You can't always get what you want, but if you try sometimes, then you might find, you get what you need

Sorry, just a quick post tonight. For anyone who has ever used iTunes, there is an interesting article that was linked to on Slashdot that explains how Apple's Fairplay digital rights management (DRM) software works. Suffice it to say, it is extremely complicated:

During authorization, iTunes creates a globally unique ID number for the computer it is running on, then sends it to Apple's servers, where it is assigned to the user's iTunes account. Five different machines can be authorized.

When a user buys a song from the iTunes Store, a user key is created for the purchased file. The AAC song itself is scrambled using a separate master key, which is then included into the protected AAC song file. The master key is locked using the user key, which is both held by iTunes and also sent to Apple’s servers.

Protected, purchased content is locked within iTunes; songs are not scrambled on Apple's server. This speeds and simplifies the transaction by delegating that work to iTunes on the local computer.

The result is an authorization system that does not require iTunes to verify each song with Apple as it plays. Instead, iTunes maintains a collection of user keys for all the purchased tracks in its library.

To play a protected AAC song, iTunes uses the matching user key to unlock the master key stored within the song file, when is then used to unscramble the song data.

Every time a new track is purchased, a new user key may be created; those keys are all encrypted and stored on the authorized iTunes computer, as well as being copied to Apple's servers.

etc. etc. etc. Some people think it is awful to encumber music with this crap, since it greatly restricts what you can do with it. Thankfully, Apple doesn't really want to protect music so much as make it inconvenient to copy. To get full rights to your music you have to burn it to a CD and then read it back into your computer, and presto, no DRM crap!

Right now, even Steve Jobs is saying that Apple doesn't really like DRM, and the music industry makes them do it. As I've suggested here before, the music labels are certainly idiotic enough to make this statement true, but that doesn't make it so. Either way, the simple fact of the matter is that media companies can try to protect things all they want, but they are no smarter than the hackers out there trying to defeat them, and the hackers have them outnumbered thousands to one, even in the case of Microsoft and the biggies. Actually, I should say especially in the case of Microsoft, since the bigger the target, the more attention it gets.

The real proof of this principle can be found in the multiple layers of encryption used for the high-def DVD formats just coming on the market: Blu-ray and HD-DVD. They use similar content protection systems, known as AACS. Since their release in June of last year, hackers have managed to undo three independent layers of encryption, noting that the means used in each case were similar, to the point that they will likely soon crack the entire system, which is already sufficiently compromised to allow an enterprising user to get around any limits that Media companies tried to place on him or her. Thanks to Wikipedia, knowledge of the cracks is publicly available, and already a source of embarrassment for the media giants, who decided to use the time and date of a disc's creation as the "secret key" that unlocks a disc. Great thinking, guys. All this for a system that some predicted would be unbreakable. in the end, the media companies really just hope that you'll be lazy, and not take the time to learn how to get around their protection. We've obviously passed that point for the majority of computer user's with CDs, and DVDs will follow in the not too distant future. In the end, they'd be wise to find some sort of workable subscription model, basically cutting middlemen like Netflix or CD stores out of the process, and just charging a monthly fee for convenient service. We'll see who is smart enough to do so over the coming years.