DVD-Jon Breaks iTunes Encryption For Linux Users

McGruff writes "The Register has a story regarding DVD-Jon's new hobby, iTunes DRM. According to the story DRMed iTunes AAC files can now be played under Linux via VidioLAN Client thanks to some handywork by Jon. '"When you run the VideoLAN Client under Windows it will write the user key to a file. The user key is system independent and can thus be used by the GNU/Linux version of VLC," he explains.' Personally, this just means I will buy even more iTunes." (We mentioned in November Johansen's efforts to negate the iTunes restrictions on Windows.)

The Code

[sr180]

Link from the article to directly download the code: http://developers.videolan.org/cgi-bin/viewcvs.cgi /vlc/modules/demux/mp4/?cvsroot=VideoLAN

Or maybe...

[raygundan]

Just AAC2AAC? Only without the copy protection. That way we keep our compression loss to one generation.

Re:How long...

[Doppler00]

Why would you want to re-encode an AAC to an MP3? AAC already has superior quality. Just removing the encryption (for personal use) would be nice.

Re:Does iTunes music store work under Linux anyway

[exhilaration]

No, you need the iTunes client to play any files you buy from the iTunes store. And No, it doesn't (yet) work under Wine or CrossoverOffice.

Re:How long...

[moosesocks]

It could be done with AppleScript under OS X. Simply tell itunes to play a given song, tell any old sound recording app to dump the computer's sound output to a WAV, convert to MP3 using LAME, and then grab the song's info via. AppleScript and put it into an ID3

The downside here is that you're losing quality encoding to MP3 (remember that AAC is also lossy). Unfortunately, there is no way to preserve full-quality without retaining the original file format.

Either way, I frown upon this sort of piracy. $.99 is pretty darn cheap (Note here that I have no objection to using this to play your OWN files under linux if it is the operating system of your choice. Just keep it to yourself)

Itunes.

[DAldredge]

Due to a series of drive crashes I lost what music I bought from iTunes but, due to the way itunes works, I am unable to download the music again.

Why? It isn't like I bought a digital object, I just bought a string of bits.

Re:What does this guy do for a living?

[asavage]

He was 15 when he broke the DVD encryption and now he is still only around 19. He doesn't need to work for a living yet.

Re:Is this guy an idiot?

[leehwtsohg]

unless you really think you are innocent

Re:From the article...

[Luke the Obscure]

It looks like DVD-Jon speerheaded the whole thing, but other people were involved.

For the very very long story go here [harvard.edu]. It's one of the legal declarations from the case.

Re:From the article...

[cheekyboy]

Yes, it was another russian pair I think....

But we let it be kept secret, infact the real secret is that the Xing Player KEys/code was used, buy had to be faked to look like it was reverse engineered.

In any case, TOO LATE NOW, its out of the bag, and no traces left, the way it was meant.

Re:If this turns out to be straightforward...

[pato perez]

Apple can't remove DRM because that's part of their deal with the music companies. They had to fight pretty hard to get the the terms they did--which were remarkably liberal (unlimited burning to CD, not expiration, can be used on multiple computers) compared to what was available before.

It's in Apple's interest that DRM be as unrestrictive as possible, since it means more music for people to play on their iPods, which indirectly helps market their iPods. It wouldn't surprise me if they go after people who break their DRM, to maintain good faith with their music industry partners, but not because it's any skin off their nose.

Re:How long...

[asdfghjklqwertyuiop]

Either way, I frown upon this sort of piracy

What sort of piracy? I didn't see anything in your comment that described piracy.

Neither piracy nor copyright infringement for that matter.

Re:Key exchange ?

[damiam]

I don't see how it's an advantage; it's the same price as a typical CD in stores.

No, it's not. Albums on iTunes are (with a few rare exceptions) $10. 95% of in-store albums cost quite a bit more than that.

Re:Windows Only???

[EvilSporkMan]

QuickTime only runs on Mac and Windows.

scott@allyourbase scott $ emerge -s quicktime

*** You are not in the portage group. You may experience cache problems
*** due to permissions preventing the creation of the on-disk cache.
*** Please add this user to the portage group if you wish to use portage.

Searching...
[ Results for search key : quicktime ]
[ Applications found : 3 ]

* media-libs/libquicktime
Latest version available: 0.9.2_pre1
Latest version installed: 0.9.2_pre1
Size of downloaded files: 644 kB
Homepage: http://libquicktime.sourceforge.net/
Description: A library based on quicktime4linux with extensions

* media-libs/openquicktime
Latest version available: 1.0-r1
Latest version installed: 1.0-r1
Size of downloaded files: 312 kB
Homepage: http://openquicktime.sourceforge.net/
Description: OpenQuicktime library for linux

* media-libs/quicktime4linux
Latest version available: 1.5.5-r1
Latest version installed: [ Not Installed ]
Size of downloaded files: 2,060 kB
Homepage: http://heroinewarrior.com/quicktime.php3
Description: quicktime library for linux

What?

Re:How long...

[Zork the Almighty]

Uh, Xvid has gotten a lot better than you give it credit for. See Doom9 [doom9.org]'s latest codec comparison.

Re:I hope it has DMA restrictions...

[strider3700]

I write commercial software. Our software doesn't (yet) work on linux/mac/windows... I would love for someone to find an easy way to get my software to as many different OS's as possible. Seriously if anyone was to port our product to a mac, or windows they would have a thank you letter and a job offer on their way. The difference between us and some of the other software products out there is we don't want lock in on a single system. We get more revenue from customization and support then we get from new sales However most of the profit in the customizations and support comes from new sales. Eventually the customer settles in and become a steady low support stream and thats about it. The more systems we can run on the more chances we have at getting a customer. The only reason we don't run on every OS/hardware configuration possible is the fact that it's non-trivial to port to all of these. It has nothing to do with our desire to support one OS.

Now other mp3 player can support Apple's AAC....

[didiken]

So now give other RIO or Samsung MP3 players no excuse that they can't support Apple iTMS.

Re:How long...

[SlightOverdose]

ffmpeg.sourceforge.net

Re:AAC != ENCRYPTION

[Technician]

Presumably, what the article is referring to is the ability to decrypt the .m4p file and extract plain AAC from it.

Well close but not quite. The article is dealing with playing encrypted AAC files, not removing the wrapper. The article is about getting the key and the wrapped file both to a Linuz box so it can play it. It is not about unwrapping the file to an un-encrypted file for playback anywhere.

Relevant Information

[Otto]

After examining the code, here's basically how the iTunes encryption works:

Every user account for iTunes gets a "user key". This gets sent to the computer at the the time of "Authorization" and gets written to a file on the hard drive. But it's not written out plainly, oh no. Instead, it creates a "system key" using several bits of data from Windows and the hardware and such. This system key is what's stored in the file.

To playback a song, the system key is derived from the machine and used to decrypt the file on the drive. This gives the list of user keys that machine is authorized to play, and these will decrypt songs using the same account (yes, each song is encrypted at the time of download, with the user key for that account).

This crack essentially works out how the system key is derived. Using that, it gets the user key, writes it off to a file, and can then decrypt any of that users songs.

Note that when you transfer a song from iTunes to the iPod, it does the same basic thing. Decrypts the file using the system key and reencrypts it using iPod specific information, then sticks it on the iPod. The iPod then does the same process as iTunes to play the file, more or less, it's just using a different system key.

This crack could be patched by changing the method to derive the system key from the machine, but not once the user key has been derived and written to a file somewhere. Once you have the user key, that can be used to decrypt the songs, and you're essentially done. Since you have the song files, and the key to decrypt them, no patch in the world could possibly fix it. They could fix it for newly purchased songs, but to do that they'd have to change every users key and reauthorize them. And that potentially breaks the authorization for songs that have already been purchased. They could start a new key without removing the old ones, in order to maintain backward compatibility and not piss off everyone who has used iTMS up until now, and then release new songs using only the new encryption, but it's essentially a dead end. The whole concept behind iTunes encryption is that once a machine is authorized, it can play songs without any outside intervention. Meaning that it has everything it needs to decrypt the songs right there on that machine. Meaning that as long as this is true, it can be cracked again.

I knew it was only a matter of time. I give it another 2 weeks before someone takes the code out of the drms.c, drms.h, and drmtables.h files and produces an M4P->M4A converter. Everything really needed to do it is in there. You read in the file, call this code to get the system key, call the code to get the user key, call the code to decrypt the DRMS section, then rewrite the file with a normal AAC data section instead. Not too difficult, although interpreting Jon's code is a PITA to say the least. The guy writes C code that reads more like ASM. Frankly, looking at the code, I think he simply found the relevant part of iTunes/Quicktime with a debugger and converted the relevant machine language straight into C with no major adjustments.

Re:People say this won't hurt Apple, but it will

[Halo1]

Apple has told the labels from the start that iTunes is not unbreakable, in fact they are convinced you cannot make anything unbreakable.

Quote [infoworld.com] from Phil Schiller, VP worldwide product marketing Apple

A second part of this is we fundamentally think that an attempt to create an unbreakable system is foolish.

There's also an article somewhere where Steve Jobs says more or less the same (and says he told the labels so), but I can't find it currently.

results:

[Anonymous Coward]

I tried it, but only 10, 25, 50, 100 reencodings, all at 128KB/s with bladeenc.
At 10x it sounds definitley worse, you can easily tell the degraded version from the original on the cheapest equipment.
At 25x ghost-noises increase, some instruments become very faint and vocals develop strange echoes.
At 50x it starts to become painful to listen to the song, noises are sometimes louder than the music, overshadowing it completely.
At 100x noises get so loud you can't understand the vocals, and only the most basic of notes manage to come through. Nevertheless, the song is stillt easily recognizable. It stopped beeing enjoyable somewhere between 10 and 25.

All the best,
rob