Arstechnica on hacking DRM

Arstechnica has published an article called “Hacking Digital Rights Management” that mentions some of my work.

QTFairUse would not be the program to bring unencumbered iTunes downloads to the mainstream user, but it did represent one possible line of attack. Another approach was provided by playfair, a little program capable of stripping the DRM from iTunes files.

In retrospect, releasing QTFairUse was a mistake. In winter 2003 I did two things:

1. Released QTFairUse
2. Reverse engineered FairPlay and added support to the VideoLAN Client for playing FairPlay files. The tools m4p2mp4, playfair and hymn all use the VideoLAN FairPlay code.

For some reason a lot of people think I only did the first. I guess keeping two facts in your head at the same time is hard.

QTFairUse relied on Apple’s software to decrypt the protected song files and then grabbed the unencrypted music from RAM. It then wrote this data to an unencrypted AAC file that turned out not be readable by most music players.

QTFairUse was aimed at a technical audience and as such I did not include documentation for normal users. In retrospect, that was a mistake. Many non-technical users, not knowing the difference between a raw AAC file (extension .aac) and a MPEG4 AAC file (extension .mp4 or .m4a), claimed that QTFairUse did not work after they had tried to play an .aac file in an audio player that doesn’t support .aac files.

Note: the Arstechnica journalist wanted to interview me for the article but I was busy moving to SF at the time so I declined.