FairPlay

From Free net encyclopedia

FairPlay is a Digital rights management (DRM) technology created by Apple Computer, built in to the QuickTime multimedia technology and used by the iPod, iTunes, and the iTunes Music Store. Every file bought from the iTunes Music Store with iTunes is encoded with FairPlay. It digitally encrypts AAC audio files and prevents users from playing these files on unauthorized computers.

While the iTunes jukebox remains the most popular method to buy and play FairPlay-protected files, the actual decoding is performed by Apple's QuickTime. In fact, every QuickTime-based player is capable of using these files, including RealPlayer and Media Player Classic.

FairPlay is based on technology created by the company Veridisc.

Contents 1 Restrictions 2 How it works 3 Harmony 4 DeDRMS, PlayFair, and Hymn 5 See also 6 External links

Restrictions

FairPlay will allow a protected track to be used in the following ways:

• The protected track may be copied to any number of iPod portable music players.
• The protected track may be played on up to five (originally three) authorized computers simultaneously.
• The protected track may be copied to a standard CD audio track any number of times.
  • The resulting CD has no DRM and may be ripped, encoded and distributed like any other CD. However, as the CD audio still bears the artifacts of compression, converting it back into a lossy format such as MP3 may aggravate the sound artifacts of encoding (see transcoding).
    
• A particular playlist within iTunes containing a protected track can be copied to a CD only up to seven times (originally ten times) before the playlist must be changed.

FairPlay does not affect the ability of the file itself to be copied. It only manages the decryption of the audio content.

An intentional limitation of Fairplay is that it prevents iTunes customers from using the purchased music on any portable digital music player other than the Apple iPod. On January 3, 2005, an iTunes online music store customer filed a lawsuit against Apple Computer, alleging the company broke antitrust laws by utilizing FairPlay with iTunes so that purchased music will work only with its own music player, the iPod, freezing out competitors (iTunes Lawsuit).

On June 28, 2004, VirginMega filed a complaint with the French Competition Council against Apple regarding its refusal to license Fairplay to VirginMega for use in their own online music commerce store. The French Conseil de la Concurrence rejected the complaint over accused anti-competitive behavior. (The Decision). The Conseil ruled against the notion that FairPlay was an "essential facility" for three distinct reasons: 1) Playing purchased music on portable players was a small part of the market; 2) CD Burning provides an adequate work-around to get purchased music from other vendors onto an iPod; and 3) There is sufficient availability of portable players that support Microsoft's WMA DRM as a viable alternative and choice for consumers. (iTunes, DRM and competition law)

How it works

FairPlay is a fairly simple implementation of common DRM techniques. FairPlay-protected files are regular MP4 container files with an encrypted AAC audio stream. The audio stream is encrypted using the Rijndael algorithm in combination with MD5 hashes. The master key required to decrypt the encrypted audio stream is also stored in encrypted form in the MP4 container file. The key required to decrypt the master key is called the "user key".

Each time a customer uses iTunes to buy a track a new random user key is generated and used to encrypt the master key. The random user key is stored, together with the account information, on Apple’s servers, and also sent to iTunes. iTunes stores these keys in its own encrypted key repository. Using this key repository, iTunes is able to retrieve the user key required to decrypt the master key. Using the master key, iTunes is able to decrypt the AAC audio stream and play it.

When you authorize a new computer, iTunes sends a unique machine identifier to Apple’s servers. In return it receives all the user keys that are stored with the account information. This ensures that Apple is able to limit the number of computers that are authorized and makes sure that each authorized computer has all the user keys that are needed to play the tracks that it bought.

When you deauthorize a computer, iTunes will instruct Apple’s servers to remove the unique machine identifier from their database, and at the same time it will remove all the user keys from its encrypted key repository.

The iPod also has its own encrypted key repository. Every time a FairPlay-protected track is copied onto the iPod, iTunes will copy the user key from its own key repository to the key repository on the iPod. This makes sure that the iPod has everything it needs to play the encrypted AAC audio stream.

At this time, it looks like the restrictions mentioned above are hard-coded into QuickTime and the iTunes application, and not configurable in the protected files themselves.

Harmony

In July 2004, RealNetworks introduced their Harmony technology. The Harmony technology is built into RealPlayer and allows users of the RealPlayer Music Store to play their songs on the iPod. Before the introduction of Harmony this was not possible, because the RealPlayer Music Store uses a different scheme, called Helix DRM, to protect their content that was incompatible with that used by Apple. While using RealPlayer to transfer a Helix DRM-protected song onto the iPod, Harmony transparently converts it to a FairPlay-compatible protected file. Real argued that Harmony was a boon to consumers that "frees" them "from the limitation of being locked into a specific portable device when they buy digital music."[1] Apple responded:

We are stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the implications of their actions under the DMCA and other laws. We strongly caution Real and their customers that when we update our iPod software from time to time it is highly likely that Real's Harmony technology will cease to work with current and future iPods.

RealNetworks launched an internet petition titled "Hey Apple! Don't break my iPod", encouraging iPod users to sign up to support Real's action. The petition backfired badly. [2] The overwhelming majority of posters reacted negatively. The main points of criticism against Harmony were:

• Many posters accused RealNetworks of astroturfing with the petition they had created.
• RealNetworks was criticised for keeping its own intellectual property and products closed, while asking Apple to open up the iPod.
• The move was also denounced as an attempt to force Apple into a partnership that would only benefit RealNetworks.

Harmony was quietly disabled by Apple around the time of the iPod photo launch, and to older versions shortly after in firmware updates. The change makes it so that all music (past and present) purchased through the RealPlayer Music Store will not work on Apple's iPod. In response, Real has said they will get it working again. Since then, Apple and Real have effectively been playing a game of cat and mouse with Apple blocking Harmony with each new iPod software update and Real fixing Harmony to work on iPods some time later [3]. Music purchased through the iTunes Music Store (iTMS) was not affected.

In August 2005, an SEC filing by RealNetworks admitted that continued use of the Harmony technology put themselves at considerable risk because of the possibility of a lawsuit from Apple, which would be expensive to defend against, even if the court agreed that the technology is legal. Additionally, the possibility that "Apple will continue to modify its technology to 'break' the interoperability that Harmony provides to consumers" would mean that "Harmony may no longer work with Apple's products, which could harm our business and reputation, or we may be forced to incur additional development costs to refine Harmony to make it interoperate again."[4] This type of disclosure is common in SEC 10-Q filings, and may represent a worst-case scenario for a company.

DeDRMS, PlayFair, and Hymn

After the launch of the iTunes Music Store various people made efforts to circumvent the encryption of FairPlay-protected files.

Jon Johansen - also known for his DeCSS program - was the first to discover a way to circumvent the DRM. The open source application QTFairUse intercepted the decrypted output and wrote it to a raw AAC file. Most media players do not support such raw files and the files had to be processed with a tool like faad to create normal files. One of the few media players that is able to play raw AAC files is foobar2000.

The second time around, Johansen reverse engineered the encryption technique used in FairPlay and created an algorithm to completely remove the encryption without re-encoding the encrypted AAC stream. This method is currently used by VLC media player in order to play FairPlay-protected tracks.

A software package named PlayFair - created by an anonymous author - has also appeared. It can remove the encryption from files using the FairPlay DRM mechanism. The author of Playfair used the source code written by Jon Johansen for VLC. Apple's legal department forced Playfair to be first removed from SourceForge.net, and then when the Indian open source web site Sarovar.org hosted the project they too were sent a cease and desist by Apple's lawyers. However, Playfair's successor Hymn is alive and well and has become JHymn, a java variant of the program, and iOpener, a Windows variant. Hymn is an acronym for "Hear Your Music aNywhere". When Apple Computer released iTunes 6.0 in October '05 JHymn ceased to function. The Hymn Project is currently working on a fix.

Jon Johansen himself also released a tool to remove the encryption, called DeDRMS. Later he released FairKeys, which uses Apple’s own servers to retrieve the keys needed by DeDRMS.

All these applications have two things in common. First of all, they use the user keys from either the Apple servers, the iTunes key repository, or the iPod key repository, which ensures they can decrypt only files that are legally bought; you cannot use these applications to decrypt files somebody else bought. Secondly, they keep the metadata inside the MP4 container intact, so it is possible to identify the user who originally bought the file after it is decrypted.

In mid-2004, Apple released an update to iTunes (version 4.6), which would refuse to play files processed with Hymn unless the purchaser metadata were removed from the file, or stored in a nonstandard location.

In March of 2005, it was revealed through a front end of the iTunes Music Store called PyMusique that the Fairplay DRM was added only as a song was being purchased from the store by the client software itself.

See also

• iTunes
• iTunes Music Store
• Digital rights management
• Jon Lech Johansen

External links

• Sourceforge.net
• Sarovar.org
• Veridisc- inventors of the FairPlay DRM system
• VLC media player- a cross-platform media player capable of playing FairPlay protected files
• So sue me- personal blog of Jon Lech Johansen
• Hymn- The successor of PlayFair
• The Register: iTunes DRM cracked wide open for GNU/Linux. Seriously.de:FairPlay

fr:FairPlay ja:FairPlay pl:FairPlay