Steve on licensing FairPlay

This is the 3rd and last post about Steve’s “Thoughts on Music” 🙂

However, a key provision of our agreements with the music companies is that if our DRM system is compromised and their music becomes playable on unauthorized devices, we have only a small number of weeks to fix the problem or they can withdraw their entire music catalog from our iTunes store.

The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak.

Apple has concluded that if it licenses FairPlay to others, it can no longer guarantee to protect the music it licenses from the big four music companies. Perhaps this same conclusion contributed to Microsoft’s recent decision to switch their emphasis from an “open” model of licensing their DRM to others to a “closed” model of offering a proprietary music store, proprietary jukebox software and proprietary players.

Let’s look at the real world outside the Reality Distortion Field:

  • Microsoft’s Windows Media DRM 10 (marketing name PlaysForSure) has not had more security breaches than FairPlay despite the fact that it has been licensed to dozens of companies.
  • Microsoft’s decision to make the Zune DRM a closed system was a business decision and had nothing to do with DRM security. PlaysForSure is still in the market place and will be for the foreseeable future. Content owners are still authorizing content to be sold with PlaysForSure. In fact, WalMart launched a new movie download store (don’t click the link if you’re using Firefox unless you’re into abstract art) using PlaysForSure today.
  • 7 thoughts on “Steve on licensing FairPlay”

    1. Just wondering can we play the “security by obscurity” card here for PlaysforSure?

      Or is PlaysforSure/Janus more secure by design since MS has been working on it for years and years, and holds quite a few DRM patents? Whereas Fairplay is not even Apple technology (and I believe doesn’t use any of MS’ DRM patents), having been bought at the “last minute” in order to launch the Store.

    2. I don’t think the security by obscurity argument holds much water. While FairPlay is the dominant format for download to own songs, Janus is the dominant format for subscriptions. Being able to download all the music you want and keep it forever is for some people a powerful incentive to reverse engineer Janus.

      In any case, it’s not a valid argument in this context since Steve was claiming that sharing DRM secrets with lots of licensees will inevitably lead to one of those licensees leaking secrets. As far as I know, none of the MS DRM breaches have been due to industry insiders leaking secrets.

      With regards to who developed FairPlay, I’ve never seen any evidence that Apple’s FairPlay is the same as Veridisc’s FairPlay. Based on how Apple’s FairPlay works, I’m pretty sure it was developed in-house by Apple.

    3. Yeah … this story of Steven Job`s has been “hyped” up a bit here home in Norway ( ) … “forbrukerombudet” that is a controllorgan that is in place to ensure consumerfriendly sulutions etc. here in norway. It seems that littel Norway allready has won the fight agains apple in some news .. but that`s just BS! … Sure the musicindustry ma have forced apple to use DRM , but who forced apple to make a DRM solution that only works on iPod`s ? well apple and Steve Job`s made that decision … and my god what money did they make out off that .. as I see it Microsoft only trys to do the same with Zune that Apple did with iPod .. just to make money … But this way of making biz is wrong.

      And for the fight Norway has agains Apple cuz of this … well .. Norway is not alone .. France and Germany also is big part in this fight agians FaireUse and apple … I wonder if we see a New fight when Zune is to be released here in Europe … maby the Zune won`t be alowed to be sold here cuz it has just some of the iPod-problem … time will show …

      for my part .. I only say … Steve … start lic. out FairPlay … you can make money on that to …

    4. I’m not convinced that there is that much of an incentive to reverse-engineer Janus. Given that high-quality mp3 rips of most stuff is already available for free if you know where to look, what is the benefit of breaking a DRM scheme to gain access to lower-quality WMA-encoded content? Especially when you consider that in the subscription model you still need to be subscribed in order to download anything new. Maybe some people would go in for subscribing for a month, downloading as much stuff as they could and then cancelling, then breaking the DRM to so they could play the downloaded content in perpetuity. But to me it seems a lot like hassle compared to just downloading stuff for free from a p2p network.

      With Fairplay the incentive is there to break the DRM on stuff you have legitimately purchased to make the files more durable; I think to a lot of people that is less morally objectionable than downloading “illegal” copies from a P2P network or breaking the DRM on files obtained via a subscription model.

      To me, DRM on subscription stuff is much more acceptable than DRM on stuff you have “purchased”; with a subscription model you are knowingly paying for access to the content rather than buying it outright whereas buying a song from iTunes is supposed to be analogous to buying a CD so it’s a bit offensive that it is still DRM-encumbered. It’s similar to Valve’s Steam network requiring authorization every time you play a single player game vs. a MMOG which requires you to log in each time you play. If I’ve bought a copy of Half-Life 2 I expect to be able to play it without my PC needing to connect to the mothership to check that it’s OK. If I subscribe to World of Warcraft it’s only natural that my credentials will be checked before I am permitted to connect.

    5. has a pretty good commentary on this but I would like to reiterate my support for Norway, France, and Germany (as well as the few countries in the EU who have got this right). It is because of pressure by the regulatory agencies of these countries that Steve Jobs had to release his little PR monologue. Does anyone think he’s serious? Only those willing to buy that bridge in Brooklyn that everyone seems to be talking about (I got a statue right down the river with your name on it, too). Steve Jobs is attempting to deflect his use of DRM by blaming the record companies and the MAFIAA. In reality, it’s a business model decision, “vertically integrated music system” indeed.

      The real hero in this story is Norway (kinda ironic, eh, Jon?) backed by France and Germany. If it weren’t for their pressure, Steve wouldn’t have to play damage control.

    Comments are closed.