Slashdot Mirror
iTunes is Malware?
Moby writes "On the heels of the big Apple love-in that is Macworld comes some interesting but alarming news. Recently a few blogs have started to indicate that iTunes is tracking your music preferences and using that data to recommend other songs from iTMS. The article provides a good overview, with some recommendations of its own. Basically, iTunes is tracking your music and sending the data back to Apple servers. This info is then used to advertise songs that may be to your tastes. A convenient feature, perhaps, but it raises concerns over privacy."
Edit -> Hide MiniStore (or shift-command-M) No information of any kind is sent when the MiniStore is disabled.
Then it should be disabled by default or you should be asked (in plain English) if you want it enabled when the program starts for the first time after update. If you say no it shouldn't ever ask you again nor should it track your listening preferences.
I realize many people think this represents "going over the line"; but is there ever any instance where datamining to match items you might be interested in to your interests is acceptable? Is there any value to having this be the default state in certain instances where it could be significantly helpful?
No. Absolutely not. Especially when they didn't ask my permission first.
What is it doing that is malicious?
Spyware, sure, but not malware.
-stefan
//FIXME: Bad
...and get over it.
The reccommendations feature in iTunes is fantastic. Amazon's Reccommendations page has a "I own it" check box. I use this page frequently to find new music or books or DVDs I would be interested in based on the other things I own (even those I didn't buy from Amazon).
From TFA, it hasn't been determined if the cookie sent back contains your Apple ID. It may not. It may not contain anything traceable or of a privacy concern. How about trying to use iTunes on a clean install without buying anything first and seeing if it does the same?
But one thing is for sure - if you want service of a personalized nature, you have to be willing to let someone know something about you.
Ever used an Internet browser? That sends data to various servers, does that constitute a risk to your privacy? Probably, but it doesn't make Firefox, IE & Opera 'malware', in the same way that even if iTunes is sending data to Apple, it's not necessaraly malware.
Kneejerk reactions like this are unsupprising given the current culture of "Oh my god, the've got my name and they know what music I like!". If you are conserned about your privacy with regard to a company or service, I suggest you start with their Terms of Service and Privacy Policy - If you don't like them, you don't have to use their service.
Windows in 6 Bytes (IA-32) : 90 90 90 90 CD 19
It would be interesting to re-phrase the question and replace "iTunes" with "Windows Media Player" and see what kinds of responses are generated by the Slashdot crowd.
Sample headline: "It seems the most recent update to Microsoft's bundled media application Windows Media Player is mining the music tracks that a user plays and sending that data back to Microsoft in order to present the user with similar tracks from the MSN Music Store. What Microsoft does with this data after Music Store recommendations are made is unknown."
Will the apologists for Apple and their data mining stand up in this case as well?
Interesting question, anyway.
B
"We must still have chaos within in order to be able to give birth to a dancing star." --Friedrich Nietzsche
Maybe because it can be disabled? Maybe because it doesn't root your computer? Maybe because it just isn't as bad as the stuff Sony and MS pull on a regular basis? Maybe there is no conspiracy?
Those who can, do. Those who can't, sue.
Everyone knows tracking is only bad when it's from "evil" companies like SCO, Microsoft, or Sony. Apple is "good" and "on our side".
/satire In all reality, this would be fine if they had a clearly labeled option/popup when you first ran iTunes. "Hey, we'd like to track the songs you listen to so we can recommend some other songs we think you'll like" and not buried somewhere in a EULA, or not actually brought up at all. Then again, from what I can tell apple doesn't like to give users choice, they like to decide what's right and wrong for you. This truly isn't a flame either... after working back and forth with them extensively for over a year, it's just how they operate. Sometimes it's a good thing, sometimes it's not. In this case, I would say it's not.
Right from www.apple.com/itunes "while you're browsing your own music, the MiniStore will automatically show you more music from your favorite artists that you can find at the iTunes Music Store." If you don't like it, don't use it. It's not being deceptive about what it does, which is why it's not spyware. You didn't bother reading what the software clearly states it does, and now your mad about it. How does that make sense.
You know if this was Sony or Microsoft there would be howls of anger and the pitchforks and torches would already be out. Apple does it and; "hey, they're swell guys but I don't know how comfortable I am about this".
If the crack dealer I see on the corner were to pull a gun out of his pocket, I'd go for cover. If my brother pulled a gun out of his pocket I'd probably say something like, "hey what is that gun you're carrying?" The reason for this is because I know my brother and have some level of trust in him. I might say, "hey put that away" if I felt it was inappropriate. I feel that what Apple has done is inappropriate. They should have issued a privacy policy that explains what they do and don't do with the information they are collecting. They should have had the feature disabled by default (even if they included a big "enable ministore suggestions" button). That said, Sony has a history of doing unethical things, as does MS. Apple has a much better record. Thus, I give them the benefit of the doubt and assume they are probably not data mining. If that proves not to be the case, I'll be more skeptical of them in the future.
I can't believe people are focusing on this, however. I mean sure, this is pseudo-spyware (not malware), but Apple just released machines that implement EFI. I'm much more concerned about the "trusted computing" possibilities of the new firmware than I am about iTunes. One might let them collect data about the songs listened to using freeware they distribute (with an easy option to turn it off). The other might allow them to restrict your actions on the hardware you buy, after the purchase. I'm tentatively giving them the benefit of the doubt there too, but it is certainly a much more pressing concern than iTunes phoning home.
Usually, the way to handle something like this is to leave the feature disabled, unless you've asked the user or they explicitly enable it. The problem is that it is enabled by default, without asking the user.
If the user bothered to read the features list they would know it was there. You're absolving the end user from personal responsibility. The information was there, but the users were too lazy to bother reading anything about the product they were using. The American public is used to being spoon fed everything and it's led us to being fat and lazy. Personal responsibility folks. It's not that difficult of a concept.
To add to the parent poster, I think "Malware" is not an appropriate term for what this program is doing.
When I use the term "malware" I typically mean programs that do one or more of the following;
- resist uninstallation
- persist after uninstallation attempts
- reinstall after uninstallation or "by the roots" removal
- hide from the user
- hide from the operating system
- hide what they are doing *
- damage the operating system
- replace, interfere with, spoof, or hijack functions such as DNS resolution, home page, file associations and toolbars
- create problems in order to sell you a "fix" for them
The one with the asterisk, is the ONLY one of these things that iTunes is doing, and that only if the user is hopelessly ignorant about computers and the internet.
It might be "spyware" but it is not "malware" in my book.
the terms "opt-in" and "opt-out" are way out of proportion here. this isn't some obscure setting or (de-)registration procedure. it's a single click of the mouse to close a window.
if you really want to bitch about nothing then here's a far better one: Firefox has cookies enabled by default and sets your homepage to one of theirs on first run - THEY COULD BE SPYING ON EVERYTHING YOU EVAR DO ON TEH INTERPOWER COMPUTERWEB!
If the user bothered to read the features list they would know it was there. You're absolving the end user from personal responsibility.
While the poster might be absolving the user from all responsibility, you are doing the same with Apple. Privacy is something that needs to be respected by the vendor and they should be required to ask the user what elements of their privacy they are willing to give up. There are just too many contracts for too many different things to be able to read them all - it would be nice, but in reality people give up on reading them.
Jumpstart the tartan drive.
Right. Relevant, non-annoying ads in a free product. That's Google level evil right there.