Microsoft’s DRM ‘cracked’

Gargoyle (Gargoyle) Microsoft's digital rights management (DRM) for Windows Media protected files has been broken, according to news sources. A new program can strip the protection from the files, leaving them with unrestricted uses. That is, until Microsoft closes the hole.

August 29, 2006 10:02 AM ET in News,

Microsoft’s digital rights management (DRM) for Windows Media protected files has been broken, according to news sources. A new program can strip the protection from the files, leaving them with unrestricted uses. That is, until Microsoft closes the hole.

A program called Fairuse4wm has been posted on the net and is apparently capable of breaching Microsoft’s Digital Rights Management (DRM) system.

It could spell problems for internet music shops, potentially enabling users to download unlimited files.

However, an analyst said Microsoft was probably working to “close the hole”.

And Microsoft [i]will[/i] close the hole. Their DRM system can be dynamically, seamlessly updated. What’s significant about this development is not just that people can “free” their restricted files for the next few days until Microsoft fixes the problem. It also means that now that DRM has been cracked once, more hackers will likely get into the game, and breaches of DRM could become more common. Perhaps most importantly, it is a clear signal the people are not ready to kick the free (or at least, unrestricted) music habit anytime soon, and companies that embrace that fact may be putting themselves in a more realistic position.

In a related story, the world’s largest music group is allowing its music to be downloaded for free from an advertisement-supported service: Link

Source: BBC News

27 Comments:

  1. Thrax
    29 Aug '06, 2:25 pm

    Something to note: The DRM schema can't be updated unless you let it update your licenses and files.

  2. Gargoyle
    29 Aug '06, 2:51 pm

    Would that happen automatically if you're using a service like Napster? When I start Napster up, it gives some ambiguous messages like "updating library."

  3. airbornflght
    29 Aug '06, 3:26 pm

    DRM will always be cracked, it is just a game of cat and mouse imo...

  4. Thrax
    29 Aug '06, 8:08 pm

    Okay, it's officially been patched. Anyone who was connected to the internet and launched their respective DRMed service late last night had an updated DRM control downloaded to their PC. Author is working on version 1.2. Only way to avoid it was to back up the old DLL, and use a hex editor to update the version # to the new version while leaving the old hackability.

  5. muddocktor
    29 Aug '06, 10:01 pm

    I'll just stick with Tunebite for now and avoid all the mess.

  6. Thrax
    5 Sep '06, 5:55 pm

    Recracked. Version 1.2 strips the newest blackbox keys by Microsoft for WMA10 and 11, as well as V1 copyright protection that a user might accidentally place on their CD when they rip it with WMP10/11.

  7. airbornflght
    5 Sep '06, 5:56 pm

    yay

  8. Justin
    5 Sep '06, 6:11 pm

    Mudd knows best. Tunebite>DRM.

  9. Thrax
    5 Sep '06, 8:25 pm

    Yeah, except you lose a hell of a lot more quality going through the internal loopback than you do with a WMA -> MP3 conversion.

  10. airbornflght
    5 Sep '06, 10:39 pm

    yeh, DRM sucks, plain and simple. This almost makes me want to redownload all 6,000 tracks from napster again. oh well, I record at 192kb/s, and it sounds pretty good to me. and that is all that really counts. Still not sure if DRM is gonna work in the long term or not. It just keeps getting cracked...

  11. Kwitko
    5 Sep '06, 11:02 pm

    Apple iTunes 6 DRM has also been cracked.

  12. Gargoyle
    5 Sep '06, 11:07 pm
    Quoting airbornflght

    Still not sure if DRM is gonna work in the long term or not. It just keeps getting cracked...

    Since the people out there cracking and haxing music files out there are the minority, the biggest factor will be how much money the DRMed services make. If Napster and iTunes keep making a profit, they won't change their ways unless they think they'll make more money.

  13. muddocktor
    6 Sep '06, 2:13 am
    Quoting Thrax

    Yeah, except you lose a hell of a lot more quality going through the internal loopback than you do with a WMA -> MP3 conversion.

    I've actually been pretty impressed with the quality of the rip with Tunebite. I've played the original DRM'ed WMV file and then followed it with the mp3 rip back to back and honestly, I can't tell the difference between them And that is with playing either through my Z5500's or through my Bose headphones. I do rip to 192 kb/s to preserve as much quality as possible though. I can definitely hear the difference between a 192 rip or 128 rip.

  14. mephisto
    22 Sep '06, 3:24 pm

    I've purchased [link removed] and it's worth buying.

  15. Kwitko
    22 Sep '06, 4:16 pm

    I've banned mephisto and he's worth banning.

  16. profdlp
    22 Sep '06, 9:57 pm

    I laughed at KwitCo™'s last comment and it was worth laughing.

  17. airbornflght
    26 Sep '06, 1:54 am

    Patched.

    I find it funny how microsoft can not fix a zero day vulnerability in a reasonable amount of time, yet they can patch this within days.

  18. Thrax
    26 Sep '06, 2:12 am

    No, it's still unpatched.

  19. airbornflght
    26 Sep '06, 3:11 am
    Quoting Thrax

    No, it's still unpatched.

    Is it? engadget is reporting that it is fixed. and wmp crashed while trying to extract the key, where it worked 2 nights ago. so im guessing he will find a workaround in a a couple of days.

  20. Gargoyle
    26 Sep '06, 7:26 pm
    Quoting airbornflght

    ...so im guessing he will find a workaround in a a couple of days.

    Viodentia seems to think so.

    Quoting Interview with Viodentia

    What do you think of Microsoft's latest memo, which claims to patch version 1.2?

    I'll reserve full commentary until I've had a chance to examine the new IBX in more detail. I'll release a new version sometime this week.

  21. Thrax
    27 Sep '06, 6:11 pm

    RE: RE: RE: Cracked.

    v1.3 is out, and gets around Microsoft's newest patch.

  22. Private_Snoball
    27 Sep '06, 7:24 pm
    Quoting Thrax

    RE: RE: RE: Cracked.

    v1.3 is out, and gets around Microsoft's newest patch.

    It looks like unless MS reworks the DRM scheme from the ground up he will just continue to fill in the blanks they leave with every patch.

  23. airbornflght
    27 Sep '06, 10:38 pm
    Quoting Thrax

    RE: RE: RE: Cracked.

    v1.3 is out, and gets around Microsoft's newest patch.

    OH GOODY, I've been waiting!

  24. Thrax
    27 Sep '06, 10:51 pm

    I don't know what you've been waiting for. As long as you have Automatic Updates disabled in Windows, you don't use WMP, and you don't download that update when you go to MS Update, they can never patch you.

  25. airbornflght
    28 Sep '06, 2:46 am

    yeh, but napster automatically sends me the updates; how nice of them.

  26. Thrax
    28 Sep '06, 2:56 am

    They didn't send me the updates.

  27. airbornflght
    28 Sep '06, 3:51 am
    Quoting Thrax

    They didn't send me the updates.

    mine did, soon as I logged in, because 1.2 ceased working, started throwing errors, and automatic updates are indeed off. I just hope this keeps up, I saw that microsoft has subpoenaed him, and are filing charges. The accuse him of stealing source code or something. he just used their api. would be a pretty good news story to follow.

Troll-free since 2003 ®