DVD-Jon Breaks iTunes Encryption For Linux Users 584
McGruff writes "The Register has a story regarding DVD-Jon's new hobby, iTunes DRM. According to the story DRMed iTunes AAC files can now be played under Linux via VidioLAN Client thanks to some handywork by Jon.
'"When you run the VideoLAN Client under Windows it will write the user key to a file. The user key is system independent and can thus be used by the GNU/Linux version of VLC," he explains.' Personally, this just means I will buy even more iTunes." (We mentioned in November Johansen's efforts to negate the iTunes restrictions on Windows.)
Key exchange ? (Score:5, Interesting)
How long... (Score:5, Interesting)
How long until someone writes a command-line AAC2mp3 converter?
This is a wonderful breakthrough (Score:5, Interesting)
While booting to Windows is a slight disappointment, I am sure DVD-Jon will remove that step ASAP.
Re:Key exchange ? (Score:2, Interesting)
From the article... (Score:3, Interesting)
It was my understanding that DVD-Jon (as we're calling him now) did *not* actually break the DVD encryption scheme, but collaborated with some anonymous hackers who did. I think his involvement was more on the order of making it more accessible to the tyro. Could someone clear this up once and for all?
Macworld Keynote (Score:2, Interesting)
What does this guy do for a living? (Score:5, Interesting)
iTunes on Linux (Score:5, Interesting)
Programmers will code the security so that the app only works one way, and some user will break it s it works elsewhere as well.
We need to have more thought put into coding so that apps will work more platforms, and also be aware that it is envitable (sp?) that somebody will crack it.
I broke a lot of digital clocks as a kid because I wanted to know what made them tick! I still got new ones, and broke them as well.
Does iTunes music store work under Linux anyway? (Score:2, Interesting)
But I'm in Australia, and we don't have iTunes music store yet.
It it possible to use iTunes music store under Linux? Is it just a web site, with files you need iTunes to play, in which case I can use VideoLAN instead? Or otherwise?
In a worse case scenario, does iTunes work under Winex or Codeweavers Wine?
Re:Key exchange ? (Score:3, Interesting)
What's The Point? (Score:2, Interesting)
So where would a Linux user get purchased music from iTunes from? From his Windows or Mac computer. This is a what passes for win for Linux users??
It seems to be a cute exercise, but not a very useful thing, unless you hate Apple's horrific, evil DRM oh so much.
Leave it alone (Score:2, Interesting)
What's the point? (Score:3, Interesting)
Ok, so you can play iTunes AAC files on *Nix PCs, provided you have the key. Wouldn't it just be easier to download it off of Kazaa? You can find cover art with google, and you can use SoulSeek to find high quality rips. That gets rid of two arguements right there.
iTunes DRM is WEAK, man. Burn it to CDRW and rip the sucker again, it's as easy as jumping over a subway turnstile. Why are we wasting time with a pointless thing like this, why not crack WMP or something harder with a better payoff?
WMP (Score:3, Interesting)
If this turns out to be straightforward... (Score:2, Interesting)
I just hope Apple gets the message and removes all DRM from their music. At that point, I'd encourage others who do not have technical knowledge to buy music using the service as well.
I take it that it is the RIAA that mandates the DRM though and not Apple?
Sounds cumbersome for swapping (Score:5, Interesting)
The thing is that AFAIK VLC isn't set up to manage multiple key+file pairs. So it is useful for *your* library, but not various files downloaded off the net. For that reason, I doubt they will go after him.
My question is, how does the iPod decrypt the file without a key? Or is it simply using the parent boxes key? It seems to me that if that's the case it should be trivial to recover the key from an iPod directly, no PC required (Just a Mac
Re:Itunes. (Score:3, Interesting)
Re:How long... (Score:5, Interesting)
Re:But (Score:5, Interesting)
His new crack actually writes the decryption key out to a file. This key is written out using Windows and is apparently derived from hardware serial numbers, such as that on the hard drive. This key can then apparently be used to decrypt the protected files on any OS. I haven't given this a shot yet, but it should be interesting to find out.
Personally, I don't care all that much, as I use iTunes on OS X and an iPod to listen to most of my music. However, I would like to serve up my protected AAC to my squeezebox, and this just might allow for on the fly transcoding to a PCM stream from SlimServer.
It would be pretty tough for Apple to go and make another DRM scheme that avoided this without breaking backwards compatibility.
Re:Windows Only??? (Score:3, Interesting)
Not all those hits could have been from personal Linux machines, as opposed to those at universities or workplaces, so the real figure of personal Linux machines is probably less.
Or maybe you were talking about Amiga support, which I'm sure made up most of the "Other" category. :)
This is the perfect time. (Score:5, Interesting)
In Norway, that is... Americans are still screwed.
Re:Is this guy an idiot? (Score:3, Interesting)
Sure, the litigation may have not accomplished much, but it did resolve that under current Norwegian law, it's perfectly fine for him to do what he's just done again. It would have been a bad idea for him to wait at all before bringing this to the attention of the public, because then he might be found out after laws are changed.
I bet he's glad now that he got an appeals court descision in his favor, instead of get the original court...
mp3 players (Score:3, Interesting)
So apple wants me do buy iPod. But it is too expensive for my daughter (I got her now $140 player with 256Mb RAM).
So I hope, some day there will be program to unlock
my purchased AAC files to be able to listed then on my mp3 player. I think this is fair use and should be permitted!
Re:Is this guy an idiot? (Score:3, Interesting)
I use Linux as my primary desktop. DeCSS allows me to do the same things Windows users do, play DVDs on the platform of my choice. Every time I watch a movie on my monthly flight from Atlanta to Washington DC and back, I owe that to DeCSS.
iTMS is cool. There is no reason that only Windows and MacOS users should get invited to the party.
Re:Key exchange ? (Score:3, Interesting)
If he's using the key to decrypt the file, presumably the raw AAC stream can be extracted.
I.e. you could do lossless conversion of m4p -> m4a. You'll have the same exact data minus the DRM, free to use with any AAC-compatible device or software you want.
Re:iTunes. (Score:2, Interesting)
Re:How long... (Score:2, Interesting)
Frankly, yes.
I can most certainly hear the difference between mp3s and non-lossy formats, but only on high-end speakers.
--this is my real sig.
Re:How long... (Score:3, Interesting)
This is on medium to low quality speakers.
If we're talking about headphones, I can tell every time between the CD and any lossy encoding method.
You obviously don't listen to music for detail, which is ok, that's fine, but stop sounding stupid saying that noticing fine detail in music is impossible.
Re:Jon wrote 1000 lines of code with no comments (Score:4, Interesting)
Yeah, I think this almost certainly is. Huge amounts of bit manipulation, lots of magic numbers, meaningless variable names. No type safety? No comments?
I've seen code like this before, when people have disassembled Windows DLLs back into C then tried to submit it to Wine.
I'd say Jon is treading on very slippery slopes indeed with this code. It might be possible to show that it's been simply generated from the original code which is almost certainly copyright violation - laws against that certainly exist in Norway.