insist on it. We want more reasonably priced music, but they won't give that to us, either. Yet they've created an environment where it's exceedingly difficult to be exposed to music that isn't being actively pimped by them! And now we're supposed to bend over and take it in the ass while they use one law to make an end-run around another and screw us out of our rights?
[b]Fuck them and the horse they rode in on[b/].
The truly stupid thing about this is that iTunes already provides a mechanism for doing what JHymn does - burn a CD, re-rip it. Problem solved. All JHymn does is streamline the process a bit.
Parent
Re:Why crack it? (Score:5, Insightful)
Uh, the people who paid, still pay, and continue to pay for it? Big-evil-corporations exist because people pay them money. Nobody needs music on CDs/records/tapes, or encoded in mp3s. Nobody has a right to it. The only rights involved are those of the creator and of those to whom he delegates his rights.
Nobody forces an artist to sign a contract with a big label. They do it of their own free will, generally because of greed. They aren't content with having their "real" jobs, playing at local venues when they aren't working to pay rent, perhaps growing popular through word of mouth. They want to "hit it big" and think they need the power of an agent/label/distributor/so-on. Such is their right.
That a work of art should have protection against copying was an obvious and fundamental enough concept that our ancestors enshrined it in the Constitution of the United States as an explicit obligation of the Congress to enforce, over two hundred years ago, when music was sold via lyric sheet. The mental product of your fellow man has value, and is worthy of legal protection. Regarding DRM, finding some clever way to open a vault and remove the gold within makes it no less theft. Finding clever ways around DRM to extract the protected work within makes the act no less theft.
Nobody has the right to music, or software, cable TV or for that matter health care. Something that requires the labor of another is not a right. To believe otherwise is to believe that others must labor uncompensated (see: slavery) for oh-so-special you. If you don't like the price being charged, if you don't like the terms of the sale (usage restrictions), don't buy it, and don't steal it. Something that is worth stealing is worth protecting. You know that, they know that.
It's very simple. If enough people cut restricted/expensive music out of their lives entirely, the market will adapt.
Larry
Parent
Re:Why crack it? (Score:4, Informative)
Parent
FairPlay LIMITS sharing, doesn't prevent it (Score:4, Insightful)
You can also burn any iTunes track to CD. Only limit is you can only burn 5 copies of a playlist before you have to change the songs in the playlist. Which means if you or your friend spring for the cost of a CD, you can share any song you like, as many times as you like, with whomever you like, just like other physical media.
I think that's a super middle-ground. Steve Jobs has discussed MANY times that DRM will be cracked, but FairPlay is pretty good. Apple puts a sticker on all their iPods that says, "Please don't steal music." Please point me to a better approach to DRM or filesharing scheme. Yes, DRM sucks, but it's not going anywhere if you want to use downloaded RIAA music.
iTunes set the best standard (Score:5, Insightful)
They forget that Apple has SET THE STANDARD for sensible DRM that is reasonable for the consumer.
I've been around a long time, and have seen plenty of stupid stuff. Divx (in the DVD space) moved things back, lawsuits and claims about the mp3 format itself, a joke.
But I've also got a sense of history. Before apple came along legal online music was GHASTLY.
You think iTunes is "laden" and "crippled" with DRM? People have forgotten that before apple came along there was a fragmented music space with DRM that meant you couldn't move songs between computers, burn them to CD's, and stores run by companies that were no fun to do business with. Subs, if you canceled, your music vanished.
For most folks, fairplay is actually fair. Most people don't end up playing on more then five computers. Unlimited burns of a song, and seven burns of a specific CD are reasonably fair. The authorization process isn't terribly painful.
Remember, the RIAA used to claim on their dumb soundbyting site that making a tape copy of a CD was copyright infringment. And they were probably right, it was.
The one big issues with iTunes are lack of open source support (tricky, but they should do better here) and the lock-in to iPods as the portable music player for the service. The issue is that software needs to provide the DRM. Luckily for apple they've got a reasonable ipod product. This lockin will have to evolve though of course, open source and linux are not supported so far.
But from a DRM perspective, they really moved the industry forward. If the media companies had their way we'd be stuck with Sony's ATRAC format.
So, complaints and props to apple.
Shill or just don't care about your rights? (Score:5, Insightful)
If you give up control, you get what you deserve.
Parent
I'd like to think I'm not cracking anything here.. (Score:4, Interesting)
Probably still illegal nonetheless, but I really don't feel very 37331 when I do it.
"Sensible DRM" Sensible to Who? (Score:5, Insightful)
Now if Apple licensed Fairplay playback to device manufactures and software developers, that might change people's opinion but as it stands now, Apple computer has a monopoly of fairplay enabled music playback. I would suggest that Apple open Fairplay, but as we all know, the concept of DRM is simply PKI turned upside down. Its a game of digital hide and seek or "security by obscurity," so it is simply not possible to open source any software based DRM scheme.
Lets look at this situation from another angle, if Microsoft was the leading online music retailer and used a format that could only be played back on Microsoft hardware and software products, would people be defending them? The hypocrisy and denial of Apple fanboys on /. is so blatant, its not even amusing anymore.
Book on Watermarking (Score:5, Informative)
FutureProof said that Apple is putting watermarking in their music and they are looking for the lack of that watermark in future versions of iTunes (both to stop competitors and most likely identify those who would rip from iTunes and resell it illegally). Nothing has stated that the watermark is an Apple-wide watermark (i.e. distributed to all users) or if it is a per user watermark added on top of the Apple watermark (double water-marked).
Unless this makes your head swim, there is an excellent book that most folks with a bachelor's degree in some field which involved math should be able to read and understand: Information Hiding Techniques - Techniques for Steganography and Digital Watermarking (ISBN 1-580-53035-4), by Katzenbeisse. This and some other related books can been seen at forensics.nl [forensics.nl].
Note: I am not affiliated with any of these publishers or authors, but merely read through the above mentioned book and found it appropriate for the topic.
Nothing, just as he's done for months now (Score:5, Interesting)
Hymn released a fix in short order - I think back in July? It was a long time ago anyway. And since that time, Apple has done nothing to shut down project-hymn.org. And multiple releases of iTunes since then have done nothing to stop these files from playing - which it cannot do because they are now identical to files that you rip from CD yourself with AAC!!
If Apple could or would do anything about Hymn, they would have done it by now.
Since sales on ITMS have kept going up, no-one really cares if you can break the DRM or not.
I'm not sure if Hymn still does it, but it used to even keep the ID of the owner in the file to make it impractical to share on P2P networks (as it could easily be traced back to the owner). I thougt that was a nice touch to show it really was not meant for piracy.
I use Hymn myself, no to crack my master files but to break them so I can share them at work. The annoying thing about iTunes sharing is that if another user is not authorized to play a song it halts and brings up a dialogue, making true random play over another users library impractical. Once a co-worker and I even went so far as to authorize each others computer to play our music so that we could listen to the libraries of the other.
I don't feel like using DRM cracks for this use is at all like P2P, since it's just streaming the song and not transferring it - plus lots of people discover music they might not have otherwise and it helps those artists out (which I feel P2P does as well, but it's a different and much greyer case).
Parent
Re:Nothing, just as he's done for months now (Score:5, Insightful)
Yeah, it was really annoying that Apple did that -- the entire reason for that uniqueness was to discourage copyright infringement by putting up a big red flag saying "this song was came from ITMS." Combined with the fact that it (still, hopefully) leaves the Apple user ID the hope was that Apple would sue copyright infringers (like the RIAA, only with an accurate way to tell who's infringing). Instead, Apple forced them to remove the feature, which was stupid because it was in Apple's own best interests to have it there in the first place!
I wouldn't call it a "fix;" I would call it a "regrettably necessary workaround of Apple's stupidity."
Just FYI, there are several programs (for example, Leechster) that allow people to download from iTunes shares instead of just stream. It's still not in the same league as Kazaa, since you have to be in close physical (or logical, in the case of VPNs) proximity to use it, though.
Parent
Re:DRM (Score:5, Interesting)
This isn't flamebait - it's true. DRM costs money - removing it generates revenue. Counterintuitive? Case in point:
An iBook came into my household this christmas. I had heard about iTunes for years, but not being on Windows or Mac, had never seen more than a screenshot. So anyway, I try it out and buy an album I once had but lost to a departing girlfriend. It was cool, but I also knew it was DRMed - and indeed, when trying the file on my linux box - no joy. I didn't buy any more music after that. No way would I pay for music I can only listen to on one computer (I want it to work at home (linux/new mac), work (linux), studio (linux)). So I didn't buy any more music - then I heard about Jhymn - installed it, stripped the DRM off my files, txr over to my linux box, and voila - lot's of joy.
That was about a week ago - I've spent over $30 on iTunes in short time since then (it's frighteningly addictive and easy to click "buy" - especially when sleepy late late at night). Without DRM stripping I would have spent a big fat ZERO.
Moral of the story:I only buy from iTunes BECAUSE I'm able to strip the DRM and play the files on my linux boxes
Parent