Jon Johansen, the Norwegian programmer who created DeCSS, the first widely used tool for decrypting the copy protection in commercial DVD movies, announced a similar hack this week for the Digital Rights Management (DRM) technology that protects songs purchased from Apple Computer's iTunes Music Store. The hack, which Johansen calls QTFairUse, casts doubts on Apple's ability to protect the intellectual property rights of artists who sell music on iTunes Music Store and comes just a month after the company opened the service to Windows users.
Johansen posted QTFairUse to his "So sue me" Web site this past weekend. QTFairUse is a small command-line utility for Windows that shows developers how to bypass the security features in Apple's protected Advanced Audio Coding (AAC) format, which the iTunes Music Store uses. The utility doesn't create a workable, playable, protection-free music file, but its source code will help other hackers bypass Apple's DRM security in their own applications, eventually leading to a complete breakdown of Apple's licensed DRM system, FairPlay.
Critics have long alleged that in the past much of Apple's software-development advantage came from its small, tightly controlled market. Now that Apple is pushing DRM-enabled products such as the iTunes Music Store and the iPod into the wider Windows world, the company is finding out how difficult it is to control the teeming masses. This week's iTunes Music Store hack is actually the second time programmers have hacked the service in the past month and the third time this year. A tool called MyTunes, released last week, lets Windows users steal music that other Windows and Macintosh iTunes application users share for streaming, although it doesn't decode songs purchased from the iTunes Music Store; Apple patched a similar problem in its Mac version of the iTunes application earlier this spring.
Apple's primary competitor, Microsoft, created its own DRM scheme for its popular Windows Media Audio (WMA) and Windows Media Video (WMV) formats but built renewing capabilities into the technology, which helps Microsoft survive security exploits. Whether Apple's FairPlay technology supports this renewing functionality is unclear at this point, and Apple has been characteristically quiet about its DRM use, preferring instead to foster the impression that the company is more customer-centric than Microsoft and less beholden to content creators. But the reality of the situation is that Apple has worked hard to strike deals with the recording industry and did a fantastic job of jump-starting the concept of inexpensive, downloadable, legitimate music. Let's hope that this DRM breach won't cause record companies to reverse their decisions to work with online music services.