Authorize/Deauthorize Computers: Details

Posted:
in iPod + iTunes + AppleTV edited January 2014
I have read through most of the literature on the Apple site and the help for iTunes, but I still could not figure out one issue on the auth/deauthorize "feature" with bought music for iTunes.



How exactly does Apple know how many computers are authorized (I think I remember reading that you need to be connected to the internet when changing authorization, so is there a central server)? What happens when an authorized computer breaks or gets stolen (each of these has happened to me in the last year, and I have to deal with reactivating Sibelius, an application that uses a similar copy protection scheme, each time)?



In one of the Knowledge base papers, it tells you to deauthorize a computer before reinitializing the hard drive. This is fine and all, but what happens when the computer takes the initiative and "reinitializes" for you (assuming you have the music backed-up)?

Comments

  • Reply 1 of 8
    chucksterchuckster Posts: 56member
    I have searched for the last couple of days for an answer to this question, and I still can't come up with anything.



    Anyone... anyone...
  • Reply 2 of 8
    nebrienebrie Posts: 483member
    Quote:

    Originally posted by chuckster

    I have searched for the last couple of days for an answer to this question, and I still can't come up with anything.



    Anyone... anyone...




    Not sure if this is true, but someone mentioned that the authorization can withstand reinitialization signaling that it's tied to the hardware; the MAC address perhaps as many copy protection schemes use.
  • Reply 3 of 8
    shetlineshetline Posts: 4,695member
    Quote:

    Originally posted by chuckster

    In one of the Knowledge base papers, it tells you to deauthorize a computer before reinitializing the hard drive. This is fine and all, but what happens when the computer takes the initiative and "reinitializes" for you (assuming you have the music backed-up)?



    I've wondered about this too, or situation such as your whole computer failing so badly it can't be started up again, or your computer being lost or stolen.



    If I'm in warranty on my computer, or willing to pay for repairs out of warranty, and Apple replaces my whole computer or whatever part of my computer it is which provides a unique DRM identity, will Apple transfer my DRM rights for my music?



    If I'm not willing to repair my old system, but want to buy a new one, will Apple transfer my DRM rights to the new computer?



    I suppose the answer in the case of the computer being stolen might be "Well, you're just out of luck the same way you would be if your CDs were stolen."



    However, if my CDs were lost or stolen, I could get my homeowners insurance to cover my losses (less the unpleasantness of some deductible, of course). But I can't imagine my insurance company giving a damn if I told them that my lost or stolen computer contained $1000 worth of digital music.



    They'd probably say, "It's your fault if you didn't back up the files."



    To which I would reply "I did back up my files. But I just lost my one third the number of computers I can play that music on."



    I image their reply would be: "I'm sorry, sir, but there's nothing we can do about that."
  • Reply 4 of 8
    jlljll Posts: 2,713member
    .
  • Reply 5 of 8
    jlljll Posts: 2,713member
    Quote:

    Originally posted by shetline

    They'd probably say, "It's your fault if you didn't back up the files."



    To which I would reply "I did back up my files. But I just lost my one third the number of computers I can play that music on."




    Apple could probably just reset the number of iTunes that you have authorized, and you would have to authorize all three iTunes again.
  • Reply 6 of 8
    bka77bka77 Posts: 331member
    Quote:

    Originally posted by chuckster





    How exactly does Apple know how many computers are authorized (I think I remember reading that you need to be connected to the internet when changing authorization, so is there a central server)?




    This is the key question!!!!
  • Reply 7 of 8
    david rdavid r Posts: 135member
    Has anyone emailed customer service and asked?
  • Reply 8 of 8
    curiousuburbcuriousuburb Posts: 3,325member
    i'm guessing it is based on PublicKeyEncryption and similar to the iProof (RIP Server) auth/deauth model.

    < my what a clean face you have, Mr. Occam >



    CPU or mobo id is used to generate a public/private key, your key is logged by Apple's server, which also generates a key (and increments the count of active keys). this key(or keypair) is required to play the encrypted tracks which have been encoded based on the public/private keys on the server.



    iProof's licence had 5 machines in its license system and a similar authorize/deauthorize requirement.

    pull down a menu from a running (but unauthorized and crippled) copy of the RIP on the machine you want, it generates a codestring. copy and paste that codestring into a textfield on a secure page at iProofSystems.com.

    returning codestring is provided for that specific machine and the counter ticks off an 'authorized' machine of your alloted 5 on their server.

    enter the returning codestring into the field on your Mac and you enable the full software.

    IIRC, processor/mobo upgrade would impact the auth status, braincramp trying to recall specific advise about drive wipe

    to deauthorize, slug your code back into the iProof web and it revises your allotment back up.

    could you still use the machine?

    < now i've got to reread iProof docs to see which they used >

    (honour system) yep. until next upgrade or reinstall required new matching key.

    (occam theory) nope. simple to require generation of a deauth code as an irreversible action that then purges your Mac's key. paste the unique deauth code in to the website to reincrement your allotment of machines.



    and at one point we had an event which required a phone call to tech support over an MIA machine's licence using up our quota, and the iProof folks were understanding enough to revise it (once). Apple support policies may vary.



    picture a form of the same model.

    go to new machine. pull down menu. copy and paste keys to and from the website and software. counter goes *tick*. music plays.

    try to play encrypted music on an unauthorized Mac (with it's own unique key) with copied key from another machine? nada. matching keys required.



    my money is on Apple implementing unique key pairs for each phase of the authorization process. PKE is robust enough to satisfy the Labels and the Industry, and Apple will likely make the process far more elegant and seamless than i've made it seem.



    any cryptography buffs who want to quote Diffie or Zimmerman or explain the math?

    <*waves baton*>
Sign In or Register to comment.