Here we have an entirely different situation where the individual got direct access to the hardware and software. Honestly this guy could go to jail for years.
But it's open source so it's okay
Quote:
Originally Posted by AppleInsider
The AirPlay key was reverse-engineered by developer James Laird, who has published the information in an open-source emulator dubbed ShairPort.
So it's Apple's fault that you didn't bother to see if your device would work?
What this guy just did was deprive Apple of potentially millions of dollars in revenue. If you don't like Apple's ecosystem, no one's making you buy it, but enabling other vendors to make their systems work with Airplay is a violation of Apple's intellectual property rights.
If you don't like it - you're free to create your own system.
...
I find your reading comprehension skills to be lacking.
I clearly explained in plain english that I thought it was a "technical limitation" that Apple would be scrambling to fix.
I thought Apple would want to sell millions of these things. After 7 years, I still don't think they have sold millions. Simply put - They locked it down and it flopped. Probably why nobody bothered hacking it sooner.
Now that it's been re-branded as Airplay for iDevices, it's worth removing the built-in nerfs and restrictions.
Quote:
Originally Posted by jragosta
If you don't like it - you're free to create your own system.
Well... uuuh... that's exactly what people are doing... this hack will allow me to create my own system. I already bought the hardware from Apple, they got their money - now I want to make that hardware actually work for my system. What's the problem?
It's not like I'm going to be manufacturing or selling anything that takes money out of Apple's pocket or stealing anything... I'm modifying MY hardware. (pretty sure someone will release some firmware to fix the AE).
Apple doesn't sue people who drop, paint, blend, smash, make love to? - their products in the privacy of their own homes... so what business is it of Apple's if I modify MY device so that I can listen to YouTube audio on my stereo in my own home?
Or are you saying that Apple has the right to send out goon squads to make sure people are using the hardware they manufacture properly?
This may be a shock to you, but US law does not apply - well outside the US.
There is no word in the article where this guy is based.
I read the article and thought, damn good job he probably doesn't live in USA. If I were to guess on country based upon his name, I'd say Scotland. And we thankfully don't have a DMCA :-)
Or are you saying that Apple has the right to send out goon squads to make sure people are using the hardware they manufacture properly?
Give your head a shake man.
THIS!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
Jon Lech Johansen (aka: DVD Jon) "had reverse engineered FairPlay and written VLC's FairPlay support. It has been available in VideoLAN CVS since January 2004, but the first release to include FairPlay support is VLC 0.7.1 (released March 2, 2004),? according to Wikipedia.
I thought reverse-engineering was legal. Wasn?t that what Compaq did with BIOS to become the success story they were? If you don?t use a "clean room? for the reverse engineering is then stealing?
:Well... uuuh... that's exactly what people are doing... this hack will allow me to create my own system.
How does stealing someone else's intellectual property constitute creating their own system?
Quote:
Originally Posted by habermas
THIS!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
You mis-spelled "Apple fans are willing to pay for innovative products and object to people stealing technology that doesn't belong to them".
Quote:
Originally Posted by habermas
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
It is Apple's own fault really. Normally you are supposed to keep your private key in your own possession so that no one else can impersonate you to authenticate/encrypt data. They should have kept it on the server and made the authentication over the internet, but that would have been too slow so they tried to pull a sneaky and hide it in the ROM. They might as well have printed it on the outside of the box.
Yes, but what is considered misuse and what is considered fair use is interpreted differently from country to country.
Most countries give consumers far more rights than the US does.
That may be true. From what I have observed, the amount of protection countries give to intellectual property is roughly proportional to the amount of intellectual property created
in that country. In other words, countries which allow stealing of IP are not creating much
IP themselves. And, as a corollary, if countries which do not protect IP originating outside
their borders ever do invent anything worth stealing, they should not complain if it is stolen.
It's one thing to hack a product that you bought, if the hacked device is only for personal use. It's legally your property.
It's quite another to distribute proprietary information or trade secrets to the open market so that other people can hack their devices. No one can legally sell any products that rely on stolen proprietary information of a competitor. This sort of thing only gives rise to illegitimate enterprise and the market, trade regulations, and wait for it... TORT LAW, really frown on this kind of crap.
Expect Apple to seek an injunction preventing this idiot from sharing his information, an injunction against anyone who tries to use it, and damages for lost revenue and probably costs associated with repairing the damage to their intellectual property.
It's one thing to hack a product that you bought, if the hacked device is only for personal use. It's legally your property.
It's quite another to distribute proprietary information or trade secrets to the open market so that other people can hack their devices. No one can legally sell any products that rely on stolen proprietary information of a competitor. This sort of thing only gives rise to illegitimate enterprise and the market, trade regulations, and wait for it... TORT LAW, really frown on this kind of crap.
Expect Apple to seek an injunction preventing this idiot from sharing his information, an injunction against anyone who tries to use it, and damages for lost revenue and probably costs associated with repairing the damage to their intellectual property.
It isn't intellectual property, it is a PGP key. The rest of the code was quite trivial to rewrite from scratch but the key was essential for the iPad/iPhone to communicate with aTV. The iPhone has the public key inside the application and it can encrypt data that only someone/device with the matching private key can decrypt. When the private key detects the message from the public key it sends the signal to invoke the AirPlay icon on the menu bar and add itself to the list of devices able to communicate that protocol.
If Apple had followed proper protocol, they would have made the authentication over the Internet instead of putting the key inside the device. The only problem was that unless you were connected to the Internet, AirPlay would not work and would react quite a bit slower.
MStone: Thanks for the viewpoint and explanation. Short and to the point, as well as easy to understand even by a neophyte such as myself.
I think they can fix it with software update for iPhone and aTV, and flash the rom on aTV, so this exploit it is of limited usefulness to the hackers. It will be inconvenient to have to upgrade both devices at the same time but other than that no biggie. More cat and mouse.
Well if I hid my credit card under a rock next to my front door, would I be shocked to learn that someone discovered it there?
No - of course you wouldn't be shocked at all. However, it would still be theft if having discovered it they then used it.
This case doesn't seem quite so clear cut though. Breaking encryption schemes to acquire material in a form other than that in which it was purchased is often regarded as theft. Decrypting an audio stream of material that you already own or have access to might be argued as legitimate though. Presumably Apple would have to demonstrate some kind of loss to pursue this, and the only one that I can think of is possibly a reduced sale of Airport Express units. That seems a little tenuous, but maybe it is good enough. Am I missing a bigger picture here?
Well if I hid my credit card under a rock next to my front door, would I be shocked to learn that someone discovered it there?
Thanks for the explanation above. That was actually really helpful.
I'll respond to your metaphor with another metaphor.
A person with a cheap lock on their front door is entitled to the same legal protections from robbers as a person with with a padlock and dead bolt.
If Apple didn't disclose this information and if it made the functionality of their devices unique in any way, then to retrieve the information and share it with the open market is some kind of legal injury to Apple.
I hope Apple makes the guy suffer, I own Apple stock. : )
Thanks for the explanation above. That was actually really helpful.
I'll respond to your metaphor with another metaphor.
A person with a cheap lock on their front door is entitled to the same legal protections from robbers as a person with with a padlock and dead bolt.
If Apple didn't disclose this information and if it made the functionality of their devices unique in any way, then to retrieve the information and share it with the open market is some kind of legal injury to Apple.
I hope Apple makes the guy suffer, I own Apple stock. : )
Ok let me be clear about my philosophy about hacking because my metaphor was't that good.
Let's say you have a server that gets hacked by someone from China. Do you send a hit squad to China, cut off all access to your server from China IP addresses, try to hack back in revenge? No you beef up your own security and prevent anyone from exploiting you in that way again.
Apple assumed that people would play nice and ethically with their device. Bad assumption regardless of the moral high ground. Sure the guy made Apple look bad, but he did very little harm to them. Apple can fix it and learn not to be so clever by half like hiding something in plain sight.
Of course the right thing to do would have been to inform Apple prior to releasing the hack and we don't actually know if he did that or not, but it doesn't look like it.
Comments
Here we have an entirely different situation where the individual got direct access to the hardware and software. Honestly this guy could go to jail for years.
But it's open source so it's okay
The AirPlay key was reverse-engineered by developer James Laird, who has published the information in an open-source emulator dubbed ShairPort.
Found his email in the source code:
jhl@mafipulation.org
If you whois the domain he is apparently in Austrailia
So it's Apple's fault that you didn't bother to see if your device would work?
What this guy just did was deprive Apple of potentially millions of dollars in revenue. If you don't like Apple's ecosystem, no one's making you buy it, but enabling other vendors to make their systems work with Airplay is a violation of Apple's intellectual property rights.
If you don't like it - you're free to create your own system.
I find your reading comprehension skills to be lacking.
I clearly explained in plain english that I thought it was a "technical limitation" that Apple would be scrambling to fix.
I thought Apple would want to sell millions of these things. After 7 years, I still don't think they have sold millions. Simply put - They locked it down and it flopped. Probably why nobody bothered hacking it sooner.
Now that it's been re-branded as Airplay for iDevices, it's worth removing the built-in nerfs and restrictions.
If you don't like it - you're free to create your own system.
Well... uuuh... that's exactly what people are doing... this hack will allow me to create my own system. I already bought the hardware from Apple, they got their money - now I want to make that hardware actually work for my system. What's the problem?
It's not like I'm going to be manufacturing or selling anything that takes money out of Apple's pocket or stealing anything... I'm modifying MY hardware. (pretty sure someone will release some firmware to fix the AE).
Apple doesn't sue people who drop, paint, blend, smash, make love to? - their products in the privacy of their own homes... so what business is it of Apple's if I modify MY device so that I can listen to YouTube audio on my stereo in my own home?
Or are you saying that Apple has the right to send out goon squads to make sure people are using the hardware they manufacture properly?
Give your head a shake man.
Relax.
This may be a shock to you, but US law does not apply - well outside the US.
There is no word in the article where this guy is based.
I read the article and thought, damn good job he probably doesn't live in USA. If I were to guess on country based upon his name, I'd say Scotland. And we thankfully don't have a DMCA :-)
But misuse of intellectual property is covered in World Trade Organization agreements, so merely being outside the US won't necessarily protect
this guy.
Yes, but what is considered misuse and what is considered fair use is interpreted differently from country to country.
Most countries give consumers far more rights than the US does.
If you don't like it - you're free to create your own system.
Ah, your old reliable put downs.
Why don't you wheel out "you obviously have no experience running a business" again?
Or are you saying that Apple has the right to send out goon squads to make sure people are using the hardware they manufacture properly?
Give your head a shake man.
THIS!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
Jon Lech Johansen (aka: DVD Jon) "had reverse engineered FairPlay and written VLC's FairPlay support. It has been available in VideoLAN CVS since January 2004, but the first release to include FairPlay support is VLC 0.7.1 (released March 2, 2004),? according to Wikipedia.
I thought reverse-engineering was legal. Wasn?t that what Compaq did with BIOS to become the success story they were? If you don?t use a "clean room? for the reverse engineering is then stealing?
That would be "Phoenix Technologies".
Cheers
:Well... uuuh... that's exactly what people are doing... this hack will allow me to create my own system.
How does stealing someone else's intellectual property constitute creating their own system?
THIS!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
You mis-spelled "Apple fans are willing to pay for innovative products and object to people stealing technology that doesn't belong to them".
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
He's a common criminal.
THIS!
It's amazing how many Apple shareholders are cluttering up this forum with mindless drivel about how they're willing to sell out to the man and enslave themselves forever to the whims of Steve Jobs just because they bought a hardware device made by Apple.
Fortunately the old hacker culture is still alive and kicking as evidenced by Mr. Laird. My hat is off to you for enhancing the consumer's options and preserving his freedom of choice!
It is Apple's own fault really. Normally you are supposed to keep your private key in your own possession so that no one else can impersonate you to authenticate/encrypt data. They should have kept it on the server and made the authentication over the internet, but that would have been too slow so they tried to pull a sneaky and hide it in the ROM. They might as well have printed it on the outside of the box.
Yes, but what is considered misuse and what is considered fair use is interpreted differently from country to country.
Most countries give consumers far more rights than the US does.
That may be true. From what I have observed, the amount of protection countries give to intellectual property is roughly proportional to the amount of intellectual property created
in that country. In other words, countries which allow stealing of IP are not creating much
IP themselves. And, as a corollary, if countries which do not protect IP originating outside
their borders ever do invent anything worth stealing, they should not complain if it is stolen.
It's one thing to hack a product that you bought, if the hacked device is only for personal use. It's legally your property.
It's quite another to distribute proprietary information or trade secrets to the open market so that other people can hack their devices. No one can legally sell any products that rely on stolen proprietary information of a competitor. This sort of thing only gives rise to illegitimate enterprise and the market, trade regulations, and wait for it... TORT LAW, really frown on this kind of crap.
Expect Apple to seek an injunction preventing this idiot from sharing his information, an injunction against anyone who tries to use it, and damages for lost revenue and probably costs associated with repairing the damage to their intellectual property.
that some folks are missing.
It's one thing to hack a product that you bought, if the hacked device is only for personal use. It's legally your property.
It's quite another to distribute proprietary information or trade secrets to the open market so that other people can hack their devices. No one can legally sell any products that rely on stolen proprietary information of a competitor. This sort of thing only gives rise to illegitimate enterprise and the market, trade regulations, and wait for it... TORT LAW, really frown on this kind of crap.
Expect Apple to seek an injunction preventing this idiot from sharing his information, an injunction against anyone who tries to use it, and damages for lost revenue and probably costs associated with repairing the damage to their intellectual property.
It isn't intellectual property, it is a PGP key. The rest of the code was quite trivial to rewrite from scratch but the key was essential for the iPad/iPhone to communicate with aTV. The iPhone has the public key inside the application and it can encrypt data that only someone/device with the matching private key can decrypt. When the private key detects the message from the public key it sends the signal to invoke the AirPlay icon on the menu bar and add itself to the list of devices able to communicate that protocol.
If Apple had followed proper protocol, they would have made the authentication over the Internet instead of putting the key inside the device. The only problem was that unless you were connected to the Internet, AirPlay would not work and would react quite a bit slower.
MStone: Thanks for the viewpoint and explanation. Short and to the point, as well as easy to understand even by a neophyte such as myself.
I think they can fix it with software update for iPhone and aTV, and flash the rom on aTV, so this exploit it is of limited usefulness to the hackers. It will be inconvenient to have to upgrade both devices at the same time but other than that no biggie. More cat and mouse.
How does stealing someone else's intellectual property constitute creating their own system?
An understanding of internation IP protection and reverse engineering would help you formulate replies
It isn't intellectual property, it is a PGP key. .
OK, then you won't mind if someone steals your credit card numbers or the passwords to your accounts. After all, those are just numbers.
OK, then you won't mind if someone steals your credit card numbers or the passwords to your accounts. After all, those are just numbers.
Well if I hid my credit card under a rock next to my front door, would I be shocked to learn that someone discovered it there?
Well if I hid my credit card under a rock next to my front door, would I be shocked to learn that someone discovered it there?
No - of course you wouldn't be shocked at all. However, it would still be theft if having discovered it they then used it.
This case doesn't seem quite so clear cut though. Breaking encryption schemes to acquire material in a form other than that in which it was purchased is often regarded as theft. Decrypting an audio stream of material that you already own or have access to might be argued as legitimate though. Presumably Apple would have to demonstrate some kind of loss to pursue this, and the only one that I can think of is possibly a reduced sale of Airport Express units. That seems a little tenuous, but maybe it is good enough. Am I missing a bigger picture here?
Well if I hid my credit card under a rock next to my front door, would I be shocked to learn that someone discovered it there?
Thanks for the explanation above. That was actually really helpful.
I'll respond to your metaphor with another metaphor.
A person with a cheap lock on their front door is entitled to the same legal protections from robbers as a person with with a padlock and dead bolt.
If Apple didn't disclose this information and if it made the functionality of their devices unique in any way, then to retrieve the information and share it with the open market is some kind of legal injury to Apple.
I hope Apple makes the guy suffer, I own Apple stock. : )
Thanks for the explanation above. That was actually really helpful.
I'll respond to your metaphor with another metaphor.
A person with a cheap lock on their front door is entitled to the same legal protections from robbers as a person with with a padlock and dead bolt.
If Apple didn't disclose this information and if it made the functionality of their devices unique in any way, then to retrieve the information and share it with the open market is some kind of legal injury to Apple.
I hope Apple makes the guy suffer, I own Apple stock. : )
Ok let me be clear about my philosophy about hacking because my metaphor was't that good.
Let's say you have a server that gets hacked by someone from China. Do you send a hit squad to China, cut off all access to your server from China IP addresses, try to hack back in revenge? No you beef up your own security and prevent anyone from exploiting you in that way again.
Apple assumed that people would play nice and ethically with their device. Bad assumption regardless of the moral high ground. Sure the guy made Apple look bad, but he did very little harm to them. Apple can fix it and learn not to be so clever by half like hiding something in plain sight.
Of course the right thing to do would have been to inform Apple prior to releasing the hack and we don't actually know if he did that or not, but it doesn't look like it.