AirPlay Private Key Exposed Using 'ShairPort', Opening Door to AirPort Express Emulators

Apple's portable base station Airport Express or official 3rd party solutions could wirelessly stream music from iTunes or equivalent, but not to third-party applications. A Hacker News commenter illumin8 spells it out:Previously you could do this:iTunes -- stream to --> Apple Airport Express3rd party software -- stream to --> Apple Airport ExpressNow you can do […]

Apple's portable base station Airport Express or official 3rd party solutions could wirelessly stream music from iTunes or equivalent, but not to third-party applications. A Hacker News commenter illumin8 spells it out:

Previously you could do this:
iTunes -- stream to --> Apple Airport Express
3rd party software -- stream to --> Apple Airport Express

Now you can do this:
iTunes -- stream to --> 3rd party software/hardware

MacRumors reports, that developer James Laird has fixed this by reverse-engineering the Airport Express private key to create Shareport, an open-sourced AirPort Express emulator that contains an RAOP server to stream music from iTunes and iPods to third-party software and hardware.

Laird explains:

My girlfriend moved house, and her Airport Express no longer made it with her wireless access point. I figured it'd be easy to find an ApEx emulator -- there are several open source apps out there to play to them. However, I was disappointed to find that Apple used a public-key crypto scheme, and there's a private key hiding inside the ApEx. So I took it apart (I still have scars from opening the glued case!), dumped the ROM, and reverse engineered the keys out of it.

Known issues:
Some people have reported problems using iTunes on Mac, but I've seen no problems even with the very latest iTunes version. Bug reports welcome.

Download: ShairPort 0.02

[Via: MacRumors]