FairPlay AAC DRM cracked...


Sam Williams

New member
May 10, 2003
Great Britain
Well, the inevitable has happened: Apple's 'secure' AAC format has been cracked. It seems the same person responsible for pioneering DVD ripping has done the business again, rightly or wrongly.

This comes from WinNetMag.com:

Jon Johansen, the Norwegian programmer who created DeCSS, the first widely used tool for decrypting the copy protection in commercial DVD movies, announced a similar hack this week for the Digital Rights Management (DRM) technology that protects songs purchased from Apple Computer's iTunes Music Store. The hack, which Johansen calls QTFairUse, casts doubts on Apple's ability to protect the intellectual property rights of artists who sell music on iTunes Music Store and comes just a month after the company opened the service to Windows users.

Johansen posted QTFairUse to his "So sue me" Web site this past weekend. QTFairUse is a small command-line utility for Windows that shows developers how to bypass the security features in Apple's protected Advanced Audio Coding (AAC) format, which the iTunes Music Store uses. The utility doesn't create a workable, playable, protection-free music file, but its source code will help other hackers bypass Apple's DRM security in their own applications, eventually leading to a complete breakdown of Apple's licensed DRM system, FairPlay.

Critics have long alleged that in the past much of Apple's software-development advantage came from its small, tightly controlled market. Now that Apple is pushing DRM-enabled products such as the iTunes Music Store and the iPod into the wider Windows world, the company is finding out how difficult it is to control the teeming masses. This week's iTunes Music Store hack is actually the second time programmers have hacked the service in the past month and the third time this year. A tool called MyTunes, released last week, lets Windows users steal music that other Windows and Macintosh iTunes application users share for streaming, although it doesn't decode songs purchased from the iTunes Music Store; Apple patched a similar problem in its Mac version of the iTunes application earlier this spring.

Apple's primary competitor, Microsoft, created its own DRM scheme for its popular Windows Media Audio (WMA) and Windows Media Video (WMV) formats but built renewing capabilities into the technology, which helps Microsoft survive security exploits. Whether Apple's FairPlay technology supports this renewing functionality is unclear at this point, and Apple has been characteristically quiet about its DRM use, preferring instead to foster the impression that the company is more customer-centric than Microsoft and less beholden to content creators. But the reality of the situation is that Apple has worked hard to strike deals with the recording industry and did a fantastic job of jump-starting the concept of inexpensive, downloadable, legitimate music. Let's hope that this DRM breach won't cause record companies to reverse their decisions to work with online music services.
Johansen's website is here.

It's only a matter of time before someone builds QTFairUse into a GUI. Good for pirates, bad for just about everyone else...
Last edited:


New member
Nov 15, 2003
Lexington, MA
Samwise said:
Seems no-one gives a [email protected] Ah well, I thought it was interesting. Maybe when the technology gets packaged into a GUI, people will pay more attention.
I think that is precisely the point. Releasing source code for how to extract the data is one thing, releasing a turn-key application is quite another. So far, all we have is a simple proof-of-concept, which doesn't seem to be attracting any lawyers yet.

I applaud Jon Johansen's ingenuity, mostly because it shows that copy-protection is a losing battle. If this concept is ever grasped by non-technical business folks, maybe we will see a change in the business model for IP that respects fair-use.