New Tool Cracks Apple's FairPlay DRM

goombah99 writes "PlayFair is an integrated utility that removes the DRM from AAC music files protected by Apple's FairPlay encryption. Information is limited, but the source code is on SourceForge.net and it appears to actually remove the encryption itself and not simply hijack the QuickTime audio stream as earlier methods did. The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery. If you choose to redistribute these songs you will be violating the contract you bought them under: better hope they aren't watermarked or you might end up paying for releasing one in the wild. To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."

Lies

[monstroyer]

1) My computer, my data, my choice. DRM snake oil providers can deal with it. The future won't tolerate the crap these copywrite perverters are trying to enforce, may as well wake up now before it's too late.

2) Downloading music does not affect sales. [dailytarheel.com] DRM is only there to appease the record industry, still scared shitless that artists can have direct contact with their fans who still provide them with income. This cuts them out as the middleman. Like the landlord [landandfreedom.org] of times before us, they will be replaced or burnt to the ground. Again, deal with it.

3) The previous two paragraphs are both 'revolutionary' premises. Vandals these coders are not.

Re:Lies

[neverkevin]

My computer, my data, my choice

Technically it is not your data, you did not write it, create it or anything, you just payed for the ability to listen to it. I doubt iTMS is selling the legal copyrights to songs for only $.99 a piece.

Re:Lies

[rjelks]

When I spend $15.00 dollars on a CD, I own that media. I don't claim to own the copyright to it, just the CD itself. With my ownership, comes "fair use" rights and the ability to sell said CD. I can't copy it and sell multiple copies, but I can sell the CD....which to me confirms my ownership of it. When I buy a CD, I don't just purchase the "ability to listen to it", but also the ability to copy it for personal use, put it on an mp3 player or sell it. /don't really buy CD's anymore, new music sounds strange

Re:Lies

[seffala]

The plural of 'anecdote' is not 'data'.

Re:Lies

[Neil Blender]

The plural of 'anecdote' is not 'data'.

Duh, the the plural of 'anecdote' is 'Slashthink'.

Re:Lies

[geeber]

Amen brother. The problem is in polite conversation (and slashdot too, for that matter) "I know a guy..." trumps statistics every time.

Re:Lies

[Anonymous Coward]

The problem is in polite conversation (and slashdot too, for that matter) "I know a guy..." trumps statistics every time.

That is simply not true. A friend of mine who is a sociologist studied this very phenomenon and found that it didn't exist.

Re:Lies

[Catbeller]

Regardless, I choose to reward the artist*, rather than blatantly "steal"** from them.

I wasn't aware the labels were paying the artists a large part of the iTunes income. Anyone you know getting a check from RIAA?

Artists - don't - get - money - from - labels. Artists PAY labels for the privilege of making money for the labels, unless they get more than one gold record, at which point, if they were very careful negotiators, they might actually pay off their creditor and start seeing a royalty stream. Most musicians under a label make the only money they can keep from live performances. If ClearChannel hasn't ripped them off.

The labels, represented by RIAA, are NOT the artists and are NOT their benefactors. Let's stake this meme in the heart. We aren't paying the artists, we're paying the crooks who take advantage of them with their hold on the distribution chain.

Altogether, people:

WHEN WE PAY THE LABELS, WE ARE NOT PAYING THE ARTISTS. WE ARE PAYING DOWN THE DEBT THE ARTISTS OWE THE LABELS, WHICH WOULDN'T EXIST IF THEY HADN'T RAPED THE ARTISTS IN THE FIRST PLACE.

Re:Lies

[rampant mac]

"I wasn't aware the labels were paying the artists a large part of the iTunes income."

Last time I checked, positive income was better than NO income.

"Anyone you know getting a check from RIAA?"

Yes. Me.

"Artists - don't - get - money - from - labels. Artists PAY labels for the privilege of making money for the labels."

People - don't - get - money - from - their - employers. Employees sign a contractual agreement that they WILL perform the work assigned to them, or are you not on salary?

It works both ways...

For the millionth time

[caitsith01]

Stealing = taking something with the intention of permenantly depriving its owner of possession

Copyright violation = making an unauthorised COPY of something

YOU CANNOT STEAL SOMETHING BY MAKING A COPY.

Re:For the millionth time

[An Onerous Coward]

Dear God! You mean to tell me that your floorplan is exactly the same as mine? That you ripped off every decorating idea I spent years and years perfecting? The inhumanity!

Wait... I'm confused. You've found a way to build houses for free, and I'm supposed to be angry? No, I'm not. I'm overjoyed. Now everyone can a comfortable home, and it's absolutely wonderful if they thought my design was worth copying.

Your analogy is deeply, fundamentally broken. I don't even know where to begin trying to fix it. No matter what analogy you could use relating music copying to physical items, any loss incurred by the creator--time, money, ego, whatever--is absolutely overwhelmed by the brute force of the simple fact: The copiers are creating new stuff at no cost!

If we could provide quality housing for anyone, for free, simply by ripping off the design you put your blood, sweat, and tears into, it's absolutely worth hurting your feelings.

Re:For the millionth time

[caitsith01]

Nope, I'm happy that you can enjoy the design I've perfected over all these years. You're not reducing my ability to enjoy me house (unless I'm a capricious, elitist bastard who only likes things if other people don't have them), and frankly I'm flattered that you like my house so much you want to live in the exact same design.

I mean, seriously, what have I lost? Nothing.

In any case, as another poster has already pointed out, I'm basically too stunned at how cool it is that you can copy a whole house for free to care about the money.

I think you need to consider that 'scarcity' is what determines price. With instant, flawless copying, there is no scarcity. Therefore, we need to come up with a new way of distributing and, indeed, creating such things, not create silly laws to artificially recreate scarcity.

Re:Lies

[Dirtside]

Fuck off, it _IS_ stealing.

If copyright infringement is in all ways identical to stealing, why do we have the term "copyright infringment" and an entire Title of the U.S. Code dedicated to it? The fact that data and matter are different is the very reason that we have different terms for the two actions.

Copyright infringement is certainly illegal. But you don't help your case by conflating larceny (stealing) with copyright infringement. It just makes you look ignorant. Whether or not someone believes that copyright infringement is immoral, it is de facto not the same thing as larceny.

I'm saying that, in the future, you want to say, "Copyright infringement is WRONG!" not "Copyright infringment is STEALING!"

Re:Lies

[Anonymous Coward]

Apple's DRM is considerably more restrictive than WMA's. All sound quality aside, Apple gives you one store, one media player, and one portable player. WMA gives you many stores, several players, and quite a few portables.

Apple seems benign when you're willing to completely surrender every aspect of your machine (including the choice not to boot ;)) over to them.

Re:Lies

[csoto]

Whatever. I can play the songs on my Macs, my Dell and my iPod. I can burn CDs and play it in my car, on my stereo, in my portable CD player. Not very restrictive at all. That works for me.

Besides, I can buy MP3s from anywhere else. Oh wait. Who sells those?

Re:Lies

[Anonymous Coward]

Whatever. I can play the songs on my Macs, my Dell and my iPod. I can burn CDs and play it in my car, on my stereo, in my portable CD player. Not very restrictive at all. That works for me.
Great. Sounds like you've found something that is still more restrictive than WMA music, but you're happy with it.

Besides, I can buy MP3s from anywhere else. Oh wait. Who sells those?

http://www.magnatune.com/ [magnatune.com] for starters.

Re:Lies

[Yakko]

Show me a free (costs nothing, free of encumberances like patent and EULA issues, etc) media player that plays these "rights managed" WMAs, and maybe then I'll consider starting a WMA collection. I may not be fully imformed, but until I'm certain there's one out there that won't tie me to a Windows machine, I'm just going to have to continue using mp3. Simple as that. ITMS lets me get mp3s from the AACs I buy, so they're in.

Oh... said player needs to work on most any Unix I care to throw at it. No Rube Goldberg devices, no tricky hacks.

(I don't think those "bum the win32 codecs" players are going to cut it, either. Something that'll natively play it is what I'm seeking. My point is that WMA is not cross-platform to the extent that mp3 is.)

Re:Lies

[plj]

For the n^th time, WMP for OS X does not support WMA's DRM scheme. Or, to be a bit more specific, it only supports it's first version, which never became generally used and is now practically obsolete.

Every online music store out there uses version 2 of WMA's DRM.

Re: Lies

[cft_128]

As countless other pointed out, the WMP on Macs does not support v2 of the DRM, not to mention WMP on Macs sucks. Really sucks. Bad UI. Uses up way too much CPU time. With MS adding a 'time bomb' [betanews.com] to WMA it's not looking like I'm going to be sending them a lot of love. When I buy music, I want to be able to play it forever. Hopefully market forces will do to this what it has done to previous attempts at this.

Also of note HP has licensed [hp.com] Apple's iPod, so add one more player to the market. (albeit a iPod clone as far as I can tell). HP will use iTunes so there will still only be one software player, but from what I can tell iTunes wipes the floor with WMP when it comes to managing and playing my music on both my Macs and my PCs.

You might want to do your own research before accusing others of not doing it.

Re:Lies

[Smurf]

Pitiful answer actually [...]

Windows WMA: [...] Macs(Yes they have WMP), [...] and you can burn on CDs (depends on who you buy from and what rights you have

Dont talk trash unless you really know what you are talking about....

Pitiful answer actually

Apart from the Mac WMP's inability to play WMA files (mentioned by six replies already), iTunes always allows you to burn on CDs. (Up to 10 copies per playlist. If you need more, change the playlist. But if you do, you are probably pirating the music.)

Dont talk trash unless you really know what you are talking about....

Re:Lies

[Sparks23]

Not to further fuel the flames, but it's not quite that straightforward.

I think part of the problem is that folks are looking at AAC as 'Apple's format.' It's not. AAC -- Advanced Audio Coding -- is an open standard; there's an ISO number for it, and it was come up with by the MPEG standards group. AAC is to MPEG4 what MP3 (MPEG1 Audio Layer 3) was to the original MPEG. AAC itself is quite widely played by software players -- more than just iTunes -- and is more or less the intended successor to MP3. (NOTE: Intended. I make no predictions about whether or not it will actually happen.)

Where you can point the finger at Apple is on their DRM implementation on top of AAC; that's not part of the AAC specification, and so means that while an un-protected AAC file can play on iTunes, WinAmp, etc., a protected iTunes Music Store one cannot. THIS is a little unfortunate; I'd love to be able to load protected AAC onto my NetMD minidisc player without having to burn it to CD first.

WMA makes me more nervous as a format, because as far as I know it's controlled by a single entity (Microsoft) instead of an open group (MPEG standards group). However, it can't be discounted that WMA's integration of DRM has made it the more attractive commercial option for folks, since it's possible to make differing players handle the same DRM-protected files.

Whether or not AAC with some form of DRM will catch on remains to be seen, I guess.

Re:Lies

[Sparks23]

As an addendum, everything I've ever read -- including the PlayFair website linked to in this article -- says that FairPlay was licensed from Veridisc. So before anyone points fingers to tell me that Apple didn't write FairPlay, yes, I'm aware of that; they took an open standard and a publicly licensed DRM technology which can wrap digital files, and put the two together.

In theory, anyone who wanted could use the FairPlay DRM and thus play Apple iTunes Music Store music. However, AAC not having an inherent DRM seems to have discouraged everyone but Apple from using it commercially, whereas WMA has the DRM right there so if you're using WMA you don't have to go shopping for separate DRM solutions.

That was the point I attempted to make in the earlier post. :)

Re:Lies

[caitsith01]

Because Apple will create a Brave New World, instead of Microsoft's 1984.

Re:Lies

[Lumpy]

ahem, NONE of those 500+ devices will play WMA files that HAVE ENCRYPTION...

big difference bucko.

I know, I have 3 of those 500+ devices... and the DAMNED things wont play the protected ones.

Re:Lies

[Bombcar]

Here [allofmp3.com] you go.......

Re:Lies

[Sethb]

My problem with Apple's DRM is that it counts individual users on a computer as "separate" computers in the licensing scheme, meaning that a song I purchase from their store, won't work on all my machines.

There's my work machine, my home machine (two users, my wife and I), her 20GB iPod, my iPod Mini, and my laptop. Oh, whoops, can't do that, just ran out of licenses, and that's not even counting the old Pentium II that keep around as a print server/backup machine.

Or, are my wife and I not allowed to share one download? We can own a house together, but not an audio file?

Fortunately, via m4p2mp4.exe you can strip the DRM out of them as necessary, or do the old m4p->CD audio->mp4 conversion, though recreating metadata is a bit of a pain in the arse. [techfreaks.org]

Re:Lies

[Alsee]

You have a license to use it.

No such thing. Doesnt' exist.

You can only licence the right to create new copies and derivative copies and to distribute those copies and for public performances. Those are the only licences that exist (at least under US law anyway).

You don't need any licence at all for any sort of fair use.

Apple's DRM is pretty benign... They worked out a lot of rights for their customers.

It doesn't matter WHAT rights that "worked out". The fact is that ALL fair use is perfectly legal and legitimate, and a copyright holder has absolutely no legal right to say squat when I make fair use.

Unauthorized use and unauthorized copies are perfectly legal and legitimate when they are fair use.

-

Re:Lies

[zcat_NZ]

Not 'fair use'; 'unregulated use'

Fair use relates to things that would have been covered by copyright; derivative works, quoting, etc. They're allowed, even though technically they're a little bit of the 'copying and redistribution' that copyright is supposed to regulate.

Unregulated use relates to things that have nothing to do with "copying", and should never have been covered. Transfering a work 'I own' into another format, playing a DVD on a non-standard platform, etc. If I bought the work, I should have the right to do anything I want short of making copies and giving them to my friends. Playing DVD's under Linux, converting AAC's into MP3's, etc -should- all be unregulated uses. It's none of the copyright-holders business what I do with the disc after I bought it, unless they can PROVE that I'm redistributing unauthorised copies!

Re:Lies

[Alsee]

US CODE TITLE 17 CHAPTER 1 Sec. 106. - Exclusive rights in copyrighted works [cornell.edu] grants six exclusive rights to copyright holders, but they really only amount to 3 different rights. The right to make copies, the right to distribute copies, and public performance.

Those are the ONLY rights a copyright holder has available to licence to anyone. If he isn't granting one or more of those rights then he isn't licencing anything.

US CODE TITLE 17 CHAPTER 1 Sec. 107. - Limitations on exclusive rights: Fair use [cornell.edu] says it is not infringment to make fair use, thus you don't need any licence at all to make fair use. It gives a non-exhaustive list of examples of fair use. It gives a non-exhaustive list of factors to consider in determining fair use.

And rather signifigantly, fair use rights are NOT granted by that law. If you check the congressional record they specificly stated that we already had fair use rights and that that law was merely an attempt to write down those existing rights. They specificly said that law was not intended to expand or restrict or alter fair use rights in any way.

Not only are fair use rights NOT granted or defined or restricted by copyright law, but if you look back at the various supreme court cases mapping out the extent of fair use, the fact is that it's fair use that restricts the extent and reach of copyright. The term "fair use" never even appeared in copyright law before 1976. We had fair use before that, and where fair use treads copyright restrictions are swept away.

There is no such thing as a "licence to use". Doesn't exist.

Ordinary "use" rights remain with the public. You don't need any sort of licence to read a book you bought or to play a song you bought.

As for contracts, I don't know if iTunes even has one, or if it's even valid, or what's in it. But assuming there is, it cannot grant some non-existant "licence to use". The most it could do is attempt to impose a clause against making fair use. And even if it does, and even if it's a valid clause, it would still be strictly a contract issue, not copyright.

No, I'm not a lawyer, but I HAVE been reading the law and many court cases. You're the one tossing around a "licence to use" with absolutely no basis. I defy you to find it anywhere in US copyright law.

I will certainly admit the RIAA and MPAA want the law to recognize a "licence to use". I will certainly admit the RIAA and MPAA are putting out a missinformation campaign to convince the public and congress that's what the law already says. If that's what everyone thinks that's what the law says then it becomes very easy to get the law re-written to "fix" the law to actually say that.

"Licence to use" is a myth, part of a campaign to get copyright law changed.

-

Re:Lies

[Xenographic]

Well, let me see here. I'm no lawyer, but I play one on slashdot (and I read Groklaw) :P

If you're a real lawyer, or can provide credible evidence that what I say is wrong, by all means, be my guest; I'm just explaining things as best I understand them from all the reading I've done on the subject.

For one, you don't need a damned license (a license is permission, a contract is a mutual agreement/exchange of value) to play this music. Or at least you weren't supposed to. There's a clause in USC 117 (copyright law) that says that ephemeral copies aren't supposed to be infringing. Of course, case law hasn't exactly made any good use of it, even though it should have... Especially when it comes to EULAs, when one might be led to believe that they're signing a contract to give up rights for permission they're not supposed to need... Sadly, the courts have upheld a number of EULAs :/

The problem is that they have DRM, and the DMCA has those anti-circumvention restrictions. In other words, they're leaving us with "rights" that we no longer have the power to exercise. The librarian of congress apparently has some power to craft exemptions here (perhaps we should be lobbying there, more?). The only such relevant exemptions I can remember were posted to Slashdot a while ago... I understand it to mean that we can crack DRM for obsolete platforms, but I advise you to read their statements in the original--there are, no doubt, nuances concerning this that may be important if you intend to rely on these exemptions.

Now then, what's worse is that depending on how you crack the DRM, you could, at least theoretically, run across problems with patents and with trade secrets. At least with trade secrets, you have to be a party to them to begin with in orter to run afoul of them. That is, unless you get the information on the DRM under an NDA, you shouldn't worry too much about this. At least, not that I know of. I do remember it coming into play with DeCSS, but I don't remember specifics. As for patents, they're even worse, in that you don't have to know of the patent's existence to run afoul of it...

For another, I'm assuming you get some kind of click through EULA. This makes it a contract, not a license, since they've obtained your consent to all those crazy restrictions. SOME EULA restrictions (notably "you can't benchmark our product") have been shot down. SOMETIMES. There are judges split between "freedom to contract" and others who think it better to overturn "unfair" terms. You cannot depend on such things.

There are other issues, in particular the "first sale doctrine" that tries to limit folks imposing contracts after a sale has been completed. While I wish this were extended a bit more, mostly judges seem to be remiss to invoke this unless they don't let you SEE the terms you're agreeing to until it's too late to RETURN the product (making your disagreement futile). MS has some rather clever lawyering that, in effect, has long force us to pay the "windows tax" ... There are plenty of others who have described rather well how this works, so I will not dwell on it.

Lastly, "fair use" is an "affirmative defense" to copyright infringement. What that means is that by asserting it, you say that "Yes, I DID infringe on their copyrights, BUT ..." Specifically, there are something like four factors the judge takes into consideration, such as whether it was for NON-profit educational use (profit is VERY broad here, even ads on your webpage might count), whether you use a large portion of the work in relation to the whole, and how it affects them financially. I think I left out a factor, so Google it by all means.

Mind you, some of the more common mythical provisions do NOT exist. The "delete this in 24 hours" bit is BS, as are pretty much every single one of the disclaimers you may see in "warez" sites. The "10%" myth might be a semi-sensible restriction under th

Re:Lies

[Alsee]

I keep US copyright law bookmarked :)

TITLE 17 - COPYRIGHTS [cornell.edu]

There's a clause in USC 117 (copyright law) that says that ephemeral copies aren't supposed to be infringing.

The ephemeral clause is Sec. 112. [cornell.edu] It is extremely narrowly drawn and effectively worthless. Ephemeral uses obviously fall within fair use, so the fact that the exemptions listed in the text are absurdly narrow is irrelevant.

The librarian of congress apparently has some power to craft exemptions here (perhaps we should be lobbying there, more?)

There are two possible kinds of exemptions to the DMCA. There are absolutely useless exemptions, and there are exemptions that will effectively and totally gut the DMCA. Thus far the library of congress has been good little librarians and very careful not to allow any exemptions that might irritate anyone. Lobbying there has been a waste of time.

fair use... something like four factors

The for factors are listed in Section 107. [cornell.edu]
(1) the purpose and character of the use, including whether such use is of a commercial nature or is for nonprofit educational purposes;
(2) the nature of the copyrighted work;
(3) the amount and substantiality of the portion used in relation to the copyrighted work as a whole; and
(4) the effect of the use upon the potential market

An important point to note is that it says "factors to be considered shall include ". The four factors are merely examples that shall be considered. The courts routinely consider other factors. For example "transformative" use weighs in favor of fair use. Things like collages and parody are transformative.

you guys should Google for USC 117

Link to 117 [cornell.edu]

The mess with 117 is that it reffers to an "owner of a copy of a computer program". They are trying to play word games by claiming that you never actually own a copy, they try to claim that copies are always "licenced" under EULA's. However an EULA is really just a contract. If you buy a box of software and don't willingly bind yourself to that contract then you get no benefits from that contract, but you are not restricted by it either. You can then simply install and run the software you now own on the disk you now own. If there's a click-through licence agreement you could always make the effort to tweak your machine to bypass it. This is why they are lobbying to get a law passed to make EULAs binding.

The few very rare cases upholding EULAs have been based purely on arguments that the buyer somehow willingly agreed to be bound by it.

-

Re:Lies

[badasscat]

Except that it's NOT your data. You have a license to use it.

Bullshit. If it's on my hard drive, which is a physical platter that I purchased at retail, then it's a physical thing that exists in the real world and it's mine. You're telling me my hard drive is mine but its contents aren't? I don't buy that for a second, whatever some RIAA lackey wants to say to convince me. If it somehow found a way (legally) into my house and onto my hard drive, it belongs to nobody else but me, and as long as I keep it for myself, I'm allowed to do whatever I damn well please with it.

In fact, DRM exists because copyright holders know this. Otherwise, there wouldn't be a need for DRM! The whole point of DRM is to keep you from doing things you are legally entitled to do as specifically written in copyright law. The RIAA does not like the way copyright law is written so they are doing their best to usurp it with DRM (which they seem to think gains them additional protections under the DMCA that they don't otherwise have under regular old copyright law). I see no problem in breaking DRM in order to exercise my legal rights.

Now, as for this sob story about WMA becoming a "standard" because of this... I mean really, cry me a river. Neither AAC nor WMA will ever be considered a "standard". The only thing close to a "standard" is MP3 (only because so many people have already ripped their music to it, so every piece of hardware has to support it) and it obviously isn't used for many applications where real compression efficiency or the best absolute sound quality are required. MP3 will always be around - I'm sure not about to re-rip all 2,000 or so CD's I own, and doubt many others will either - so whatever gets declared a "standard" for any specific use doesn't really matter anyway.

WMA's DRM will be broken in time just as FairPlay apparently has been, in any case. It's the nature of digital data. Anything that's expressed in bits can and will be cracked, so WMA has no advantage here. Eventually these companies will hopefully accept that all DRM is doomed to fail, and just go back to allowing their customers to exercise their rights under the law, as they used to do many years ago.

Usual Ogg advocate post

[cgenman]

I would argue that OggVorbis is also a standard, if not for market acceptance than because the format is well documented: anyone can make an OggVorbis ripper or player. WMA and FairPlay, like DOC files are not standards, but products. You couldn't create a product that creates or plays these files, as you don't have access to data defining the files. Hence, by definition, neither can be considered "standards."

Re:Lies

[Kelson]

If it's on my hard drive, which is a physical platter that I purchased at retail, then it's a physical thing that exists in the real world and it's mine. You're telling me my hard drive is mine but its contents aren't?

I own a lot of books. The paper, the ink, the glue - I own those, uncontested. I own that instance of the book. I can lend that particular book to a friend, I can sell it to someone, I can throw it in the trash, put it in a barbequeue, whatever. I can take the book down to Kinko's, photocopy it and write all over the photocopies. But if the book is still in copyright, I can't legally give those photocopies to someone else, nor can I legally typeset it, publish a new edition, and start selling it. Even though those words are physical objects in my possession.

The whole point of DRM is to keep you from doing things you are legally entitled to do as specifically written in copyright law.

More bull. Companies pushing DRM don't give a damn whether you make copies for yourself, they just want to make sure you don't upload it to the net and share it with a few thousand of your closest friends. And it's easier for them to prevent you from doing anything than it is to only prevent you from handing out free copies everywhere. That's why most DRM is so draconian - not because they want to lock you into only listening in one room, but because they just don't care.

Apple at least made an effort to compromise.

Re:Lies

[ncc74656]

So I suppose that you think that just because you purchased a copy of a book you're entiteld to do whatever you want with the contents? Up to and including violating copyright laws?

Quit yer trolling...who said anything about violating copyright laws? If I'm working on my car and want to refer to some pages out of the shop manual, I'll make a copy of the relevant pages and work from those so the manual doesn't get dirtied up. That is fair use. Another example of fair use is dubbing a CD to tape so I can play it in my car (which doesn't have a CD player). That's also fair use. How, then, is stripping the DRM off an .m4p so I can convert it to Ogg Vorbis for playback on my Palm (an example of format-shifting analogous to the aforementioned CD-to-tape dub) not fair use? It's only copyright infringement if I turn around and put the resulting .m4a files up on $P2P_NETWORK or otherwise distribute them to others.

Re:Lies

[bfg9000]

Just like you're not allowed to do 'whatever you want' to a rental car just because its in your garage.

You're not "renting" songs off the iTunes Music Store, are you? Do you have to give them back after 30 days? No? Then you OWN them.

If I OWN my car, I can spray paint it with polka dots and grow a chia pet on the hood and the government can't do jack. And even if they could, that wouldn't make it right, because the car is MINE. Private Property rights are the fundamental building block of western civilization; if you're trying to overthrow America you couldn't find a better way than to undermine societal freedom.

Re:Lies

[DeltaSigma]

But that copy does belong to him if he acquired it legally. If I'm the only occupant in my living space and I have twelve individuals computers comprising an obscene amount of redundant backup storage, and I make twelve freaggin' copies of every piece of data legally acquired by myself, plus a DVD for the television, and a CD for the stereo, it still shouldn't make a lick of difference to musicians, game makers, virtually everyone who creates information for a living, because they succeeded in selling one copy to one consumer.

End of story, no "ifs" "ands" or "buts" about this license restriction crap.

Re:Lies

[Alsee]

Something doesn't belong to you just because you have a copy, legal or otherwise. Dumbass.

Actually copyright law deals distinctly and explicitly with ownership of copyright and ownership of individual copies. The copyright holder owns the copyright and the associated rights. However the owner of the medium is the owner of the individual copy embedded in that medium.

So yeah, when you own your hard drive YOU OWN the particular copy stored on that hard drive.

The Supreme Court has even explicitly stated that ownership rights exist and must be dealt with even in the case of infringing copies. If you "steal" a copy onto your harddrive you are the legal OWNER of that copy. In some cases of infringment the law can then impose government confiscation of your property and the copies stored on your property, but is is explicitly confication of copies you owned.

So the original poster was right. If something legally got onto his harddrive then he can do pretty much anything he likes with it, short of opening up shop selling copies of it.

If it made it's way onto his harddrive illegally, it's still his property to do pretty much anything he like with, short of government seisure of that property or going into business selling copies.

And yes, copyright law works that way for the public benefit, and it provides an incentive to artists to create in servive of the public benefit. If he got the copy legally then he generally had to pay to get it, and he is forbidden to compete with the artist's limited monopoly to market that work. If he got it illegally then someone most likely committed infringment and owes the artist damages for making that copy, and he is still forbidden to compete with the artist's limited monopoly to market that work.

The fact that the parent poster was right does not conflict with copyright doing it's job, a valuable job as you noted.

-

Re:Lies

[Lumpy]

sorry, I signed no agreement I purchased a physical item. NOTHING EVER told me that I have a limited license bla bla bla....

I dont care what you RIAA/software apologists say. it is simple copyright law, there is no license that was ever agreed to or signed or even implied.

just because you print worthless drivel in 3 pt font on a cd cover does not mean it is legally binding in any way. you know this, the lawyers that wrote it know it and everyone knows it.

It's covered under copyright law, get over it there is no license.

We can only hope WMA will win!

[SeanTobin]

Wouldn't it be wonderfull once the WMA standard becomes available everywhere? All online music stores will use it because it will be so secure. On-demand video companies will spring up from this new found industry standard. Portable players and home stereo systems will all support it. Every media file on your computer will fall under one standard.

And then a code monky from Argentina will be codeing at 3am and have a Mountain Dew inspired breakthrough, and WMA will be broken wide open forever.

Software companies continue to forget the days of dongles, code wheeles, and manual page/paragraph/word lookups. All it will do is annoy real consumers.

Re:We can only hope WMA will win!

[__aagctu1952]

Unfortunately, if that happens it will only bring the age of gov't mandated hardware DRM even closer - and then you can say goodbye to actually owning your own computer. What it's really time for is a property revolution - and I'm not talking about the Lenin/Che Guevara kind, I'm talking about actually giving people control over what they legally own. My computer? Then let me hack it as much as I want - software as well as hardware. My DVD? Then let me play it however I want (skip trailers, play it backwards, make my own "phantom edit"). All those things are already restricted by the DMCA and other laws, and it will only get worse unless somethings is done, soon...

Re:We can only hope WMA will win!

[Saeger]

On the one hand we have information being naturally free [eff.org], and on the other we have attempts by clever control freaks to put the genie back in the bottle [fourmilab.ch] so that there is profit from (artificial) scarcity again.

I'm of the mind that the genie can't be put back - that open hardware will prevail, DRM will fail, and that alternative means of funding digital works will emerge such as variations on the street performer protocol [firstmonday.dk], where it's the SCARCE act of creation that is funded, rather than the zero marginal cost of reproducing abundant old data.

--

Boy howdy

[aaronsb]

That's not much of a crack now, is it?

Monkey See, Monkey Do

[ackthpt]

To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."

The problem with incredibly clever people is inevitably they come up with something you don't want. Who's to say they weren't WMA or even (shudder) RIAA proponents, bent on showing the public can't be trusted and DMCA is the right approach?

I agree that they are vandals and scoundrels...

[csoto]

but it's not as if WMA can't also be cracked.

ALL technological barriers can be subverted. It just takes the proper motivation, be it economic, political or otherwise.

I'll stick with purchasing tracks on iTMS. I love my iPod, iTunes and the quality and economical service Apple provides.

Re:I agree that they are vandals and scoundrels...

[3Suns]

I can't speak to the feasability of cracking WMA itself, but you seem to be romanticizing things a bit. True, all encryption technologies can be subverted. However, there are plenty of examples in which it is mathematically unfeasable to do so, and no amount of clever hacking tricks can change it. What if the next version of WMA encryption were as secure as AES? It's certainly not likely, but I wouldn't say it's impossible either. I understand that there are fundamental differences between DRM and plain encryption, but the point is that uncrackable systems are possible.

We can't just rely on "someone" to eventually crack everything we don't like. Microsoft has a lot of smart people working for them, as does Apple. Apple will fix their encryption, and MS will improve theirs. What we have to do is get to the root of the problem with DRM; namely that fair-use rights are being blocked, and the standards are proprietary and strategically limited in availability. I don't think these problems are impossible to solve either.

I would actually encourage an open-source DRM implementation, perhaps as part of OGG media. If a free alternative were available to publishers, that fixed the fair-use problems, I can certainly see that it might be adopted.

Re:I agree that they are vandals and scoundrels...

[daw]

What if the next version of WMA encryption were as secure as AES? It's certainly not likely, but I wouldn't say it's impossible either. I understand that there are fundamental differences between DRM and plain encryption, but the point is that uncrackable systems are possible.

This is nonsense. Encryption systems may be practically uncrackable. Encryption systems that have to decrypt the "protected" contents for you so that you can listen to them will never be in the least bit secure. If you can hear it you can record it. There is no getting around this. The entire idea of DRM is, on the face of it, futile.

Vandals

[cgenman]

(from dictionary.com)

Vandal (van'dl)

1. vandal One who willfully or maliciously defaces or destroys public or private property.
2. A member of a Germanic people that overran Gaul, Spain, and northern Africa in the fourth and fifth centuries A.D. and sacked Rome in 455.

As these people obviously have not maliciously defaced or destroyed public or private property, I can only assume, then, that the repeated references to them as "vandals" means that the FBI has identified the coders as coming from an obscure Germanic sect, whose culture was believed lost.

Which leads to a conundrum. If we don't arrest these people, then we are validating the viewpoint that the DMCA is far overreaching. If we do arrest these people, then we are destroying the remnants of a lost civilization important to our shared cultural heritage.

Declare a law overly broad, or destroy a valuable culture? What is Ashcroft to do?

UnfairPlay

[LostCluster]

This thing proves brags that the "information wants to be free" concept will doom absolutely any music protection scheme, because somebody's bound to figure out how the thing works. They're right, and FairPlay has just bit the dust as a secure format.

Of course, you have to credit Apple for trying to build what they have, and maybe they'll be able to weather this storm because afterall, DVDs are still standing despite the existance of DeCSS. Maybe this will blow over and iTMS can stay in business... but this certainly isn't going to help.

So maybe it's not secure...

[raehl]

But is that a bad thing?

What if sales of music in this format increase, because people are more likely to buy songs they can use as they please instead of buying songs that have annoying DRM restrictions on them?

The bad assumption here is that by removing DRM, people won't want to buy a product, because they'll just copy it instead of paying for it. The problem with that assumption is it ignores the fact that copying itself has a cost, even if it's not a financial one: You both have to have a copy of what you want to make a copy of, and you then have to actually distribute that copy to whoever actually wants it.

Or you could just go to a central store of digital copies, pay your paltry 99 cents, and get your own copy. For most people, 99 cents is worth the convenience of having whatever they want on demand.

Before you start thinking this won't work, look at DVD sales nowadays. VHS tapes were priced to cost many, many times more than the price of a rental. Rentals were attractive. DVD's are priced at about $20-$30 each. Result? Even though people could fairly easy copy DVDs if they REALLY wanted to, it's just "easier" to walk into Best Buy and plop down the $20 - so much so that many many more people buy DVD's than used to buy VHS tapes.

For most people, trying to find and download a copy of something off the internet just isn't worth the $20 to buy the copy at Best Buy, or the $20/month to have Netflix mail it to you.

Very little of the cost/value of content is the content itself - most of it is the distribution. Efficient distribution can distribute content at prices low enough to be competitive with comparatively inefficient illegal distribution while still creating enough revenue to pay content providers.

Re:So maybe it's not secure...

[FredFnord]

> What if sales of music in this format increase, because people are more likely to buy songs they can use as they please instead
> of buying songs that have annoying DRM restrictions on them?

Let's think this through. What if they do?

Then the RIAA claims that Apple is in violation of their licensing terms. They could ask Apple to rewrite FairPlay, which I think is unlikely because it'll just get cracked again, given the way quicktime works. (I suspect, though I'm not certain, that I could have written a crack for this myself, because I know how QuickTime's guts work.)

They could impose some much more restrictive DRM scheme on iTunes. This is the way I suspect they'd go.

They could let things go on the way they are. I think that unlikely.

Or they could just pull Apple's license altogether.

Before you see this as a good thing, it might be wise to wonder which they'll do?

Re:Not Apple's problem

[Hawthorne01]

Given the iPod's approach to piracy (an admonishment not to steal music on the package), I'm quite certain Job's didn't push the security of iTMS as a selling point to the labels. Rather, I can see him stressing the ease of use and karmic value to the user.

So it's been cracked. Does this affect the massive quantity of illegal MP-3's out there in the least? No. If you needed a copy of a song that was on iTMS, you could always find it elsewhere if you weren't worried about copyrights.

I use iTMS because of:

• Download speed
• Gauranteed Results
• Gauranteed Quality
• Ease of use

The DRM affects me not in the least. I have no reason to crack what I've bought from iTMS, and won't do so.

Re:Not Apple's problem

[David Hume]

Dunno what Jobs' private attitude toward DRM is, but in the 70's he and Woz did some phone phreaking [woz.org]. This was dubbed "theft of service" by Ma Bell and "cool" by the techies of the day. Ma Bell (the monopoly phone company at the time) was the techie anti-Christ of its day, just as the RIAA is today.

It would certainly be consistent of him to be totally cynical about "playing nicely" with the RIAA.

Or he may have grown up.

Let's hope

[nsample]

I already have a removal tool for WMA. Just waiting for it to become a standard. ;)

What was the point?

[CrackedButter]

The fairplay system allowed for FAIRPLAY, it is seen as the best DRM scheme online and yet somebody has to crack it? What for other than to get bragging rights and make AAC look inferior to WMA with its security protocols?

Re:What was the point?

[Ziviyr]

Maybe they wanted to play their paid for tunes on something other then iTunes or an iPod.

Re:What was the point?

[ctr2sprt]

To you, Apple's DRM system is distinct from "other DRM" because it doesn't prevent you from doing the things you want. To me, Apple's DRM system is exactly like every other, because it does prevent me from doing what I want. (At least, as far as I've heard; I'm not going to pay for something that may or may not work, even if it is only a buck.)

Maybe the guy who did this project is like me. He needed to something with AAC that "FairPlay" wasn't allowing him to do, so he found a way around it. Or maybe he was just being a geek and wanted to see if it could be done.

Re:What was the point?

[James Lewis]

Slashdotters lamenting the cracking of AAC and looking down their noses at the authors of this program need to wake up. You're spitting in the wind. This was GOING to happen, just like every single lock companies have put on their programs has been broken in the past. This should be further proof the the record companies that DRM does NOT WORK. If they want to switch to WMA fine... but no matter how hard Microsoft tries, it will be cracked too, just like it HAS been cracked over and over. Any time a company makes a product and says, "Don't do this, whatever you do please don't do this!" some nerd is going to wet himself in the anticipation of doing just whatever it was that company didn't want done. Like Steve Jobs himself said, it doesn't matter how good the lock is, because all it takes is ONE person getting in ONE time, and the whole thing is worthless. I totally agree that a solution to mass pirating needs to be found, but it isn't DRM. If we can't find a socially exceptable way of stopping pirating, then maybe someone is just going to pull their head out of the sand and change their business model...

Re:What was the point?

[pavon]

The fairplay system allowed for FAIRPLAY, it is seen as the best DRM scheme online

This line of reasoning drives me crazy. For the last 20 years we have had an open, digital, non-DRM music standard which has succeded wildly. And yet now people are constantly praising FairPlay, because it is the least restrictive of the new DRM schemes. I am supposed to be happy that we have only taken one step back instead of two? To be fair it is worse than a step backwards, because it is introducing restrictions that have never existed before. FairPlay is not the best DRM - no DRM is the best DRM.

But you are right on one thing. What is the point of buying music under terms that you don't agree with? If you don't like DRM, then don't buy DRM'd music. At least now you still have the option. If consumers continue to be so eager to support these new formats, that option won't exist for very long.

The author implies that...

[Limecron]

Micrsoft DRM *won't* be cracked?

If *anything* is crack fodder after this...

But seriously, the first thing to crack is what people actually use. So, good job crackers.

Anyway, how is unlocking something you've paid for being a vandal?

Re:The author implies that...

[badasscat]

The iTunes store afforded consumers much more freedom with their purchases than any of the other online stores, and this software may well have a hand in taking that away.

So f'ing what? Seriously. You gloom and doom types are overlooking the patently obvious here: without iTunes, what's left? KaZaA, Gnutella, etc. Shut down iTunes and you drive all those consumers right back to the free (and illegal) services, including the ones currently in the works that encrypt data across multiple nodes and make it nearly impossible to track downloaders. It's not like there's no other way to download music (and if you want it legally, it's not like there's no other way to buy it besides downloading). And let's not forget that it's legal to share music in Canada!

Shuttering iTunes is not in the record industry's best interests. Oh, they still may not realize it, but they will eventually or they will die. What is in their best interests is to simply let this go. Don't publicize it. Let the Slashdot crowd break the DRM on the tunes they've purchased; they're not the ones downloading music on KaZaA anyway. Sue more people who are sharing illegally and drive them to iTunes.

Alternative strategy is to try to shut this software down with a massive legal and PR blitz. Won't work, but it'll put the fear into a few people, at least. But shutting down iTunes does not seem to be an option in any case. It would be suicidal. It's not as if alternatives don't exist, that cost less (ie. free) and don't have DRM. Why push customers back to that at the very moment you seem to be educating them on the benefits of actually paying for music?

Is FairPlay really better than WMA?

[Anonymous Coward]

To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

If DRM is offensive to you, than FairPlay is no better than WMA.

If you don't particularly mind DRM, then what's your complaint about WMA? I think it is the iTunes contract you like, and not FairPlay itself.

Big surprise

[Anonymous Coward]

Anyone who didn't see this coming.. i don't know what you were thinking.

Apple chose the "cheap bike lock" model. Instead of trying to absolutely lock down their digital music distribution, they put an [i]impairment[/i] to fully free use of the music, but one which they knew would eventually be broken. This is a rational thing; if you KNOW that someone, if they REALLY wanted to, would be able to break your encryption, what's the point of trying to make the encryption really strong?

The trick is, you wait for the inevitable crack program, then attempt to prevent people from distributing it.

Of course the interesting thing is, now Apple's going to go after the people who made this tool, and hundreds of Slashdotters will most likely deride it as an unconsiable use of the DMCA, then announce they are boycotting Apple and dumping the iTMS for, say, Napter2... which uses WMA, whose DRM is even worse...

Fair use, and nothing but fair use

[isomeme]

To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

Interesting position. How is rearranging the bits of something I own "vandalism"? How is this not a perfect example of fair use?

I agree that redistributing the results would be both unethical and illegal. But last I hear prior restraint was still frowned on by the courts.

DeCSS

[Jeffrey Baker]

Lots of ignorant comments already. PlayFair is the same as DeCSS: it removes restrictions on fair use, and allows compatibility. Now I can play my paid-for iTunes songs wherever I wish, just as DeCSS allowed me to play DVDs anywhere.

It's a good thing.

I think this is good

[shadowcabbit]

Contrary to the knee-jerk reaction (and incidentally, also contrary to the blurb), I think that this tool is a blessing. Since it only works on songs that you have a valid license for (ie stuff you bought), it removes the burn-to-cd step from the "buy from ITMS, burn to CD, re-rip to MP3" process for those of us who don't have an iPod. I've bought quite a bit of music from the store, and I relish the opportunity to use it on my Lyra. This, I think, was the developers' intention with this tool-- not infringement. This is the only use I will have for this tool. Others may use it improperly or illegally, but that does not mean I should be denied access to the tool.

Incorrect background on VeriDisc/FairPlay

[ikewillis]

When Apple opened the iTunes Music Store, they licensed a technology called "FairPlay" from a company called "Veridisc".

Apple bought VeriDisc. They didn't license FairPlay; they own it.

This is like a selling point

[AtariAmarok]

Having this available is like a selling point for ITMS. I've been rather resistant about buying songs there because they place restrictions about what I can do with my own data on my own machine. (and no, I'm not talking about selling them).

Legalities - FairPlay hacking is illegal

[MacFury]

If Apple and the RIAA has its way, using a tool like this will be just as illegal as getting the music with Kazaa

It is just as illegal. Actually, more so. Downloading copyrighted music is simple a copyright infringment. (at the moment) This means it falls under civil law.

However, creating a tool like this circumvents a copyright protection scheme. This is a criminal act punishable by up to 5 years in prison or $500,000, under the DMCA of 1998. (section 1201)

As an aside you mention if Apple had it's way...Even at the risk of appearing as an Apple apologist...Apple didn't want DRM at all. They struck a deal with the RIAA. Essentially the RIAA said, NO DRM, NO MUSIC. Apple said, okay...we'll put in a little DRM. I wish I could find the quote from Steve Jobs but he essentially said, "DRM is stupid, users want control of their files and rightly so, DRM will kill the market."

Vandals ?!#

[PrimeNumber]

The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery.

Is this article a cleverly disguised troll?

If anything the creator(s) of PlayFair are doing the responsible thing, and not allowing the user to perform a so-called cracking operation on a song they haven't licensed/paid for.

So let me get this straight...

[ChangeOnInstall]

I can now go iTunes using my Windows XP box that doesn't even have speakers, buy music tracks, run them through this DRM remover, and then play them back on my Linux machines at home and at work?

If this actually turns out to be the case, I'll be sending Apple (iTunes) about $20-50/month for the forseeable future.

Vandals, eh?

[cb8100]

From Merriam-Webster:

One entry found for vandal.
Main Entry: vandal
Pronunciation: 'van-d&l
Function: noun
Etymology: Latin Vandalii (plural), of Germanic origin
2 : one who willfully or ignorantly destroys, damages, or defaces property belonging to another or to the public

Since I bought the music, it does not belong to the public. If I choose to remove the DRM that keeps me from doing what I want with my private property, that's not vandalism. Worst case: I just voided my song's warranty

Largely irrelevant.

[Llywelyn]

The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery.

Let's emphasize this part. You still have to go through the trouble of downloading it, compiling it, and using it on your own songs. I don't see many people doing this just to share them over a P2P network.

There would be a problem if this was something that could decrypt other's songs. If you do a search there are people sharing m4p files on filesharing networks (mainly because they just share their music library) and so the ability to then download those files and decrypt them would be more serious. As it stands with this program, I have to go through that for my own files, which I wouldn't go through the trouble of doing unless FairPlay got in my way, which it doesn't.

Even then, however, I suspect it would not be a major concern. Apple expected this kind of thing and has a philosophy that most people will pay for their service regardless of if they can get it free elsewhere--simply because they will pay for quality and service.

watermarking?

[ziggy the zagnut]

Well, what are we waiting for? Let's diff two cracked AAC's of the same iTune bought by different people to see if there's any encoding!

Just a GUI

[m1a1]

These guys didn't do anything special. The libraries they used have been out and available in a simple command-line form for quite awhile. They apparently just made it more accessible to the public. The libs are available at http://www.audiocoding.com/ [audiocoding.com]. I've played with the command-line version before and it works fine.

fairplay CVS is still up

[dj_paulgibbs]

Although Sourceforge have pulled the .tar.gz mirror, you can still login into the CVS and get it:

cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/ playfair login
cvs -d:pserver:anonymous@cvs.sourceforge.net:/cvsroot/ playfair checkout playfair

What's the problem

[smartin]

This only works if you already have a key, so you aren't stealing anything, it just makes it possible to get better use out of music you paid for. Such as putting it on your slimserver etc. I don't think that the availability of such a tool is going to cause people to go hunting for protected aac files to crack, and if you are going share them, you could just rip them as mp3 (yes i know lesser quality yada yada). I think this tool is useful for people that do buy iTunes an i for one will probably buy more now that i can get better use out of them.

Think of it as the same thing as cracking a game you already bought so that you don't have to put the CD in the drive every time you want to play it.

Beware, downloaded songs are watermarked

[smadnessness]

Songs bought and downloaded from iTMS are watermarked with your account information. Checking out the source for the song with a simple text editor I was able to clearly see my name and email address used for purchasing from the store. I don't know yet if these are stripped when playfair strips DRM, but it's worth verifying before you start playing pirate again.

Besides, CD quality is still better audio.

Perception is reality.

[D'Arque Bishop]

*sigh* One thing that I've noticed in the business world is that more often than not, perception is reality. In other words, how something is perceived is more important than how it actually is. (For example, how many of you have bosses who don't want to use Linux because it's known as the "hacker's OS", and as such see it as being dangerous because it's used by hackers/crackers?)

The reason I bring this up is because this tool, however benevolent the reasons for creating it are, may end up causing more problems than it solves. Apple went to a lot of trouble to create a DRM scheme that was most acceptable to both users and record companies. You know FairPlay-protected AAC files are easily transferred to another media already (burn to CD). I know it. Not much fuss was made about it.

Now we have a tool that gets rid of that intermediate step. Is the end result the same as what we used before? Pretty much. Except now, the RIAA has something to point to and scream, "See those hackers! They'll even break liberal encoding to steal music! This is why we need tougher DRM!" It doesn't matter whether this was REALLY the case... all they have to do is PERCEIVE it as such a threat, and to them, it becomes truth. Granted, this may or may not be the case, but like I said... perception is reality. How many people outside of the tech community are going to get to see this as anything but a piracy tool?

I really hope it doesn't come to this. I really do. Like a lot of people here, I understand this tool was probably created with the best of intentions. Unfortunately, we also need to remember what they say the road to Hell is paved with...

Just my $.02...

Wow, whats with all the hoopla?

[msimm]

To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

Vandals? Really? Wow, because the first thing that came to my mind is: wow, I can unencrypt MY files and put them on my MythTV box, or trascode them to use in my cars mp3 player or send them through my Slimplayer. People are getting a little weird about DRM. Vandals is probably the most ridiculous thing I've hear yet. Itunes is great, but if we are going to continue to have fair use we are going to have to stop buying in to all the hype and realize that using a product we bought isn't criminal. I'm a fucking consumer, not a pirate.

Fair use...

[Rick Zeman]

...sure, I'm all for fair use--for me. My definition doesn't include me and a couple million of my closest friends.

All the Kazaa-using pirate assholes and those cracking Fairplay are doing is making my life harder and as time goes on, interfering more and more with what can be considered fair use.
You all need to consider what is cause and what is effect here. Was there DRM before Napster? Nope. So this is all a reaction to your sleazoid thievery and it just royally pisses me off.

As DRM goes, Fairplay is by far the best of a bad lot. Its compromises I can live with. What are you assholes going to make Apple come up with next?

copyright and other obsolete concepts

[N3wsByt3]

"To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard"

Yes, well, I'm sure the aristocracy that had been exploiting the populace for centuries thought the same when the poor masses rebelled. Or maybe not, because they used the term 'revolutionary' as if it meant 'criminal'. In any way, it's all in the eye of the beholder, it would seem. But we can safely say that it's a good thing their rights were trampled on and disgarded and abolished, or most of us would still be serfs.

The IFPI/RIAA is fighting a lost cause. And I think they know it.

First off all, I have difficulties with their acclaimed 'stealing' of music. As far as I know, stealing implies that the one that has been stolen has been derived of something. When you take a copy, you do not take the original away, thus they have not 'lost' anything. They might claim that they loose money when ppl d/l music, but even that is far from certain. Not only is it not shown statistically to have had that effect (they didn't even show a correlation thusfar - see aussie music-news - let alone a causality).

Furthermore, in an individual case, they would have to show they actually lost revenue. Which is far from said, because I sure know some guys who d/l music, but would NEVER have bought that music if they were unable to d/l it. So, how did the RIAA/IFPI loose revenue, exactly? And if they didn't lose anything, how can the term 'stealing' apply?

It would still be copyright-infringement, ofcourse, but that's another matter. I think maybe it's time we went beyond our current system of copyrights and walk into the era of cyberspace. With the industrial revolution, patents and copyrights knew a high flight, maybe it's time to let it leave and try something new? Maybe something in the lines of this: fairshare [sourceforge.net].

And don't worry, contrary to what the RIAA claims, musicians will not starve to death, and music-making will not stop. We had music long before we had copyrights, and we will have music long after copyrights have vanished from the scene.

And lastly, it's something that *can not* be stopped. P2P progs and their development act as organisms that follow the darwinian rules of survival. When Napster was 'killed' by the RIAA, immediately others (like kazaa) took over, being more resistent to attacks from the RIAA&co. Whenever kazaa will be shut down, others again will take over. When endusers are targeted, systems that protect the user will become dominant (like FreeNet).

It really is a lost cause. But then again, they are not truelly battling for the survival of musicians (as I said; they will survive, just as they used to do), it's for their OWN survival they are fighting. There is no way in hell they are going to keep the giant profits that they have been gathering for the last decades.

But ultimately, they will have to do what P2P systems are already doing: adapt to the new circumstances (and forget about the former levels of profit), or whither and die.

Re:copyright and other obsolete concepts

[wayne606]

You say that in order for something to be stolen the original owner must lose. If they are no worse off than before then nothing has been stolen. But this misses the point. The record companies are the owners of the songs. They paid the artists for the rights. Maybe they haven't paid them fairly but the artists were under no obligation to sign the contracts.

As the owners of the music they would be perfectly within their rights not to release it at all. Or to play it only in specific places and not allow in anybody with recording equipment. Etc etc.

However they decide to release the music on CD's or on an on-line store and do so under a specific license. Namely, "don't give this music to your 1M closest friends without us getting extra money". If you don't like it why did you buy the CD in the first place? If you really like the music why don't you contact the artist and convince them to release their next album for free to the world, or possibly under different terms?

If you want to listen to music for free, just say so. Admit you're breaking the law and violating the contract you agreed to when you bought the music. It won't be the first time and it won't be the last that it's happened. Admit that (in this case at least) you don't care about the law and you are just taking what you want. The world won't dissolve into anarchy because of it.

If you want to convince the music industry that they are fighting a losing battle and making things harder for the honest people who just want "fair use" of their purchases, go for it. Ask them to reform their distribution model for the 21st century. Maybe with Steve Jobs on your side you will get somewhere.

But just don't waste your time and everybody else's trying to pretend that you have a right to rip tracks from CD's and put them on P2P networks, just because "they wouldn't have gotten that revenue anyway". That's irrelevant and you make your other arguments lose credibility.

well, a point is missed, that's for sure

[N3wsByt3]

Your first three paragraphs are quite true, but have no bearing at all on what I was saying. I was saying that the claim those companies make that 'It is just the same as stealing from a shop' (actual quote) is false.

It does not matter what kind of contract they have with the musicians, nor if they are owners, nor if I or anyone else agreed to the licence. The *statement* is false. If I go to a shop, see some vase, let's say, and I copy that vase at home, can the shop or the owner accuse me of stealing his vase? No. (at least not icn the jurisdiction I live). I *could* be breaking copyright or some patents, yes, but I would not be charged with stealing it from the shop.

The RIAA claims one could, if one does exactly the same, but instead of a vase, with one of their CDs. THAT is what is absurd, and what I was arguing.

The problem with your line of reasoning, is that it starts from the established point of copyrights that we have developped into today, and do not try to see outside the framework that is now almost considered a natural right. but it isn't, and, in fact, it never was. It's very clear (whatever the Supreme Court says about it) that the founding fathers meant it to be a right of limited scope and duration, to *stimulate* new and innovative works, and then bring it to the public good.

This, clearly, has been perverted and corrupted in a system that has virtual no limitations anymore, and which main goal is the squeeze as much money and profit out of it by and for the middle-man; corporations that have huge profits but hardly create anything innovative themselves, and, in fact, try their best to stiffle innovation when they feel threatened.

You think 'asking to reform' will do actually amount to anything, since it would mean they practically vanish from the scene? Me thinks not. I think the chance of that happening is as big as it was if the serfs would have 'asked' the aristocracy if they would please give up their powerbase.

This line of reasoning shows an apparent lack of sense for reality.

Unjust laws are most often overruled by breaking them en masse, and what's more, I do not think that that is an immoral act on itself, on the contrary. Far from me to entice anyone in doing something illegal, but I still can say what I think (unless Free speech has been abolished too?), and I think that the law, as it was original conceived and intended was just, but what it is and has become today is unjust and immoral, and should not be used to make ppl guilty, let alone criminalised, when they are disregarding those perverted laws.

Is this Slashdot or New York Times?

[Hao Wu]

"To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard."

Interesting. Good point. So why was this allowed in reporting the story?

This belongs in the comment section, to be moderated fairly, like my little opinion and other people's comments.

The authors are not vandals.

[Performer Guy]

They have given people back the freedom to use the music thay have purchased as they see fit. This is *FAIR USE* it is the music industry that are vandals and thives, implementing a concerted campaign to steal our rights to use the products we purchase while pretending that they are being harmed by unrelated online theft. Do you really thing your cracked DRM'd copy matters a damn when anyone can rip the CD? Give me a break, copyability is not the issue at all. The evidence does not support the industries position and the facts make them look positively ridiculous. *ANYONE* can go rip any tune today from any CDROM, one uncracked mp3 later and you've got the equavalent of what they're so scared of. We have rights that are being undermined and the industry's protections including those enshrined in law are extremely artificial and strengthening with every law passed and court case prosecuted.

It is not vandalism to protect consumers against unreasonable proprietary restrictions, particularly those that tie us to vendor specific platforms or even force multiple purchases of the same art. These developers are heroes and the activities of those corporations they fight against should be branded criminal but unfortunately are not. If congress did their job to uphold our constitution and rights instead of fostering corrupt lackeys like Orrin Hatch then this would not be a problem and user's rights would be physically guaranteed. Instead we have idiots like the senator from Disney continually trying to sell us all down the river for a few campaign dollars. When one individual stands up to help the situation fools like you call them a vandals, you should show more respect to people fighting and coding for freedoms and your rights to the information you have purchased.

Not a "Crack"

[Bert690]

A crack would imply it breaks the encryption scheme. However, seeing as it only works on music someone has legally purchased, it's clear to me that this relies on having access to the decryption keys. So it sounds as if they simply reverse engineered the decryption protocol. Not an easy task by any means, but it's not as interesting as something like DeCSS which involved determining both the decryption keys and decryption algorithm.

Effect on Apple's sales ...

[rocketfairy]

Okay, so FairPlay:

• Requires that you buy a copy of the song;
• allows you to play that song on whatever AAC-compatable devices suit your fancy; and
• won't make it particularly easier for filesharers, who appear to be more apt to share ripped CDs, anyways.

And this is supposed to be bad how, exactly?

iTunes customers will still have to pay; filesharing will be unaffected; and iTunes users will have more options in how they play their songs. Apple won't like it, since to them iTunes is only a way to sell their overpriced little toys ... But it won't have any appreciable impact on iTunes sales, methinks.

The problem with DRM'ing music (aside from the fact that DRM-as-content-protection is a ricockulous business plan with no engineering merit whatsoever) is that record companies sell oodles of unwatermarked, non-DRM'ed CD's. Files don't wind up on Kazaa because some clever 13-year-old h4x0r3d your encryption; they wind up their because a chimpanzee could rip files off a CD.

I've given up on music downloads

[jocknerd]

I've downloaded about 275 songs from iTunes Music store. But I've come to the decision that I will no longer download music for one reason. And its not because of DRM. I can actually live with Apple's DRM. I don't notice it.

I will stop downloading because I no longer want to own music that is in a format other than its original format. Let me be the one to decide what to encode my music to make the files smaller. Not Apple or Microsoft. If you let me purchase my music in WAV or even FLAC, I'll continue to support your store, but if you insist on keeping all downloads in AAC or WMA formats, I will no longer be a customer.

And if CD's go away, I guess I just won't buy music anymore.

VideoLan

[delus10n0]

VideoLan can already decode/play back M4P iTunes-purchased files. It stores the system's key in the \Documents and Settings\\Application Data\drms\ folder -- you can copy that folder to other computers that aren't authorized via iTunes, and still play the M4P's with VideoLan. And since VideoLan supports streaming, you can set it to output the raw AAC into a new MP4 container. The only downside is that it's realtime, and that you have to do each file one at a time. But I wrote a Visual Basic app to loop through a directory recursively and call VideoLAN to convert each M4P file.

Hopefully someone takes this new code and makes a windows version, that can do process large amounts of files at a time...

stop whining

[hak1du]

To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard.

Well, and if Apple produces a DRM system with gaping holes, then from the point of view of the music industry, that's exactly what should happen. Or do you think people aren't also hard at work cracking WMA?

If Apple wants to be a provider of DRM, then they better do it right or they don't do it at all.

Only one problem - it doesn't work

[sjonke]

All this discussion of the concept of PlayFair - have any of you tried it? So far every track I have tried it on causes iTunes to crash when I attempt to add it to my iTunes library. Hopefully this is a temporary problem, and I have heard of others having some success, but at the most it's very unfinished. Not there yet.

Re:FoulPlay

[jmv]

it's defeating one of the most liberal copyright-protection schemes in existance.

So you mean it's liberal enough to allow me to play files in Linux?

Re:FoulPlay

[ImpTech]

> it's defeating one of the most liberal copyright-protection schemes in existance.

What about actual copyright law?

Re:FoulPlay

[Slack3r78]

Honestly, this is borderline, but I can understand the logic behind it. What happens if it turns out the trolls are right, Apple does die, and you need new hardware? Or play your AACs under Linux? Or any number of other scenarios that could call for legitimate fair use?

Here's the thing you and many others are missing - PlayFair only strips the DRM if you already own a legal copy. If you read so much as the single paragraph summary on their site, you'd see that in order crack the DRM, PlayFair extracts your key from either your iPod or your iTunes software. So if you don't already have legal access to the music, you're not going to be able to strip the DRM.

Yes, it can be used as a piracy tool, but really the argument for this isn't really any different than the one for DeCSS. This can be, and very much is, a tool for fair use.

Re:FoulPlay

[Slack3r78]

Absolutely - and this will likely follow the same path that DeCSS did. Sourceforge has actually already pulled it, but's out, and it will be mirrored in places outside of the US' jurisdiction where such software is legal.

It's a shame that as a country that prides itself in its freedom, when it comes to information, we're rapidly becoming one of the least free nations on earth, thanks to the media lobbies. With any luck, the US will come up with a DVD Jon of our own in the near future - someone willing to fight it out and get the DMCA at least partially struck down.

Wrong.

[Ayanami Rei]

You can still get the previous version, which was released a scant 5 days ago. It's nothing special, just a clever way to get at the private keys that breaks the PKE scheme.

I mean, all "hacks" on DRM of this nature (single authority source, encrypted carrier, hardware or firmware enforcement) will be exactly the same technique. The question is how do you get at the unencrypted scheme or your session keys... this is an example of how to do that under Fairplay w/iPods.

Point being, at some stage you have to store a decryption key somewhere, and all you need to is intercept it or extract it. It checks your iTunes for it's user key, or generates the one the iPod would (eventually) use. Apparently using this and MD5 hashing of information from each protected song, you get a session key which can decrypted the DRMS atom (AES if you were wondering... figures). And that's it.

I wouldn't really call it hacking... it's reverse engineering and re-implementation of Veridisc's algorithm.

Point is, I was waiting for someone to finally hunker down and pick it apart. Now I know... so if I ever run into a situation where I need the unprotected stream, I can get it, but you're not going to see me giving these unprotected streams to my friends... I paid for them! I just need to increase my value.

Now I can use the AAC streams in my car (got a laptop rigged up... OGGs, MP3s, and now iTunes... heee heee!)

Re:FoulPlay

[Shimmer]

At the moment, it's illegal in the US under the DMCA. You might not like it, but that's a different question.

Re:What kind of comment is that?

[funny-jack]

Why can't I do whatever I choose with the music I pay for?

Because when you pay for it, you agree to a set of restrictions on what you can do with it. Don't like those restrictions? Buy it somewhere else.

Re:Vandals??

[jmorris42]

> If Apple doesn't want WMA to become the standard, let Apple get its act
> together with a demonstrably good implementation of the DRM idea, one
> which can't be cracked.

Apple happens to be run by a geek who understands the fundamental reality of the situation. So long as we still have trusted computers, uncrackable DRM isn't possible. If the iTunes player can read the data out it can be reverse engineered to discover the method and the keys. Only if we, the purchasers of hardware, allow the trust relationship to be inverted will that change. When you hear someone speak of "trusted computing" you must always ask the question of WHO is going to be the one trusting the machine. Right now it is the owner, but certain forces would like to change that.