Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apple's DRM Whack-a-Mole

Posted by CmdrTaco on from the ouch-ouch-ouch-ouch dept.

Mateo_LeFou writes "Gulf News has a nice piece exposing the last couple generations of Apple's DRM strategy (you didn't really think they were abandoning DRM, did you?). Article focuses on how quickly the tactics are worked around, and how nasty the latest one is: purchased iTunes now have your personal data in them. Author suspects that this is to prevent you uploading them to a network."

4 of 352 comments (clear)

  1. It's stored in plaintext... by FFFish · · Score: 4, Interesting

    ...which makes it so damned easy to find and erase that one must conclude that the personalization has *NOTHING* to do with DRM. Honest to god, even the most retarded programmer would encrypt the information so that it isn't easily discovered.

    --

    --
    Don't like it? Respond with words, not karma.
  2. Re:Right click, Convert to AAC/MP3/etc. by Mix+Master+Nixon · · Score: 5, Interesting

    Why would re-encoding even be required? In the absence of DRM, couldn't you just pass the AAC stream unchanged into a new MP4 container with no personally identifying information or even just delete that information from the existing MP4 file?

    --
    Oppressing an entire population is never cheap.
    --Jeckler (/. Beta IS GARBAGE!)
  3. Re:There's a serious point here by Jeremy_Bee · · Score: 3, Interesting

    This is indeed a serious point, and one obfuscated by all the hoopla that the author of this article (and others), is creating over other, non-issues.

    It's a basic tenet of any sane, decent, information privacy legislation and (I believe already the law in Europe), that you cannot embed or record people's personal data in a "secret" way. If a person is buying a product that has their personal information embedded in it, they have to *know* this is the case.

    I (like many people), was originally shocked to find out the user name and email is embedded in the file being unaware that this was in fact *always* the case. Despite all the folks here pointing out that it was always the case, how many regular users of iTunes and iPods are aware of that? If it isn't commonly understood, then it's as good as secret.

    It seems to me that if the embedding is not presented to the user at the point of purchase in a clear, obvious, "in your face" EULA type of way, then Apple should be in violation of European law or at the very least going completely against the spirit of personal data protection and privacy laws. Having never purchased on iTunes, I am not aware if this is the case or not, but the large number of people that were not aware of the practice suggests that it is not advertised much at all.

    The point is that a person has to be able to maintain their own privacy if they need or want to. If a corporation is secretly (or even non-obviously) embedding personal data in a file, the user has to know it's in there in order to be able to manage or maintain their private information. Clearly, most users of iTunes had and have no idea that their personal information is being stored and may be at risk and no idea that they should have been protecting it.

  4. Re:Right click, Convert to AAC/MP3/etc. by blacklint · · Score: 5, Interesting

    Yes, you could. Quite easily. Heck, I don't even have an application installed for editing the metadata, so I just opened one of my iTunes Plus files in a hex editor, searched for my real and account names, and overwrote them with useless data (Anonymous User and someoneelse - same lengths). Done. That was hard.

    Ok, granted, most people aren't going to open a hex editor to do something so simple. Which one wouldn't have to, since editing audio tags is a perfectly valid thing to do, so there are multitudes of programs to do just that. I'm pretty sure you could do it using Atomic Parsley.

    I'm really tired of people trying to make an issue out of this. As has been pointed out many times, your account data has been in files from the iTunes store from the very beginning. Your name not DRM. Does having your name in the file prevent you from doing anything? No! And as the tags are not encrypted, they are obviously not intended for tracking files on peer to peer filesharing as I could change them to reference anyone. I find having the data there helpful, as I can tell whether a specific file was purchased by me or my dad. If you don't like it, just get rid of it!

    Besides, didn't everyone cheer when some stores introduced audio watermarking which would actually prevent you from putting the original file on peer to peer networks, unlike this?