The initial version of FairPlay was created to protect music on the iTunes Store, and is the only version of FairPlay that is no longer actively used.[2]
Technical details
FairPlay is built into the MP4 multimedia file format as an encryptedAAC audio layer. FairPlay-protected files are regular MP4container files with an encrypted AAC audio layer. The layer is encrypted using the AESalgorithm. The master key required to decrypt the audio layer is also stored in encrypted form in the MP4 container file. The key required to decrypt the master key is called the "user key".[3][4] When a user registers a new computer with iTunes, the device requests authorization from Apple's servers, thereby gaining a user key. Upon attempting to play a file, the master key stored within the file is then matched to the user key, and if successful, allows playing.[4] FairPlay allows music to be synchronized to an unlimited number of iPods and tracks to be burned to an unlimited number of CDs, though a given playlist can only be burned 7 times without being modified (a limitation which can be circumvented by changing a song's placement). Playback is limited to five computers which were authorized through iTunes;[5] a computer can be deauthorized and another authorized in its place.[6] Before April 2004, the limits were ten playlist burns, and three computers; Apple reduced the playlist limit to seven due to demands from record labels.[7]
Lawsuit
In January 2005, an iTunes customer filed a lawsuit against Apple, alleging that the company broke antitrust laws by using FairPlay with iTunes in a way that purchased music would work only with the company's own music player, the iPod, freezing out competitors.[8] In March 2011, Bloomberg reported that Apple's then-CEO Steve Jobs would be required to provide testimony through a deposition.[9] In May 2012, the case was changed into a class action lawsuit.[10][8] Around the same time, the main antitrust allegation was changed to cover the belief that Apple had deliberately updated the iTunes software with security patches in a way that prevented synchronization compatibility with competing music stores.[11] All iPod owners who had purchased their device between September 12, 2006, and March 31, 2009, were included in the class action lawsuit, unless they opted out.[10][8] In December 2014, Apple went to trial against the claims raised, with the opposing party's plaintiff lawyers seeking $350 million in damages for nearly eight million affected customers.[12][13] A few weeks later, the case was closed, with the jury deciding in Apple's favor, citing a then-new version of iTunes as being a "genuine product improvement".[14][15]
Circumvention/removal
The restrictions imposed by FairPlay, mainly limited device compatibility, have sparked criticism, with a lawsuit alleging antitrust violation that was eventually closed in Apple's favor, and various successful efforts to remove the DRM protection from files, with Apple continually updating its software to counteract such projects.
After the introduction of the FairPlay system, multiple parties have attempted and succeeded to circumvent or remove the encryption of FairPlay-protected files. In October 2006, Jon Johansen announced he had reverse engineered FairPlay and would start to license the technology to companies wanting their media to play on Apple's devices.[16][17] Various media publications have written about DRM removal software,[18][19] though Apple has continually made efforts in updating its software to counteract these options, resulting in upgraded DRM systems and discontinued DRM removal software.[20][21]
RealNetworks and Harmony technology
In July 2004, RealNetworks introduced its Harmony technology. The Harmony technology was built into the company's RealPlayer and allowed users of the RealPlayer Music Store to play their songs on the iPod.[22][23] In a press release, RealNetworks argued that Harmony was a boon to consumers that "frees" them "from the limitation of being locked into a specific portable device when they buy digital music."[24] In response, Apple issued a statement:[25][26]
We are stunned that RealNetworks has adopted the tactics and ethics of a hacker to break into the iPod, and we are investigating the implications of their actions under the DMCA and other laws.
RealNetworks launched an Internet petition titled "Hey Apple! Don't break my iPod", encouraging iPod users to sign up to support Real's action. The petition backfired, with comments criticizing Real's tactics, though some commentators also supported it.[27] At the end of 2004, Apple had updated its software in a way that broke the Harmony technology, prompting RealNetworks to promise a then-upcoming fix.[28]
In August 2005, an SEC filing by RealNetworks disclosed that continued use of the Harmony technology put themselves at considerable risk because of the possibility of a lawsuit from Apple, which would be expensive to defend against, even if the court agreed that the technology was legal. Additionally, the possibility that Apple could change its technology to purposefully "break" Harmony's function raised the possibility that Real's business could be harmed.[29][30]
Hymn
Hymn (which stands for Hear Your Music aNywhere) was an open-source tool that allowed users to remove the FairPlay DRM of music bought from the iTunes Store.[31][32][33] It was later supplanted by QTFairUse6.[34] The Hymn project later shut down after a cease and desist from Apple.[35]
Steve Jobs' "Thoughts on Music" open letter
On February 6, 2007, Steve Jobs, then-CEO of Apple, published an open letter titled "Thoughts on Music" on the Apple website, calling on the "big four" record labels to sell their music without DRM technology. According to the letter, Apple did not want to use DRM, but was forced to by the four major music labels, with whom Apple has license agreements for iTunes sales of music. Jobs' main points were:[36][37]
DRM has never been, and will never be, perfect. Hackers will always find a method to break DRM.
DRM restrictions only hurt people using music legally. Illegal users aren't affected by DRM.
The restrictions of DRM encourage users to obtain unrestricted music, which is usually only possible via illegal methods; thus, circumventing iTunes and their revenues.
The vast majority of music is sold without DRM via CDs, which have proven commercial success.
Reactions
Although the open letter initially caused mixed industry reactions, Apple signed a deal with a major record label the following month to offer iTunes customers a purchase option for a higher-quality, DRM-free version of the label's tracks.
Jobs' letter was met with mixed reactions. Bloomberg highlighted several viewpoints. David Pakman, President of non-DRM music retailer eMusic, agreed with Jobs, stating that "consumers prefer a world where the media they purchase is playable on any device, regardless of its manufacturer, and is not burdened by arbitrary usage restrictions. DRM only serves to restrict consumer choice, prevents a larger digital music market from emerging, and often makes consumers unwitting accomplices to the ambitions of technology companies". Mike Bebel, CEO of music subscription service Ruckus, explained his view that the letter was an effort to shift focus, saying that "This is a way for Steve Jobs to take the heat off the fact that he won't open up his proprietary DRM. ... The labels have every right to protect their content, and I don't see it as a vow of good partnership to turn the tables on the labels and tell them they should just get rid of all DRM... He is trying to spin the controversy." An anonymous music label executive said that "it's ironic that the guy who has the most successful example of DRM at every step of the process, the one where people bought boatloads of music last Christmas, is suddenly changing his tune".[38] In an article from The New York Times, Ted Cohen, managing partner at TAG Strategic, commented that the change could be "a clear win for the consumer electronics device world, but a potential disaster for the content companies". The Recording Industry Association of America put particular emphasis on Jobs' self-rejected idea about licensing its FairPlay technology to other companies, saying that such licensing would be "a welcome breakthrough and would be a real victory for fans, artists and labels".[39]
iTunes Store DRM changes
In April 2007, Apple and the record label EMI announced that iTunes Store would begin offering, as an additional higher purchasing option, tracks from EMI's catalog encoded as 256 kbit/s AAC without FairPlay or any other DRM.[40] In January 2009, Apple announced that the entire iTunes Store music catalog would become available in the higher-quality, DRM-free format, after reaching agreements with all the major record labels as well as "thousands of independent labels".[41][42][43]Apple Music, Apple's subscription-based music streaming service launched on June 30, 2015,[44] uses the DRM technology.[45]
FairPlay Streaming
FairPlay Streaming (FPS) protects video transferred over HTTP Live Streaming (HLS) on iOS devices, in Apple TV, and in Safari on macOS. The content provider's server first delivers video to the client application encrypted with the content key using the AES cipher. The application then requests a session key from the device's FairPlay module. The session key is a randomly generated nonce which is RSA encrypted with the provider's public key and delivered to the provider's server. The provider's server encrypts the content key using the session key and delivers it to the FairPlay module, which decrypts it and uses it to decrypt the content for playback.[46]
On iOS and Apple TV, the session key handling and content decryption is done in the kernel, while on macOS it is done using Safari's FairPlay Content Decryption Module.
Books
This section is empty. You can help by adding to it. (September 2023)
Apps
Apps downloaded from the App Store are protected and code signed using a variant of FairPlay DRM for apps. FairPlay DRM creates a public/private key pair when a device is registered with an iCloud account, and encrypting app encryption keys using the "public" key (which is kept on Apple's servers) in order to decrypt them on the device using the "private" key.[47][better source needed]
Problems
In July 2012, an issue with the creation of FairPlay-protected apps caused binaries to become corrupt and stop working.[48]
A flaw allowing a form of man-in-the-middle attack can be used to install malware when an iOS device is connected to a computer.[49]