Slashdot Mirror
iTunes is Malware?
Moby writes "On the heels of the big Apple love-in that is Macworld comes some interesting but alarming news. Recently a few blogs have started to indicate that iTunes is tracking your music preferences and using that data to recommend other songs from iTMS. The article provides a good overview, with some recommendations of its own. Basically, iTunes is tracking your music and sending the data back to Apple servers. This info is then used to advertise songs that may be to your tastes. A convenient feature, perhaps, but it raises concerns over privacy."
Edit -> Hide MiniStore (or shift-command-M) No information of any kind is sent when the MiniStore is disabled.
Then it should be disabled by default or you should be asked (in plain English) if you want it enabled when the program starts for the first time after update. If you say no it shouldn't ever ask you again nor should it track your listening preferences.
I realize many people think this represents "going over the line"; but is there ever any instance where datamining to match items you might be interested in to your interests is acceptable? Is there any value to having this be the default state in certain instances where it could be significantly helpful?
No. Absolutely not. Especially when they didn't ask my permission first.
What is it doing that is malicious?
Spyware, sure, but not malware.
-stefan
//FIXME: Bad
...and get over it.
The reccommendations feature in iTunes is fantastic. Amazon's Reccommendations page has a "I own it" check box. I use this page frequently to find new music or books or DVDs I would be interested in based on the other things I own (even those I didn't buy from Amazon).
From TFA, it hasn't been determined if the cookie sent back contains your Apple ID. It may not. It may not contain anything traceable or of a privacy concern. How about trying to use iTunes on a clean install without buying anything first and seeing if it does the same?
But one thing is for sure - if you want service of a personalized nature, you have to be willing to let someone know something about you.
Ever used an Internet browser? That sends data to various servers, does that constitute a risk to your privacy? Probably, but it doesn't make Firefox, IE & Opera 'malware', in the same way that even if iTunes is sending data to Apple, it's not necessaraly malware.
Kneejerk reactions like this are unsupprising given the current culture of "Oh my god, the've got my name and they know what music I like!". If you are conserned about your privacy with regard to a company or service, I suggest you start with their Terms of Service and Privacy Policy - If you don't like them, you don't have to use their service.
Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
But it can also be argued, correctly, that this improves the user experience with iTunes (aside from the broader privacy argument).
Then they can watch my surfing and purchase habits inside the *store* (which I am 110% sure that they already do). They don't need to track my listening habits for music that was not purchased in their store. Just because I am using their software doesn't mean they should be able to receive information about *everything* I listen to on it.
Since when was spying on people just because they utilize your software something that people found acceptable?
The song you are listening to may NOT have been purchased through iTMS. They are monitoring your library of songs that have been obtained in other manners and keeping record of them too. That is spyware.
Amazon is a store accessable via a web browser. iTMS is a music store accessable via software. iTunes is an interface to iTMS *OR* a standalone player. As far as I'm aware Amazon doesn't have its own branded browser.
So, iTMS can track my habits just like Amazon does. iTunes should not.
It would be interesting to re-phrase the question and replace "iTunes" with "Windows Media Player" and see what kinds of responses are generated by the Slashdot crowd.
Sample headline: "It seems the most recent update to Microsoft's bundled media application Windows Media Player is mining the music tracks that a user plays and sending that data back to Microsoft in order to present the user with similar tracks from the MSN Music Store. What Microsoft does with this data after Music Store recommendations are made is unknown."
Will the apologists for Apple and their data mining stand up in this case as well?
Interesting question, anyway.
B
"We must still have chaos within in order to be able to give birth to a dancing star." --Friedrich Nietzsche
Maybe because it can be disabled? Maybe because it doesn't root your computer? Maybe because it just isn't as bad as the stuff Sony and MS pull on a regular basis? Maybe there is no conspiracy?
Those who can, do. Those who can't, sue.
Everyone knows tracking is only bad when it's from "evil" companies like SCO, Microsoft, or Sony. Apple is "good" and "on our side".
/satire In all reality, this would be fine if they had a clearly labeled option/popup when you first ran iTunes. "Hey, we'd like to track the songs you listen to so we can recommend some other songs we think you'll like" and not buried somewhere in a EULA, or not actually brought up at all. Then again, from what I can tell apple doesn't like to give users choice, they like to decide what's right and wrong for you. This truly isn't a flame either... after working back and forth with them extensively for over a year, it's just how they operate. Sometimes it's a good thing, sometimes it's not. In this case, I would say it's not.
Right from www.apple.com/itunes "while you're browsing your own music, the MiniStore will automatically show you more music from your favorite artists that you can find at the iTunes Music Store." If you don't like it, don't use it. It's not being deceptive about what it does, which is why it's not spyware. You didn't bother reading what the software clearly states it does, and now your mad about it. How does that make sense.
You know if this was Sony or Microsoft there would be howls of anger and the pitchforks and torches would already be out. Apple does it and; "hey, they're swell guys but I don't know how comfortable I am about this".
If the crack dealer I see on the corner were to pull a gun out of his pocket, I'd go for cover. If my brother pulled a gun out of his pocket I'd probably say something like, "hey what is that gun you're carrying?" The reason for this is because I know my brother and have some level of trust in him. I might say, "hey put that away" if I felt it was inappropriate. I feel that what Apple has done is inappropriate. They should have issued a privacy policy that explains what they do and don't do with the information they are collecting. They should have had the feature disabled by default (even if they included a big "enable ministore suggestions" button). That said, Sony has a history of doing unethical things, as does MS. Apple has a much better record. Thus, I give them the benefit of the doubt and assume they are probably not data mining. If that proves not to be the case, I'll be more skeptical of them in the future.
I can't believe people are focusing on this, however. I mean sure, this is pseudo-spyware (not malware), but Apple just released machines that implement EFI. I'm much more concerned about the "trusted computing" possibilities of the new firmware than I am about iTunes. One might let them collect data about the songs listened to using freeware they distribute (with an easy option to turn it off). The other might allow them to restrict your actions on the hardware you buy, after the purchase. I'm tentatively giving them the benefit of the doubt there too, but it is certainly a much more pressing concern than iTunes phoning home.
Usually, the way to handle something like this is to leave the feature disabled, unless you've asked the user or they explicitly enable it. The problem is that it is enabled by default, without asking the user.
If the user bothered to read the features list they would know it was there. You're absolving the end user from personal responsibility. The information was there, but the users were too lazy to bother reading anything about the product they were using. The American public is used to being spoon fed everything and it's led us to being fat and lazy. Personal responsibility folks. It's not that difficult of a concept.
It may infuriate you, but that's just the state of things, I guess.
Giving up is lame. You should be ashamed.
You don't even have to play it. Just selecting it is enough. I like this new feature, but I think I'm the only one here :-)
-- Cheers!
1) "But you can turn it off!" - And here I thought it was about default settings and opt-in. Didn't we (users) already fight these battles with Windows Media Player and Real?
...
2) "But Amazon does it!" - In a browser, while online browsing on *their* servers. A child can see the difference.
3) "But it's useful!" - So, potentially, is any invasion of privacy. If they know everything about you, they can make your shopping experience *really* convenient!
4) "But Apple wouldn't use the info for bad purposes!" - The government wanted to access your bookstore receipts and library checkouts (in addition to monitoring your phonecalls and emails without warrants). I'm sure Apple will fight to the last cent before handing over one iota of info to the government
Every one of these points was made in a +5 moderated post. Think, moderators, think!
Imposing Libertarian views on everyone online since 1992.
To add to the parent poster, I think "Malware" is not an appropriate term for what this program is doing.
When I use the term "malware" I typically mean programs that do one or more of the following;
- resist uninstallation
- persist after uninstallation attempts
- reinstall after uninstallation or "by the roots" removal
- hide from the user
- hide from the operating system
- hide what they are doing *
- damage the operating system
- replace, interfere with, spoof, or hijack functions such as DNS resolution, home page, file associations and toolbars
- create problems in order to sell you a "fix" for them
The one with the asterisk, is the ONLY one of these things that iTunes is doing, and that only if the user is hopelessly ignorant about computers and the internet.
It might be "spyware" but it is not "malware" in my book.
the terms "opt-in" and "opt-out" are way out of proportion here. this isn't some obscure setting or (de-)registration procedure. it's a single click of the mouse to close a window.
if you really want to bitch about nothing then here's a far better one: Firefox has cookies enabled by default and sets your homepage to one of theirs on first run - THEY COULD BE SPYING ON EVERYTHING YOU EVAR DO ON TEH INTERPOWER COMPUTERWEB!
1) "But you can turn it off!" - And here I thought it was about default settings and opt-in. Didn't we (users) already fight these battles with Windows Media Player and Real?
It's not like it scans your entire library the moment you launch iTunes.
The matter is you can turn it off before it DOES ANYTHING.
Does it make you happy you're so strange?
"while you're browsing your own music, the MiniStore will automatically show you more music from your favorite artists that you can find at the iTunes Music Store."
"it's reasonable to assume they're gleaning this from your interactions with *their* website."
Appearently you're not reading enough into it. It clearly states, as you can see from my bolding above that it says "while you're browsing YOUR OWN MUSIC". It doesn't say "while your browsing the ITMS" or "while your browsing apple.com" it clearly states "YOUR OWN MUSIC". Maybe my reading comprehension isn't up to par, but when something says "YOUR OWN MUSIC" I'm assuming they mean my own music.
Try instaling Windows Media Player. By default, Microsoft does NOT collect any data. You have to "opt in." Apple's approach seem to be that you have to "opt out."
As it happens, I'm not an iTunes user at all (mplayer and xmms). One of the big things I love about Linux is freedom (for lack of a better word) from little spams tucked into every icon and preinstalled application and bookmark. But I think issues like this clearly illustrate the benefit of keeping media available outside proprietary players, and that won't happen unless a lot of people demand it. My own choices alone will not determine the environment I live in. The more people complain about the commercialization of every mouse click, the better the future will be.
If the user bothered to read the features list they would know it was there. You're absolving the end user from personal responsibility.
While the poster might be absolving the user from all responsibility, you are doing the same with Apple. Privacy is something that needs to be respected by the vendor and they should be required to ask the user what elements of their privacy they are willing to give up. There are just too many contracts for too many different things to be able to read them all - it would be nice, but in reality people give up on reading them.
Jumpstart the tartan drive.
Telling Apple what I listen to? HEAVEN FORBID IT!
Is it just me or are a lot of people hypersensitive to issues like this? Who cares if Apple knows my playlist? To their servers, I'm just another consumer, they don't have the time/will to sit there and read incoming data, "HEHE, THAT GUY LISTENS TO MICHELLE BRANCH."
Seriously now. There are issues far greater than this that should be stressed.
Right. Relevant, non-annoying ads in a free product. That's Google level evil right there.
The real question here, that nobody seems to be asking, is how would all the people defending Apple react if it was the Microsoft Music Store doing the exact same thing. My guess is that while a tiny minority would still say "big deal", the rest would be spouting diatribes about how evil MS is collecting their data.
"The avalanche has already started. It is too late for the pebbles to vote" -- Kosh