[LINK] How FairPlay Works: Apple's iTunes DRM Dilemma

Rick Welykochy rick at praxis.com.au
Thu Mar 29 09:42:29 AEST 2007

Some Linkers may be interested in the long and very informative article
on how Apple implements DRM for iTunes and its online music store.


  "Understanding how Apple’s FairPlay DRM works helps to answer a lot of
   questions: why it hasn’t been replaced with an open, interoperable DRM
   that anyone can use, why Apple isn’t broadly licensing FairPlay, and why
   the company hasn’t jumped to add DRM-free content from indie artists to

The article mentions (and seems to support) the concept of security by
obscurity. That is the way DRM works. Of course, once the cat is out of the
bag, another level of security is required to maintain the DRM. Apple has
done this to an extent with keys.

  "Every time a new track is purchased, a new user key may be created; those
   keys are all encrypted and stored on the authorized iTunes computer, as
   well as being copied to Apple's servers."

As expected, iTunes/iPod DRM + keys has been cracked:

  "Jon Johansen, known as DVDJon for his involvement in cracking the Content
   Scrambling System DRM used on DVDs, discovered multiple methods for
   stripping the encryption from FairPlay protected files while working to
   build an iTunes client for Linux"

Interesting stuff and interesting times.

I must say, as an iPod owner and frequent user of iTunes that the DRM and
encryption protection has *never* gotten in the way of me enjoying my music.
The system works seamlessly and transparently. The same cannot be said for
systems like those emerging on Vista, where heaps of complaints already abound.


Rick Welykochy || Praxis Services

Contrary to security by obscurity, Kerckhoffs' law states that
cryptographic security should not depend on any secrets other
than the key itself.

More information about the Link mailing list