Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Trust the World's Fastest VPN with Your Internet Security & Freedom - A Lifetime Subscription of PureVPN at 88% off. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Encryption Security Businesses Software Your Rights Online Apple

After DeCSS, DVD Jon Releases DeDRMS 610

An anonymous reader writes "Jon Lech Johansen, who reverse engineered FairPlay back in January, and wrote the decryption code that was later used by an anonymous developer to create the playfair utility, has released a similar utility: DeDRMS. It's only 230 lines. T-shirts anyone?"
This discussion has been archived. No new comments can be posted.

After DeCSS, DVD Jon Releases DeDRMS

Comments Filter:
  • by brunes69 ( 86786 ) <[gro.daetsriek] [ta] [todhsals]> on Sunday April 25, 2004 @04:02PM (#8967288) Homepage
    Not that I have anything against C#, I actually find it quite nice, just stuck me as odd that someone would write a cracking toolin it. These things are traditionally written in C ( for speed ).... like DeCSS was.

    • by Rikus ( 765448 ) on Sunday April 25, 2004 @04:10PM (#8967353)
      I'm guessing it will be rewriten by plenty of people in various different languages. C, perl, python... fortran77?
      I don't even have a C# compiler.
    • by harlows_monkeys ( 106428 ) on Sunday April 25, 2004 @04:16PM (#8967409) Homepage
      These things are traditionally written in C ( for speed )

      You are assuming that C# is slow. That is not a good assumption.

      • by Anonymous Coward on Sunday April 25, 2004 @04:39PM (#8967573)
        You are implying it is. That is not a good implication.
    • by sosume ( 680416 ) on Sunday April 25, 2004 @04:17PM (#8967416) Journal
      Since this code is easily converted to c++ (or VB) using one of the various tools available, this won't gain much or any speed under .NET.

      BTW he *could* have included some comments ;)
    • by Deraj DeZine ( 726641 ) on Sunday April 25, 2004 @04:21PM (#8967458)
      Maybe Microsoft sponsored his efforts to screw over Apple?
    • by Anonymous Coward on Sunday April 25, 2004 @04:42PM (#8967601)
      I was able to access the README before the server went down:


      * With MonoDevelop [1]: Open DeDRMS.cmbx and click F8.
      * With mcs [2]: mcs -out:DeDRMS.exe *.cs
      * With csc [3]: csc /out:DeDRMS.exe *.cs

      [1] http://www.monodevelop.org [monodevelop.org]
      [2] http://www.go-mono.com [go-mono.com]
      [3] http://msdn.microsoft.com/netframework/technologyi nfo/howtoget/ [microsoft.com]


      * DeDRMS.exe file.m4p


      DeDRMS requires that you already have the user key file(s) for
      your files. The user key file(s) can be generated by playing
      your files with the VideoLAN Client [1][2].

      DeDRMS does not remove the UserID, name and email address.
      The purpose of DeDRMS is to enable Fair Use, not facilitate
      copyright infringement.

      [1] http://www.videolan.org/vlc/ [videolan.org]
      [2] http://wiki.videolan.org/tiki-read_article.php?art icleId=5 [videolan.org]
    • by autopr0n ( 534291 ) on Sunday April 25, 2004 @04:46PM (#8967626) Homepage Journal
      I mean, really. Why do you need much speed in anything other then a 3d game or some high-end server stuff that's going to be running constantly (like a web server or database).

      Not to mention C isn't much faster then C# and java for most tasks these days.
      • by Anonymous Coward on Sunday April 25, 2004 @05:15PM (#8967867)
        I mean, really. Why do you need much speed in anything other then a 3d game or some high-end server stuff that's going to be running constantly (like a web server or database).

        It's specifically this kind of attitude that makes me have to run a 3ghz pentium4 overclocked with 2 gigs of ram... just to run a word processor. Programming has gotten SO lazy these days. Just imagine if most code was ASM optimized just how BLAZING fast your systems would really be. But no. I like waiting.

        • by Anonymous Coward on Sunday April 25, 2004 @05:21PM (#8967899)
          Just imagine how much our software would would actually do if everyone wrote in hand optimized ASM. Say goodbye to handy things like instant messaging and video players - we'd still be trying to get basic email clients and such to work. Sorry, but programmer time is much more valuable than a few bucks for hardware upgrades.
        • by GnuVince ( 623231 ) on Sunday April 25, 2004 @05:38PM (#8968000)
          Fast is not always good. There are applications you can upgrade, add code, etc. while it's running! The reason why we use so-called slower languages (because languages aren't slow per-se; implementations are fast or slow) is because they often allow us to do much more complex things much more easily. Try to code a regular expression in Assembly, you're still gonna be at it in 2 years. Computers evolve and we now demand more from them, and if it costs a little CPU time, well so be it.

          And if you're so smart and good and not lazy, go ahead and write the Assembly version of this program. Now, make sure it can work on all platforms you can get .NET or Mono on (this means Windows, Linux, Mac, Sparcs, x86s, motorollas, alphas, etc.), otherwise it's not as useful.

          If you want someone that seems to agree with you, read recent interviews of Chuck Moore. Even the guy who wrote C doesn't use it anymore; Dennis Ritchie uses Aleph.

        • by Doppler00 ( 534739 ) on Sunday April 25, 2004 @06:39PM (#8968328) Homepage Journal
          Wrong! If everything was written in asmembly the resulting code would be such a mess, it's likely that it would run several magnitudes slower than something written in Java. 99% of the time, slowdowns are a result of poor algorithms, NOT compiler types.
    • by Anonymous Coward
      Things like that were traditionally written in C because it's easy to manipulate memory and pointers, which is useful for making things like encryption/decryption easier to write.
    • by Sam H ( 3979 ) <sam@zoy.org> on Sunday April 25, 2004 @04:58PM (#8967697) Homepage
      Using C# makes sense to me. It provides Rijndael and MD5 in System.Security.Cryptography out of the box. These cypher and hash algorithms are at the core of the DRMS encryption scheme. The same code in C would either use obscure libraries or 1000 extra lines of code.
    • CODE MIRROR HERE (Score:4, Informative)

      by blixel ( 158224 ) on Sunday April 25, 2004 @05:00PM (#8967719)
      Enjoy [blixel.com]
  • by sweet cunny muffin ( 771671 ) on Sunday April 25, 2004 @04:02PM (#8967291)
    Wow. This is written in C#. I wonder if we can get .NET banned now that we can prove it's used for illegal purposes :)
  • DeDRMS (Score:5, Interesting)

    by gnu-generation-one ( 717590 ) on Sunday April 25, 2004 @04:03PM (#8967293) Homepage
    "In practice, the goal of maximizing publication regardless of the cost to freedom is supported by widespread rhetoric which asserts that public copying is illegitimate, unfair, and intrinsically wrong. For instance, the publishers call people who copy "pirates," a smear term designed to equate sharing information with your neighbor with attacking a ship. (This smear term was formerly used by authors to describe publishers who found lawful ways to publish unauthorized editions; its modern use by the publishers is almost the reverse.) This rhetoric directly rejects the Constitutional basis for copyright, but presents itself as representing the unquestioned tradition of the American legal system.

    The "pirate" rhetoric is typically accepted because it blankets the media so that few people realize that it is radical. It is effective because if copying by the public is fundamentally illegitimate, we can never object to the publishers' demand that we surrender our freedom to do so. In other words, when the public is challenged to show why publishers should not receive some additional power, the most important reason of all -- "We want to copy" -- is disqualified in advance.

    This leaves no way to argue against increasing copyright power except using side issues. Hence opposition to stronger copyright powers today almost exclusively cites side issues, and never dares cite the freedom to distribute copies as a legitimate public value."

    Misinterpreting Copyright [gnu.org]
  • by mrpuffypants ( 444598 ) * <mrpuffypants&gmail,com> on Sunday April 25, 2004 @04:04PM (#8967302)
    Real, Inc.'s Realplayer now natively plays back iTMS purchases! It's Magic!
  • Oh dear (Score:5, Funny)

    by Realistic_Dragon ( 655151 ) on Sunday April 25, 2004 @04:07PM (#8967324) Homepage
    Perhaps for his next trick he will stand outside RIAA/MPAA headquaters holding a 6 foot neon sign that says SUE ME AGAIN!

    I hope that eventually someone incorporates this code into a iTunes client for Linux, as it would be nice to be able to buy music from iTMS but I have no desire to buy a Mac.
  • by TheBurningDog ( 747915 ) on Sunday April 25, 2004 @04:07PM (#8967326)
    seriously however... anybody have a mirror of the code?
    • by Anonymous Coward on Sunday April 25, 2004 @04:16PM (#8967415)
      I was fortunate enough to load the page during the 1 minute that the server stayed up.

      Now let's see how long my little mirror stays up!


    • by Anonymous Coward on Sunday April 25, 2004 @04:22PM (#8967463)
      Stupid junk filter doesn't let me post this. Why oh why? Code after filler...

      In the beginning God created the heaven and the earth.
      2 And the earth was without form, and void; and darkness was upon the face of the deep. And the Spirit of God moved upon the face of the waters.
      3 And God said, Let there be light: and there was light.
      4 And God saw the light, that it was good: and God divided the light from the darkness.
      5 And God called the light Day, and the darkness he called Night. And the evening and the morning were the first day.
      6 And God said, Let there be a firmament in the midst of the waters, and let it divide the waters from the waters.
      7 And God made the firmament, and divided the waters which were under the firmament from the waters which were above the firmament: and it was so.
      8 And God called the firmament Heaven. And the evening and the morning were the second day.
      9 And God said, Let the waters under the heaven be gathered together unto one place, and let the dry land appear: and it was so.
      10 And God called the dry land Earth; and the gathering together of the waters called he Seas: and God saw that it was good.
      11 And God said, Let the earth bring forth grass, the herb yielding seed, and the fruit tree yielding fruit after his kind, whose seed is in itself, upon the earth: and it was so.
      12 And the earth brought forth grass, and herb yielding seed after his kind, and the tree yielding fruit, whose seed was in itself, after his kind: and God saw that it was good.
      13 And the evening and the morning were the third day.
      14 And God said, Let there be lights in the firmament of the heaven to divide the day from the night; and let them be for signs, and for seasons, and for days, and years:
      15 And let them be for lights in the firmament of the heaven to give light upon the earth: and it was so.
      16 And God made two great lights; the greater light to rule the day, and the lesser light to rule the night: he made the stars also.
      17 And God set them in the firmament of the heaven to give light upon the earth,
      18 And to rule over the day and over the night, and to divide the light from the darkness: and God saw that it was good.
      19 And the evening and the morning were the fourth day.
      20 And God said, Let the waters bring forth abundantly the moving creature that hath life, and fowl that may fly above the earth in the open firmament of heaven.
      21 And God created great whales, and every living creature that moveth, which the waters brought forth abundantly, after their kind, and every winged fowl after his kind: and God saw that it was good.
      22 And God blessed them, saying, Be fruitful, and multiply, and fill the waters in the seas, and let fowl multiply in the earth.
      23 And the evening and the morning were the fifth day.
      24 And God said, Let the earth bring forth the living creature after his kind, cattle, and creeping thing, and beast of the earth after his kind: and it was so.
      25 And God made the beast of the earth after his kind, and cattle after their kind, and every thing that creepeth upon the earth after his kind: and God saw that it was good.
      26 And God said, Let us make man in our image, after our likeness: and let them have dominion over the fish of the sea, and over the fowl of the air, and over the cattle, and over all the earth, and over every creeping thing that creepeth upon the earth.
      27 So God created man in his own image, in the image of God created he him; male and female created he them.
      28 And God blessed them, and God said unto them, Be fruitful, and multiply, and replenish the earth, and subdue it: and have dominion over the fish of the sea, and over the fowl of the air, and over every living thing that moveth upon the earth.
      29 And God said, Behold, I have given you every herb bearing seed, which is upon the face of all the earth, and every tree, in the which is the fruit of a tree yielding seed; to you it shall be for meat.
      30 And to every beast of the earth, and
      • by MillionthMonkey ( 240664 ) on Sunday April 25, 2004 @04:44PM (#8967611)
        I might expose myself to legal liability under the DMCA if I were to use my +2 karma bonus to publicly point out that a copy of the DeDRMS code may be found buried in the parent AC post (currently at 0, and NOT posted by myself) that I am replying to. The DMCA would expressly forbid such a reply informing others of the existence of such a post.

        Therefore, I wish to state emphatically that the parent contains no C# whatsoever and should not be moderated up as Informative, cut, pasted, compiled, or disseminated.
    • Freenet mirror (Score:3, Informative)

      by RPoet ( 20693 )
      Freenet mirror:

      CHK@XTn8vik~xxqsIJzLcDFUlPQqrw4NAwI,griuDFoqruNU 09 1-2Qj8Ew/DeDRMS.cs

      (Watch out for space inserted by the slashdot code, remove it)
  • by Big Nothing ( 229456 ) <big.nothing@bigger.com> on Sunday April 25, 2004 @04:07PM (#8967330)
    Lawsuits anyone?
  • I am sure this will trigger another round of lawsuits, hopefully with the net effect of more education of the public and legal community as to the nature of source code as speech (that is, a method of communication).

    This code shows with more simplicity than ever before how the FairPlay DRM scheme works. This can be used by programmers to add support for applications (i.e., GStreamer) to play encrypted files with a key produced from an iTunes username/password. It can be used by researchers to see any weaknesses in FairPlay and develop better methods. Unfortunately it can also be used by those who want to destroy the iTunes Music Service.

    Interestingly, I believe the ideas could also be used to create files encrypted with a particular iTunes login, though perhaps I'm misunderstanding the scheme.

    • it can also be used by those who want to destroy the iTunes Music Service.
      eg. Microsoft.
  • DeDRMS? (Score:5, Funny)

    by capz loc ( 752940 ) <`moc.liamg' `ta' `colzpac'> on Sunday April 25, 2004 @04:09PM (#8967342)
    What does DVD-Jon have against Dr. Richard M. Stallman? Is this the utility that reverses changes made by RMS-Lint [slashdot.org]?
  • DeDRMS art... (Score:3, Interesting)

    by Saeger ( 456549 ) <farrellj@gmail.cOOOom minus threevowels> on Sunday April 25, 2004 @04:10PM (#8967349) Homepage
    Looks like DeDRMS will be next up for free speech protection in the tradition of the DeCSS Gallery [cmu.edu]. I just love it when DRM control freaks get their global domination panties in a wad.

    DeDRMS? I wrote a song about it. Want to hear it? Hear it goes... *da dum da dum*... slash asterisk bla bla asterisk slash... *da dum da dum*... Using System; *bah bum bah bum*...


  • Host it on Freenet? (Score:3, Informative)

    by Anonymous Coward on Sunday April 25, 2004 @04:12PM (#8967371)

    Let's host this program on Freenet [sourceforge.net], it is a project that make's the best use for what Freenet was made for.

  • http://dilbert.com/comics/dilbert/archive/images/d ilbert2004042261455.jpg [dilbert.com]

    A somewhat odd view... does anyone know which big music firm United Media (the Dilbert owners) is affiliated with?
  • blah (Score:4, Informative)

    by Anonymous Coward on Sunday April 25, 2004 @04:12PM (#8967379)
    For the junk filer:
    jhsvjklhajskdvhakjsdhvalkjsdhkajdhfasd hsfvhasdhvf asdf asdf asdf asdf sdf asdhvashdvasdf asdf asd sdf coipx vxjzlk sdhvaasd fasd fadfg fiobvxcoizv jcxoixz jxzc sdhvaf cmdrtaco sucks akljdkls asd asd fvx sdhvas gh hh hhf dd sdf sf sd
    hdvash jk k fgh jgdvvcbbn cv c dhvc c vb fg hdrghdfg fg dg df g dsf
    ashdva sdfgsgewrr benrtnrt er er revr dv shdva aioajdoi jfasdioj v;xjf kldasjkl;vasj sdhva sjkdfsdkvn alkn lkan alksnsdflk nsfnvlad dhvahsdva aisovaiouvoivoiua ioua auao iuasi us shdva asivoa jvhbusa ui hiuahsiuhfsa ha ahsdjkfahkdj lfhalksjdfhalk askjda
    vhasdvhasdjhvaksjdhva a kjas lkjdakljf svhasdhvaskjhvlaskjdvhas a kljs djklakslj af
    asvhajkshvjkshas dhasdjvkhasdv akjdfjadf asds s d fsd fsad fads asdfas asdf asdf sdfs vxcvxcvzxcvx ss dfsdxvc dfa bioub oiu zklxcvx nsm,m,fns,m
    sdfas ikj oixj movnxmcvnxcvo sdoifjs dfsddafgdfg kamlxcvbjio zkcnvzlk nxclk xcivx as df sdf asdf asd vi xoizjvzcvn socso s asd addfsdfahtgh fghdfgh df gd d

    using System;
    using System.IO;
    using System.Text;
    using System.Security.Cryptography;

    class M4PStream
    private Rijndael alg;

    private BinaryReader br;
    private BinaryWriter bw;
    private byte [] sbuffer;

    private string AtomDRMS = "drms";
    private string AtomMP4A = "mp4a";
    private string AtomSINF = "sinf";
    private string AtomUSER = "user";
    private string AtomKEY = "key ";
    private string AtomIVIV = "iviv";
    private string AtomNAME = "name";
    private string AtomPRIV = "priv";
    private string AtomSTSZ = "stsz";
    private string AtomMDAT = "mdat";

    public M4PStream( FileStream fs )
    br = new BinaryReader( fs );
    bw = new BinaryWriter( fs );
    sbuffer = br.ReadBytes( Convert.ToInt32( fs.Length ) );

    alg = Rijndael.Create();
    alg.Mode = CipherMode.CBC;
    alg.Padding = PaddingMode.None;

    byte [] NetToHost( byte [] Input, int Pos, int Count )
    if( BitConverter.IsLittleEndian )
    for( int i = 0; i < Count; i++ )
    Array.Reverse( Input, Pos + (i * 4), 4 );

    return Input;

    int GetAtomPos( string Atom )
    byte [] Bytes = Encoding.ASCII.GetBytes( Atom );

    for( int i = 0; i < (sbuffer.Length - 3); i++ )
    if( sbuffer[ i + 0 ] == Bytes[ 0 ] &&
    sbuffer[ i + 1 ] == Bytes[ 1 ] &&
    sbuffer[ i + 2 ] == Bytes[ 2 ] &&
    sbuffer[ i + 3 ] == Bytes[ 3 ] )
    return i;

    throw new Exception( String.Format( "Atom '{0}' not found", Atom ) );

    uint GetAtomSize( int Pos )
    byte [] Bytes = new byte[ 4 ];
    Buffer.BlockCopy( sbuffer, Pos - 4, Bytes, 0, 4 );
    return BitConverter.ToUInt32( NetToHost( Bytes, 0, 1 ), 0 );

    byte [] GetAtomData( int Pos, bool bNetToHost )
    uint Size;
    byte [] Bytes;

    Size = GetAtomSize( Pos );
    Bytes = new byte[ Size - 8 ];
    Buffer.BlockCopy( sbuffer, Pos + 4, Bytes, 0, Bytes.Length );

    return bNetToHost ? NetToHost( Bytes, 0, Bytes.Length / 4 ) : Bytes;

    public void Decrypt( byte [] CipherText, int Offset, int Count,
    byte [] Key, byte [] IV )
    MemoryStream ms = new MemoryStream();

    ICryptoTransform ct = alg.CreateDecryptor( Key, IV );
    CryptoStream cs = new CryptoStream( ms, ct, CryptoStreamMode.Write );
    cs.Write( CipherText, Offset, (Count / 16) * 16 );

    ms.ToArray().CopyTo( CipherText, Offset );

    public byte [] GetUserKey( uint UserID, uint KeyID )
    byte [] UserKey;
    BinaryReader bruk;

    string strHome =
    Environment.GetFolderPath( Environment.SpecialFolder.ApplicationData );
    bool bUnix = Environment.OSVersion.ToString().IndexOf( "Unix" ) != -1;
    string strFile = String.Format( "{0}{1}{
    • Re:blah (Score:5, Insightful)

      by Geoffreyerffoeg ( 729040 ) on Sunday April 25, 2004 @05:12PM (#8967837)
      You forgot an important part, which may have also gotten you past the lameness filter:
      * DeDRMS.cs: DeDRMS 0.1
      * Copyright (C) 2004 Jon Lech Johansen <jon-vl@nanocrew.net>
      * This program is free software; you can redistribute it and/or modify
      * it under the terms of the GNU General Public license as published by
      * the Free Software Foundation; either version 2 of the License, or
      * (at your option) any later version.
      * This program is distributed in the hope that it will be useful,
      * but WITHOUT ANY WARRANTY; without even the implied warranty of
      * GNU General Public License for more details.
      * You should have received a copy of the GNU General Public License
      * along with this program; if not, write to the Free Software
      * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
  • by ejaw5 ( 570071 ) on Sunday April 25, 2004 @04:13PM (#8967387)
    Drms = ~0.707(D)
  • by andersen ( 10283 ) on Sunday April 25, 2004 @04:15PM (#8967405) Homepage
    What will the dairy farmers of the world think when they discover their Dairy Records Management System [drms.org] has been compromised? I will never drink milk ever again!!!
  • by Sarth ( 765570 ) on Sunday April 25, 2004 @04:17PM (#8967426)
    DVD Jon, of obvious fame, is hailed as a hero for letting your average Joe (or Jon), go out to their local store, and buy a DVD and play it on their linux boxen, right?

    I can sorta understand that, as far as I know, DVDs don't state at the time of purchase that you have to have X or Y, just that you have to have the disc. Fine.

    So, when you buy something from the iTMS, it STATES that you have to have X or Y. It clearly states the restrictions that you agree to. This is not a hard concept, so why is it felt that a technological solution is required to 'fix' it?

    Something that just struck me... DVD Jon isn't in the Americas, but iTMS isn't selling to those outside (maybe Canada, I'd have to check). So ... what part of this equation am I missing?

    • by Anonymous Coward on Sunday April 25, 2004 @04:34PM (#8967547)
      I think that basically what you're missing is that 'they' can't tell you what you can and can't do with their products after you purchase them.

      Replace 'they' with any manufacturer.

      I could buy an apple that said "not for use as food." And I could then proceed to eat that apple - they have no say in what I do with it. If, for some reason, I should injure myself by eating that apple, they warned me and wouldn't be held liable. That's it. Laws come into play when I throw that apple and kill someone with it. Or try to sell it, claiming it is a pair.

      Now, the argument here is that it is illegal to decrypt the 'protections' a company puts on their music. And it is here where it gets smelly realy, really quickly.

      Sure, it might be the law, but it is written to be a pretty shitty law. (DMCA, etc). No, that's not an excuse to break the law, but it is one to cause sympathy for someone who does. There are very legitimate reasons for breaking the DRM on these files. There are also very illegitimate ones. Piracy comes to mind. You know, real piracy. Not some 14 year old girl that wants to give her friend some songs, but the people who mass produce and sell these songs on the black market.

      The black market being, by the way, about every outdoor market I've been to in Asia or South America.

      And you're right. DVD Jon shouldn't fall under any US laws. But the RIAA et al. will surely find a way to change that. Bastards.
    • by Slack3r78 ( 596506 ) on Sunday April 25, 2004 @04:34PM (#8967550) Homepage
      I don't see the point you're trying to make. DVDs may not explicitly state that you have to do X or Y, but with CSS encryption combined with the DMCA, they might as well.

      I think DVD Jon's being totally consistent here - if you pay to listen/watch/whatever something, you should have the right to do so on whatever platform or medium you choose, and not be limited by some artificial restriction imposed on you by the media companies.

      So now people with Linux boxes can play their legit iTMS songs on their Linux boxes. Personally, I'm not bothered by this. There are other, easier ways for people to pirate music if they really have their heart set to it, so opening up a way for people to use something they've paid for in a way they see fit, while it may technically violate the license, is nothing I see worth getting up in arms over.
  • Inevitable (Score:5, Insightful)

    by ajs318 ( 655362 ) <sd_resp2&earthshod,co,uk> on Sunday April 25, 2004 @04:18PM (#8967433)
    If you attempt the impossible -- and make no mistake, copy-prevention is physically impossible, not just difficult -- then you will fail. You might be able to fool people into thinking you have succeeded, for a short while; but, sooner or later, your lies will catch up with you. All copy-prevention technology is pure snake oil, and can never work. It will always be defeated. Once a single CPT-free version has been created, then every penny anyone ever invested in that particular copy-prevention technology is wasted.
    • by werdna ( 39029 ) on Sunday April 25, 2004 @05:12PM (#8967841) Journal
      make no mistake, copy-prevention is physically impossible, not just difficult

      This is like observing that perfect algorithmic encryption, other than a one-time pad is impossible. So what? Who cares? Of course, I can't create a lock-and-key on my house that will keep all thieves out, all the time. So what? Who cares?

      Whether or not my door can be physically manufactured to bar you forever from entry, makes it not one whit more legal for you to do so. All locks are rated, not in terms of their binary perfection, but rather in terms of the time and cost to defeat them. So what? Who cares?

      You might be able to fool people into thinking you have succeeded, for a short while; but, sooner or later, your lies will catch up with you.

      I suppose there are folks who are naive to think they live behind perfect locks. So what? Who cares? Where is the lie? What does it matter that technological solutions can be defeated? They are helpful, and substantially helpful to keep generally honest people honest, and stupid people (who represent most users) out. Smarter, less honest people, can of course get in any time. So what? Who cares?

      For those smarter, less honest people, we have laws. Some will be smart enough to circumvent all of them and go free. Most will not.

      Security is not a question of binary perfection. It is a question of doing as well as you may. Likewise with digital rights management.

      There has always been piracy of musical content. Always. Some good, some bad. So what, who cares?

      Just like DeCSS, playfair will be available to the less honest, smarter of us, or rebuilt by those who understand how it works. Those who think that this fact is useful have missed the point. These facts do not help our cause. To the contrary, it only helps those who insist that technology regulation, such as DMCA is required, and prevents the repeal of very bad laws.

      Darn, I wish the smarter and less honest of us were just a little bit smarter about the ways of the world. For the smarter, honorable and ideologically motivated of us, such as Mr. J., we should excoriate, not praise, this sort of thing.

      Our problem is that our arguments prove too much -- we demonstrate the "necessity" of the DMCAs, certainly to the satisfaction of the governments who will enforce them. The problem is NOT that there exists DRM, the problem is that the DRM is implemented and legally enforced in a manner that limits the scope of good new technology. It is that problem that WE, the technologists will have to solve -- hard or impossible it may be -- because the RIAA and MPAA certainly have no incentive to do so.
    • by Weaselmancer ( 533834 ) on Sunday April 25, 2004 @06:03PM (#8968132)

      Reminds me of a story. Let me tell you about my tent.

      I like going to SCA events [sca.org]. While we're there, we camp. And that means having all of our expensive gear in our tents, all our food, and our booze. Some of our gear can run in the thousands of dollars.

      At my favorite event, we camp near the edge of the camp. And idiots from the local village sneak over the fence and rip us off every so often.

      So I made a tent with a locking door. I built a yurt [pbm.com], and built into the frame a full sized, 1/2" thick, wood and iron reinforced door. With a working brass good-enough-for-your-house lock.

      And while camping one year, a neighbor made fun of me for my efforts. "There's no way that would keep a determined criminal out," he said. It was still a canvas tent, albeit with a wood lattice frame. You could cut a hole through the canvas and break the lattices, easy. The door was too thin, you could kick it down. The lock could be defeated.

      And I explained to him that the point was not to be burglar proof, just more burglar resistant than my neighbors.

      At that moment, he was enlightened.


  • pretty cool... (Score:3, Insightful)

    by cybin ( 141668 ) on Sunday April 25, 2004 @04:23PM (#8967471) Homepage
    this is pretty cool, and a technical achievement... but why bother stripping the DRM from your m4p files? just make a functional iTunes clone that doesn't care about the DRM :)

    or maybe i'm wrong... is it up to the player software to enforce the DRM? i thought i read somewhere that the iPod just ignores it...
    • Re:pretty cool... (Score:5, Insightful)

      by The Fanta Menace ( 607612 ) on Sunday April 25, 2004 @04:59PM (#8967710) Homepage

      Maybe if Apple had made an iTunes for Linux, it might have been a while longer before things like this popped up. Look at Real: it took several years before anyone bothered making another player for their files on Linux, since they already provided one.

      Speaking of which, did anyone actually reverse engineer Real's format, or does mplayer just use their shared libraries?

    • Re:pretty cool... (Score:5, Informative)

      by TravisWatkins ( 746905 ) on Sunday April 25, 2004 @05:03PM (#8967764) Homepage
      No, it's not up to the player to enforce the DRM. When you purchase a song from iTunes you are given the DRM'ed file, an md5 hash of the file, and two keys. Not sure what the other key is for, but one is the encryption key. You put that with the song and you get a DRM free song. Thats exactly what this does. PS - Reverse engineering the iTMS is fun!
  • Neat (Score:4, Funny)

    by dtfinch ( 661405 ) * on Sunday April 25, 2004 @04:34PM (#8967543) Journal
    The code looks so simple, as though .Net did all the work for him. Does this make .Net illegal under the DMCA?
  • by asscroft ( 610290 ) on Sunday April 25, 2004 @04:36PM (#8967557)
    This same guy wrote DeCSS, FairPlay and DeCRMS....

    wow. what a brilliant ballsy sun of a bitch.
  • by sailor420 ( 515914 ) on Sunday April 25, 2004 @04:41PM (#8967589) Homepage
    http://hrothgar.mine.nu/dedrms.txt [hrothgar.mine.nu]

    A temporary mirror to the code. It wont be up more than a week, so dont bookmark it.
  • Get it now (Score:5, Interesting)

    by Nom du Keyboard ( 633989 ) on Sunday April 25, 2004 @04:45PM (#8967619)
    Remember W.A.S.T.E.
    Remember PlayFair
    Remember the bitTorrent sites

    If you want it, get it now.

    Interesting how this news comes out on a Sunday, when the lawyers should all be out at play.

  • DeDMCA (Score:5, Funny)

    by Esion Modnar ( 632431 ) on Sunday April 25, 2004 @04:53PM (#8967661)
    Now that would be even way cooler than DeDRMS. Followed by DeRIAA, DeMPAA, and DeSCO.

    Would pay money for all of those.

  • by ThePyro ( 645161 ) on Sunday April 25, 2004 @04:53PM (#8967667)
    This tool seems to require that you already have your key stored in a file somewhere. This code just uses that key along with .NET's built-in cryptographic services to decrypt the data and write it back to the file. Seems like getting your hands on the key in the first place would be the hard part...
    • by Chester K ( 145560 ) on Sunday April 25, 2004 @06:11PM (#8968181) Homepage
      This code just uses that key along with .NET's built-in cryptographic services to decrypt the data and write it back to the file. Seems like getting your hands on the key in the first place would be the hard part...

      VLC will extract your user key and save it into your home directory when you use it to try to play a FairPlay-protected file from an authorized system.
  • SharpDevelop (Score:4, Informative)

    by renelicious ( 450403 ) on Sunday April 25, 2004 @05:00PM (#8967724)
    This is a little offtopic, but since its written in C#, for those of you what don't have Visual Studio and don't want to mess with the command line tools (or don't have Mono on Linux) SharpDevelop [icsharpcode.net] is a great C# development product. Its GPL. Again a little of topic, but its always good to pimp your favorite software.

    Yes, there's also a Linux version [monodevelop.org].
  • by goMac2500 ( 741295 ) on Sunday April 25, 2004 @05:01PM (#8967734)
    They'd make iTunes work under WINE. As a side note I am sick and tired of people complaining that Apple does not let iTunes Music Store songs work under other media players. They do. Any media player can play iTunes Store music using the QuickTime API. All you have to do is write a plugin to interface with QuickTime. I wrote a QuickTime based media player a few years ago. Guess what? I started it up today and it played iTunes Music Store songs just fine. NO modifications. Its my own media player, yet it plays DRM'd music fine, no special un-DRMing.
  • What this does (Score:5, Informative)

    by EvilGrin666 ( 457869 ) on Sunday April 25, 2004 @05:46PM (#8968048) Homepage
    For those of you that don't know. It removes the protection from a .m4p file (Downloaded with iTunes) . So basically you end up with a Vanilla AAC file.
  • by $exyNerdie ( 683214 ) on Sunday April 25, 2004 @06:34PM (#8968298) Homepage Journal

    Follow the steps to compile and run it:
    (1) Get the source code (at your own risk) and save it as DeDRMS.cs
    (2) Download and Install the NET Framework SDK [microsoft.com] for FREE (reqiures Windows 2000, Windows Server 2003 or Windows XP).
    (3) Use the included compiler csc.exe to compile the source code into executable code. Use this on command line (dos prompt) C:>csc DeDRMS.cs OR C:>csc.exe DeDRMS.cs
    (4) It will create DeDRMS.exe in the same folder where you saved DeDRMS.cs.
    (5) Profit or Jail??

  • What worries me most (Score:5, Interesting)

    by BlackHawk-666 ( 560896 ) <ivan.hawkes@gmail.com> on Monday April 26, 2004 @06:21AM (#8971021) Homepage
    is that over the course of my natural life I will have more than 3 PCs, and this technology is only licensing me to have it on 3 PCs. That means that some 6-9 years down the line (I change PC every 2-3 years) I will have used my DRM encrusted music on all 3 PC's that I am licensed to use and will need some way to authenticate it to the next one.

    Now, project yourself forward 20 years. Will these same profit chasing record companies be willing to provide infrastructure to allow you to move your DRM encrusted music from PC to PC throughout the rest of your exepcted life, and that of your descendants who will inhereit this media? Sure, they'll be happily putting out more music, but are they protecting your previous investments? In the year 2039 when I should be just about ready to breathe my last breathe will I be able to hear all my old favorite albums or will I cark it listening to gangster rap on the radio because my rightfully paid for music isn't authorised for use on my new funky media player.

    This DRM stuff is OK for playing todays tunes, but I worry about the longevity of the media.

Money isn't everything -- but it's a long way ahead of what comes next. -- Sir Edmond Stockdale