November 27, 2005

Who v. Who - more on the dilemma of the classical attacker

In the military they say no plan survives the first shot, and call this aptly "the fog of war." The best laid plans of the security industry and various parliaments (US Congress, the European Union, etc) are being challenged in war as in music. Now comes news that one DRM supplier is threatening to reverse-engineer the DRM of another supplier.

A company that specializes in rights-management technology for online stores has declared its plans to reverse-engineer the FairPlay encoding system Apple uses on iTunes Music Store purchases. The move by Cupertino-based Navio Systems would essentially break Apple’s Digital Rights Management (DRM) system in order to allow other online music retailers to sell downloads that are both DRM-encoded and iPod-compatible by early 2006.

“Typically, we embrace and want to work with the providers of the DRM,” said Ray Schaaf, Navio’s chief operating officer. “With respect to FairPlay, right now Apple doesn’t license that, so we take the view that as RealNetworks allows users to buy FairPlay songs on Rhapsody, we would take the same approach.”

In 2004, after unsuccessfully courting Apple to license FairPlay, RealNetworks introduced its Harmony technology, which allowed users to buy music from online sources other than the iTunes Music Store and transfer it to their iPod. RealNetworks’ move was then denounced by Apple as adopting “the tactics and ethics of a hacker to break into the iPod.” In December of 2004, Apple shot back by releasing an iPod software update that disabled support for RealNetworks-purchased songs.

I forgot to add: This trend is by no mean isolated, as pointed to by Adam. Here's an account of AOL inserting capabilities into our computers. I noticed this myself, and had to clean out these bots while making a mental note to never trust AOL with any important data or contacts.

Big mistake. That was my list, not AOL's. They've violated my personal space. By doing this they've demonstrated that my data — my list of contacts — can be tampered with at their whim. I have to wonder what comes next? Can my lists be sold, or mined for more data? Will they find out if my buddies purchase something online and then market that thing to me, on the assumption that I share mutual tastes? Just what is AOL doing with my data?


Posted by iang at November 27, 2005 10:00 AM | TrackBack
Comments

12/14/05
Can you find the cartoons:
of Spy vs. Spy and post them to Who vs. Who?
This black and white graphic could spruce the site.
One or two Spy vs. Spy cartoons
from the 1960s editions of Mad Magazine would do it! ;-)

Posted by: tolstoy08540 at December 15, 2005 12:17 AM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.