Apple DRM Revisited

R. A. Hettinga rah at shipwright.com
Sat Jun 28 14:09:13 EDT 2003 

<http://www.scifihifi.com/weblog/mac/AppleDRMRevisited.html>

Sci-Fi Hi-Fi:
Weblog

Sat, 17 May 2003 
Apple DRM Revisited 
Posted: 20:54 | Category: [ /mac ]
| Permanent Link: #

In a previous post detailing my research into the
iTunes Music Store's digital rights management scheme, I promised to
continue hacking away at the problem and post updates on my progress.  In
keeping with that promise, here is an account of my recent "hacktivities."


The first thing I should mention is that Phil " Schillermania " Schiller
recently gave an interview to BusinessWeek wherein he, for the first time,
publicly names the ITMS's DRM scheme.  It turns out that Apple is using a
system called FairPlay , which was evidently developed by a company called
VeriDisc.  Schiller, in keeping with Apple's silence on DRM matters so far,
is extremely cagey about discussing the true nature of the protection.
When asked "Is there any DRM built into the downloads themselves or is it
all in iTunes 4," Schiller responds: 
No, it's all built into the [iTunes]
system. Our goal is to make it transparent for the user so that they never
have to think about DRM. We're using a DRM technology under the hood called
FairPlay. It's a DRM technology used by iTunes and QuickTime at the system
level. 

To which I respond: lies !  This is obviously false-if the
downloaded files didn't contain any DRM information you would be able to
copy the same file from computer to computer and iTunes would be none the
wiser. 

Readers who saw my earlier post may remember that I closed with a
bit of speculation as to which part of the AAC file actually contains this
DRM information: the 'drms' atom.  The atom name itself strongly suggests
this, and a quick comparison of the relative structure of protected and
unprotected AAC files seems to reinforce the idea (note that the only
obvious difference between the two is that the protected file contains a
'drms' atom in place of the unprotected file's 'mp4a'). 

This, then,
brings to mind an obvious question: would removing the 'drms' atom and
replacing it with an 'mp4a' atom effectively remove the DRM protection?  To
find out, I began reworking my original AAC parsing code so that it could
read an entire atom structure into an object hierarchy, modify it, and then
write the whole thing back out to disk. 

It took awhile to get my code to
the point where it could produce files that didn't crash QuickTime, so you
can imagine my elation when I finally managed to generate a valid,
unprotected AAC file (as confirmed by QuickTime's movie info window).



The original, protected AAC 


An AAC output by my code 

Unfortunately,
my elation evaporated as soon as I actually tried to play the file, only to
encounter silence.  That is, QuickTime had the length and all of the file
properties (sample rate and so forth) correct, and would begin playing the
file normally-it just wouldn't produce any audio. 

Further research
suggested that I probably needed to preserve the elementary stream
descriptor atom, which always seems to be embedded within the 'drms' or
'mp4a' atom.  With this in mind, I rewrote my code so that it preserves the
file's 'esds' atom within the substituted 'mp4a'.  Unfortunately, the
results are the same-silence. 

So, I seem to have reached an impasse.  I
have produced some pretty nice code for parsing QuickTime-like files, but I
really need to take a break from my hacking efforts to get some much needed
rest and work on other projects, so I've decided to publish my latest code
and shelf the project (at least for now).  It can be downloaded (as usual)
as a Project Builder project: 

-AACExperiments2.dmg 

Once again, I ask
anyone who makes progress based on this code to keep me informed.  I would
be particularly interested to hear from someone who might be able to bring
a better understanding of MPEG-4 to bear on the problem (this project has
definitely put "learn more about MPEG" on my To Do list!). 
[0 trackbacks ]
[ 8 comments ]

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list