Developer Deciphers Airport Express Secret Streaming Key

| News

The security key Apple uses when streaming content through its Airport Express Wi-Fi Base Station has been a secret, limiting where iTunes can stream music. Thanks to some reverse engineering work on the part of developer James Laird, however, that private key is now available and has already been rolled into an emulator that can be used to ultimately stream to any device via iTunes.

Prior to Mr. Laird’s work, companies could develop products that streamed to an AirPort Express, but they couldn’t officially build tools that streamed from iTunes to any device. That’s still true, but they can unofficially add iTunes streaming support now that Mr. Laird has released Apple’s private streaming key.

Don’t expect companies to jump on the opportunity to take advantage of Mr. Laird’s work because it would most likely run up against the wrong side of Apple’s legal team. Hackers, however, may very well jump at the chance to cobble together applications and emulators that let them stream via Apple’s own tools to pretty much any device they can think of.

Since Apple controls its public and private Airport Express streaming keys, the company could change them at some point, sending developers back to the drawing board until they reverse engineer them again.

[Thanks to Mac Rumors for the heads up.]

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

ilikeimac

Yes!!!!!!!!!!!!!!

I’ve wanted this to happen for a long time. I wonder if Rogue Amoeba will have the guts to include it in the next release of “AirFoil Speakers.” http://www.rogueamoeba.com/airfoil/speakers.php

Not that they need to, since there’s already an emulator out.

Garion

I read that as Secret Screaming Key.
I can’t begin to tell you the kind of weird pictures that popped up in my mind.

prl53

So reverse engineering is an accepted and legal process. Just like hacking and jailbreaking. I guess it’s up to Apple programmers to waste their time building and even harder code to break instead of providing additional services.

“If you can’t build it yourself, then steal someone else’s ideas.”

Tiger

It is indeed stealing a commercially licensed and available product. Period. Nobody can legitimately state otherwise. Yet the FTC seems to feel it is an acceptable practice.

Any company that writes an app that takes advantage of this and still tries to submit the app through the App Store is going to be sorely disappointed when any and all of their apps are yanked. Do you really want to bite the hand that feeds you? The license is all of $5.

At some point, the US Treasury will have to cave on people printing their own money. It’s the same principle. Counterfeiting.

Bosco (Brad Hutchings)

At some point, the US Treasury will have to cave on people printing their own money. It?s the same principle. Counterfeiting.

Tiger, you should look into BitCoin. It would totally scare the hell out of you, because that’s essentially how the currency works. Except it’s not counterfeiting, it’s designed that way.

BurmaYank

So reverse engineering is an accepted and legal process. Just like hacking and jailbreaking.

As I recall, it was only the reverse engineering of IBM’s PC bootROM that allowed Compaq, HP & all the other IBM PC clones (which today have evolved into the Dells, Acers, Sonys, Toshiba’s, etc.) to become (at that time, MSDOS-running) PC’s.

prl53

@Burma, enough said about PC clones. How does this justify anything? Just because PC vendors (didn’t see Apple’s name in that list) broke the law (was it against the law at that time?) doesn’t mean it’s ok for everyone to break the law.

Bosco (Brad Hutchings)

@prl53: A little FYI about the “(il)legality” of reverse engineering… From the Chilling Effects FAQ:

Reverse engineering has long been held a legitimate form of discovery in both legislation and court opinions. The Supreme Court has confronted the issue of reverse engineering in mechanical technologies several times, upholding it under the principles that it is an important method of the dissemination of ideas and that it encourages innovation in the marketplace. The Supreme Court addressed the first principle in Kewanee Oil v. Bicron, a case involving trade secret protection over synthetic crystals manufacturing by defining reverse engineering as “a fair and honest means of starting with the known product and working backwards to divine the process which aided in its development or manufacture.” [416 U.S. 470, 476 (1974)] The principle that reverse engineering encourages innovation was articulated in Bonito Boats. v. Thunder Craft, a case involving laws forbidding the reverse engineering of the molding process of boat hulls, when the Supreme Court said that “the competitive reality of reverse engineering may act as a spur to the inventor, creating an incentive to develop inventions that meet the rigorous requirements of patentability.” [489 U.S. 141 160 (1989)]

Congress has also passed legislation in a number of different technological areas specifically permitting reverse engineering. The Semiconductor Chip Protection Act (SCPA) explicitly includes a reverse engineering privilege allowing semiconductor chip designers to study the layout of circuits and incorporate that knowledge into the design of new chips. The Competition of Contracting Act of 1984 allows the defense industry to inspect and analyze the spare parts it purchases in order to facilitate competition in government contracts.

The law regarding reverse engineering in the computer software and hardware context is less clear, but has been described by many courts as an important part of software development. The reverse engineering of software faces considerable legal challenges due to the enforcement of anti reverse engineering licensing provisions and the prohibition on the circumvention of technologies embedded within protection measures. By enforcing these legal mechanisms, courts are not required to examine the reverse engineering restrictions under federal intellectual property law. In circumstances involving anti reverse engineering licensing provisions, courts must first determine whether the enforcement of these provisions within contracts are preempted by federal intellectual property law considerations. Under DMCA claims involving the circumvention of technological protection systems, courts analyze whether or not the reverse engineering in question qualifies under any of the exemptions contained within the law.

Just because some lawyer sticks a term prohibiting reverse engineering in a click-wrap licensing agreement doesn’t mean that (a) the term is legally enforceable or (b) that the company is going to go to the effort to enforce it. This guy didn’t break the law. He breeched a contract. Now Apple has to try to enforce its contract if it feels it needs to do so.

Tiger

Digesting the BitCoin stuff Bosco. It’s an interesting read for sure. It seems very rooted in the science fiction predictions of “credits” versus cash, though in this case, it’s still based on the existing economies and currency of nations. But I suppose, you have to start somewhere. Currency evolved out of bartering. I’m not naive enough to think it won’t continue to evolve. It’s all about supply and demand (still) afterall!

prl53

@Bosco, sorry I had other things to do. I’ll site a different website, http://ethics.csc.ncsu.edu/intellectual/reverse/study.php. Look at #6:

“Although reverse engineering is legal as long as another person or group does not explicitly copy another product, the ethical debate is sure to endure.”

I read on another website that Mr. Laird disassembled an Airport Express, grabbed the ROM and took the actual encryption key. I look at that as copying another product not just observing how it works. Those keys probably are the property of Apple so taking them from a product and using them elsewhere is more than likely illegal and not covered by any reverse engineering mumbo jumbo.

Bosco (Brad Hutchings)

@prl53: It really doesn’t matter how impressed you are or aren’t with how this gentleman discovered the keys. Nor does it matter whether he discovered them using software or with the help of the electronic microscope in his high school’s chemistry lab. The fact is, he’s not broken any law. He may have violated a license agreement between two private parties (himself and Apple), and now we will see how valuable that agreement is or is not to Apple, and, if valuable enough, how enforceable the anti-reverse engineering term turns out to be.

For your theory of illegality to work, he’d have to have either stolen the actual AE unit from somewhere, or the inside of it somehow “belongs” to Apple even when in his home. Both are a bit silly and I’m glad we don’t live in such a world!!

Log-in to comment