Slashdot Mirror
Apple Hides Account Info in DRM-Free Music
Alvis Dark writes "Apple launched iTunes Plus earlier today, the fruit of its agreement with EMI to sell DRM-free music. What they didn't say is that all DRM-free tracks have the user's full name and account e-mail embedded in them. Is this to discourage people from throwing the tracks up on their favorite P2P platform? 'It would be trivial for iTunes to report back to Apple, indicating that "Joe User" has M4As on this hard drive belonging to "Jane Userette," or even "two other users." This is not to say that Apple is going to get into the copyright enforcement business. What Apple and indeed the record labels want to watch closely is, will one user buy music for his five close friends?'"
There is always a little line written in 4 point at the bottom.
Living With a Nerd
Is that you can buy them and give them to your friends, whereas the music download sites seem to be headed toward preventing you from letting anyone else play your purchase.
music always know where to find you.
You can right click on the file and convert it to mp3, which would erase all tracks.
This shouldn't matter anyway.
Gone!
Apple puts this metadata in all the iTMS songs. Unless you're actually planning to break the law by sharing the songs, I don't see what the problem is. In fact this issue seems like a good way to distinguish between those who are against DRM because it restricts their rights to legally use their music, and those who actually just want to pirate music but use rights-based DRM arguments as an cover
Apple isn't keeping tabs on anyone, and it would be trivial to remove this data from your songs. But the question remains why anyone feels violated by this
This doesn't really bother me. I buy music and don't give it away, which is as it should be. TANSTAAFL!
The whole point of DRM is to stop people from pirating it. If your name is attached to it I'd say that's a pretty good deterrent. Beyond that, you can download the music, burn it, transfer it from your home PC to your office PC - you can do what you want with it... the only restriction is that you can't illegally share it online. It's focusing on punishing people who share music illegally, while at the same time not hassling the end users who just want to use their music. This is exactly what DRM should be.
I'd like a few more details, please.
Do they "hide" it in the files, or put it into the comment fields? There's a difference there, especially if you want to accuse them of underhand dealings.
The article is also pretty crappy on the suggestion to convert to MP3. Why should I do that? A simple binary find&replace will be faster, safer and result in no quality loss or recoding troubles.
So a little more info on this before painting anyone as a devil would be cool.
Assorted stuff I do sometimes: Lemuria.org
I find it a little hard to get worked up over this. I don't find the idea of watermarking particularly offensive, as long as it's not done in such a way as to degrade the content (which all "analog preservable" watermarking does), and it's not part of a DRM scheme (e.g. 'no copy' flag). Watermarking that only identifies a user and can be used to track down someone sharing files after the fact ... I can live with that.
The difference to me is that it's not trying to stop someone from doing something illegal, before they even do it. That I find very offensive, and is the whole point of DRM. I believe that the computer should let you do anything you damn well please, even if it's illegal, but that you should take the consequences later. Trading DRM for watermarking would be a huge step up, since the watermarking really doesn't affect anyone who isn't putting their tracks on P2P networks. However, we also need to realize that watermarks can't be viewed as inherently trustworthy -- what's to keep me from framing you by putting your account information on a bunch of music and then sharing it? Practically, I'm not sure how useful watermarking really is. But if it's the price for getting rid of DRM -- which treats everyone like criminals, regardless of whether they're doing anything illegal or not -- it's OK by me.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Some will be pissed about this - there will be wailing and gnashing of teeth. Personally, I don't care if they put my name in the file.
I want DRM-free media. I've wanted it for a long time. I want to play my music where I want, how I want, on as many devices as I want. And the whole time I've wanted that - it's never been so I can give it away to people on the internet. No one who wants to pursue this as a way of doing business is going to believe any differently.
I love buying my music via downloads. I wish I could do that with movies (not the 320x240 video iPod stuff - I mean movies for my TV), but I run Linux, I have a non-iPod player, so I need platform-independent, DRM free media.
They want to put my name in it? Go ahead. I'm not putting it out in the wild - and with any properly run computer - accidental release shouldn't be likely either.
Running Windows^H^H^H^H^H^H^H OSX and Linux in the home. (I don't have time for Solitaire any more.)
I dunno... Finger printing a media file ain't even close to a root kit on the evil scale.
"I am the king of the Romans, and am superior to rules of grammar!"
-Sigismund, Holy Roman Emperor (1368-1437)
Does the license under which I "buy" these DRM-free songs permit me to strip this personally-identifiable information from the songs?
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
It's perfectly legal for me to buy a CD and make copies for all of my friends, and it would be just as legal for me to do the same with these files.
Correct me if I'm wrong, but isn't this exactly how jhymn and other similar programs leave your files? IIRC, jhymn will remove the DRM from the file, but still leave your AppleID, etc in the file. It seems that the only people complaining about this are the ones who want to pirate music.
This guy's the limit!
Why should I be outraged? Why do I care if my name is in a file that I purchased? Please explain.
[Real CDs] you can buy them and give them to your friends
So long as you don't rip them with iTunes. A violation of trust is a something that sticks with the violator. Fool me once, shame on you. Fool me twice, shame on me.
Friends don't help friends install M$ junk.
First, why would you have to prove that you did not put them there? Your name on them is not proof that you did, and if you can show that a device that may have had the files was stolen you'll walk unscathed from even a civil suit.
This whole thing seems a bit weird to me. Apple's license forbids them from sending the data back to headquarters for analysis to catch casual pirates. They've been including this data in all the files they've sent for a long time. This is in the mp4 format so nothing stops a freeware program from erasing or changing them. Heck I can grab your e-mail address from a dozen places now and add it to mp4 files on P2P networks. That doesn't prove you put them there.
So, it is 100 times easier to grab these files from P2P for purposes of piracy than it is to steal a player or get them some other way. Who is planning on uploading files they have purchased anyway? That's just dumb.
The concept of using a watermarking technique is itself much better than any sort of DRM. But if the watermark is not correctly cryptographically tied into the song, then it is probably quite easy to forge watermarks. What this means is that it would be possible to still distribute thse songs (illegally) but have it appear as if somebody else did it. This is probably worse than having no watermark at all.
Of course, technically, forgeable watermarks should carry no legal weight, and should be useful for nothing more than casual marketing analysis. But we all know how things like the courts, BSA, RIAA, and so forth work. "Hey, this song found on xxxxx P2P service has your name on it! You must be guilty. Here's notice of our lawsuit, or you can settle for $100000 per song." I see a lot more innocent grandmothers getting sued in the future.
The same thing could actually be used for other file formats. Want to write a Word document outlining your plans to rob the bank; be sure to "steal" somebody else's GUID out of one of their documents and replace the one in yours. Now you've got a better shot at deniability of wrongdoing.
Someone needs to write a program that inserts Bill Gates name and email address into the tags. Only he has enough money to pay of the MAFIAA.
Friends don't help friends install M$ junk.
Privacy is actually important: saying anything of the form "people don't need privacy 'x' if they don't plan to break the law" is almost always a mistake.
Right, but that's not what we're talking about. Your songs with your embedded tags aren't made public. Your privacy isn't being violated.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
You're just regurgitating the age-old "Why should I worry about this draconian law? I'm not a criminal." argument. Buying a music file means that you buy a music file. Not a music file with extra unwanted information that might violate my privacy.
I certainly won't do business with Apple is any way, shape, or form.
I don't respond to AC's.
An easy way for me and my 1,203,382 roommates to keep track of what belongs to who ;)
It's actually pretty trivial, because they are in no way tied to the audio data -- there's just another atom in the MP4 wrapper that contains your name and email address. It can be removed without impacting a single byte of audio data.
I don't understand why this is a story at all -- every song sold from iTMS has these same markings, since day 1. All the old tools from decrypting old-style iTMS songs include a provision for removing this data, and I suspect that bit still works on the new-style files.
"There's an old saying in Tennessee - I know it's in Texas, probably in Tennessee - that says, fool me once, shame on...shame on you. Fool me...you can't get fooled again."
--The Decider, 2002
why? forty-two.
On the other hand, the files might be watermarked in other ways, obviously more difficult to detect.
Of course it's entirely possible that Apple has actually decided to use this information in some way, which will affect mostly non-technically inclined people who are unaware of the tagging. And would be supremely stupid.
Imagine if they managed to trace back all those Bruce Wayne Campbell tracks in your collection? Oh the humanity.
No. You can't.
o n
http://en.wikipedia.org/wiki/Lossy_data_compressi
Quit being so paranoid. It's there so if you lose your MP3s whoever finds them knows where to return them!
I agree. Who cares?
The only people this affects are those who use the file in an illicit manner (distributing it on P2P). It's not like DRM where it punishes legit users significantly, often forcing them to piracy just for the sake of compatibility.
Oh, and it's nothing new. The old DRMed files had it too. In fact, back in the days of PyMusique and whatever that program was that stripped Apple DRM after the fact (as opposed to PyMusique not applying it in the first place), neither program did anything about this identification data because unlike the DRM, there was no legit reason to remove it. It's always been there, albeit in many cases encrypted.
retrorocket.o not found, launch anyway?
automatically replace the user id field with "sjobs@mac.com" on all outgoing files?
Will you get the watermarks with the same information? I don't think so.
You just can't trust non free software, not even a little. Imagine iPod or WMP was ported to GNU/LInux. It could watermark all of your files as a background process without changing size and date information. Digital restrictions are the ultimate expression of non free software. From the very beginning, it's owners have sought to keep it's users divided and helpless. The end game is money and that requires ownership of your news and culture.
Friends don't help friends install M$ junk.
the files might be watermarked in other ways, obviously more difficult to detect.
Yeah, that's one of the reasons you should never trust non free software.
Friends don't help friends install M$ junk.
Are the songs, in fact, DRM-free?
Yes.
Are they at a higher bitrate as advertised?
Yes.
Is there any physical restriction on what you can do with them?
No.
When you buy a DRM-free song, are you buying a "share them with teh intarweb" license?
No.
Is there a whole batch of metadata in the songs you buy from iTunes, protected or not?
Yep.
Nothing to see here, move along.
-- Josh Turiel
"2. Do not eat iPod Shuffle."
This isn't really anything new. ALL music bought from the iTMS contains this information. I would be more surprised if they DIDN'T include it with DRM-free music.
CATS/Diebold '08- All your vote are belong to us!
And that's still breaking the law. If this makes it easier to catch you, so be it. Don't break the damn law. If you want your friends to hear the song, then you have many valid choices:
(a) iTMS has a song preview, which have definitely affected by purchase decisions
(b) point them to Imeem.com or a site like it
(c) tell them to quit being cheap asses and pay the $1 for the song
(d) play the song the next time they're over
Plenty of options that don't make you a criminal.
Any copy - and I mean ANY copy - made in use on a computer counts as a copy in terms of copyright law.
. html
pop quiz: did you know that it's illegal to run a binary of a program you have on your hard-drive unless you are given permission from the copyright holder? It has been ruled that the copy from the hard-disk to system memory counts as a copy in terms of copyright law. Lame? Yup. Still legally valid? According to the federal courts, sure is.
Further reading on the topic:
http://digital-law-online.info/lpdi1.0/treatise20
The way I have always freed my tracks from DRM was to buy them on iTunes, immediately burn a CD (onto a handy CD-RW disk), then iTunes immediately recognizes the audio-CD and asks me if I want to "import" it. I have my import preferences set to MP3, and iTunes even asks me if I want to replace the existing DRM tracks with the MP3s I am ripping.
No $.30 upcharge, or DRM hassles...iTunes practically coaches you on how to do it. The CD-RW disk can be reused many times, so there isn't even a cost. Or even if you use a regular CD, it's good to have a hardcopy audio CD of the albums you buy anyway.
The whole process takes almost no time at all.
-h
Only to idiots, are orders laws.
-- Henning von Tresckow
It's especially irritating when you own more than one computer. I have two macs, and I'm the only user of both of them. Why should I have to buy software twice just to use it on both of my machines?
Most shareware doesn't seem to be locked to the specific machine, and none of the software I use has had this problem yet, but if I ever come across something I want and the seller insists on my buying two copies to use on my computers, he won't get a single dollar from me.
-Z
Putting your email address into music that you download means that if you put it on a large pirated-music sharing network, then anybody there can see your email address. So not only can the RIAA's lawyers send you nastygrams asking for $3000, but all those Nigerian Dictators' Widows can send you mail about how you've won the Microsoft Herbal V1@Gra Lottery and if you provide them with your bank account and snailmail information they'll send you your share of the winnings, a hot stock tip, and a bottle of their latest pills.
This will cost them a less than actually bothering to sue anybody, and it's probably a *lot* more annoying
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
1: Adopt EFI, Trusted Computing for new Mac's.
( a powerful firmware level intended for DRM schemes sitting between OS/software and hardware, that has it's own partition on the drive, can access the internet and download, do just about anything without a OS, without your knowledge for most people)
First off, EFI is a replacement for an ancient BIOS that most x86/x64 machines still slug along with. Since Apple could start with a clean slate, why not adopt the modern firmware for a mainboard over something filled with 20 years of legacy Apple didn't need? You can spin EFI in a bad light all you want, but really it's more of a new replacement for something old, just as PCI replaced ISA.
Also, the Macs currently shipping lack the TPM chip needed to implement Trusted Computing. Apple did initially ship them, but didn't do anything with them. Vista can use the TPM chip though for bitlocker encryption.
You can spin whatever spook story you want, but try to at least do it with real facts and not just sensational Slashdot headlines.
What you are describing is an attempt to create artificial scarcity.
That is precisely what the "sellers" of intellectual property want you to believe. That the license/item/product you purchased is scarce that it's value should be higher than what it is really worth. There is only one problem: this approach doesn't work in a digital world with digital assets (like songs, movies, etc).
The music publishing industry (RIAA) is currently built on artificial scarcity through control of the supply chain. That works in the real world where you have inventory and "real" CD's (and real costs too). But the entire idea of "scarcity of digital assets" is nuts because things can be copied and transferred so easily in the digital world. What this means is that the actual value of what they provide is lower than what it was, say, 20 years ago. Much lower. However, they continue to try to make you think that artificial scarcity (and therefore, higher value of them) is an achievable goal.
It isn't. The digital world does not work that way. Attempts to control it will be met with route-arounds, just like they always have.
Eventually, an equilibrium will be reached. Customers will be charged what the item's value really is, and over time, society will eventually agree on what that value is. Right now, it is a one-sided discussion, with the RIAA (and its congress critters) doing all the talking -- so we go through some pain and society routes-around accordingly. Someday we won't have to route-around....but not until prices come down to reflect the real value of what we are getting for our money. Right now, we're not getting enough. So route-arounds continue...
EFI is a great replacement for a crappy old BIOS, any day of the week. With that said..
:-)
I am a new Apple convert. I bought an Intel iMac with the Core 2 duo, and a MacBook with the Core Duo this year. I was a heavy Linux geek and I have been a programmer on MS systems for the past 12 years. I have to say that I love OS X. It is really great.
Seeing things about DRM and Apple makes me a little nervous though. I will quickly sell both my Intel Macs and jump back to Linux if I think Apple is trying to push DRM crap on me. However, so far, that doesn't seem to be the case. For example, there is no crappy MS "activation" crap with OS X. I could use my OS X install DVD's and install OS X on any number of Macs, no questions asked, and most importantly, no crappy "activation". So as of now, it seems that Apple is trusting its users to buy the right number of licenses to install their OS. That is a far cry from what MS does with their activation junk.
Even though I love OS X, I do have some problems with iTMS and iTunes. Out of the box, iTunes doesn't play many non-Apple or non-proprietary formats. Thanks to projects like Perian that can be taken care of, though I personally just use VLC which blows away Quicktime. The biggest problem I have had is that all the TV shows I have bought from iTMS has been trapped in a DRM-only format. I wish Apple would provide a way to transcode to a DVD MPEG-2 format so I can watch the shows on my TV. No, I don't want to have to buy an AppleTV to watch my iTMS-only content. If AppleTV allowed me to watch the Divx/Xvid rips I made of the DVD's that I own, then hell yeah, I would buy it.
So to sum up and get off my soap-box, I love OS X, I am just very weary about where Apple may go in the future WRT DRM. I really hope they do not take the Microsoft path. If so, I will get rid of all my Mac's and switch back to two PC's. One with Ubuntu Linux and one with WinXP. Though I hope I don't have to do that. After 6 months with OS X, I really don't want any other OS. Though, my freedoms are worth more than any OS to me.
General, you are listening to a machine! Do the world a favor and don't act like one.
"For example, there is no crappy MS "activation" crap with OS X. I could use my OS X install DVD's and install OS X on any number of Macs, no questions asked, and most importantly, no crappy "activation"."
There is a good reason for the difference between Apple and MS (in relation to how they control their respective OS): Apple makes OS X to run on their hardware ONLY. Therefore, if you are installing on ANY Mac, they have already made their money from the hardware. Remember, they are a hardware company.
MS, on the other hand, makes an OS that runs on ANY PC. They don't sell the hardware, so they try to make sure you have purchased the software. That's where they make their money.
You have to look at the reason why each company chooses to implement DRM or any other form of IP control.
Apple already had a perfectly good BIOS replacement, you fool! It's called "Open Firmware" and -- unlike EFI -- is a widely-supported open standard.
There were exactly two reasons for EFI to exist, and neither of them are good: Intel's Not-Invented-Here syndrome and DRM. That's it.
How do you know? Can you cite a source that actually disassembled a Mac to check? 'Cause what I heard is that Apple just made it so that the TPM doesn't show up in the device manager, but is still there (in fact, I recall hearing reports of people with Macs that most certainly had TPMs noticing them mysteriously disappear after a software update).
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
Note that this is `widely supported' as in 'supported by a lot of platforms' not 'supported by a lot of systems.' To my knowledge, there is no OpenFirmware implementation for x86. OpenBIOS has started, but not finished. Since they went to Intel to get a complete solution (motherboard, chipset, and CPU), writing their own firmware would have been somewhat counterproductive.
That said, I'll take OpenFirmware over EFI any day of the week.
I am TheRaven on Soylent News
Amit Singh has something to say on this...
http://www.osxbook.com/book/bonus/chapter10/tpm/
There are no guarantees, but it's not looking like Apple is keen to enforce the TPM on Mac users.
"You have to look at the reason why each company chooses to implement DRM or any other form of IP control."
DRM's end result on the user is the same, regardless of Apple's or MS's reasoning for implementing it. In other words, no, he doesn't have to look at the reason why each company chooses their DRM scheme: it's still a hassle.
damaged by dogma