Monday, May 4, 2009

Apple needs to play cat and mouse with pirates, not jailbreakers

Apple spends considerable engineering resources attempting to defeat jailbreakers, but historically, we have always been able to defeat anything they throw at us. In trying to defeat jailbreakers, Apple is fighting against a body of skilled volunteers who feel morally, ethically and legally justifiable in defeating such efforts, and would go so far as to feel a moral and ethical obligation to continue to do so. It's not only fun to try to work around such puzzles, but basic ethical common sense tells us that it is only right to be able to do whatever we want to devices we purchased as long as we're not hurting anyone else.

None of the people who work to defeat Apple's jailbreaking protections believe that pirating App Store applications is EVER justified. Nor do they believe that Apple should have a support burden for modified devices.

Yet Apple and many developers continue to equate jailbreaking with piracy, which is both unjust and unproductive toward their own interests. Piracy doesn't require jailbreaking. The one modification that jailbreaking makes to the iPhone, to allow applications to run unsigned code, is unnecessary for piracy because pirated apps are already signed!

Third-party app stores have successfully deployed copy protection for the applications they carry. These app stores run on jailbroken iPhones and their DRM remains uncracked. In contrast, official App Store applications carry no significant DRM. They are encrypted, but the encryption can be side-stepped with a method that has worked, and continues to work, completely unmodified, since day 1 of the App Store.

Whereas several new hurdles have cropped up against jailbreakers during this time, Apple has developed none for pirates. Developers concerned with piracy need to ask Apple why they have not spent any time protecting them against piracy, instead, focusing on playing cat and mouse games with skilled and motivated jailbreakers. A cat and mouse game that would not guarantee developers protection even if Apple succeeded.

A similar cat and mouse game with pirates is likely to be much easier for Apple to win. Instead of  fighting against people with the most knowledge and the most motivation, Apple would instead be contending against a group of people who are accustomed to using automated scripts (*cough* script kiddies *cough*), and for more complicated jobs using gdb (a debugger). Lord knows what they would do if Apple, say, disabled debugger attachment for encrypted applications, or obfuscated MobileInstallation, or put protections into the kernel. After all, you can't use gdb to attach to the iPhone kernel, can you?

Please, Apple. These suggestions are free. The first one, honestly, is TRIVIAL. Please for goodness' sake, use one of them! You've had a year to do SOMETHING. ANYTHING. I would have made my own anti-piracy patches, but building in DRM by machine language patching an operating system kernel is not fun, and it'd take me twenty times as long to make the same change as you.

Developers: Don't hate on jailbreaking because you think it "enables" App Store piracy. App Store piracy simply wouldn't exist if Apple actually did anything about it instead of being too busy losing games with jailbreakers instead.