Jump to content

FairPlay: Difference between revisions

From Wikipedia, the free encyclopedia
Content deleted Content added
song -> song or other form of media; TV Shows, etc can also be protected
No edit summary
Line 81: Line 81:
===Requiem===
===Requiem===


Requiem was originally released by "Brahms" as version 1.0 in February 2008, and has been recently released in October 2008 as version 1.8.1. Requiem allows a person to decrypt both music and movies that they are authorized to play in iTunes by reverse-engineering Apple's FairPlay algorithm.
Requiem was originally released by "Brahms" as version 1.0 in February 2008, and has been recently released in November 2008 as version 1.8.2. Requiem allows a person to decrypt both music and movies that they are authorized to play in iTunes by reverse-engineering Apple's FairPlay algorithm.


Requiem works by decrypting the iTunes configuration files that are in "/Users/Shared/SC Info". In Mac OS X, the key to decrypt these config files is an obfuscated version of the [[MAC address]] of one's computer. In Windows, an amalgamation of hard drive volume information and registry keys are used instead of the MAC address. The initialization variable for this decryption is a [[hard coding|hard coded]] constant. The program then decrypts the keys in the config files as well as the private atoms in the audio/video files and creates unencrypted versions. <ref>Requiem 1.7.3 README file</ref> An updated [[iTunes version history|iTunes 7.6.2]] disabled Requiem, however, versions 1.4 and 1.5 again circumvented the protection. Apple again disabled Requiem with [[iTunes version history|iTunes 8]], but the author has released version 1.8.1 which circumvented iTunes 8 DRM on Mac OS X systems
Requiem works by decrypting the iTunes configuration files that are in "/Users/Shared/SC Info". In Mac OS X, the key to decrypt these config files is an obfuscated version of the [[MAC address]] of one's computer. In Windows, an amalgamation of hard drive volume information and registry keys are used instead of the MAC address. The initialization variable for this decryption is a [[hard coding|hard coded]] constant. The program then decrypts the keys in the config files as well as the private atoms in the audio/video files and creates unencrypted versions. <ref>Requiem 1.7.3 README file</ref> An updated [[iTunes version history|iTunes 7.6.2]] disabled Requiem, however, versions 1.4 and 1.5 again circumvented the protection. Apple again disabled Requiem with [[iTunes version history|iTunes 8]], but the author has released version 1.8.2 which circumvents iTunes 8 DRM on Mac OS and Microsoft Windows systems.


Apple has taken steps to remove references of Requiem from the JHymn forums. A [http://hymn-project.org/forums/viewtopic.php?p=17241#17241 post on the JHymn forums] explains Apple's [[cease and desist]] order against the forum regarding posting information on circumvention technologies like Requiem. Since the C&D order, the author of Requiem has made it available with source code on the anonymous [[Freenet]] network, from which it's been copied onto popular [[BitTorrent]] public trackers, such as [[The Pirate Bay]].
Apple has taken steps to remove references of Requiem from the JHymn forums. A [http://hymn-project.org/forums/viewtopic.php?p=17241#17241 post on the JHymn forums] explains Apple's [[cease and desist]] order against the forum regarding posting information on circumvention technologies like Requiem. Since the C&D order, the author of Requiem has made it available with source code on the anonymous [[Freenet]] network, from which it's been copied onto popular [[BitTorrent]] public trackers, such as [[The Pirate Bay]].

Revision as of 20:19, 20 November 2008

FairPlay is a digital rights management (DRM) technology created by Apple Inc., based on technology created by the company Veridisc. FairPlay is built into the QuickTime multimedia software and used by the iPhone, iPod, iTunes, and iTunes Store and the App Store. Any protected song or other form of media purchased from the iTunes Store with iTunes is encoded with FairPlay. FairPlay digitally encrypts AAC audio files and prevents users from playing these files on unauthorized computers.

The majority of FairPlay-encrypted content is purchased through the iTunes Store, using the iTunes software. The iTunes software relies on Apple's Quicktime multimedia software for decoding and playback of the encrypted files. Every media player capable of utilizing QuickTime is capable of playing back FairPlay-encrypted files, including RealPlayer, Media Center, and Media Player Classic.

How it works

FairPlay-protected files are regular MP4 container files with an encrypted AAC audio stream. The audio stream is encrypted using the AES algorithm in combination with MD5 hashes. The master key required to decrypt the encrypted audio stream is also stored in encrypted form in the MP4 container file. The key required to decrypt the master key is called the "user key."

Each time a customer uses iTunes to buy a track a new random user key is generated and used to encrypt the master key. The random user key is stored, together with the account information, on Apple’s servers, and also sent to iTunes. iTunes stores these keys in its own encrypted key repository. Using this key repository, iTunes is able to retrieve the user key required to decrypt the master key. Using the master key, iTunes is able to decrypt the AAC audio stream and play it.

When a user authorizes a new computer, iTunes sends a unique machine identifier to Apple’s servers. In return it receives all the user keys that are stored with the account information. This ensures that Apple is able to limit the number of computers that are authorized and makes sure that each authorized computer has all the user keys that are needed to play the tracks that it bought.

When a user deauthorizes a computer, iTunes will instruct Apple’s servers to remove the unique machine identifier from their database, and at the same time it will remove all the user keys from its encrypted key repository.

The iPod also has its own encrypted key repository. Every time a FairPlay-protected track is copied onto the iPod, iTunes will copy the user key from its own key repository to the key repository on the iPod. This makes sure that the iPod has everything it needs to play the encrypted AAC audio stream.

FairPlay does not affect the ability of the file itself to be copied. It only manages the decryption of the audio content.

Restrictions

FairPlay-encrypted audio tracks allow the following:

  • The track may be copied to any number of iPod portable music players.[1]
  • The track may be played on up to five (originally three) authorized computers simultaneously.[1]
  • A particular playlist within iTunes containing a FairPlay-encrypted track can be copied to a CD only up to seven times (originally ten times) before the playlist must be changed.[2]
  • The track may be copied to a standard Audio CD any number of times.[2]
    • The resulting CD has no DRM and may be ripped, encoded and played back like any other CD. However, CDs created by users do not attain first sale rights and cannot be legally leased, lent, sold or distributed to others by the creator.
    • The CD audio still bears the artifacts of compression, so converting it back into a lossy format such as MP3 may aggravate the sound artifacts of encoding (see transcoding). When re-ripping such a CD one could use a lossless audio codec such as AIFF, Apple Lossless, FLAC or WAV however such files take up significantly more space than the original .m4p files

At this time, it appears that the restrictions mentioned above are hard-coded into QuickTime and the iTunes application, and not configurable in the protected files themselves.

Fairplay prevents iTunes customers from using the purchased music directly on any portable digital music player other than the Apple iPod, Motorola ROKR E1, Motorola SLVR, Motorola RAZR V3i,or iPhone.

On January 3, 2005, an iTunes online music store customer, Thomas Slattery, filed a lawsuit against Apple Inc., alleging the company broke antitrust laws by utilizing FairPlay with iTunes so that purchased music will work only with its own music player, the iPod, freezing out competitors.[3] Though most of the complaints have been dropped, the case has since been combined with two other lawsuits and continues today under the temporary name "The Apple iPod iTunes Antitrust Litigation."[4]

On June 28, 2004, VirginMega filed a complaint with the French Competition Council against Apple regarding its refusal to license Fairplay to VirginMega for use in their own online music commerce store. The French Conseil de la Concurrence rejected the complaint over accused anti-competitive behavior.[5] The Conseil ruled against the notion that FairPlay was an "essential facility" for three distinct reasons: 1) Playing purchased music on portable players was a small part of the market; 2) CD Burning provides an adequate work-around to get purchased music from other vendors onto an iPod; and 3) There is sufficient availability of portable players that support Microsoft's WMA DRM as a viable alternative and choice for consumers.[6]

Circumventing FairPlay

After the launch of the iTunes Store multiple people attempted to circumvent the encryption of FairPlay-protected files.

QTFairUse

Jon Johansen – also known for his DeCSS program – was the first to discover a way to circumvent the DRM. The open source application QTFairUse intercepted the decrypted output and wrote it to a raw AAC file. Many media players do not support such raw files and the files had to be processed with a tool like FAAD to create normal files. One of the few media players that is able to play raw AAC files is foobar2000.

The second time around, Johansen reverse engineered the encryption technique used in FairPlay and created an algorithm to completely remove the encryption without re-encoding the encrypted AAC stream. This method is currently used by VLC media player in order to play FairPlay-protected tracks.

Only a few days after the release of iTunes 7.0 the experimental version 2.3 of QTFairUse6, a derivative of the python open source QTFairUse, was released which dumps each track to a raw AAC file which then can be converted to any format.

Jon Johansen himself also released a tool to remove the encryption, called DeDRMS. Later he released FairKeys, which uses Apple’s own servers to retrieve the keys needed by DeDRMS.

All these applications have two things in common. First of all, they use the user keys from either the Apple servers, the iTunes key repository, or the iPod key repository, which ensures they can decrypt only files that are legally bought; a user cannot use these applications to decrypt files that another user bought. Secondly, they keep user specific metadata inside the MP4 container intact, so it is possible to identify the user who originally bought the file after it is decrypted.

In March 2005, it was revealed through a front end of the iTunes Store called PyMusique that the FairPlay DRM was added only as a song was being purchased from the store by the client software itself.

In October 2006, Jon Johansen announced that instead of breaking FairPlay, he had reverse-engineered it so that other companies could play their DRM-protected music and movies on iPods and Apple's new Apple TV. His company, DoubleTwist Ventures, would license the technology to media companies who wished to have their media playable on the iPod or Apple TV, with the protection of FairPlay DRM, but without having to go through Apple.[7]

Playfair, Hymn, and JHymn

A software package named PlayFair – created by an anonymous author – also appeared. It can remove the encryption from files using the FairPlay DRM mechanism. The author of Playfair used the source code written by Jon Johansen for VLC. Apple's legal department forced PlayFair to be first removed from SourceForge.net, and then when the Indian open source web site Sarovar.org hosted the project they too were sent a cease and desist by Apple's lawyers. However, Playfair's successor Hymn (an acronym for "Hear Your Music aNywhere") is alive and well and has become JHymn, a Java variant of the program, and iOpener, a Windows variant.

Apple Computer introduced iTunes 6.0 in October 2005, which included changes intended to stop programs like JHymn from decrypting FairPlay encrypted files. Furthermore, once iTunes 6 has been used to purchase songs or authorize a computer with a particular iTMS account, that account will be blocked from making purchases or activations on earlier iTunes versions, thus JHymn can no longer be used.[8]

Apple Computer introduced iTunes 7.0 in September 2006, which once again included changes intended to stop programs similar to JHymn.

Harmony: RealPlayer Music on the iPod

In July 2004, RealNetworks introduced their Harmony technology. The Harmony technology is built into RealPlayer and allows users of the RealPlayer Music Store to play their songs on the iPod. Before the introduction of Harmony this was not possible, because the RealPlayer Music Store uses a different DRM scheme, called Helix DRM, that was incompatible with that used by Apple. While using RealPlayer to transfer a Helix DRM-restricted song onto the iPod, Harmony transparently converts it to a FairPlay-compatible protected file. Real argued that Harmony was a boon to consumers that "frees" them "from the limitation of being locked into a specific portable device when they buy digital music."[9] Apple responded:

We are stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the implications of their actions under the DMCA and other laws. We strongly caution Real and their customers that when we update our iPod software from time to time it is highly likely that Real's Harmony technology will cease to work with current and future iPods.

RealNetworks launched an internet petition titled "Hey Apple! Don't break my iPod", encouraging iPod users to sign up to support Real's action. The petition backfired badly. [10] The overwhelming majority of posters reacted negatively. The main points of criticism against Harmony were:

  • Many posters accused RealNetworks of astroturfing with the petition they had created.
  • RealNetworks was criticised for hypocrisy in keeping its own intellectual property and products closed, while asking Apple to open up the iPod.
  • The move was also denounced as an attempt to force Apple into a partnership that would only benefit RealNetworks.

Apple did disable Harmony around the time of the iPod photo launch, and to older versions shortly after in firmware updates. The change makes it so that all music (past and present) purchased through the RealPlayer Music Store will not work on Apple's iPod. In response, Real said they would get it working again.

In August 2005, an SEC filing by RealNetworks disclosed that continued use of the Harmony technology put themselves at considerable risk because of the possibility of a lawsuit from Apple, which would be expensive to defend against, even if the court agreed that the technology is legal. Additionally, the possibility that "Apple will continue to modify its technology to 'break' the interoperability that Harmony provides to consumers" would mean that "Harmony may no longer work with Apple's products, which could harm our business and reputation, or we may be forced to incur additional development costs to refine Harmony to make it interoperate again."[11]

Harmony never resurfaced as an option by RealNetworks.

Requiem

Requiem was originally released by "Brahms" as version 1.0 in February 2008, and has been recently released in November 2008 as version 1.8.2. Requiem allows a person to decrypt both music and movies that they are authorized to play in iTunes by reverse-engineering Apple's FairPlay algorithm.

Requiem works by decrypting the iTunes configuration files that are in "/Users/Shared/SC Info". In Mac OS X, the key to decrypt these config files is an obfuscated version of the MAC address of one's computer. In Windows, an amalgamation of hard drive volume information and registry keys are used instead of the MAC address. The initialization variable for this decryption is a hard coded constant. The program then decrypts the keys in the config files as well as the private atoms in the audio/video files and creates unencrypted versions. [12] An updated iTunes 7.6.2 disabled Requiem, however, versions 1.4 and 1.5 again circumvented the protection. Apple again disabled Requiem with iTunes 8, but the author has released version 1.8.2 which circumvents iTunes 8 DRM on Mac OS and Microsoft Windows systems.

Apple has taken steps to remove references of Requiem from the JHymn forums. A post on the JHymn forums explains Apple's cease and desist order against the forum regarding posting information on circumvention technologies like Requiem. Since the C&D order, the author of Requiem has made it available with source code on the anonymous Freenet network, from which it's been copied onto popular BitTorrent public trackers, such as The Pirate Bay.

Conversion to analog

There are mainly two other methods to bypass the DRM control. The first method is to burn a copy to an audio CD — either real or virtual — and then rip it.

The second method is to use a recording software and sound card, utilizing the so-called "analog hole". For example, Replay Music which records and also identifies and tags the songs using an audio fingerprinting algorithm.

Steve Jobs on DRM

On February 6, 2007, Steve Jobs, CEO of Apple Inc., published an open letter entitled Thoughts on Music on the Apple website calling on the "big four" music companies to sell their music without DRM.[13] According to Jobs, Apple does not want to use DRM but is forced by the four major musical labels with whom Apple negotiates contracts for iTunes. Jobs's main points were:

  • DRM has never and will never be perfect. Hackers will always find a method to break DRM.
  • DRM restrictions only hurt people using music legally. Illegal users aren't affected by DRM.
  • The restrictions of DRM encourage users to obtain unrestricted music which is usually only possible via illegal methods.
  • The vast majority of music is sold without DRM via CDs which has proven successful.

Jobs's letter was met with some praise but many other criticized Apple's hypocritical approach to DRM. While openly criticizing DRM, Apple has been actively threatening or sueing anybody trying to open their own DRM or make it interoperable. They claim that this is not because they are afraid of illegal copies but because it gives them a advantage in their market position as a leader in both electronic music sales (iTunes) and in music players (iPod), reinforcing each other due to the FairPlay DRM. [14] [15] [16] [17].

On April 2 2007, Steve Jobs and EMI announced DRM free music for EMI's complete music library for a 30¢ premium above the standard price. This began in May 2007. Soon after, Amazon.com began selling unrestricted music files for 99¢ and Apple dropped the price of its DRM free music back to 99¢.

Selected responses

The essay caused ripples across the music industry, prompting replies from other major players. Responses include those from Jon Lech Johansen on February 6, MP3.com founder Michael Robertson on February 8, Warner Music boss Edgar Bronfman and the open DRM Coral Consortium on February 9, head of Yahoo Music Dave Goldberg on February 11, Fred Amoroso of Macrovision on February 16 and the Free Software Foundation on March 7.

DVD Jon

The famous decoder of the Content Scramble System, Jon Lech Johansen, criticized Jobs' statistical evidence that users are not locked into using the iPod by using the iTunes Store to download music with Apple Computer's FairPlay (DRM).[18]

Warner Music Group Corp.'s Edgar Bronfman

In a conference call on the earnings of Warner Music Group Corp., CEO Edgar Bronfman argued in favor of DRM, claiming that DRM and interoperability are not mutually exclusive.[19]

Coral Consortium

A multi-industry group working on creating interoperability between DRM formats, the Coral Consortium responded with an invitation to incorporate their technical specifications for interoperability into the iTunes framework.[20]

Yahoo's Dave Goldberg

In the Silicon Valley Watcher, Tom Foremski interviewed Yahoo Music head Dave Goldberg, who advocated removing DRM from music altogether.[21]

Macrovision's Fred Amoroso

CEO and President of Macrovision Corporation, Fred Amoroso posted his own open letter in response to Steve Jobs's. In his reply, Amoroso argued that DRM increases both consumer value and electronic distribution by giving users choices (e.g. rent vs. buy). He also argues in favor of interoperable and open DRM.[22]

References

  1. ^ a b "Apple - Support - iTunes Store - Authorization FAQ". Apple.com. Retrieved 2008-09-13.
  2. ^ a b "Can't burn a CD in iTunes for Windows". Docs.info.apple.com. Retrieved 2008-09-13.
  3. ^ "InternetNews Realtime IT News – Apple Hit by Lawsuit". Internetnews.com. Retrieved 2008-09-13.
  4. ^ "Apple Inc. 10-Q". EDGAR. 2007-05-10. p. 38. Retrieved 2007-06-21.
  5. ^ Décision n° 04-D-54 du 9 novembre 2004 relative à des pratiques mises en oeuvre par la société Apple Computer, Inc. dans les secteurs du téléchargement de musique sur Internet et des baladeurs numériques
  6. ^ iTunes, DRM and competition law
  7. ^ Gannes, Liz (2006-10-02). "DVD Jon Fairplays Apple". GigaOM. Archived from the original on 2007-11-02.
  8. ^ DRM. "JHymn Info and Help". Hymn-project.org. Retrieved 2008-09-13.
  9. ^ "RealNetworks Introduces Harmony, Enabling Consumers to Buy Digital Music that Plays on All Popular Devices". Realnetworks.com. Retrieved 2008-09-13.
  10. ^ "Real v Apple music war: iPod freedom petition backfires - Hardware - Breaking Business and Technology News at silicon.com". Hardware.silicon.com. Retrieved 2008-09-13.
  11. ^ AppleInsider Staff. "AppleInsider | Real admits risk of Apple lawsuit". Appleinsider.com. Retrieved 2008-09-13.
  12. ^ Requiem 1.7.3 README file
  13. ^ Jobs, Steve (2007-02-06). "Thoughts on Music". Retrieved 2007-06-21.
  14. ^ [1]
  15. ^ [2]
  16. ^ [3]
  17. ^ [4]
  18. ^ "nanocr.eu » Blog Archive » Steve's misleading statistics". Nanocrew.net. Retrieved 2008-09-13.
  19. ^ "Warner Music Group F1Q07 (Qtr End 12/31/06) Earnings Call Transcript - Seeking Alpha". Media.seekingalpha.com. Retrieved 2008-09-13.
  20. ^ "Welcome to Coral Consortium". Coral-interop.org. Retrieved 2008-09-13.
  21. ^ "Yahoo exec says removing DRM from music boosts sales". Siliconvalleywatcher.com. Retrieved 2008-09-13.
  22. ^ "Article & Reviews - Macrovision". Macrovision.com. Retrieved 2008-09-13.