Apple disables iTunes hack

TalkBack 29 of 33:

Next »

« Previous

• Thread View
• Flat View

What do you mean hard- they're already in

The software still has access to I-tunes. It just validation to get the music - a packet sniffer and previous packets from old system will tell you how the validation works. It's not against the law to develope a product that communicates with another website or protocol. It may violate the EULA for the original software (but they don't know which users are in breach of it - since the software will comunicate with full rights like the original). All they can do is rotate the validation procedure, either through updates or modify the software to catch a new validation number every week. which will only force the people to make the modification just as easily as the apple change. It's not rocket science, I know, Im a programmer. It's will only make it slightly more tiresome for developers of the software (to make changes at about the same speed as Apple's changes).

If you read my other post, sniffing packets to see how a software communicates to another computer is not against the law (MPAA & RIAA do it regularly), it's easy to do and you keep a log of all the data as it's received. Since the validation has to be in the comunication it should be easy to spot , in comparison to the earlier system's packets/data. Just look for what changed and copy the results -it either will have to use a persons music key (or something similiar) or a fixed key system. Either one will be detected in the communication and changes made in a future hack's update. Even if you encrypt/hide the the key it will be figured out.

All this becomes is a useless war. It costs way more money and time to develope protection schemes than breaking them. The industry (apple) will lose because of that simple fact. Which is why the best experts say this is a losing battle.

All Apple can do is make it tiresome to make changes on a regular basis. If they wish to do otherwise , means a complete change to the system, requiring encryption from the start (and then keys will have to be distributed - which can also be spotted - which won't work either I guess you could build it right into the software - but that will be figured out too. CSS did the same thing - it doesn't work).

Untill you are a cryptographer/programmer (like myself) you don't appreciate the ease of breaking ciphers. only tough ones like PGP (128 or 256 bit encryption)are tough. but even they can be broken - but unlike them keys change from message to message - making long term breaking improbable (you may catch the odd one).

what is needed it a transmutable encryption scheme(prior to sending and changes each DL) and a rotatimg/updateable key mechanism (after each DL).

Posted by: twinkler@...   Posted on: 03/21/05 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now
• Get top-ranked Novell support for Red Hat when you switch Novell If Linux is going to power your mission-critical applications, you'd ... Download Now
• Secure Copy Version 5.0.2 ScriptLogic Secure Copy? is a powerful, comprehensive migration solution that ... Download Now