Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's DRM Whack-a-Mole

Posted by CmdrTaco on from the ouch-ouch-ouch-ouch dept.

Mateo_LeFou writes "Gulf News has a nice piece exposing the last couple generations of Apple's DRM strategy (you didn't really think they were abandoning DRM, did you?). Article focuses on how quickly the tactics are worked around, and how nasty the latest one is: purchased iTunes now have your personal data in them. Author suspects that this is to prevent you uploading them to a network."

19 of 352 comments (clear)

  1. Right click, Convert to AAC/MP3/etc. by chasingporsches · · Score: 4, Informative

    and don't forget that you can just right click the non-DRM file now and convert to another format that DOES NOT have your user information embedded in it. it's a very simple, fast process for the paranoid.

    1. Re:Right click, Convert to AAC/MP3/etc. by Tickletaint · · Score: 4, Informative

      Yes. You can. They're fucking ID3 tags (or whatever the m4a equivalent is), nothing more, so you can strip them using your favorite tag editor. Even QuickTime Player will do the job, I believe.

      --
      Make Slashdot readable! See journal.
    2. Re:Right click, Convert to AAC/MP3/etc. by Mr2001 · · Score: 2, Informative

      And as the tags are not encrypted, they are obviously not intended for tracking files on peer to peer filesharing as I could change them to reference anyone. They're not encrypted, but they are probably signed. The iTunes Plus files have blocks called "sign" and "chtb" which were not present in the old DRM'd files, and whose contents are unique for each combination of user + track. If you're going to remove your name, make sure you remove those blocks too - otherwise, the file could still be traced back to you by someone who knows what the original personal info might have been (i.e. Apple).

      Besides, didn't everyone cheer when some stores introduced audio watermarking which would actually prevent you from putting the original file on peer to peer networks, unlike this? No, I don't remember anyone cheering because of that. Most people here don't want their files being tracked at all, whether it's by watermark or name.
      --
      Visual IRC: Fast. Powerful. Free.
    3. Re:Right click, Convert to AAC/MP3/etc. by gig · · Score: 4, Informative

      > They're not encrypted, but they are probably signed. The iTunes Plus files have blocks called "sign" and "chtb" which were
      > not present in the old DRM'd files

      Sigh ... this is a proof of purchase. It is advantageous to the legitimate purchaser to leave this information in the file so as to future-proof their music investment.

      There were three big announcements with iTunes Plus: 1) no DRM, 2) double the bit-rate for higher quality sound, 3) PREVIOUSLY PURCHASED iTUNES STORE TRACKS CAN BE UPGRADED FOR A TOKEN HANDLING FEE TO THE NEW HIGHER-QUALITY BIT RATE.

      In order to upgrade you now or in the future, iTunes needs to be able to identify "iTunes Store purchases" from "other" in your music collection, which thanks to Apple's progressive and practical user-centric policies may include audio from dozens or hundreds of different sources.

      If a person follows the EFF's advice and strips the unique meta data out of their iTunes Plus purchase, iTunes will not be able to identify those tracks as iTunes Store purchases, and the tracks will never be upgradable to lossless, which is the next bump, within 3-5 years. After that, expect to see higher-than-CD bit rates and sample depths next, that is when you will START to hear the audio as it is recorded in the studio (even in my small project studio we have 24-bits and 192 kHz, but still to publish you have to distill down to 16-bits and 44.1 KHz using arcane and vicious audio hacking, a lot is lost). In other words, if you have anything other than a 24-bit 192 kHz lossless audio file, you are not done upgrading yet. Since there will be 3 or 4 jumps before we get there (and by then the music studio may have moved up ahead) you are looking at a lot of money to stay current if you insist on paying full price for every track every time out.

      A few years ago I heard a record company executive from a big label talk about DVD-Audio. Was he excited that consumers would soon be able to buy much higher quality music? Not really. He could not wait to sell Sgt. Pepper's to baby boomers again for full price, he couldn't wait to sell someone the whole Led Zeppelin catalog for the fifth time, again at full price. What Apple is doing by upgrading your audio quality for a handling fee did not come from the record companies, I can assure you.

  2. Re:So... by daveschroeder · · Score: 5, Informative

    Remove said personal information from the ID3 equivalent before uploading said file. Or is this information in some weird watermarking system I don't know about?

    No. There is no weird watermarking system (though some people do suspect Apple of using hidden watermarks or steganography).

    The information is stored in international standard MPEG-4 "atoms". In fact, they're even preexisting atoms for the purpose of storing name and email address. They're not secret, and not hidden.

    If people are hell bent on uploading their files after they've purchased them, there's a number of ways the identifying information can be removed.

    Plenty of people around who say, "But what if I then change the name and email to that of my most hated enemy and upload those??" though. Yeah. Okay.

  3. Doesn't convert to MP3 by Anonymous Coward · · Score: 2, Informative

    1. The convert to MP3 menu does not work for these tracks.
    2. They're more expensive
    3. You can't hear the difference, only 1 in 10 could and it was statistical noise.
    4. You can fit fewer tracks on a player because they bigger.
    5. Apple are playing a game here.

    I'm in favour of watermarking tracks with the sale ID, but Apple looks to be playing a game here, I still can't sign up to iTunes and get music for my MP3 players at the same prices as iPod users.

  4. Re:Couldn't be more ranty, or wrong by Blondie-Wan · · Score: 5, Informative
    "Found"? It was never hidden. It was plainly visible, clearly intentionally, from day one. I'm absolutely flabbergasted people think this is some insidious new development or that it's been sneaked in in hopes people won't see it.


    Have the people expressing shock and outrage never used iTunes, or what? Seriously, the purchaser info is RIGHT THERE in the same tab in the "Get Info" window that displays the track length, play count, file format, bitrate, and other data that's clearly, readily, deliberately accessible to users, and IT HAS BEEN EVER SINCE THE STORE OPENED IN 2003.

  5. Re:Nasty? by TheRaven64 · · Score: 3, Informative

    It's not a watermark (there may be a watermark as well, but no one has found one yet). A watermark is something embedded in the actual data, changing it in an identifiable way. The tracks from the iTunes store simply encode the name and email address of the buyer, and the time of purchase in the standard metadata tags. This is fairly trivial to remove, if you want to bother. It's like a receipt; it allows you to prove that you purchased the track if you need to, but doesn't do anything more.

    --
    I am TheRaven on Soylent News
  6. Oh no! This Reminds me of what Adobe does by Prune+Whip · · Score: 2, Informative
    Here's a great article exposing a similar practice by Adobe:
    NEWS FLASH! Adobe Hides Customer Information!

    From the article:
    While many people believe that Adobe products are DRM-free, did you know that they, in fact, have a "poison tip?"

  7. Re:Nasty? by Tom · · Score: 5, Informative

    Apple gives you a no-DRM file, and slaps a watermark on it so that, No, they didn't.

    I know this is /. and all, but how about at least getting the basic facts right?

    One, it wasn't added, it had been there before.
    Two, it's not a watermark, it's some embedded text.
    Three, the text is even embedded in plain text format.
    --
    Assorted stuff I do sometimes: Lemuria.org
  8. Re:Couldn't be more ranty, or wrong by vux984 · · Score: 5, Informative

    A mystery? This has been going on since day one, and has never been a mystery. And even if it is a "mystery" on the non-DRM files, it was never a mystery on the DRM files, was never hidden, and was never secret. This has been known, never obfuscated, and obvious to anyone who clicked "Get Info" on anything purchased from the iTunes Store, ever.

    EXACTLY.

    This is about as 'evil' as the time I bought a book on special order. The staff had put a paper insert inside the front cover with my name and phonenumber, presumably so that they knew who had ordered it. But they didn't tell me!! And it was personally identifying!!... why if I had started committing crimes with that book the police would have had my name and number!! I'm never buying a book from that company again! /sarcasm

    My favorite quote of all this was from an EFF attorney; to paraphrase: if someone steals your iPod, the thief would have the name and email address of the rightful owner!

    Heaven help the poor sap if someone were to steal his cellphone. or his wallet. or his briefcase. or his laptop.

  9. Re:Couldn't be more ranty, or wrong by tsa · · Score: 3, Informative

    Yours was the only post this thread needed. And first post too! If I had mod points I would mod you up.

    Oh, and one more thing... Please /. editors, sometimes no news is better than a random rant from a clueless person.

    --

    -- Cheers!

  10. Re:Nasty? by daveschroeder · · Score: 4, Informative

    It's not a watermark (there may be a watermark as well, but no one has found one yet).

    Actually, people already have found that Apple isn't using a watermark or steganography technique, either:

    http://www.macrumors.com/2007/06/01/apple-using-st eganography-in-itunes-plus-songs/

    The file differences are why some originally thought that Apple might be using steganography. It turns out, though, that the AAC data is 100% identical and that the differences were a result in different metadata (modification dates) in the files:

    http://forums.macrumors.com/showpost.php?p=3696625 &postcount=123

    So, Apple is indeed not using steganography or other hidden watermarking on the files.

  11. Re:Couldn't be more ranty, or wrong by MollyB · · Score: 2, Informative

    Got me curious, too. Here are some possibilities. Cheers...

  12. Re:Couldn't be more ranty, or wrong by jandrese · · Score: 2, Informative

    One interesting side effect of that information: In the first few versions of PlayFair the authors of the program made sure to leave your contact information in the file after it was decrypted, just to drive home the point that it wasn't about piracy. However, Apple changed iTunes such that if it saw that information on an unencrypted file, it would reject the file and the PlayFair guys were forced to strip it out.

    --

    I read the internet for the articles.
  13. Re:File sharing is NOT illegal by gruntled · · Score: 2, Informative

    Actually, it's only the process of "sharing" that exposes you to legal action (at least here in the US). Taking a copy of a file off any kind of feed is generally protected under the Fair Use exception to copyright law. However, if you've configured your P2P client to allow *other* people to make a copy of that same file from your copy, you're "distributing" that file to thousands of others, and that's actionable.

  14. Re:File sharing is NOT illegal by Anonymous Coward · · Score: 2, Informative

    And you're being a smart-arse. And you're wrong.
    File-sharing *isn't* illegal, or a tort, or any other legal infraction; file-sharing copyrighted files that you don't own the copyright for, and haven't been granted a waiver to share, is a legal infraction and the copyright-holder(s) can sue you for recompense.

    Ruddy precocious kids and their ruddy big mouths.

  15. Re:DRM is not encryption by Roadstar · · Score: 2, Informative

    But let's put this in perspective: when ITunes first launched, you could authorize 5 computers to play their DRM protected files. Then Apple unilaterally changed this to only 3 authorized computers.

    If anything's put into perspective by that part, it's your comment. The limit was originally 3, but it was later on raised to 5, which is also the current limit for DRM'd iTunes content. Please check your facts.
  16. WARNING: do not click sig link by Anonymous Coward · · Score: 2, Informative

    Sig links to http://en.wikipedia.org/wiki/Special:Userlogout?re turnto=Have_a_nice_day

    Fortunately TinyUrl doesn't redirect transparently anymore (and Firefox shows the non-obfuscated URL on the TinyUrl page...).

    But yeah, dick move.