Well, that sure didn't take long-- although we have to say, it took a little longer than we expected. We were MIA again late last week when PyMusique made the scene, and if you rely on us as your primary source of Apple-related news (you know, you really shouldn't do that), there's the slimmest of chances that you aren't familiar with what this thing does. In a nutshell, it lets users buy unprotected music from the iTunes Music Store. No, really; apparently some clever code jockeys discovered that the iTMS itself delivers songs sans FairPlay digital rights management code-- it's iTunes that adds in the DRM and ties the song to a given user account. It's just that since the only way to buy iTMS songs was through iTunes, the distinction was purely academic-- until PyMusique came along, that is.

So PyMusique emerged as an alternative front-end to the iTMS, letting iTunes-deprived Linux users shell out 99 cents per song or $9.99 per album just like Mac and Windows users can. If that's all it did, then Apple-- and the record labels-- might not have minded all that much; unfortunately, PyMusique doesn't bother adding FairPlay DRM to the songs it retrieves. And really, why would it? PyMusique was written by a whopping three programmers, including a 17-year-old high school student from Pennsylvania; no one would expect them to do a whole lot of extra work for a smaller payoff.

The upshot is that PyMusique lets Linux users buy completely copyable music from the iTMS, and since Jon "DVD Jon" Johansen (the guy who wound up on the pointy end of Hollywood's legal stick for cracking DVD encryption, and who more recently turned his attention to un-DRMing iTMS-purchased songs) wrote a Windows version whose only conceivable raison d'être is to let Windows users bypass the iTunes DRM and buy unprotected iTMS tunes, well, it's not too hard to figure out why Apple might be just a leetle bit miffed. Heck, even if Apple didn't care, the record labels would obviously pull rank.

So the inevitable has happened; according to CNET, Apple has officially classified third-party access to the iTMS as a "security hole" which was "recently exploited." Personally, that strikes us as something of an extreme characterization, but whatever; in any case, said "hole" has now been closed. As a result, apparently only iTunes 4.7 and higher can now buy music from the iTMS, so anyone using an older version will need to upgrade before they can nickel-and-dime themselves still further into debt. (Apple claims that "only about 15 percent of iTunes users" are in need of an upgrade, so if you're one of them, you can take pride in lagging behind 85 percent of the iTunes-using population. Good thing you're not being graded on this, hmmmm?)

Now, it probably would have taken Apple more than a mere weekend to completely redesign the DRM paradigm of iTMS purchases and move the FairPlay-injecting part of the buying process to the server side of the transaction, so we assume that all Apple's done is enforce some check that attempts to verify that purchases are really originating from iTunes, and not some other application pretending to be iTunes. What that implies is that the iTMS servers are still dishing up DRM-free songs, and it's probably only a matter of time before someone works around the latest authentication scheme and opens the hole again. And Apple closes it again. And someone opens it again. And everyone takes a milk and cookie break. And Apple closes it again. And so on. Isn't copy protection fun?