Apple DMCAs iPodHash Project

TRS-80 writes "Apple has sent a DMCA takedown notice to the IpodHash project, claiming it circumvents their FairPlay DRM scheme. Some background: Apple first added a hash to the iTunesDB file in 6th-gen iPods, but it was quickly reverse-engineered. They changed it with the release of iPhone 2.0 and a project was started to reverse the new hash, but wasn't successful yet. My guess is Apple used the same algorithm as FairPlay for the new hash, so Apple could use the DMCA to prevent competing apps like Songbird and Banshee from talking to iPods/iPhones. BTW, don't tell Apple, but the project uses a wiki, so the old page versions from before the takedown are still there."

All the more reason not to buy an ipod/phone

Just another reason not to buy the ipod/phone. Double if you are not using a mac.

Re:All the more reason not to buy an ipod/phone

Just what is the point of having ipod? Why can't the competitors to apple just sit down and devise a common method for syncing the device to a media player? Get amazon & other drm free media stores involved to also provide a standard interface to purchase and install the music into a media player, and you've got the makings of an apple killer.

I think there may be a more general rule for these situations. If you have an established proprietary leader, the only way to dislodge is for the competitors to come together create an open standard. I'm not sure if that's always the case, maybe its just my rose colored vision at work again, but its sometimes true. Feel free to discuss.

Re:All the more reason not to buy an ipod/phone

You're locked in dude.... The iPod connector is, as far as I know, licensed to 3rd party accessories manufacturers. No way in hell, is Apple going to license it to a competitor.

And, yes, a connector can be patented without any problem. After all it is a physical device, where you can give schematics etc....

Re:All the more reason not to buy an ipod/phone

Buy a used iPod (not refurbished and not from Apple), run Rockbox [rockbox.org] on it, and don't purchase anything else from the iTunes Music Store. Apple doesn't make any money from you on that. That's how I've acquired 3 out of my 4 Apple products (the other was a gift).

If you want to avoid it on principle, I don't know of any competing player that uses the same dock standard, but even so, if you are rejecting on principle, do you want to encourage others to accept Apple's dock connector? As I recall, it is patented and has to be licensed from Apple - you don't want to encourage more people to pay licensing fees to Apple, do you?

3.5mm stereo minijack or stereo RCA all the way. No encryption, no DRM, just analog goodness. Sure you need an additional wire for power, but that's rarely a problem.

Re:All the more reason not to buy an ipod/phone

It is the same plug, but the pinout is different. It was a few years ago when my wife wanted a music player, and someone had plugged in a Sansa to an iPod accessory on the demo table at Best Buy. Fried the screen on the Sansa if I remember right.

My memory is a bit fuzzy. Can someone else verify this?

Re:All the more reason not to buy an ipod/phone

It is the same plug, but the pinout is different. It was a few years ago when my wife wanted a music player, and someone had plugged in a Sansa to an iPod accessory on the demo table at Best Buy. Fried the screen on the Sansa if I remember right.

My memory is a bit fuzzy. Can someone else verify this?

Yes, ... my name is Chuck... I work at Best Buy. One hot summer day in 2005, some dufus walked in to my store and plugged in a Sansa to an iPod accessory on MY demo table. It fried the screen.
I remember it well. In fact, it came out of MY pay... I'm getting closer to tracking you down now that you've posted on Slashdot!

Re:All the more reason not to buy an ipod/phone

The 6th gen iPod hasn't been properly cracked so there's no rockbox for it.

Re:All the more reason not to buy an ipod/phone

Yeah but does it have a shiny cover and is Steve Jobs going to tell me how badly I need one?

USB is a *fucking standard*

pin density is one factor that certainly weighed on that decision.

We are in 2008. Why would you even need to have a separate pin for everything ?!?

We have very nice, completely standardized connection such as :
- USB (specially since the On-The-Go and Pict-Bridge standards where the same physical connector can switch between master and slave depending on needs).
- FireWire (which has the advantage of allowing several masters on the same bus and device sharing both master and slave role - just like SCSI. And has overall much better latency and bandwidth once you factor all possible overhead)

They are almost ubiquitous. Today it's hard to find a device which is NOT USB-enabled. (although not all FireWire connectors you may encounter are 6pins with power. 4pins data-only are popular on some portable device).

And they can easily do pretty much everything you cited and much-much more.

Audio/Video (+controls for it) over FireWire is just a piece of cake, the standard was created with that purpose in mind.

how would you create video out from a USB port?

- If the device is a master and is PUSHing video OUT, video-over USB was among the first standardized stuff, with USB-to-VGA dongle being very popular. It's already a very popular method to get 2ndary output from device which lack a VGA or DVI out. Or get a 3rd output.
- If the device is a slave and you are PULLing video FROM device, then a USB video device is perfect for it, just like thousands of Webcams, video receiver, etc. There's even an emerging standard called UVC - USB Video Class [berlios.de] (Before UVC, every webcam USB chip used a different protocol requiring several different procols).

Given the sensitiveness of analog to electronic noise, digital video out makes A LOT of sense. And given that hosting the electronics for a DVI/HDMI/miniDisplay port would unnecessarily increase the costs of the device, the USB-to-VGA or UVC is the best compromise.

the radio

You must be joking. Just look at the crazy amount of USB FM+TV+DVB+DAB receiver dongles.
There's a custom version of the OpenMoko sold with such an USB receiver contained in a spacer between the battery and the original cover.

If you want a radio *emitter*, see next question about audio.

headphone adapter?

Still keeping with the everything over USB :
- USB audio is an absolutely standard protocol.
In fact dozens of headphone made for laptop/skype don't plug into the audio in/out ports, but instead plug into an USB port.
As USB Audio does both input and output, it doesn't matter which is master which is slave, you can establish an audio link over USB.

Now, plain analog audio has had a standard for many years : the simple 3mm Jack. For a quick and easy analog access you should leave an audio jack on the machine.

For even more practical solution, you could go for a 3 or 4 ring jack instead of a classical stereo one, and carry video, s-video and/or mic.
Put a LED on the bottom of the connector and it can also work as a nice digital out (Sony's MiniDisc already used hybrid optical+analog contacts for quite some time).
Put them in line with the usb at very specific distance one from each other and you have a perfect connector with both analog and digital.

The only reason not to do this is because by letting normal audio connection (jack), the constructor lose the incentive for users to buy the more expensive USB-based peripherals.

artist/song/albumart along with audio out for the dock devices?

That is just plain stupid.
All this meta-data you cite is never going to be transmitted by lots of dedicated pins.
Normally such kind of data is just emitted over a serial connection. (Even before the age of USB, Sony MiniDisc already used a serial link to transmit this. Audio goes through analog+optical jack, meta-data

Not for long

By pointing out the older versions on Slashdot, odds are good that Apple will demand they purge the pages from the database.

Good job, timothy.

Re:Not for long

By pointing out the older versions on Slashdot, enough geeks will duplicate those pages before Apple has a chance to take action. Remember the Streisand effect [wikipedia.org]?

EU legislation in favour?

I believe the EU legislation that's closest to the DMCA explicitly allows reverse engineering for the purpose of interoperability. Perhaps someone should just make a Swedish mirror? :)

Microsoft and Apple

And how are Microsoft and Apple different again? Oh, one screws a larger group of people than the other? And that makes it okay why?

Re:Microsoft and Apple

And how are Microsoft and Apple different again?

Microsoft's lawyers are way lazier, that's the difference.

Re:Microsoft and Apple

Apple's products are vastly superior to Microsoft's.

Value judgment. I think that the Mac OS is much more secure and stable than Windows, but how do you judge the Zune against the iPod? There's no objective criterion there.

Microsoft has been convicted of anti-trust violations in federal court. Apple has not.

True, but irrelevant. They both engage in business tactics that screw their customers. If Apple were bigger, they'd probably get slapped around the same way Microsoft did.

Apple's monopoly power is in the portable music market. Microsoft's is in the desktop operating system market.

Again, true but irrelevant. They both engage in business tactics that screw their customers.

My argument is that they both smack around their customers. I'm wondering why geeks give one a pass while they rabidly fight the other.

Re:Microsoft and Apple

We give Apple a pass because where Microsoft just screws us, Apple cuddles with us before it leaves.

Which leads to a question

Why hasn't the EU screwed apple already? The itunes-ipod abuse is like 10 times worse than IE-windows, yet nobody seems to be doing anything to stop this abusive non-sense.

Re:Which leads to a question

Why hasn't the EU screwed apple already? The itunes-ipod abuse is like 10 times worse than IE-windows, yet nobody seems to be doing anything to stop this abusive non-sense.

One reason is because Apple does not have a monopoly. It's ok to mildly abuse your customers if they can go to one of your competitors.

ITMS is far from the sole provider of online music, and Apple is far from the sole provider of "mp3" players.

Re:Which leads to a question

Maybe it is because people actually like the iTunes -> iPod setup.

Meaning, you are not required to buy an iPod or iPhone. Also, you are not required to buy iTunes. There are plenty of other options to choose from. In MS Windows case, all of the vendor applications were written for Windows, so you really had no choice...

Mirrored!

It's not that hard to mirror said content outside the US.. [tucuxi.org]

Not a DMCA takedown notice

Interestingly enough, that's not a DMCA takedown notice. It's just a threat dressed up to look like a takedown notice. You can tell because it doesn't allege copyright infringement.

Notice, for instance, that the "DMCA Certification" part at the bottom says "I hereby state, under penalty of perjury, that I have a good faith belief that the activities identified above are not authorized by Apple, that the information in this notification is accurate, and that I am authorized to act on behalf of Apple in this regard."

What it doesn't say is that the works in question are owned by Apple or anything else which in anyway makes a copyright claim.

What it does allege is that they're violating the anti-circumvention provision of the DMCA. There is no takedown procedure for violating the anti-circumvention provision because there is no safe-harbor. If you create an circumventing device, you have violated the DMCA and you can't escape liability by following takedown notices.

The further reason that it isn't a DMCA takedown notice is that what they ask to remove is not something that the receivers have a legal obligation to take down. Information about the workings of Apple's cryptographic schemes, whether or not they comprise an means which effectively controls access to a work, are not unto itself a device which circumvents their schemes, and, as such, is not in violation of the DMCA.

Although Mr. Ramage writes "The DMCA explicitly prohibits the dissemination of information that can be used to circumvent such technology." that's very simply not true. The DMCA outlaws the creation of circumventing devices, but it does not outlaw exchanging information about how to create one. This, along with the research exception, is why DRM and other security research can still happen and has only rarely been hindered by the DMCA, and even then only by the specter of lawsuits.

Beyond that, Apple's hash scheme quite certainly doesn't apply for DMCA protection for one simple reason: it isn't a scheme which, under the definitions of the DMCA, "effectively protects a copyrighted work." There are two distinct reasons why it doesn't qualify. First, it doesn't protect copyrighted files. It only protects the database which is not copyrighted and not eligible for copyright since it is not a creative work. Second, the hash protects it against modification, not reading. As such, it does not "effectively protect a copyrighted work" because the legal definition refers only to protecting something from being read in an unauthorized manner, not from being written.

So, this might have been a valid takedown notice if:
1) The hash in question were an effective measure under the legal definition
2) It were protecting copyrighted information
3) The DMCA outlawed the dissemination of information which could lead to creating circumvention devices
4) There were a safe-harbor provision allowing service providers to avoid liability

Except that the actions so far also all fall under the interoperability exception. Given that their only goal is to allow other programs to work with the iPod, this falls very, very squarely under interoperability exception.

So, there would also have to be a fifth condition;
5) There were no interoperability exception.
As it stands, this notice has no legal standing, and if it were sent to me, I would ignore it. Hopefully the lawyers with whom this project consults will come to the same conclusion.

Now, what Apple could do instead would be to assert copyright over the disassembled/decompiled versions of the source code which appeared on the web page. I would argue that that approach would also be legally invalid, but at least it wouldn't be so obviously so. It could at least lead to some fairly subtle legal arguments.

This notice, on the other hand, is just factually and legally incorrect.

wow, and check this out

The DMCA explicitly prohibits the dissemination of information that can be used to circumvent such technology.

Uh, no, actually it explicitly prohibits trafficking in "technology, product, service, device, component, or part thereof," not necessarily all information. You can persuade a judge that Congress meant to restrict speech in addition to those other things, but don't say it "explicitly prohibits" speech, because it obviously doesn't.

Re:Why can't I use my hardware?

FYI, if you install Rockbox on your ipod you can use it to play oggvorbis and flac files too. That's what I do myself, and it's also the reason I'd never get a new ipod.

Re:Nissan

Wow, dude. You're like, a total badass. Fight the power!

Re:Why do people still deal with Apple?

I just by the CD...

At a minimum of 10 songs average on a CD, I can usually get it for the equivalent of $9.99 myself. It's uncompressed and doesn't need to go through a second lossy conversion to get it back onto CD...

I can rip it to what devices I like at whatever bit-rate I like to as many devices I like...

My friends and family can borrow it and listen to it...

If I get bored with it, I can sell it and with the money I make put it towards the cost of another CD...

I can sit and read the sleeve notes while sitting on the toilet... ...and having saved money by buying a reasonably priced phone and music player, I can put the money towards a nice shiny hifi on which I can enjoy my nice shiny CD in all it's full uncompressed beauty...

So stick your iPhone and DRM where you think the sun shines out of...