‘Playfair’ utility claims to crack Apple iTunes’ Fairplay DRM

It appears that Apple’s Fairplay Digital Rights Management system for iTunes Music Store downloads may have been cracked.

“When Apple opened the iTunes Music Store, they licensed a technology called ‘FairPlay’ from a company called ‘Veridisc.’ FairPlay is a Digital Rights Management (DRM) system that limits a users rights on a digital media file that they’ve purchased and presumably downloaded. In the case of Apple’s iTunes Music Store, when a user downloads an audio track from iTMS, it is a ‘Protected AAC Audio File.’ When used as intended, these files can only be played through the iTunes program itself. Furthermore, a particular computer must first be ‘authorized’ to play the given file. FairPlay allows up to three computers and unlimited Apple iPods to be authorized to play the file. As DRM schemes go, FairPlay is only moderately offensive,” reads the website http://playfair.sourceforge.net/ “So what will playfair do for you? The playfair program is quite simple. It takes one of the iTMS Protected AAC Audio Files, decodes it using a key obtained from your iPod or Microsoft Windows system and then writes the new, decoded version to disk as a regular AAC Audio File. It then optionally copies the metadata tags that describe the song, including the cover art, to the new file.”

“The cracking operation can only be done on songs the user has already has valid licenses for and requires either an iPod or a windows computer for key recovery. If you choose to redistribute these songs you will be violating the contract you bought them under: better hope they aren’t watermarked or you might end up paying for releasing one in the wild. To me the authors are vandals not revolutionaries, and may have ensured WMA becomes the standard,” reads the initial post on Slashdot.

MacDailyNews Take: Apple’s DRM has always been cracked: simply burn a CD and the Fairplay DRM is gone. No utilities necessary; iTunes does the cracking and strips the DRM all by itself. We don’t see this as ensuring that WMA becomes standard at all. It’ll probably generate a lot of press in the short term, but it’s rather meaningless in the long run. Now, if a utility could take any protected AAC file and strip the DRM on any computer regardless of whether the computer is authorized, that would be more of an issue. It is also worth noting that the 0.1 version of “Playfair” is dated April 1, 2004. Just in case.


  1. Wait’ll the Anti-Apple press (CNET, Dvorak, Enderle, Thurrott types) get ahold of this – they’ll blow it all out of proportion with glee. So, it is rather meaningless, but certain media elements will use it against Apple in their articles for a long time, I think.

  2. I have to agree. The ONLY benefit to this new ‘hack’ is the fact that there is NO quality loss.

    BTW: Does anyone know how bad the quality loss is when burning a CD, then re-encoding it? I’m curious to whether the loss is really noticable.

  3. Bah! Anyone who can hear the difference in audio quality from burning m4p to cd and then ripping back to m4a or mp3 obviously isn’t listening to their music loud enough….

  4. The Playfair is just another front end for what VideoLAN did to make mp4 playable. It’s not new, and not that exciting. Basically the VideoLAN project was seeking a method to allow Linux users to play their iTunes purchased songs. It allows you to remove the DRM key, so long as you have the original key available. The format is slightly lossy, but I’m not certain by how much. But I can’t see why everyone gets so excited when people repost old news. The VideoLAN hack/crack/usage has been available for at least 2 months for anyone who wanted access.

  5. This things sounds pretty complicated to use

    “Note that this is not a GUI application. You’ll need to have Xcode installed and chant the “configure/make/make install” mantra to build fairplay, then use it from the command line.”

    So at this point really only applies to power users. As MDN said, you can strip off the DRM by burning and ripping anyway with only a small loss in quality. The people who pay for songs to begin with are not the ones ripping off songs anyway. Also if you are into stealing why go to this much trouble when you can just use Kazaa to start with?

  6. Sounds like a news release calculated to adversely impact the iTMS. If I were the type to see conspiracies behind virtually every activity then I would put together several recent events into just such an anti-Apple, pro-WMA theory. But I am willing to chalk it up to iEnvy at this point. Everyone takes shots at the market leader.

  7. I suppose this is more a matter of symantics, but I think “hack” is more of a propper term for this. It’s not really breaking/cracking the DRM. It’s simply unlocking it (permanently) with the key you already have. It just knows where to find and how to use that key. Furthermore, it only works on your own files. Once someone actually comes up with a way to crack the encryption algorithm and generate keys, that’s when the DRM has been cracked.

  8. I just realized what the major flaw in the M$ Janus is going to be. Like ITMS someone will come up with a hack to remove the DRM for sure. In ITMS at least the first person will have actually paid for the song and there is therefore a kind of built-in limitation to how much you can steal – i.e. you can steal as much as you want but you have to buy the first copy. So if you want to steal 200 dollars worth of songs you have to buy 200 worth of songs first. With Janus and the subscription model users will have unlimited access to thousands of tunes for a low monthly fee. When someone cracks this it is gonna be johnny bar the door because users will be able to steal thousands of dollars of music for just the low monthly fee. I wonder how the recording industry is going to feel about that when it happens (and you KNOW it will)

  9. Anytime “Command Line” enters in the instructions, I get flashbacks to trying to start “hardhat mac” on my Apple IIe! This is silly. The news people are the only ones that find this news worthy so they can say somthing negative about iTMS. Nobody will use this.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.