Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple AirPlay Private Key Exposed

CmdrTaco posted more than 3 years ago | from the i-see-what-you-did-there dept.

Encryption 306

An anonymous reader writes "James Laird has reverse engineered the Airport Express private key and published an open source AirPort Express emulator. 'My girlfriend moved house, and her Airport Express no longer made it with her wireless access point. I figured it'd be easy to find an ApEx emulator — there are several open source apps out there to play to them. However, I was disappointed to find that Apple used a public-key crypto scheme, and there's a private key hiding inside the ApEx. So I took it apart (I still have scars from opening the glued case!), dumped the ROM, and reverse engineered the keys out of it.'"

cancel ×

306 comments

Slashdotter already (1)

tolydude (1080033) | more than 3 years ago | (#35780660)

Or was it taken down by Apple's request?

Re:Slashdotter already (1)

hellfire (86129) | more than 3 years ago | (#35780710)

Slashdotted. The entire server appears down, not just the page.

Re:Slashdotter already (1)

agentgonzo (1026204) | more than 3 years ago | (#35781290)

I read TFA before it got slashdotted. The summary is the entire blog entry. Nothing more to miss.

Re:Slashdotter already (1)

HungryHobo (1314109) | more than 3 years ago | (#35780736)

well the whole server seems to be down so I'd go with a simple slashdotting.

Re:Slashdotter already (5, Informative)

Anonymous Coward | more than 3 years ago | (#35780802)

Here's the key on the VideoLan boards.

Airport RSA Key [videolan.org]

THE KEY (1)

Spritzer (950539) | more than 3 years ago | (#35780920)

Mod Up. Nice find AC.

Re:Slashdotter already (5, Informative)

Hazel Bergeron (2015538) | more than 3 years ago | (#35781020)

And here's a post which may or may not receive a takedown notice from Apple. Remove the extra spaces inserted to evade the lameness filter.

-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA59dE8qLie ItsH1WgjrcFRKj6eUWqi+bGLOX1HL3U3GhC/j0Qg90u3sG/1CUt
wC5vOYvfDmFI6oSFXi5ELabWJ mT2dKHzBJKa3k9ok+8t9ucRqMd6DZHJ2YCCLlDRKSKv6kDqnw4U
wPdpOMXziC/AMj3Z/lUVX1G7W SHCAWKf1zNS1eLvqr+boEjXuBOitnZ/bDzPHrTOZz0Dew0uowxf /+sG+NCK3eQJVxqcaJ/vEHKIVd 2M+5qL71yJQ+87X6oV3eaYvt3zWZYD6z5vYTcrtij2VZ9Zmni/
UAaHqn9JdsBWLUEpVviYnhimN VvYFZeCXg/IdTQ+x4IRdiXNv5hEewIDAQABAoIBAQDl8Axy9XfW
BLmkzkEiqoSwF0PsmVrPzH9Ks nwLGH+QZlvjWd8SWYGN7u1507HvhF5N3drJoVU3O14nDY4TFQAa
LlJ9VM35AApXaLyY1ERrN7u9AL Kd2LUwYhM7Km539O4yUFYikE2nIPscEsA5ltpxOgUGCY7b7ez5
NtD6nL1ZKauw7aNXmVAvmJTcuP xWmoktF3gDJKK2wxZuNGcJE0uFQEG4Z3BrWP7yoNuSK3dii2jm
lpPHr0O/KnPQtzI3eguhe0TwUem/e YSdyzMyVx/YpwkzwtYL3sR5k0o9rKQLtvLzfAqdBxBurciz
aaA/L0HIgAmOit1GJA2saMxTVPNh AoGBAPfgv1oeZxgxmotiCcMXFEQEWflzhWYTsXrhUIuz5jFu
a39GLS99ZEErhLdrwj8rDDViRVJ5s kOp9zFvlYAHs0xh92ji1E7V/ysnKBfsMrPkk5KSKPrnjndM
oPdevWnVkgJ5jxFuNgxkOLMuG9i53 B4yMvDTCRiIPMQ++N2iLDaRAoGBAO9v//mU8eVkQaoANf0Z
oMjW8CN4xwWA2cSEIHkd9AfFkftuv8 oyLDCG3ZAf0vrhrrtkrfa7ef+AUb69DNggq4mHQAYBp7L+
k5DKzJrKuO0r+R0YbY9pZD1+/g9dVt9 1d6LQNepUE/yY2PP5CNoFmjedpLHMOPFdVgqDzDFxU8hL
AoGBANDrr7xAJbqBjHVwIzQ4To9pb4B NeqDndk5Qe7fT3+/H1njGaC0/rXE0Qb7q5ySgnsCb3DvA
cJyRM9SJ7OKlGt0FMSdJD5KG0XPIpA VNwgpXXH5MDJg09KHeh0kXo+QA6viFBi21y340NonnEfdf
54PX4ZGS/Xac1UK+pLkBB+zRAoGAf0 AY3H3qKS2lMEI4bzEFoHeK3G895pDaK3TFBVmD7fV0Zhov
17fegFPMwOII8MisYm9ZfT2Z0s5Ro3s5r kt+nvLAdfC/PYPKzTLalpGSwomSNYJcB9HNMlmhkGzc
1JnLYT4iyUyx6pcZBmCd8bD0iwY/FzcgN DaUmbX9+XDvRA0CgYEAkE7pIPlE71qvfJQgoA9em0gI
LAuE4Pu13aKiJnfft7hIjbK+5kyb3TysZvoyD nb3HOKvInK7vXbKuU4ISgxB2bB3HcYzQMGsz1qJ
2gG0N5hvJpzwwhbhXqFKA4zaaSrw622wD niAK5MlIE0tIAKKP4yxNGjoD2QYjhBGuhvkWKaXTyY=
-----END RSA PRIVATE KEY-----

Re:Slashdotter already (4, Funny)

Fex303 (557896) | more than 3 years ago | (#35781304)

That's amazing! I've got the same combination on my luggage!

Re:Slashdotter already (1)

MonsterTrimble (1205334) | more than 3 years ago | (#35781368)

What the hell do you have in your luggage that needs THAT?!?

Re:Slashdotter already (5, Funny)

Shakrai (717556) | more than 3 years ago | (#35781346)

No one time pad. Less space than a TrueCrypt container. Lame.

Re:Slashdotter already (1)

Runaway1956 (1322357) | more than 3 years ago | (#35780832)

I can load that article from a number of sources that Google throws up - but none of them actually give the key.

Re:Slashdotter already (1)

xded (1046894) | more than 3 years ago | (#35781012)

Google cache [googleusercontent.com] for blog entry, sources [mafipulation.org] on original website (these still work to me).

Interesting... (1)

Retron (577778) | more than 3 years ago | (#35780670)

How long before we see some hacked firmware for normal routers, I wonder?

Re:Interesting... (1)

jimwelch (309748) | more than 3 years ago | (#35780922)

Huh? Do you mean like the DD-wrt project [dd-wrt.com] or a hundred other projects or something else?

Re:Interesting... (2)

Stavr0 (35032) | more than 3 years ago | (#35780988)

How long before we see some hacked firmware for normal routers, I wonder?

That's a great idea... but I can't seem to find the audio-out on my Linksys router ...

Re:Interesting... (1)

camperdave (969942) | more than 3 years ago | (#35781222)

How long before we see some hacked firmware for normal routers, I wonder?

That's a great idea... but I can't seem to find the audio-out on my Linksys router ...

You need wifi-enabled headphones.

Re:Interesting... (1)

Mia'cova (691309) | more than 3 years ago | (#35781232)

You can get a cheap USB sound card for $15 that'll give you outputs. Presumably if you're running a linux-based firmware, there should be some acceptable driver/hardware combination for this. I have a switch behind my stereo to split things up for the 360, ps3, etc. It'd be rather nice to have airplay support going directly from the router into the receiver. I can't wait to see someone hack this together!

Re:Interesting... (1)

.tekrox (858002) | more than 3 years ago | (#35781266)

Lost of Asus routers have USB and work with OpenWRT/DD-WRT/Tomato.
OpenWRT and DD-WRT already even have *working* USB-Audio class drivers...

Apple-time (3, Interesting)

sanosuke001 (640243) | more than 3 years ago | (#35780672)

Apple is going to make life a royal pain in the ass for this guy for releasing this publicly...

Re:Apple-time (2)

Midnight Thunder (17205) | more than 3 years ago | (#35780836)

You mean he is going to have to go on vacation as well?

Let's see whether Apple or Sony works out to be the biggest pains when it comes to having their keys exposed.

Re:Apple-time (5, Funny)

Mia'cova (691309) | more than 3 years ago | (#35781210)

Let's see someone add airplay support to the ps3. See how many companies can get pissed off at once. If you play it right, they could be goaded into fighting each other. Fingers crossed! Maybe these companies will finally deliver something entertaining to watch :)

Apple-time (0)

Anonymous Coward | more than 3 years ago | (#35781132)

Burn the apple flag [flagburningworld.com]

Please tell me (5, Funny)

MarkRose (820682) | more than 3 years ago | (#35780674)

If you extract the ROM out of an Apple device, is that a core dump?

Re:Please tell me (-1)

Anonymous Coward | more than 3 years ago | (#35781326)

I took a core dump on CmdrTaco's penis this morning.

real easy innit (4, Funny)

amn108 (1231606) | more than 3 years ago | (#35780676)

I like how easy he makes it sound :-)

Things you need to hack the Airport Express:

1. Girlfriend
2. A pinch of dissappointment
3. Wilingness to break open glued Apple casing

Re:real easy innit (1, Redundant)

Runaway1956 (1322357) | more than 3 years ago | (#35780730)

1. Girlfriend

That leaves out most slashdotters, right?

Re:real easy innit (0, Redundant)

grub (11606) | more than 3 years ago | (#35780758)


s/Girlfriend/RealDoll/g

There you go.

Re:real easy innit (1)

johnsnails (1715452) | more than 3 years ago | (#35781014)

got to love vi... although cannot remember off hand what the /g does. im such a n00b!

Re:real easy innit (3, Informative)

hoggoth (414195) | more than 3 years ago | (#35781076)

/g/=global, ie: substitute all, not just the first occurrence

Re:real easy innit (-1, Redundant)

Chrisq (894406) | more than 3 years ago | (#35780734)

I like how easy he makes it sound :-)

Things you need to hack the Airport Express:

1. Girlfriend

2. A pinch of dissappointment

3. Wilingness to break open glued Apple casing

You'd be surprised at how many slashdotters would fail at step 1.

Re:real easy innit (3, Insightful)

erroneus (253617) | more than 3 years ago | (#35781078)

I wouldn't. I've got a wife and I can tell you first hand, it's HARD to have a girlfriend and a wife.

Re:real easy innit (4, Funny)

BigDish (636009) | more than 3 years ago | (#35780788)

Have you ever tried to open one of the glued-together cases? That's by far more difficult than getting a girlfriend

Re:real easy innit (1)

0100010001010011 (652467) | more than 3 years ago | (#35781022)

Have you ever tried hooking up with a girl after a long August day? #3 is much easier.

Re:real easy innit (1)

leehwtsohg (618675) | more than 3 years ago | (#35781036)

Are you kidding? I did it in an evening (apple aluminum keyboard...). Girlfriends are in a totally different league.

WOOSH for me, I guess....

Re:real easy innit (4, Funny)

gstoddart (321705) | more than 3 years ago | (#35781054)

1. Girlfriend
2. A pinch of dissappointment

Don't know about you, but I've found that #1 can lead to #2 -- and has on several occasions.

Re:real easy innit (1)

initdeep (1073290) | more than 3 years ago | (#35781364)

it's ok.
it's not the size that matters.

Re:real easy innit (5, Funny)

clickclickdrone (964164) | more than 3 years ago | (#35781148)

>2. A pinch of dissappointment
The considerably less lethal version of Spock's death grip.

Hooray! (2)

RobbieThe1st (1977364) | more than 3 years ago | (#35780680)

If only we had more people like this around; people willing and able to void the warranty and hack things. I know there are a few, but every story like this is great. James, good work!

Re:Hooray! (0)

CharlyFoxtrot (1607527) | more than 3 years ago | (#35781276)

You mean people with the disposable income to be able to trash perfectly good hardware instead of flogging it on eBay ?
Nevertheless, interesting hack.

Open source win (4, Insightful)

jhigh (657789) | more than 3 years ago | (#35780686)

Score one for the good guys. This is just further proof that security through obscurity is a myth. You cannot expect that keeping everything locked inside your proprietary case is going to keep it secure. The best security is sunlight. Let the community poke and prod at your software and/or hardware and it will only improve your offering.

Re:Open source win (1)

Anonymous Coward | more than 3 years ago | (#35780906)

Because if Apple would have published this information it would have stopped this how exactly?

Good guys? Really? (1, Insightful)

unassimilatible (225662) | more than 3 years ago | (#35780934)

You're pro-open source, so that makes you a "good guy"? I like chocolate, you like vanilla, ergo, I am good, you are bad.

Good for you that you believe in open source, but do we have to make it a religion?

Re:Good guys? Really? (0)

hduff (570443) | more than 3 years ago | (#35781106)

Good for you that you believe in open source, but do we have to make it a religion?

Nothing supernatural about FOSS..

Re:Good guys? Really? (5, Insightful)

Squiggle (8721) | more than 3 years ago | (#35781126)

You're pro-open source, so that makes you a "good guy"? I like chocolate, you like vanilla, ergo, I am good, you are bad.

Does being pro-freedom make you a good guy? Does believing that everyone should have free access make you a good guy? Does helping your others make you a good guy?

Free software ideology isn't about the end product, it isn't chocolate versus vanilla, it is about process and access: how do we choose what gets made, how do we make it, who gets to make it and who gets access to what has been made?

Re:Good guys? Really? (4, Insightful)

Hijacked Public (999535) | more than 3 years ago | (#35781400)

how do we choose what gets made

By either making it yourself, or by purchasing something made by someone else only when it fits all your particular requirements.

how do we make it, who gets to make it and who gets access to what has been made?

If you truly value freedom, and not just freedom for you and those who agree with your particular worldview, you don't 'choose' those things. You allow people to be free to make whatever they like however they like and you react to those choices as above.

Apple's products are Apple's right up to the point where they sell them to you. If they choose to not make the source code for their software available and sell it only as a compiled version, that is their choice. If they choose to offer only their own means on installing additional software, their choice.

To argue they should be obligated differently is fine with me, but to cloak that under the guise of promoting 'freedom' is not.

Re:Good guys? Really? (1)

countertrolling (1585477) | more than 3 years ago | (#35781280)

I like chocolate on vanilla, ergo, you both suck...

Re:Open source win (1)

walshy007 (906710) | more than 3 years ago | (#35781094)

You cannot expect that keeping everything locked inside your proprietary case is going to keep it secure.

I don't know about that... there are plenty of ways to build a really strong case as such that if it's broken open whatever is inside is completely destroyed.

Re:Open source win (1)

zill (1690130) | more than 3 years ago | (#35781292)

But will these techniques be employed in a product that costs $20 to manufacture and retails for $100? Probably not.

Re:Open source win (0)

Anonymous Coward | more than 3 years ago | (#35781226)

Score one for the good guys. This is just further proof that security through obscurity is a myth.

Um.. ((knowingly?) poorly implemented?) public key crypto?

"Proving" such makes you a good guy??

Re:Open source win (4, Insightful)

agentgonzo (1026204) | more than 3 years ago | (#35781352)

This is just further proof that security through obscurity is a myth.

Unfortunately, you can boil the entirety of information theory to 'security through obscurity'. Airplay uses public key encryption and is in that sense 'secure'. Everything that needs to read the encrypted content (in this case the airplay device) needs to have the key to decrypt it. Thus you can argue that the whole system is 'security through obscurity' because it is relying on the 'obscurity' of the private key that the end-user can't get access to (unless the pry it open with a butterknife and dump the ROM).

Re:Open source win (1)

Mia'cova (691309) | more than 3 years ago | (#35781384)

Since when has public/private key encryption been consider obfuscation? The protocol is shared with companies building airplay products. Presumably different products get different but valid keys. If you want to emulate a device, you need to reverse-engineer the hardware to find the key. Since it's a consumer product, eventually someone will be able to extract the key. It's about protecting the product from duplication. Making it open doesn't exactly stop people from making cheap knockoffs.

Re:Open source win (0)

Anonymous Coward | more than 3 years ago | (#35781402)

The good guys? If I was depending for my livelihood on the stuff I had written, would I be happy to see someone else disassemble it and publish my private datato the world?

Wait, I do depend on code.... And my code has been disassembled and used to build other products. And I know I lost money as a result. A lot of money.

And you call people who do this sort of thing "The good guys"? It's one thing to examine code to improve it, it's another thing to extract private keys and use them to circumvent someone's hard work.

engrish? (1)

Anonymous Coward | more than 3 years ago | (#35780694)

"...her Airport Express no longer made it with her wireless access point..."

I hate it when that happens.

Re:engrish? (0)

alta (1263) | more than 3 years ago | (#35780860)

Yeah, exactly what I was thinking... here in the U.S. 'made it' implies sex.

So, her AE was no longer having sex with her access point.

We knew this was all make-believe when he started talking about his 'Girlfriend'

Re:engrish? (1)

Xacid (560407) | more than 3 years ago | (#35780908)

Glad that wasn't just me.

Don't you mean the airport express private key? (1)

mkraft (200694) | more than 3 years ago | (#35780706)

I don't see anywhere where is says it's the AirPlay private key. I thought that was on a per device basis anyway.

Cue lawsuit in ... (1)

gstoddart (321705) | more than 3 years ago | (#35780708)

I fear this guy will likely get himself a lawsuit or a restraining order for his troubles.

Pretty much any major company is going to react badly to you publishing their private keys for their encryption.

Re:Cue lawsuit in ... (1)

camperdave (969942) | more than 3 years ago | (#35781270)

If they don't want their private keys being made public, perhaps they should not be giving them out [slashdot.org] . Private keys are meant to be kept private.

Re:Cue lawsuit in ... (-1)

Anonymous Coward | more than 3 years ago | (#35781484)

Private keys have to be distributed in this case. There's no technical defense against someone who decides to disassemble a device and extract the code from a ROM.

However, there is a legal defense.... And I really hope it is used in this case or nobody's private keys will be safe. And that has widespread implications.

Re:Cue lawsuit in ... (5, Informative)

jrumney (197329) | more than 3 years ago | (#35781428)

The DCMA has an exception for reverse engineering for compatibility. In this case, the private key is not protecting content, it is protecting Apple's monopoly on interoperating with iDevices in a particular way, so it was fair game.

DMCA violation (3, Insightful)

sideslash (1865434) | more than 3 years ago | (#35780714)

This guy should just meekly accept that his girlfriend's expensive gadgets don't work for her anymore. How dare he tinker around and fix things. (At least I think they imported some flavor of the DMCA down under.)

Editor ? (0)

Anonymous Coward | more than 3 years ago | (#35780728)

Holy crap, Editors, this copy looks like it rolled straight off of the translation software. I don't feel like I am being a copy nazi when I say an 11th grade journalism teacher would give this teaser an F.

Re:Editor ? (4, Funny)

Majik Sheff (930627) | more than 3 years ago | (#35780794)

Two things that appear to be true about the author of the article and not about you:

1. The author's first language was not English
2. The author has a girlfriend.

Between English tenses and a hot European chick, I know which one I'd prefer to be conjugating.

Re:Editor ? (1)

zach_the_lizard (1317619) | more than 3 years ago | (#35781042)

This being Slashdot, we know the answer is English tenses.

open-source library sharing incoming? (3, Interesting)

gblues (90260) | more than 3 years ago | (#35780760)

Does this mean we can finally get an iTunes-alike that can work with iTunes 7+ library sharing?

and how many people use Airport? (1)

alen (225700) | more than 3 years ago | (#35780804)

i know it's more than just a cheap wifi router, but how many people care and are willing to pay the $180 price tag?

Re:and how many people use Airport? (5, Interesting)

characterZer0 (138196) | more than 3 years ago | (#35780990)

I bought one once. I set up the network for a small organization and every time there was any kind of problem they blamed the WiFi router and called me. I bought a Airport and threw that in there instead. Now they have just as many problems but they assume that the Apple product cannot possibly be the issue, and I have not received a complaint from them since. It has been a almost two years. It was well worth the $180 to me.

Re:and how many people use Airport? (0)

Anonymous Coward | more than 3 years ago | (#35781092)

Same thing happened after I bought my wife a Macbook pro to replace her. No complaints or support requests ever since. Whenever there are problems she will not ask me to fix it but will google out the answer herself. APPLE=MAGIC

Re:and how many people use Airport? (3, Funny)

snowraver1 (1052510) | more than 3 years ago | (#35781438)

I replaced my wife with a laptop too! The sex has never been better!

I use airport express. Several. (2)

tivoKlr (659818) | more than 3 years ago | (#35781030)

The airport express is 99 bucks I believe. If my stupid work firewall didn't block the "apple everything" then I could look and see. I know I've seen them for $89 and $79 at times... Throw 3 or 4 around your house, they're awesome just for the airplay aspect, regardless of the other features (router, printer sharing).

Re:and how many people use Airport? (2)

necro81 (917438) | more than 3 years ago | (#35781044)

He was specifically referring to the Airport Express, which retails for $99. [link [apple.com] ]

And for that pricetag, you get the ability to stream music from basically any device on the network (server, laptop, iPhone, etc.) to wherever the Airport is. You also get wireless printing.

I shouldn't be surprised that a guy, when confronted with a broken Airport Express, would go through all the effort of breaking it open, dumping the ROM, and reverse engineering the private key. People get curious, people like to tinker, and the human race is better for it. But, on the other hand, you can pick up an Airport Express for $25-$50 on craiglist or ebay and saved yourself a whole lot of trouble.

Re:and how many people use Airport? (0)

Anonymous Coward | more than 3 years ago | (#35781436)

And for that pricetag, you get the ability to stream music from basically any device on the network (server, laptop, iPhone, etc.) to wherever the Airport is. You also get wireless printing.

I am very serious when I say I honestly don't understand what you're really saying here. Of course the Airport lets you do that, because every wireless access point or router or bridge in history lets you do that. It sounds like you're saying that with Car Brand X, for the pricetag you also get the ability to drive to grocery stores. (Is there an implied "unlike other cars"?)

Obviously, I don't "get it." I'm confident that you didn't really say something stupid, but it sounds like you did, because there must be something really weird about Apple's router such that your statement actually makes sense. But damned if I can figure out how that could be.

Let's approach this from another direction: Has someone else invented a router that, for its pricetag, you don't get the ability to stream music or print? Are there routers that detect streaming and printing and when it sees those, then as a special case, it decides to drop the packets? (This has got to be a dumb question, but once someone answers it, I think I'll start to understand how the Airport is special.)

$99 (1)

Henriok (6762) | more than 3 years ago | (#35781074)

The AirPort Express cost $99 as do an Apple TV.

Re:and how many people use Airport? (2)

mR.bRiGhTsId3 (1196765) | more than 3 years ago | (#35781264)

The airport express is $99 [apple.com] and is one of the few consumer routers that properly supports ipv6 [networkworld.com]

Re:and how many people use Airport? (1)

samkass (174571) | more than 3 years ago | (#35781462)

For traveling the $99 new (a lot less than that used) is awesome for those hotels that are stuck in wired land. It's a light, small, full-featured wireless router that turns your hotel room cat5 connection into something for all your devices.

Nonchalant (1)

CasualFriday (1804992) | more than 3 years ago | (#35780838)

The guy sounds pretty casual about the whole thing. I hope he knows that Apple is not going to be happy about this. He should probably start getting rid of his hard drives.

Re:Nonchalant (2)

daid303 (843777) | more than 3 years ago | (#35781316)

If Apple follows the same tactics as Sony, then he doesn't need to worry. People will come around to remove his harddrives for him soon enough!

FILE MIRROR (1)

Anonymous Coward | more than 3 years ago | (#35780846)

Managed to nab the download, mirrored it here if anyone does want to try it >> http://www.mediafire.com/?r5pdcxdcbqkrpcb

Kinky! (0)

Anonymous Coward | more than 3 years ago | (#35780858)

"My girlfriend moved house, and her Airport Express no longer *made it* with her wireless access point."

Hot stuff!

Can't read the article right now (slashdotted), but I doubt either of them bothered to reset the ApEx properly.

SHAirport 0.01 backup copy (3, Informative)

pixline (2028580) | more than 3 years ago | (#35780868)

Here's the code you would have find on that page. I saved it earlier, here you go: http://www.multiupload.com/0EUN2QKDMT [multiupload.com] (Yes, it does include something like a private key. Don't ask me if it's THAT key, I don't know.)

The best part (5, Interesting)

AK76 (966804) | more than 3 years ago | (#35780948)

From the README:
"Thanks also to Apple for obfuscating the private key in the ROM image, using a
scheme that made the deobfuscation code itself stand out like a flare."

Re:The best part (1)

tivoKlr (659818) | more than 3 years ago | (#35781112)

This kind of snark is exactly why Apple legal will be conversing with this fellow shortly. It's too bad really, airplay should be incorporated into every device both as a "pitcher and a catcher", regardless of the typical end use of the device.

"Reverse Engineering" how? (1)

njfuzzy (734116) | more than 3 years ago | (#35780968)

Is it actually "reverse engineering" if you scrape the data off the ROM? It sounds like the phrase "reverse engineering" is just being used to avoid a DMCA attack.

Re:"Reverse Engineering" how? (2)

_0xd0ad (1974778) | more than 3 years ago | (#35781096)

The ROM doesn't just contain data; it contains both code and data. Reverse engineering the code was necessary to determine where in the code/data the private key was located. They could have put it anywhere on the ROM.

Re:"Reverse Engineering" how? (1)

maxume (22995) | more than 3 years ago | (#35781100)

Yeah, sure. The definition of the phrase is pretty much investigating a device directly to figure out how it works. That's what he did.

Re:"Reverse Engineering" how? (1)

daid303 (843777) | more than 3 years ago | (#35781350)

The key was obfuscated in the ROM. So having just the ROM data wasn't enough.

Finally a use for all those obsolete PDAs (1)

Stavr0 (35032) | more than 3 years ago | (#35781018)

Time to get out that old Pocket PC, or Palm devices which have WiFi + audio out in them.

Very cool hack! (2, Insightful)

GameboyRMH (1153867) | more than 3 years ago | (#35781024)

Now what the hell's an AirPlay and what good is it to me?

Oh, it's an Apple-proprietary media streaming protocol? Well, I give an A+ for l33tness, but an F for choosing a useful target.

Slashdoted : Here is a mirror (0)

Anonymous Coward | more than 3 years ago | (#35781140)

here is a mirror of the original site : http://www.brouchier.com/shairport-itunes

Key question (2)

jamescford (205756) | more than 3 years ago | (#35781168)

So, was she impressed?

Re:Key question (1)

bev_tech_rob (313485) | more than 3 years ago | (#35781212)

DMCA nastygram in 3...2...1...

Lawsuit in 3...2...1... (0)

Anonymous Coward | more than 3 years ago | (#35781198)

Oh, wait... It's not a large evil empire like Sony or Microsoft. These are the Good Guys(tm).

What does it do? (3, Interesting)

the_other_chewey (1119125) | more than 3 years ago | (#35781300)

Could someone familiar with Apple stuff please explain
what exactly this key is for?

Why would a wifi AP need a secret key?

Re:What does it do? (1)

pixline (2028580) | more than 3 years ago | (#35781360)

It need a key to somehow encrypt the stream and let out unwanted devices, like not-original ones or not-apple ones..

Dumped the ROM (0)

Anonymous Coward | more than 3 years ago | (#35781424)

Once you get the case open, how does one "dump the ROM" of a device?

Getting iTunes to talk to remote speakers (4, Informative)

martijnd (148684) | more than 3 years ago | (#35781450)

From: http://www.cocoadev.com/index.pl?AirTunesEncryption

The Apple-Challenge / Apple-Response is iTunes' method to verify that it's talking to an Airport Express; it may be similar to the DAAP one which has been reverse-engineered. These headers are optional when talking to the Airport Express, so it's possible for other programs to talk to the Express but it'll be difficult to get iTunes to talk to something other than the Airport Express.

Until we get the private key out of the AirPortExpress, it's not possible to convince iTunes to send anything to a non-AirPortExpress client (say, another computer pretending to be an AirPortExpress).

Seems that problem has now been solved.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...