Broken: Hash/checksum that blocked new iPods from Linux synching

That hash/checksum mentioned previously on Boing Boing has apparently been broken: Link.

10

  1. This honestly doesn’t strike me as something meant to specifically block non-iTunes synching, but just an internal change meant to fix some bug or other problem they had.

    Still..

    Hell yeah.

  2. The coder has posted the source code for generating the 0x58 hash online in the two following archives:

    http://main.wtbw.co.uk/hash58.zip
    http://main.wtbw.co.uk/hash_linux.zip

    It looks like this is the real deal. Hopefully someone will be able to integrate this into some of the more well-known iPod programs on Linux soon.

    And I agree – I don’t see this as something intended to keep other developers out, but I’m guessing it’s more supposed to be a checksum with a bad way of error-handling. Of course, we may never know, and it’ll probably never matter.

    Andy

  3. The point wasn’t that it was unbreakable — the point was that now it’s potentially illegal under the DMCA to interface with an iPod, because you have to break the hash to load your own music onto it. Given that Apple has already used the DMCA to threaten competitors who interfaced with the iPod without permission, and now that it has built a stronger case for a DMCA suit, what do you think that competitors’ legal departments and investors will say when someone proposes making alternative iPod software — say, something that loads the DRM-free Universal tracks from Amazon straight onto your iPod?

  4. Was there any indication that this is meant to be access control? I mean, given their history, I wouldn’t entirely put it past them to claim such, but I’m not sure I see anything of the sort here.

  5. While it may be illegal in the US to break this restriction, surely the restriction itself may well be judged to be illegal in European countries, as a barrier to digital compatibility and thus trade?

  6. lev3k – No, really. This was put in for this exact reason. As Mr. Doctorow has pointed out in the comments, “The point wasn’t that it was unbreakable — the point was that now it’s potentially illegal under the DMCA to interface with an iPod, because you have to break the hash to load your own music onto it.”

    Only it’s not ‘potentially’ illegal, it is. You are circumventing a hash, which is pretty clear in the DCMA that doing that is a big no-no.

    Unless it is for educational reasons. Then it’s okay. I also guess that one could argue that it would fall under the same legislation as DeCSS is, since there is no official iTunes on Linux.

    It doesn’t bother me one iota, as I never plan on owning an iPod (Bought or from a gift) and I have no need for any sort of music player. Satellite radio works JUST fine for me, thanks.

    But Cory is right. There is no way to stop this nonsense, as Apple has gotten so big at this point that they are able to dictate what their users want. They change all the accessories every time they release a new device, continually break compatability of their own programs for the sake of ‘innovation’, and so on and so on.

    Apple has become rotten and we need to remove them from the barrel, lest it spoils them all.

  7. Count me amongst the “it’s a checksum, get over it” brigade; hashes don’t get “broken” in the same way that public/private keypairs, or hashed-passwords do[1] – they are computed/recomputed from information which is in cleartext. Nobody’s mentioned going more than ripping a few plaintext bytes out of an executable and mixing the iPod’s hardware address (or something similar) into the mix.

    It’d be up to a Judge to work out whether that’s forging a credential or some such, and he’d probably be looking at “intent” to make a decision.

    Frankly, I’m more surprised at the implication that the databases formerly didn’t have something like that.

    My bet is that it has arisen with the prevalence of flash-memory iPods, as spinning rust has more obvious failure modes – like being dead, for instance.

    [1] Google “john the ripper” or “RSA155” for examples

  8. Even if the Digital Millenium Anti-Constitutional/Consumer Act does apply (like if it was actually using encryption), there is a good chance that in this case the copyright office might issue an exemption, considering it is protecting a business practice rather than copyright. (See Sim Phone unlocking). So, such a prospect of apple suing is rather moot, and might earn it severe anti-trust legal wrangling in other consumer protecting locales. (Like those that are not in a race to the bottom like the US).

Comments are closed.