FairPlay#Circumventing FairPlay

The initial version of FairPlay was created to protect music on the iTunes Store, and is the only version of FairPlay that is no longer actively used.{{Cite report |url=https://dash.harvard.edu/bitstream/handle/1/32866386/iTunesWhitePaper0604.pdf |title=iTunes: How Copyright, Contract, and Technology Shape the Business of Digital Media — A Case Study |last=Fisher |first=William W. III |date=June 15, 2004 |publisher=Berkman Klein Center for Internet & Society research publication |access-date=June 17, 2023}}

FairPlay is built into the MP4 multimedia file format as an encrypted AAC audio layer. FairPlay-protected files are regular MP4 container files with an encrypted AAC audio layer. The layer is encrypted using the AES algorithm. The master key required to decrypt the audio layer is also stored in encrypted form in the MP4 container file. The key required to decrypt the master key is called the "user key".{{cite web |first=Ramya |last=Venkataramu |title=Analysis and enhancement of Apple's FairPlay digital rights management |url=http://www.cs.sjsu.edu/faculty/stamp/students/RamyaVenkataramu_CS298Report.pdf |website=Department of Computer Science |publisher=San Jose State University |access-date=July 7, 2017}}{{cite web |first=Daniel Eran |last=Dilger |title=How FairPlay Works: Apple's iTunes DRM Dilemma |url=http://www.roughlydrafted.com/RD/RDM.Tech.Q1.07/2A351C60-A4E5-4764-A083-FF8610E66A46.html |website=Roughly Drafted |date=February 26, 2007 |access-date=July 7, 2017 |archive-url=https://web.archive.org/web/20170927030905/http://www.roughlydrafted.com/RD/RDM.Tech.Q1.07/2A351C60-A4E5-4764-A083-FF8610E66A46.html |archive-date=September 27, 2017 |url-status=dead }} When a user registers a new computer with iTunes, the device requests authorization from Apple's servers, thereby gaining a user key. Upon attempting to play a file, the master key stored within the file is then matched to the user key, and if successful, allows playing. FairPlay allows music to be synchronized to an unlimited number of iPods and tracks to be burned to an unlimited number of CDs, though a given playlist can only be burned 7 times without being modified (a limitation which can be circumvented by changing a song's placement). Playback is limited to five computers which were authorized through iTunes;{{Cite news |last=Mossberg |first=Walter S. |date=2005-08-11 |title=ITunes's Usage Limits |language=en-US |work=Wall Street Journal |url=https://www.wsj.com/articles/SB112371566584410283 |access-date=2023-06-17 |issn=0099-9660}} a computer can be deauthorized and another authorized in its place.{{Cite web |last=Wherry |first=Mark |date=November 2003 |title=iTunes Music Store |url=https://www.soundonsound.com/techniques/itunes-music-store |access-date=2023-06-17 |website=Sound on Sound}} Before April 2004, the limits were ten playlist burns, and three computers; Apple reduced the playlist limit to seven due to demands from record labels.{{Cite magazine |last= |first= |date=April 28, 2004 |title=ITunes Birthday Gift: More Songs |language=en-US |magazine=Wired |url=https://www.wired.com/2004/04/itunes-birthday-gift-more-songs/ |access-date=2023-06-17 |issn=1059-1028}}

In January 2005, an iTunes customer filed a lawsuit against Apple, alleging that the company broke antitrust laws by using FairPlay with iTunes in a way that purchased music would work only with the company's own music player, the iPod, freezing out competitors.{{cite web |first=Jordan |last=Golson |title=iPod Lawsuit Against Apple Given Class-Action Status |url=https://www.macrumors.com/2012/05/09/ipod-lawsuit-against-apple-given-class-action-status/ |website=MacRumors |date=May 9, 2012 |access-date=July 7, 2017}} In March 2011, Bloomberg reported that Apple's then-CEO Steve Jobs would be required to provide testimony through a deposition.{{cite web |first=Eric |last=Slivka |title=Steve Jobs Required to Provide Deposition in 2005 iTunes Antitrust Case |url=https://www.macrumors.com/2011/03/22/steve-jobs-required-to-provide-deposition-in-2005-itunes-antitrust-case/ |website=MacRumors |date=March 22, 2011 |access-date=July 7, 2017}} In May 2012, the case was changed into a class action lawsuit.{{cite web |first=Jacqui |last=Cheng |title=iPod owners being notified of class-action antitrust suit against Apple |url=https://cms.arstechnica.com/apple/2012/05/ipod-owners-being-notified-of-class-action-antitrust-suit-against-apple/ |website=Ars Technica |publisher=Condé Nast |date=May 9, 2012 |access-date=July 7, 2017}} Around the same time, the main antitrust allegation was changed to cover the belief that Apple had deliberately updated the iTunes software with security patches in a way that prevented synchronization compatibility with competing music stores.{{cite web |first=Shara |last=Tibken |title=Apple's iPod antitrust class action suit: All you need to know (FAQ) |url=https://www.cnet.com/news/apples-ipod-antitrust-class-action-suit-all-you-need-to-know-faq/ |website=CNET |publisher=CBS Interactive |date=December 1, 2014 |access-date=July 8, 2017}} All iPod owners who had purchased their device between September 12, 2006, and March 31, 2009, were included in the class action lawsuit, unless they opted out. In December 2014, Apple went to trial against the claims raised, with the opposing party's plaintiff lawyers seeking $350 million in damages for nearly eight million affected customers.{{cite web |first=Micah |last=Singleton |title=Apple is just now going to trial over the music DRM it killed in 2009 |url=https://www.theverge.com/2014/12/2/7315631/Apples-music-DRM-dead-for-over-five-years-is-now-on-trial |website=The Verge |publisher=Vox Media |date=December 2, 2014 |access-date=July 7, 2017}}{{cite web |first=Joe |last=Mullin |title=Was Apple's iPod DRM illegal? Starting today, a jury decides |url=https://arstechnica.com/tech-policy/2014/12/apple-now-facing-a-jury-over-claims-it-competed-unfairly-with-drm/ |website=Ars Technica |publisher=Condé Nast |date=December 2, 2014 |access-date=July 8, 2017}} A few weeks later, the case was closed, with the jury deciding in Apple's favor, citing a then-new version of iTunes as being a "genuine product improvement".{{cite web |first=Daisuke |last=Wakabayashi |title=Apple Wins iPod Antitrust Trial |url=https://www.wsj.com/articles/apple-wins-ipod-antitrust-trial-1418753843 |website=The Wall Street Journal |publisher=Dow Jones & Company |date=December 16, 2014 |access-date=July 8, 2017}} {{subscription required}}{{cite web |first=Alan |last=Yuhas |title=Antitrust lawsuit against Apple: 10 years in the making, shot down in three hours |url=https://www.theguardian.com/technology/2014/dec/16/antitrust-lawsuit-apple-ipod-software-updates |website=The Guardian |date=December 16, 2014 |access-date=July 8, 2017}}

The restrictions imposed by FairPlay, mainly limited device compatibility, have sparked criticism, with a lawsuit alleging antitrust violation that was eventually closed in Apple's favor, and various successful efforts to remove the DRM protection from files, with Apple continually updating its software to counteract such projects.

After the introduction of the FairPlay system, multiple parties have attempted and succeeded to circumvent or remove the encryption of FairPlay-protected files. In October 2006, Jon Lech Johansen announced he had reverse engineered FairPlay and would start to license the technology to companies wanting their media to play on Apple's devices.{{cite news | url=https://www.theguardian.com/technology/blog/2006/oct/03/dvdjonreverse | title=DVD Jon reverse-engineers Apple's FairPlay | first=Jack | last=Schofield | work=The Guardian | date=October 3, 2006}}{{Cite news |title=iTunes copy protection 'cracked' |url=http://news.bbc.co.uk/2/hi/6083110.stm |date=October 25, 2006}} Various media publications have written about DRM removal software,{{cite web |title=How Fairplay Works on Apple iTunes Content, like iTunes Movies/TV Shows, Music and eBook? |url=https://9to5mac.com/community/how-fairplay-works-on-apple-itunes-content-like-itunes-moviestv-shows-music-and-ebook/ |website=9to5Mac |date=June 19, 2014 |access-date=July 8, 2017}}{{cite web |first=Dave |last=Hamilton |title=How iTunes Movie DRM-Removal Software Keeps Me Honest |url=https://www.macobserver.com/tmo/article/itunes-drm-removal-keeps-me-legal |website=The Mac Observer |date=September 2, 2015 |access-date=July 8, 2017}} though Apple has continually made efforts in updating its software to counteract these options, resulting in upgraded DRM systems and discontinued DRM removal software.{{cite web |first=Jim |last=Tanous |title=The iTunes DRM Removal Saga: NoteBurner and a Look Back at Requiem |url=https://www.tekrevue.com/itunes-drm-removal/ |website=TekRevue |date=September 2, 2015 |access-date=July 8, 2017 |archive-date=December 20, 2017 |archive-url=https://web.archive.org/web/20171220140209/https://www.tekrevue.com/itunes-drm-removal/ |url-status=dead }}{{cite web |first=Novak |last=Bozovic|title=TuneFab Apple Music Converter Review – Quite Simple Yet Quite Powerful! |url=https://www.technadu.com/tunefab-apple-music-converter-review/26171/ |website=Technadu |date=April 17, 2018 |access-date=May 5, 2019 }}

In July 2004, RealNetworks introduced its Harmony technology. The Harmony technology was built into the company's RealPlayer and allowed users of the RealPlayer Music Store to play their songs on the iPod.{{cite web |first=Peter |last=Cohen |title=RealNetworks' Harmony promises iPod compatibility |url=http://www.macworld.com/article/1035237/harmony.html |website=Macworld |publisher=International Data Group |date=July 26, 2004 |access-date=July 8, 2017}}{{cite web |first=Eric |last=Bangeman |title=RealNetworks cracks the FairPlay code |url=https://arstechnica.com/uncategorized/2004/07/4030-2/ |website=Ars Technica |publisher=Condé Nast |date=July 26, 2004 |access-date=July 8, 2017}} In a press release, RealNetworks argued that Harmony was a boon to consumers that "frees" them "from the limitation of being locked into a specific portable device when they buy digital music."{{cite web |title=RealNetworks introduces Harmony, enabling consumers to buy digital music that plays on all popular devices |url=http://www.realnetworks.com/company/press/releases/2004/harmony.html |archive-url=https://web.archive.org/web/20040804052015/http://www.realnetworks.com/company/press/releases/2004/harmony.html |website=RealNetworks |date=July 26, 2004 |archive-date=August 4, 2004 |access-date=July 8, 2017}} In response, Apple issued a statement:{{cite web |first=Jim |last=Dalrymple |title=Apple responds to RealNetworks iPod 'hacker' tactics |url=http://www.macworld.com/article/1035244/applereal.html |website=Macworld |publisher=International Data Group |date=July 29, 2004 |access-date=July 8, 2017}}{{cite web |first=Eric |last=Bangeman |title=Apple responds to RealNetworks FairPlay hack |url=https://arstechnica.com/uncategorized/2004/07/4051-2/ |website=Ars Technica |publisher=Condé Nast |date=July 29, 2004 |access-date=July 8, 2017}}

We are stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the implications of their actions under the DMCA and other laws.

RealNetworks launched an Internet petition titled "Hey Apple! Don't break my iPod", encouraging iPod users to sign up to support Real's action. The petition backfired, with comments criticizing Real's tactics, though some commentators also supported it.{{cite web |first=Jo |last=Best |title=Real v Apple music war: iPod freedom petition backfires |url=https://www.zdnet.com/article/real-v-apple-music-war-ipod-freedom-petition-backfires/ |website=ZDNet |publisher=CBS Interactive |date=August 18, 2004 |access-date=July 8, 2017}} At the end of 2004, Apple had updated its software in a way that broke the Harmony technology, prompting RealNetworks to promise a then-upcoming fix.{{cite web |first=Peter |last=Cohen |title=RealNetworks promises iPod lockout fix |url=http://www.macworld.com/article/1041445/harmony.html |website=Macworld |publisher=International Data Group |date=December 16, 2004 |access-date=July 8, 2017}}

In August 2005, an SEC filing by RealNetworks disclosed that continued use of the Harmony technology put themselves at considerable risk because of the possibility of a lawsuit from Apple, which would be expensive to defend against, even if the court agreed that the technology was legal. Additionally, the possibility that Apple could change its technology to purposefully "break" Harmony's function raised the possibility that Real's business could be harmed.{{cite web |title=Real reveals real Apple legal threat |url=http://www.macworld.co.uk/news/mac/real-reveals-real-apple-legal-threat-12310/ |website=Macworld |publisher=International Data Group |date=August 10, 2005 |access-date=July 8, 2017 |archive-date=September 12, 2016 |archive-url=https://web.archive.org/web/20160912050400/http://www.macworld.co.uk/news/mac/real-reveals-real-apple-legal-threat-12310/ |url-status=dead }}{{cite web |title=Real admits risk of Apple lawsuit |url=http://appleinsider.com/article/?id=1228 |website=AppleInsider |date=August 10, 2005 |access-date=July 8, 2017 |archive-date=October 18, 2015 |archive-url=https://web.archive.org/web/20151018113118/http://appleinsider.com/article/?id=1228 |url-status=dead }}

Hymn (which stands for Hear Your Music aNywhere) was an open-source tool that allowed users to remove the FairPlay DRM of music bought from the iTunes Store.{{Cite magazine |author=WIRED Staff |title=FairPlay Bad. PlayFair Good |language=en-US |magazine=Wired |url=https://www.wired.com/2004/05/fairplay-bad-pl/ |access-date=2023-02-04 |issn=1059-1028}}{{Cite web |last=Smith |first=Tony |date=13 January 2005 |title=Apple brings discord to Hymn |url=https://www.theregister.com/2005/01/13/apple_breaks_hymn/ |access-date=2023-02-04 |website=The Register |language=en}}{{Cite web |title=The history of Hymn, JHymn, and QTFairUse |url=https://reincubate.com/support/how-to/hymn-qtfairuse-history/ |access-date=2023-02-04 |website=reincubate.com |date=March 17, 2021 |language=en}} It was later supplanted by QTFairUse6.{{Cite web |title=QTFairUse6: is Hymn finally back to strip FairPlay on iTunes 6? |url=https://www.engadget.com/2006-08-29-hymn-is-back-fairplay-on-itunes-6-finally-cracked.html |access-date=2023-02-04 |website=Engadget |date=July 20, 2019 |language=en-US}} The Hymn project later shut down after a cease and desist from Apple.{{Cite web |last=Evans |first=Jonny |date=February 25, 2008 |title=iTunes legal silences Hymn |url=http://www.thestandard.com/news/2008/02/25/itunes-legal-silences-hymn |url-status=dead |archive-url=https://web.archive.org/web/20100219233706/http://www.thestandard.com/news/2008/02/25/itunes-legal-silences-hymn |archive-date=February 19, 2010 |access-date=February 4, 2023 |website=The Standard}}

{{anchor|Steve Jobs' Thoughts on Music open letter}}

On February 6, 2007, Steve Jobs, then-CEO of Apple, published an open letter titled "Thoughts on Music" on the Apple website, calling on the "big four" record labels to sell their music without DRM technology. According to the letter, Apple did not want to use DRM, but was forced to by the four major music labels, with whom Apple has license agreements for iTunes sales of music. Jobs' main points were:{{cite web |title=Thoughts on Music |url=https://www.apple.com/hotnews/thoughtsonmusic |archive-url=https://web.archive.org/web/20070207234839/http://www.apple.com/hotnews/thoughtsonmusic |website=Apple Inc. |date=February 6, 2007 |archive-date=February 7, 2007 |access-date=June 23, 2017 |url-status=dead |df=mdy-all }}{{cite web |first=Arnold |last=Kim |title=Steve Jobs 'Thoughts on Music' - Asks for No Digital Rights Management |url=https://www.macrumors.com/2007/02/06/steve-jobs-thoughts-on-music/ |website=MacRumors |date=February 6, 2007 |access-date=June 23, 2017}}

• DRM has never been, and will never be, perfect. Hackers will always find a method to break DRM.
• DRM restrictions only hurt people using music legally. Illegal users aren't affected by DRM.
• The restrictions of DRM encourage users to obtain unrestricted music, which is usually only possible via illegal methods; thus, circumventing iTunes and their revenues.
• The vast majority of music is sold without DRM via CDs, which have proven commercial success.

Although the open letter initially caused mixed industry reactions, Apple signed a deal with a major record label the following month to offer iTunes customers a purchase option for a higher-quality, DRM-free version of the label's tracks.

Jobs' letter was met with mixed reactions. Bloomberg highlighted several viewpoints. David Pakman, President of non-DRM music retailer eMusic, agreed with Jobs, stating that "consumers prefer a world where the media they purchase is playable on any device, regardless of its manufacturer, and is not burdened by arbitrary usage restrictions. DRM only serves to restrict consumer choice, prevents a larger digital music market from emerging, and often makes consumers unwitting accomplices to the ambitions of technology companies". Mike Bebel, CEO of music subscription service Ruckus, explained his view that the letter was an effort to shift focus, saying that "This is a way for Steve Jobs to take the heat off the fact that he won't open up his proprietary DRM. ... The labels have every right to protect their content, and I don't see it as a vow of good partnership to turn the tables on the labels and tell them they should just get rid of all DRM... He is trying to spin the controversy." An anonymous music label executive said that "it's ironic that the guy who has the most successful example of DRM at every step of the process, the one where people bought boatloads of music last Christmas, is suddenly changing his tune".{{cite web |first=Arik |last=Hesseldahl |title=Steve Jobs' Music Manifesto |url=https://www.bloomberg.com/news/articles/2007-02-07/steve-jobs-music-manifestobusinessweek-business-news-stock-market-and-financial-advice |website=Bloomberg |date=February 7, 2007 |access-date=July 8, 2017}} In an article from The New York Times, Ted Cohen, managing partner at TAG Strategic, commented that the change could be "a clear win for the consumer electronics device world, but a potential disaster for the content companies". The Recording Industry Association of America put particular emphasis on Jobs' self-rejected idea about licensing its FairPlay technology to other companies, saying that such licensing would be "a welcome breakthrough and would be a real victory for fans, artists and labels".{{cite web |first=John |last=Markoff |title=Jobs Calls for End to Music Copy Protection |url=https://www.nytimes.com/2007/02/07/technology/07music.html |website=The New York Times |date=February 7, 2007 |access-date=July 8, 2017}}

In April 2007, Apple and the record label EMI announced that iTunes Store would begin offering, as an additional higher purchasing option, tracks from EMI's catalog encoded as 256 kbit/s AAC without FairPlay or any other DRM.{{cite web |first=Michael |last=Arrington |author-link=Michael Arrington |title=EMI, Apple To Sell DRM-Free Music for $1.29/song |url=https://techcrunch.com/2007/04/02/emi-apple-are-announcing-sale-of-non-drm-music/ |website=TechCrunch |publisher=AOL |date=April 2, 2007 |access-date=June 23, 2017}} In January 2009, Apple announced that the entire iTunes Store music catalog would become available in the higher-quality, DRM-free format, after reaching agreements with all the major record labels as well as "thousands of independent labels".{{cite web |first=Bobbie |last=Johnson |title=Apple drops DRM copy protection from millions of iTunes songs |url=https://www.theguardian.com/technology/2009/jan/06/apple-drops-itunes-copy-protection |website=The Guardian |date=January 6, 2009 |access-date=July 8, 2017}}{{cite web |first=Prince |last=McLean |title=iTunes Store goes DRM Free, offers over-the-air downloads |url=http://appleinsider.com/articles/09/01/06/itunes_store_goes_drm_free |website=AppleInsider |date=January 6, 2009 |access-date=July 8, 2017}}{{cite web |first=Peter |last=Cohen |title=iTunes Store goes DRM-free |url=http://www.macworld.com/article/1137946/itunestore.html |website=Macworld |publisher=International Data Group |date=January 6, 2009 |access-date=July 8, 2017}} Apple Music, Apple's subscription-based music streaming service launched on June 30, 2015,{{cite web |first1=Ben |last1=Popper |first2=Micah |last2=Singleton |title=Apple announces its streaming music service, Apple Music |url=https://www.theverge.com/2015/6/8/8729481/apple-music-streaming-service-wwdc-15 |website=The Verge |publisher=Vox Media |date=June 8, 2015 |access-date=July 8, 2017}} uses the DRM technology.{{cite web |first1=Serenity |last1=Caldwell |first2=Joseph |last2=Keller |title=Apple Music will now let you store your music library DRM-free |url=https://www.imore.com/apple-rolling-out-improved-itunes-match-apple-music-subscribers |website=iMore |date=July 18, 2016 |access-date=July 8, 2017}}

FairPlay Streaming (FPS) protects video transferred over HTTP Live Streaming (HLS) on iOS devices, in Apple TV, and in Safari on macOS. The content provider's server first delivers video to the client application encrypted with the content key using the AES cipher. The application then requests a session key from the device's FairPlay module. The session key is a randomly generated nonce which is RSA encrypted with the provider's public key and delivered to the provider's server. The provider's server encrypts the content key using the session key and delivers it to the FairPlay module, which decrypts it and uses it to decrypt the content for playback.Apple Inc. (2016), FairPlay Streaming Overview, https://developer.apple.com/streaming/fps/FairPlayStreamingOverview.pdf. Retrieved February 28, 2022.

On iOS and Apple TV, the session key handling and content decryption is done in the kernel, while on macOS it is done using Safari's FairPlay Content Decryption Module.

{{Empty section|date=September 2023}}

Apps downloaded from the App Store are protected and code signed using a variant of FairPlay DRM for apps. FairPlay DRM creates a public/private key pair when a device is registered with an iCloud account, and encrypting app encryption keys using the "public" key (which is kept on Apple's servers) in order to decrypt them on the device using the "private" key.{{Cite web |title=How does iOS app DRM work, exactly? |url=https://apple.stackexchange.com/questions/42992/how-does-ios-app-drm-work-exactly |access-date=2023-09-11 |website=Ask Different |language=en}}{{Better source needed|reason=The current source is insufficiently reliable (WP:NOTRS).|date=September 2023}}

In July 2012, an issue with the creation of FairPlay-protected apps caused binaries to become corrupt and stop working.{{Cite web |last=Foresman |first=Chris |date=2012-07-05 |title=Recent iOS, Mac app crashes linked to botched FairPlay DRM |url=https://arstechnica.com/gadgets/2012/07/recent-ios-mac-app-crashes-linked-to-botched-fairplay-drm/ |access-date=2023-09-11 |website=Ars Technica |language=en-us}}

A flaw allowing a form of man-in-the-middle attack can be used to install arbitrary software packages (including malicious ones) when an iOS device is connected to a computer.{{Cite web |last=Kovacs |first=Eduard |date=2016-03-16 |title=iOS Malware "AceDeceiver" Exploits Flaw in Apple DRM |url=https://www.securityweek.com/ios-malware-acedeceiver-exploits-flaw-apple-drm/ |access-date=2023-09-11 |website=SecurityWeek |language=en-US}}

{{Reflist|30em}}

{{DEFAULTSORT:Fairplay}}

Category:QuickTime

Category:Audio software

Category:Digital rights management systems

Category:ITunes

Category:Digital rights management for macOS