24 hours: The time it takes to crack the newest DRM from Microsoft or Apple

24 hours: The time it takes to crack the newest DRM from Microsoft or Apple

Summary: It was only a week ago that hackers proved that Microsoft may be unable to win the game of cat-n-mouse that it's in with hackers who are determined to neutralize the software giant's digital rights management (DRM) technology (a technology with a nasty side effect of keeping people from using legitimately acquired audio and video where they want, when they want, on the device they want).


It was only a week ago that hackers proved that Microsoft may be unable to win the game of cat-n-mouse that it's in with hackers who are determined to neutralize the software giant's digital rights management (DRM) technology (a technology with a nasty side effect of keeping people from using legitimately acquired audio and video where they want, when they want, on the device they want). 

Within 24 hours of Microsoft hustling a fix out the door that prevented the FairUse4WM "utility" from disabling the Redmond-based company's DRM copy protection technology, FairUse4M "evolved," thus neutralizing the fix. But Microsoft isn't the only DRM cat trying to keep after hacker mice. Yesterday, Apple released iTunes 7 which, amongst other things, closed a hole that hackers were exploiting in the DRM technology (known as FairPlay) found in iTunes6.  Today, barely 24 hours later, the cat is once again after the mouse.  According to Wired:

It's only been a day since Apple updated iTunes to version 7, but the folks over at the Hymn project have already posted a new version of a program that can be used to remove the DRM from songs purchased from it.  It's an updated version of the recent release that worked with iTunes 6....I confirmed that the new 2.3 version of QTFairUse6 works fine for converting one iTunes 7 song at a time, although apparently the function for batch converting an entire library of purchased songs doesn't work. In order to convert a single song, you'd just drag it from your iTunes Music folder onto the QTFairUse6.exe file and enter "Y" in the DOS command line interface that pops up.

I'm guessing the batch problem will get solved soon.  Advantage: the Hackers.

Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • It's all about the benjamins!

    This is an abomination which has only one explanation: it's all about the benjamins. 'nuff said.
  • 24 hours... I expected it to last perhaps a week

    And the DRM arms race continues.
    Edward Meyers
    • It's not even an arms race

      The whole concept of DRM is futile for this purpose. DRM is locked up and in it's locked up state the content is unusable and really worthless for all purposes. So to use it for Entertainment and make it sellable you need to sell it with the key to use the content. Now the enternment industry has just give the keys to the locks to the person who they don't want to let unlock the content. They want the user to use special tool to use the key to use the content. But if you have the key and some knowledge you can just use the key and what ever tool you wish to use the content.

      It's like giving anyone the key to your house to use your washroom and hoping they don't steal anything. They have the key after all.

      That's why DRM is just STUPID for this purpose.
  • 24 hours! That's an eternity!

    Here's an even more impressive number:


    "Every song on iTunes is available as a free download from user-to-user, peer-to-peer networks like Kazaa. Indeed, the P2P monitoring company Big Champagne reports that the average time-lapse between a iTunes-exclusive song being offered by Apple and that same song being offered on P2P networks is 180 seconds."
    tic swayback
    • Well Duh!!

      It takes about 180 seconds to burn a CD then re-rip as MP3 and place the file in the share folder. No crack needed.

      Sure this reduces the quality, but I'll clue everyone in on something... the "pirates" don't care ... they'll trade anything as long as its recognizable. Why do you think they keep slipping Flash re-encoded DivX videos(Talk about quality loss) on to the video services.

      Goes back to what I said about Fair Play not being about preventing "piracy".
      Edward Meyers
      • Also, one other point about "burnrip"

        In addition to the loss of quality that you get with burnrip, that sort of filesharing is about deliberate piracy as soon as it goes outside your house (which it invariably does). I really don't condone that. I understand that it's just a proof point for why DRM is a losing battle. But when I look at these "utilities," I see them more as means to making your content portable amongst your own systems/devices.

        • That's the primary purpose of them

          Most such utilities that strip the DRM are more about playing the content on devices that the DRM locks out on than sharing works on the internet. DeCSS was more about playing DVDs on Linux than sharing movies and PyMusic (Which included Play Fair) was more about connecting Linux computers with iTunes than sharing music.

          The point is that it was unnecessary to crack Apple's DRM to fileshare as iTunes already provides the facilities to do so. No crack needed.

          So why did the developers risk 10 years in jail if they come to the US and massive financial penalties? Simple the DRM, which doesn't prevent piracy, is locking playback/playback at full quality out of platforms in which people wish to play their content. An individual purchases a player that clearly states it plays WMA but when the consumer gets home they find out they can't use their Plays for sure content from the store they have been buying content from they most likely won't go buy a new player but will turn to p2p or one of these utilities and they won't think twice about it. The DRM itself is encouraging "piracy"[*] rather than the DRM stopping "piracy".

          I also don't condone filesharing and rather support boycotting all DRMed music stores.

          A real solution, if the government feels it must get involved, would be not to raise the sentence for filesharing, the penalty is already higher than many violent crimes, but rather to mandate that all stores sell music in one government licensed DRM scheme that only prevents copyright infringement, instead of all controlling all access, that the government licenses to everyone is the ticket. Sure some will complaign that this is the government telling tech companies how to design their software but the DMCA already does such.

          They also need to ban some of these silly provisions and disallow these contracts of adhesion that are non-negotiable and unilaterally changeable by the copyright holder, such as the contract with the Sony DRM Scheme that required you not to play your music when you leave the US or when you file for bankruptcy, that the stores make you agree to. I mean seriously if your house burns down you are contractually obligated to destroy your music- How is that any way related to copyright and why is it allowed?

          [*] Piracy is a very poor term for copyright infringement. Copyright infringement spans more than just filesharing. In fact Universal's Music groups chief complaint with YouTube and MySpace is not file sharing professional videos but rather FanVideos, self-made videos in which youngsters tape themselves lip-synching. Infringement also can take the form of FanFicts, FanArt, Photoshop tennis (An online forum game where photos are doctored in turn by each participant), Video Mashups, Sampling, ect.
          Edward Meyers
          • Another solution

            Just don't buy DRMed music. It's not like the record companies are going to pull all of their product from the market. They'll still sell whatever they can sell. If no one buys it in a particular form, they'll have to find another form if they hope to make money.
            tic swayback
          • I support boycott but...

            Boycotting doesn't seem to be overly effective here as they claim all the losses are coming from piracy.

            Also the RIAA and MPAA are pushing legislation to mandate more DRM be included in electronic devices. As the DRM is being government mandated then;

            1. Everyone should be allowed to have access to the specifications and should have a royalty free/free patent license to implement the technology to make players. The technology should be forced to recognize first sale doctrine, fair use, copyright expiration dates, ect. Get rid of these nonsense contracts of adhesion- like the "you would have to be nuts to sign" contract that is the UnBox TOS.

            2. Content distributors should be forced to offer their content in this format... if they want to release in other formats with higher resolution or extra features in addition, so be it... Again nobody who wishes to follow the law is locked out.

            Kills a flock of birds with 1 stone.
            Edward Meyers
          • It's our fault

            Boycotting isn't effective for one simple reason:
            PPeople aren't boycotting. Yeah a few talk the talk. Even fewer actually do some degree of boycotting. But most people just bitch and keep on buying. Somehow they must figure that since they can burn/rerip or use hymn, that it doesn't matter so they keep on supporting the DRM sources.
          • the hell with DRM

            Sod DRM - the majors are just trying to impose restrictions that were not there before. If I buy a CD and want to copy it for use in my car why should I not. They sow and they will reap. Same with extending copyright time, it's just to keep the fat cats in new Lexus.
  • DRM for corporate documents

    There has been some discussion about the use of DRM to protect corporate documents. Given the speed that consumer DRM is hacked, this approach to protecting documents seems a little weak. Hopefully the corporate targeted security systems can provide more protection.


    My thoughts in detail: http://improving-nao.blogspot.com/2006/09/drm-hacked-again-is-it-useless-for.html
    • DRM for documents...huh?

      Adobe Acrobat was created to share documents, using a simple reader that everyone could downlaod for free. Then DRM... security on PDFs, i.e. disable the ability to print, edit, etc. of PDFs. Well, guess what? Every day I have to deal with reverse engineering PDFs, for official work purposes. Worst case scenario... if you can SEE it on your screen, you can Prnt Scrn, and OCR afterwards. At the end of the day, all this DRM is pointless. It just makes life for some that little bit more difficult, or it introduces a bit of a delay in processing. I've seen PDFs where printing is disabled, yet you can freely hilite all the text and paste into a new document, duh! The principles are very similar with music.
  • The purpose of DRM

    Great article here, a detailed analysis of Amazon's stunning UnBox terms of service. Here's an excerpt on why DRM exists:


    I once attended a DRM negotiation where an MPAA vice-president said, "Watching a show that's being received in one room while you're sitting in another room has value, and if it has value, we should be able to charge money for it." Siva Vaidhyanathan calls this the "if value, then right" theory -- if something has value, someone must have a right to sell it. So while you might be accustomed to extracting unexpected value from your old media -- ripping a CD to play it on your iPod, copying a cartoon and sticking it on your fridge, taking your books with you when you move overseas -- forget about it from now on.

    Every conceivable source of value for DRM digital movies is now potentially for sale. I've heard proposals for "discounted" movies that you can't fast-forward ("discounted" in the sense that products you buy with a store loyalty card are "discounted" -- they raise the price unless you use the card). Prepare for the future where every button on your remote has a price-tag on it.
    tic swayback
    • the other day someone claimed I was parnoid

      Not just me but all consumer advocates. They claimed that no-one would add terms into a contract where you would be locked out of your media purchases if you refused to upgrade your software.

      [i]Section 3a: "The Software automatically checks for upgrades, but the Software will not automatically upgrade without your consent, except as provided herein. If you do not consent to an upgrade that we make subject to your consent, the Digital Content may no longer be viewed on your Authorized Device. You must keep the Software on your Authorized Device current in order to continue to use the Service. We may automatically upgrade the Software when we believe such upgrade is appropriate to comply with law, enforce this Agreement, or protect the rights, safety or property of Amazon, our content providers, users, or others."[/i]

      That is eaxctly what is in the TOS contract for UnBox.
      Edward Meyers
    • The Entertainment is smoking some good stuff

      Especially if they believe this for real.

      "Watching a show that's being received in one room while you're sitting in another room has value, and if it has value, we should be able to charge money for it."

      Not sure where these morons are comming from but this is the dumbest thing I've ever heard. In this case the process only has value because I put the work into doing it. If they wan to charge for this the I should get the money not them or the person wires up the home should get the money not the entertainment industry. They want a war, this is how you go about starting one. They think piracy is bad now, well pull this kind of crap and Piracy will go from bad to worse, 1000 times worse I'm betting.
  • as never work!

    DRM as never work, is not working and will never work. beside DRM is totally illegal, the only reason it is still there is because the digital mafia (MPAA/RIAA and others basement criminal companis) have total control over the justice system.

    LOWER PRICE and FREEDOM of use will limit piracy way more then any anti-consumer DRM.

    The main cause of piracy ares:
    Professional who sell bootleg version of movies (lower price can fix that)
    peoples want a movie at the same time US consumer get them. there is ONE MARKET -> EARTH
    unfair price fixing (why should i paid 20$ for a movie while other country can the same movie for 5$?)
    The MPAA/RIAA stupidness - if you release (even in small quantities) a movie on DVD 2 months before it hit the stores. Of course it will float ont he internet.

    All of these "cause" of piracy are easly preventable.

    also the digital mafia (MPAA/RIAA) should be totaly forbiden to have any power of any kind over HARDWARE. There are the supply of enterteiment ans should be prevented by LAW to artificialy cripple hardware.
    • Mectron is right on!

      Mectron is right.
      If the "corps" stop screwing us we can all pay a fair price for everything.
      Otherwise there will be chaos.
  • DRM....Unwinable War!!!

    WHen will these software giants realise that they can't EVER win the DRM war? And stop wasting bilions $$$ in development thereof???

    1) The hackers are better programmers.
    2) The principle of DRM sux.
    3) DRM is a lovely CHALLENGE to the whole world, here, crack me!
    4) If you can HEAR it - it can be copied.

    Maybe one day they'll invent a machine to 'broadcast' music straight into your brain, completely bypassing your outer and inner ears, tuned for an authorised individual.....then, only then, will we maybe see a hint of DRM working.... but currently, everything being done is a waste of money, and does NOTHING to bring the music to the masses, at a reasonable price.
  • DRM and the slippery slope

    I am totally against DRM, but to be honest, "Joe Public" doesn't know or even care. To me, this all part of the "Trusted Computing" initiative being slowly put into place by major companies in this country. Why should I "Trust" a corporation to ultimately look out for my interests? Look at the article about Unbox, the recent WGA issue(Microsoft downloading software into your PC that "phones home"), Windows Vista with it's UAC function, the Sony rootkit. Do the corporations know best what is good for us or do WE? It's not JUST about the benjamins, but CONTROL...I am an advocate of choice and freedom, and it seems people are being lemmings, funnelled into just where the corporations want them to be. The consumer should not be treated as a criminal by corporations. The music companies look at DRM to protect their content, I agree with protecting copyrighted content, but DRM is not the way to go..For one, I will not give up the right to use my PC as I see fit, not allow some company to do what it will to "protect me"...Make no mistake, it is in these companies interest to control how I use what I "buy"(Even the concept of buying something has changed)their reason for existing is to maximize profits and satisfy their shareholders... I am old enough to have lived through massive protests in this country over rights being violated, I am saddened to see the public so readily cave in this generation. I hope I am wrong..