backtop

Internet Engadget Interviews Author of FairUse4WM
Brandon Hill (Blog) - September 25, 2006 1:45 PM
Print E-mail del.icio.us 24 comment(s) - last by NullSubroutine.. on Sep 26 at 6:17 AM
Engadget gets down to the bottom of what's behind FairUse4WM

A small utility called FairUse4WM has been making the rounds for the past month and it has been giving the people at Microsoft quite a headache. The utility is able to strip Windows PlaysForSure media files of their digital rights management (DRM) allowing for unlimited playback and distribution.

Microsoft patched the first exploit a few days after its initial release only to see the author of FairUse4WM adapt to the new changes. Now we see that Microsoft is in full-blown attack mode and the Redmond-based company claims that it has developed a patch to render FairUse4WM 1.2 useless. But for every patch that Microsoft releases, there will likely be another update for FairUse4WM to get the ball rolling again.

In light of all of the news surrounding FairUse4WM and Microsoft's efforts to shut it down, Engadget was able to get an exclusive interview with the author the utility and get his thoughts on why he created the utility, how easy it was to code and how Microsoft dropped the ball on DRM:

Without revealing the secret sauce, what were the fundamental flaws with PlaysForSure that allowed you to break it? Did Microsoft know about these flaws?

Once code is released, there's really nothing secret anymore -- Microsoft didn't follow standard security practices, and left sensitive data unencrypted on the stack while calling routines out of kernel32.dll. Even when they fix this by changing malloc() to alloca(), it'll still be a big task to audit other sensitive routines for DLL calls. On a theoretical level, they have to send the decryption keys outside of their control, and their only defense is through obfuscation.

The creator of FairUse4WM states that Microsoft can patch and patch all they want to, but he will keep coming back with newer versions of his utility. The author goes on to mention that neither he nor Microsoft has a “nuclear option” so the two will just be tossing 2,000 lb "dumb" bombs back and forth for quite some time.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Nice
By krotchy on 9/25/2006 1:56:17 PM , Rating: 3
"He does mention that neither he nor Microsoft has a “nuclear option” so the two will just be tossing 2,000 lb "dumb" bombs back and forth for quite some time."

Best quote ive read in quite some time.




RE: Nice
By AmpedSilence on 9/25/2006 2:03:51 PM , Rating: 2
agreed, hopefully MS isn't developing the proverbial "nuclear bomb" while throwing these dumb bombs.


RE: Nice
By Vertigo101 on 9/25/2006 2:21:15 PM , Rating: 4
quote:
agreed, hopefully MS isn't developing the proverbial "nuclear bomb" while throwing these dumb bombs.


Of course they are: It's called Windows Vista.


RE: Nice
By breethon on 9/25/2006 8:05:14 PM , Rating: 2
That won't work....all you have to do is keep an old copy of XP on a different machine to strip the code, then you can use the files on Vista.


RE: Nice
By Drexial on 9/26/2006 2:58:22 AM , Rating: 2
i would have concidered Vista the Dumb Bomb


Making FairUse4WM was illegal
By Dactyl on 9/26/2006 3:23:04 AM , Rating: 3
I'd like to clear up a misconception about the law, and what is/is not legal.

17 U.S.C. section 1201 (part of the Digital Millenium Copyright Act)
http://caselaw.lp.findlaw.com/casecode/uscodes/17/...

quote:
Section 1201. Circumvention of copyright protection systems

(a) Violations Regarding Circumvention of Technological Measures.
- (1)(A) No person shall circumvent a technological measure that
effectively controls access to a work protected under this title.


Coding FairUse4WM was illegal under 17 U.S.C. section 1201(a). Updating it to match changes made by Microsoft is illegal.

Under 17 U.S.C. section 1202, using FairUse4WM under normal circumstances is illegal. Using it to strip DRM from files you are "renting" is illegal. Using it to strip DRM from files you bought and paid for is illegal. Sharing those files, after you've stripped the DRM, is illegal. Stripping the DRM from your files so you can load them onto your Zune is illegal.

I'm not saying this because I want it to be true, I'm saying it because it is true (and I already cited the law to prove it). The law sucks and it should be changed. But it is what it is and no amount of wishful thinking will change that.




RE: Making FairUse4WM was illegal
By NullSubroutine on 9/26/2006 3:56:17 AM , Rating: 2
Just because a law exists does not mean it is right, fair, or supported by the public. Adolf Hitler took power by legal means; the action done by the German government was also legal by German law. In our own history it was legal to own another person and was illegal to vote by racial minorities and women.

Most law reflects the interests of those in power, no matter what system of government. I am not suprized that the Intellectual Property laws were changed in this country given the billions of dollars of lobbying money spent.

Fair use laws have been torn to shreds and Music and Movie companies and they have been stacking up civil case law to change how our entertainment is viewed - per licsense basis. These companies who monopolize the entertainment industry are taking away rights; if the government did what they are doing, it would result in outright revolution.

Are these laws just, fair, or right? No, it does not. Everyone must examine their own sense of morality when deciding whether a given law is fair, just, or right.

I submit to you that this law in my eyes is not fair, just, or right. To me the idea that someone can have absolute control over something as abstract as an idea is complete lunacy. These companies are not artists needing protection of their content.

Their evil greed is none different than the fuedal lords of past; they control the land, the planting seeds, the workers, the crop, the distribution of the food, and when the food is allowed to be eaten.


RE: Making FairUse4WM was illegal
By Dactyl on 9/26/2006 5:06:10 AM , Rating: 2
Their evil greed is none different than the fuedal lords of past; they control the land, the planting seeds, the workers, the crop, the distribution of the food, and when the food is allowed to be eaten.

Music isn't food, nor is it analogous to food ("Black-Eyed Peas" notwithstanding). Our system today is different from the feudal one of yore, DRM does not control what sort of music the artists make, DRM does not affect what sort of music we can listen to. DRM is not mandatory; you are free to patronize artists who don't use it. They want to give away the "food" so badly over FM radio that Congess had to make it illegal to pay radio stations to play certain songs. Most importantly, DRM does not actually work, so they don't have any control at all.

If you're going to compare DRM to slavery and genocide, I'd say you're trivializing slavery and genocide. DRM is bad but it's not a great moral struggle of our age. Until Hitler goes platinum, we should leave him out of this.


By NullSubroutine on 9/26/2006 6:17:43 AM , Rating: 1
You are attempting to dislegitimize what I said by assuming I was equating slavery and genocide with Digital Rights Management. This is irresponsible. Hitler did more than just commit genocide; that was just the worse. The examples I gave are irrefutable abuses of power and law; that is the extent to the "link" I made.

Your reasoning that entertainment is not food also assumes I was equating food and entertainment. I said the greed and control is the same. Entertainment companies own all distribution rights of music and movies, they fund which movies are made, they fund which artists recieve marketing dollars. Simply like I said, the way they controlled the commodity (ie food/entertainment) is the same.

Fortunetely you do make an important point, and I will agree with you. DRM doesnt have absolute control...yet. You would be a fool not to recognize that the companies are trying to do what I and others have described. We only hope that such attempts will not be forced on consumers or will be rejected if it is.

We should still do what we can to educate people on the goal of these companies and how they are trying to crush your fair use rights (which DID exist IN law till lobbyist got law changed.)


As long as it's is for FOR USE
By ForumMaster on 9/25/2006 1:54:51 PM , Rating: 2
there is a similar app that strips the FairPlay DRM from iTunes music. however, it also encodes your data inside making it easy to track you if you release it on P2P. if FairUse is something similar, then i don't have a problem with it. WMA DRM is especially bad sometimes and i'd be glad to get rid of it so that i can listen to it on my ipod.




RE: As long as it's is for FOR USE
By ForumMaster on 9/25/2006 1:55:44 PM , Rating: 2
heh. meant fair use. i guess the preview doesn't always work. heh heh.


By Master Kenobi (blog) on 9/25/2006 2:24:46 PM , Rating: 2
This just strips Fairplay from the file, it doesnt add any tracking or whatnot.


But Mr Microsoft...
By SimonB on 9/25/2006 2:28:40 PM , Rating: 5
...we need to be able to rip the DRM from Microsoft PlaysForSure files so that we can play the songs on our Microsoft Zune players.




Hero
By porkster on 9/25/2006 6:29:32 PM , Rating: 2
Good going!!! DRM sucks all round and if Microsoft are so stupid to chase this false ideal, then let them waste tons of money int he process. Theya re only trying to please Media companies.




By ajfink on 9/25/2006 4:12:22 PM , Rating: 5
Hopefully not, since that would merely stifle a movement that may help see an end to platform-limiting DRM.


By armagedon on 9/25/2006 4:15:57 PM , Rating: 4
Here goes the old debate again ! The guy is merely designing a "tool" and not doing anything illegal. Not worse then all the companies who make guns. They get away with it.
The illegal action is the one who use it to strip his music and dump it for redistribution.


By Smurfer2 on 9/25/2006 5:11:23 PM , Rating: 2
Uh, I use DRM and it's ok, just makes me burn a lot of CDs. :( Not like I will put it on a P2P, don't even touch those programs. The debate continues on DRM's "evilness."


By Vertigo101 on 9/25/2006 6:29:16 PM , Rating: 2
quote:
Just out of curiosity, how does owning / manufacturing firearms relate to DRM in any way? What is illegal and wrong about manufacturing firearms?


I think he's thinking along the "Guns don't kill people, people kill people" train of thought.
(e.g. "Files don't illegally distribute themselves, Pirates illegally distribute them. Why punish/restrict the files?")

I don't think he really thinks guns are bad. (At least, I hope he doesn't.)


By Zirconium on 9/25/2006 6:31:43 PM , Rating: 4
Contrary to what cornfedone said, the guy who made FairUse4WM is not actually distributing copyright content. What he is doing is making a tool that can be used legally or illegally. This is similar to a firearms manufacturer. Thus, the author should not be held liable for illicit use of his program, because gun makers are not currently liable for murders committed with firearms. If you still don't get it, I'm not sure how to make it any clearer.