Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

iTunes DRM-Free Files Contain Personal Info

kdawson posted more than 5 years ago | from the musical-steganography dept.

Music 693

r2k writes "Apple's iTunes Plus files are DRM-free, but sharing the files on P2P networks may be an extremely bad idea. A report published by CNet highlights the fact that the account information and email address of the iTunes account holder is hidden inside each and every DRM-free download. I checked, and I found I couldn't access the information using an ID3 tag editor, but using Notepad I found my email address stored inside the audio file itself."

Sorry! There are no comments related to the filter you selected.

Seriously... (5, Insightful)

fyngyrz (762201) | more than 5 years ago | (#26429241)

I don't see the problem. I didn't want them to remove DRM so I could ignore the copyright on the music, I wanted them to remove it so I could use it on any device I wanted to listen to it on. They did that; now I can, as far as I'm concerned, we're all good now.

If you interpret the lack of DRM as permission to ignore copyright, and you end up in trouble because you did so...

Nope, don't see the problem.

....sharing the files on P2P networks may be an extremely bad idea

Good grief. "Sharing" copyrighted music files on a P2P network was always an extremely bad idea. If you ever had any fraction of an excuse for doing it (and frankly, I don't really think you did, but...) it is gone now, at least as far as iTunes purchases go. What has changed is it is now reasonable to purchase music, because you'll actually get to own it, use it on *all* your gear, back it up, etc.

The only thing I can think of that is really affected by this is your ability to legitimately resell recording of a tune you own, because you bought it. And for that issue, I give it.... maybe an hour before someone comes up with a tool to ZOT that name and email address right out of there. Maybe it'll even put the new one in. Pride of ownership and all that.

Re:Seriously... (4, Insightful)

Tubal-Cain (1289912) | more than 5 years ago | (#26429251)

Agreed. This is a fairly reasonable compromise on Apple's part.


bigblacknigger (1440657) | more than 5 years ago | (#26429519)

My message to you is about the war in Iraq and Afghanistan and the way to end it. I had not intended to speak to you about this issue, because, for us, this issue is already decided on: diamonds cut diamonds. Praise be to God, our conditions are always improving and becoming better, while your conditions are to the contrary of this. However, what prompted me to speak are the repeated fallacies of your President Bush in his comment on the outcome of the US opinion polls, which indicated that the overwhelming majority of you want the withdrawal of the forces from Iraq, but he objected to this desire and said that the withdrawal of troops would send a wrong message to the enemy. Bush said: It is better to fight them on their ground than they fighting us on our ground. In my response to these fallacies, I say: The war in Iraq is raging, and the operations in Afghanistan are on the rise in our favour, praise be to God. The Pentagon figures indicate the rise in the number of your dead and wounded, let alone the huge material losses, and let alone the collapse of the morale of the soldiers there and the increase in the suicide cases among them. So, just imagine the state of psychological breakdown that afflicts the soldier while collecting the remnants of his comrades' dead bodies after they hit mines, which torn them. Following such situation, the soldier becomes between two fires. If he refuses to go out of his military barracks for patrols, he will face the penalties of the Vietnam butcher, and if he goes out, he will face the danger of mines. So, he is between two bitter situations, something which puts him under psychological pressure - fear, humiliation, and coercion. Moreover, his people are careless about him. So, he has no choice but to commit suicide. What you hear about him and his suicide is a strong message to you, which he wrote with his blood and soul while pain and bitterness eat him up so that you would save what you can save from this hell. However, the solution is in your hand if you care about them. The news of our brother mujahideen, however, is different from what is published by the Pentagon. This news indicates that what is carried by the news media does not exceed what is actually taking place on the ground. What increases doubts on the information of the White House's administration is its targeting of the news media, which carry some facts about the real situation. Documents have recently showed that the butcher of freedom in the world [US President Bush] had planned to bomb the head office of al-Jazeera Space Channel in the state of Qatar after he bombed its offices in Kabul and Baghdad, although despite its defects, it is [Al-Jazeera] one of your creations. Jihad is continuing, praise be to God, despite all the repressive measures the US army and its agents take to the point where there is no significant difference between these crimes and those of Saddam. These crimes include the raping of women and taking them hostage instead of their husbands. There is no power but in God. The torturing of men has reached the point of using chemical acids and electric drills in their joints. If they become desperate with them, they put the drill on their heads until death. If you like, read the humanitarian reports on the atrocities and crimes in the prisons of Abu Ghraib and Guantanamo. I say that despite all the barbaric methods, they have failed to ease resistance, and the number of mujahideen, praise be to God, is increasing. In fact, reports indicate that the defeat and devastating failure of the ill-omened plan of the four - Bush, Cheney, Rumsfeld, and Wolfowitz - and the announcement of this defeat and working it out, is only a matter of time, which is to some extent linked to the awareness of the American people of the magnitude of this tragedy. The wise ones know that Bush has no plan to achieve his alleged victory in Iraq. If you compare the small number of the dead when Bush made that false and stupid show-like announcement from an aircraft carrier on the end of the major operations, to many times as much as this number of the killed and injured, who fell in the minor operations, you will know the truth in what I am saying, and that Bush and his administration do not have neither the desire nor the will to withdraw from Iraq for their own dubious reasons. To go back to where I started, I say that the results of the poll satisfy sane people and that Bush's objection to them is false. Reality testifies that the war against America and its allies has not remained confined to Iraq, as he claims. In fact, Iraq has become a point of attraction and recruitment of qualified resources. On the other hand, the mujahideen, praise be to God, have managed to breach all the security measures adopted by the unjust nations of the coalition time and again. The evidence of this is the bombings you have seen in the capitals of the most important European countries of this aggressive coalition. As for the delay in carrying out similar operations in America, this was not due to failure to breach your security measures. Operations are under preparation, and you will see them on your own ground once they are finished, God willing. Based on the above, we see that Bush's argument is false. However, the argument that he avoided, which is the substance of the results of opinion polls on withdrawing the troops, is that it is better not to fight the Muslims on their land and for them not to fight us on our land. We do not object to a long-term truce with you on the basis of fair conditions that we respect. We are a nation, for which God has disallowed treachery and lying. In this truce, both parties will enjoy security and stability and we will build Iraq and Afghanistan, which were destroyed by the war. There is no defect in this solution other than preventing the flow of hundreds of billions to the influential people and war merchants in America, who supported Bush's election campaign with billions of dollars. Hence, we can understand the insistence of Bush and his gang to continue the war. If you have a genuine will to achieve security and peace, we have already answered you. If Bush declines but to continue lying and practicing injustice [against us], it is useful for you to read the book of "The Rogue State", the introduction of which reads: If I were a president, I would halt the operations against the United States. First, I will extend my apologies to the widows, orphans, and the persons who were tortured. Afterwards, I will announce that the US interference in the world's countries has ended for ever. Finally, I would like to tell you that the war is for you or for us to win. If we win it, it means your defeat and disgrace forever as the wind blows in this direction with God's help. If you win it, you should read the history. We are a nation that does not tolerate injustice and seek revenge forever. Days and nights will not go by until we take revenge as we did on 11 September, God willing, and until your minds are exhausted and your lives become miserable and things turn [for the worse], which you detest. As for us, we do not have anything to lose. The swimmer in the sea does not fear rain. You have occupied our land, defiled our honour, violated our dignity, shed our blood, ransacked our money, demolished our houses, rendered us homeless, and tampered with our security. We will treat you in the same way. You tried to deny us the decent life, but you cannot deny us a decent death. Refraining from performing jihad, which is sanctioned by our religion, is an appalling sin. The best way of death for us is under the shadows of swords. Do not be deluded by your power and modern weapons. Although they win some battles, they lose the war. Patience and steadfastness are better than them. What is important is the outcome. We have been tolerant for 10 years in fighting the Soviet Union with our few weapons and we managed to drain their economy. They became history, with God's help. You should learn lessons from that. We will remain patient in fighting you, God willing, until the one whose time has come dies first. We will not escape the fight as long as we hold our weapons in our hands. I swear not to die but a free man even if I taste the bitterness of death. I fear to be humiliated or betrayed. Peace be upon those who follow guidance. []


Anonymous Coward | more than 5 years ago | (#26429573)

This post is clickable. But I'm scared to do it.


Anonymous Coward | more than 5 years ago | (#26429583)

I'd believe you, but Iraq is over. Nobody is afraid to go there anymore. Most troops consider it a vacation from the hassle filled life they live in the US.

To put in in easy to understand terms, bombs are easier to live with than inspections and training. That's how much of a failure the insurgency is.

Re:Seriously... (0, Informative)

Anonymous Coward | more than 5 years ago | (#26429259)

> Good grief. "Sharing" copyrighted music files on a P2P network was always an extremely bad idea.

Not if you own the copyright or if you have permission to share it (e.g. permissive licensing). I hate it when people think that there is no _free_ music when there is plenty of it.

Re:Seriously... (2, Insightful)

Tubal-Cain (1289912) | more than 5 years ago | (#26429277)

If it was your own music, you obviously have (or had) a non-watermarked (for lack of a better term at the moment) version of the file. If it has permissive copying, surely you can find it somewhere other than iTunes?

Re:Seriously... (4, Insightful)

quarrel (194077) | more than 5 years ago | (#26429293)

Oh please, if you're the copyright holder are you really paying Apple and downloading it off itunes?

No. You're not.

GP is correct.


Re:Seriously... (1)

tibman (623933) | more than 5 years ago | (#26429469)

If you created your own music... sold it through the itunes store.. bought it from itunes then republished the downloaded song as a torrent i could see your point. This private info thing only affects songs you downloaded from itunes.

Re:Seriously... (0, Flamebait)

dynamo52 (890601) | more than 5 years ago | (#26429289)

I wanted them to remove it so I could use it on any device I wanted to listen to it on. They did that; now I can, as far as I'm concerned, we're all good now.

While I agree with you that removing the DRM is a good thing and inserting this information in the file is perfectly reasonable, as long as the music is in a proprietary format it can't be migrated easily. can the files be read by other applications?

Re:Seriously... (0)

Anonymous Coward | more than 5 years ago | (#26429321)

this is old news.
its that way for unprotected itunes music since it exists.
but they are standard aac files, playable by a multitude of apps

Re:Seriously... (4, Informative)

NNKK (218503) | more than 5 years ago | (#26429337)

AAC ( [] ) is an industry standard, and even if it weren't, iTunes helpfully provides a "Convert to MP3" item in the context menu of non-DRM'd AAC files that does exactly what it says.

Re:Seriously... (2, Interesting)

dynamo52 (890601) | more than 5 years ago | (#26429393)

Fair enough so long as there is no additional lossiness in the conversion.

Re:Seriously... (5, Informative)

amake (673443) | more than 5 years ago | (#26429479)

Converting from AAC to MP3 is lossy.

Re:Seriously... (5, Informative)

mosschops (413617) | more than 5 years ago | (#26429747)

Converting to MP3 is lossy, regardless of the source format.

Re:Seriously... (5, Insightful)

lisaparratt (752068) | more than 5 years ago | (#26429655)

Of course there's loss, but to imply a lack of transcoding loss is a prerequisite before anyone can use it anywhere is absolute madness.

No one who lives outside of their mum's basement cares. Really. Your average MP3 player is not hifi, and your average consumer doesn't give two shits about the quality loss.

Also, last I checked, Steve Jobs didn't repeatedly smash your face into a MacBook keyboard whilst pointing a shotgun at your head with his free hand until you bought music from iTunes. If you don't want it, don't buy it.

Re:Seriously... (-1, Troll)

emj (15659) | more than 5 years ago | (#26429749)

No one who lives outside of their mum's basement cares. Really. Your average MP3 player is not hifi, and your average consumer doesn't give two shits about the quality loss.

Actually they do, but they aren't aware of it. Just explain it to the awarage user that if he does "convert to *" 10 times he won't have any music left (citation needed), then it's going to be pretty clear. It's very important that we get music that we don't have to buy again, and again and again, which will be the result of selling MP3.

So please take your love to the music industry and Apple somewhere else.

Re:Seriously... (4, Informative)

Anonymous Coward | more than 5 years ago | (#26429375)

AAC in a a run-of-the-mill MPEG-4 container, with ID3-formatted tags stored in a separate atom (permissible in the MPEG-4 standard).

Anything that uses libavcodec/libavformat as a base (ffmpeg, VLC, mplayer, etc) can read these files. They may not have the code to extract the ID3 tags from the atom and feed the data blob to something like libid3... but as long as the player software can read standard MPEG-4 files with basic AAC... it can play these suckers.

The format just isn't as prevalent as MP3, but that doesn't automatically make it proprietary.

Re:Seriously... (2, Insightful)

beelsebob (529313) | more than 5 years ago | (#26429457)

Well that's good then, because it's not in a proprietry format! AAC is not Apple Audio Codec â" it's Advanced Audio Codec â" to go with Advanced Video Codec, aka MPEG 4's high quality audio and video codecs.

Re:Seriously... (3, Insightful)

Thanshin (1188877) | more than 5 years ago | (#26429313)

So if tomorrow a file with your personal information is shared on the web and you simply don't know how is it possible, so you're fined a couple thousand bucks, I guess you won't mind?

Or you're so sure of the infalibility of Apple's system that you're willing to bet a couple thousand bucks, in exchange for... Nothing?

Great odds.

P.S.: Avoid casinos.

Re:Seriously... (2, Insightful)

ani23 (899493) | more than 5 years ago | (#26429407)

i seriously doubt that an email which can be easily changed in a file can be used as the sole grounds for pressing charges. It ma however bolster a case where a user has been tracked by IP and the files have his email too.

Re:Seriously... (1)

ResidntGeek (772730) | more than 5 years ago | (#26429563)

I could see it being the opposite, actually - if "making available" isn't accepted as a legal argument, which seems to be more likely lately if I recall correctly, then having the file shared from your computer with your email address would serve to verify that "making available" is all that's happened. Sharing a file with someone else's email address would provide evidence (though unreliable) that some distribution had actually taken place.

Re:Seriously... (5, Insightful)

DA-MAN (17442) | more than 5 years ago | (#26429581)

i seriously doubt that an email which can be easily changed in a file can be used as the sole grounds for pressing charges. It ma however bolster a case where a user has been tracked by IP and the files have his email too.

As we're talking about purchased music, all Apple would have to do is lookup the record of the credit card used to purchase the song.

So unless you always use iTunes redeemable gift cards, it's probably fairly easy to track a user definitively.

Re:Seriously... (1)

ani23 (899493) | more than 5 years ago | (#26429723)

my point was that the email in the file can be modified pretty easily. not really the most concrete evidence.

Re:Seriously... (4, Insightful)

erroneus (253617) | more than 5 years ago | (#26429329)

While I agree with you, here is the problem I have with it:

Person A is the target
Person B is the attacker
RIAA is the litigious groups of assholes

Person B decides to harm Person A. Person B knows Person A's email address. Person B modifies a bunch of MP3s to contain Person A's email address and then posts them to every torrent site imaginable. RIAA is famous for ignoring what "reasonable doubt" might suggest or imply and immediate goes into litigation. Even if it is later revealed that Person A was a victim in this scenario and is completely innocent of wrong doing, Person A just spend a LOT of money in the process. (It can be reasonably assumed that Person A spent a lot of money because without having spent money, a defendant most likely will lose.)

Re:Seriously... (4, Insightful)

zachdms (265636) | more than 5 years ago | (#26429483)

Couldn't you correlate your purchase record, or lack thereof, to validate or disprove the claims against you in that scenario?

It seems like a quick comparative analysis there would pretty quickly mitigate *most* of that concern.

Re:Seriously... (0)

Anonymous Coward | more than 5 years ago | (#26429551)

And unless Person B has an exact list of the purchases Person A made, a number of the files B posts will be proveably false, as they aren't part of A's iTunes purchase history which Apple tracks, thereby making all of the false A posts suspect.

Re:Seriously... (1)

SethJohnson (112166) | more than 5 years ago | (#26429699)

The safety feature here is that a subpoena will get Apple to provide Person A's order history, and if it doesn't include the files that Person B posted online, then the case will collapse.


What?...?!?;WTF? (0, Offtopic)

rts008 (812749) | more than 5 years ago | (#26429701)

Is this an issue from your past?
What are you talking about?

"RIAA is the litigious groups of assholes"
Yes...I for the remainder, WTF?

Really, I don't understand...explain, please?!?

Persons A&B both seem to have symmetrical access...Am I missing something?

(mod's==stay away-I am really wanting to know what's going on here)

Re:Seriously... (1)

gsmalleus (886346) | more than 5 years ago | (#26429751)

But person B would need to know which songs person A has purchased and the date they were purchased. If a bunch of songs show up on a p2p site with my email in, I think it would be relatively easy to prove that they weren't mine by comparing it with the database of purchases that Apple keeps.

Not everywhere in the world has the same laws (4, Informative)

Rix (54095) | more than 5 years ago | (#26429397)

In many places, it's perfectly legal to share you music collection. Here in Canada we pay a tax on recordable media for that right.

Mod Parent up (0)

Anonymous Coward | more than 5 years ago | (#26429641)

Sharing is legal in Canada (unless Bill C-61 ever passes, which looks doubtful thankfully).

Re:Not everywhere in the world has the same laws (1)

davester666 (731373) | more than 5 years ago | (#26429739)

Actually, I believe the legal ruling only covered 'half' of public sharing. My understanding of the case in Ontario was that the Judge ruled that downloading music for personal use was legal, and covered by the media copying tax. I forget if he just stated that his ruling didn't cover uploading, or if uploading WAS NOT covered by the media copying tax.

And the tax only applies to music (which is was this thread is about). Other things covered by copyright law (like video files or software) are also not 'legal' in Canada.

Re:Seriously... (2, Informative)

Anonymous Coward | more than 5 years ago | (#26429415)

I am from Spain and here we have something called "private copy right" that allows people to have copies of copyrighted stuff, and to share it, by P2P or by whatever.
P2P in Spain is not illegal, it's not regulated.
Why Apple has to ignore the privacy of their customers in such way?

P.S.: Excuse me if there is any mistake on my English

Re:Seriously... (5, Informative)

asc99c (938635) | more than 5 years ago | (#26429727)

The English is fine, just not the information!

Like many places, Spanish law has exemptions for private use, which probably makes removing DRM completely legal. However the owners are allowed to make copies only for private usage, with collective and lucrative uses not allowed. Sharing on P2P would definitely constitute a collective use.

Although as with almost everywhere else, P2P itself is not illegal.

Re:Seriously... (1)

magnus.ahlberg (1211924) | more than 5 years ago | (#26429529)

Wow, you managed to get first post and be insightful! And what's more, I felt no need to even read any additional comments, well done.

Re:Seriously... (1)

biocute (936687) | more than 5 years ago | (#26429547)

What a brilliant idea!

I've lost countless sleeps because I'm worried that my DRM-free songs might wander away, or get kidnapped by bad guys.

Now there's a way to identify the rightful owner, and I'm sure honest TPB users will email me songs that I accidentally lost in the torrent sea.

Re:Seriously... (really?) (1)

peas_n_carrots (1025360) | more than 5 years ago | (#26429555)

What if someone copies your music without your permission, then those files get onto the net. Let's not get into a tangent on how likely that is, just accept that it can and will happen (friends (or non-friends) borrow songs, hackers get into your computer, etc). Having seen RIAA's questionable legal practices, this could cause alot of grief for the person who legally purchased the songs.

Re:Seriously... (1)

smenor (905244) | more than 5 years ago | (#26429591)

Just adding another "me too".

Re:Seriously... (0)

Anonymous Coward | more than 5 years ago | (#26429621)

Agreed ...

Re:Seriously... (4, Interesting)

myxiplx (906307) | more than 5 years ago | (#26429665)

Exactly. My first thought on reading this was "sweet, somebody's finally gone about it the sensible way".

I mean seriously, I've been waiting for somebody to implement this for nearly 10 years now. It's an obvious way to combat piracy since you can identify the source of the leak, and it's a massive benefit that digital distribution offers the record labels. Users get cheaper tracks and can download them instantly from the comfort of their own home. Record labels get to discourage piracy and have an easy way to track down the source when it happens.

Honestly, it's such a simple solution I thought there must have been something I was missing for the record companies to not implement this. It's win win as far as I can see.

Re:Seriously... (1)

Aqua OS X (458522) | more than 5 years ago | (#26429685)

I'll be happy once Apple allows me to strip the DRM off of my 128kps files locally. I'm a music junkie, and I really don't feel like paying $200 to "upgrade" and re-download hundreds of songs. It would be nice if I could (legally) do it locally for free.

I guess someone is trying to make a quick buck.

Re:Seriously... (1)

gsmalleus (886346) | more than 5 years ago | (#26429731)

I also agree. The DRM in the iTunes store made me switch to Amazon's mp3 store. When I purchase music, I want to be able to put it on whatever media device I see fit. I applaud Apple for dropping the DRM. So what if they put the name of who purchased the song in the file. I have more freedom with my media. This also entices me to start using the iTunes store for my media purchases again.

hmmm (4, Insightful)

JimboFBX (1097277) | more than 5 years ago | (#26429261)

so what happens when you send it to someone else in a "hey check out this song" kind of way, then that person is stupid and sticks it in their lime wire folder?

Re:hmmm (1)

Tubal-Cain (1289912) | more than 5 years ago | (#26429297)

The idea is to discourage such exchanges in the first place. At the very least, since it is DRM-free you can strip out the personal data re-encoding it to another format.

Re:hmmm (0)

Anonymous Coward | more than 5 years ago | (#26429317)

so what happens when you send it to someone else in a "hey check out this song" kind of way, then that person is stupid and sticks it in their lime wire folder?

Damn, I hadn't thought of that. Your email address available to the world... SPAM mountain. Still it's no worse than if your idiot friend had put your email address in a a cc to the world.

(Seriously, you're not expecting the iTunes police to come crashing through the window with guns blazing are you?)

Re:hmmm (2, Interesting)

ani23 (899493) | more than 5 years ago | (#26429467)

I agree. instead of storing the users name or email why couldn't they store an encrypted string which they can map back to if needed. it the least they can do in protecting the users identity from strangers.

Re:hmmm (1)

IBBoard (1128019) | more than 5 years ago | (#26429645)

But if you're not sharing it on P2P then what does it matter whether it is "purchaser details" that includes your email address or some ID string that maps back to an email address - it's still tied to your account whichever method you use. By not sharing your songs on P2P it won't be seen by strangers.

That would be an interesting new source of spam, though - trawl P2P for iTunes songs and pull the purchaser information out of it!

Re:hmmm (1)

ani23 (899493) | more than 5 years ago | (#26429737)

what if I lost an external hard disk with music only. now all my mp3's have my email in them. Not that it will have far reaching impacts but hey if a small thing like encrypting can keep a persons identity hidden why not do it.

Re:hmmm (5, Funny)

ozphx (1061292) | more than 5 years ago | (#26429497)

Seriously, you're not expecting the iTunes police to come crashing through the window with guns blazing are you?

As a member of the iTunes Police, I take strong exception to this. Firearms safety has always been a core tenet of iTP training. An iTP officer will only open fire if a copyright violation is in progress, or the officer has reasonable belief that lethal force is the only way to prevent a copyright violation.

iTunes Police would never "come crashing through a window with guns blazing". The very thought of it!

Re:hmmm (0)

Alchemist253 (992849) | more than 5 years ago | (#26429353)

I don't think that "hey check out this song" obviates copyright considerations.

One is typically permitted to share/post small excerpts for critical commentary. IANAL, but I highly doubt that sending an entire song to a friend is within the letter of the law.

(As an aside, I don't think this is all that unreasonable. Either send an excerpt - which would be OK - or have your friend buy it on iTunes, Amazon, whatever.)

Infringing a copyright is infringement, whether it is a single act or mass distribution for commercial gain. The difference is in severity (and degree of punishment/restitution if caught).

Re:hmmm (1)

afidel (530433) | more than 5 years ago | (#26429549)

Hmm, it's a grey area, under the AHRA " Section 1008. Prohibition on certain infringement actions

No action may be brought under this title alleging infringement of copyright based on the manufacture, importation, or distribution of a digital audio recording device, a digital audio recording medium, an analog recording device, or an analog recording medium, or based on the noncommercial use by a consumer of such a device or medium for making digital musical recordings or analog musical recordings.

So you should be ok as long as the transfer happens via a covered device, email probably wouldn't cut it but a CDR probably would. You would also need to make sure you made less than 10 copies of any given work since that automatically makes the copying commercial.

Re:hmmm (0)

Anonymous Coward | more than 5 years ago | (#26429719)

That's a pretty clear violation of copyright laws, and certainly not covered by any fair use clauses. Don't do it! IANAL but would suggest you either edit the song to produce a low quality brief sample to give you friend or (much better idea!) suggest the song to them by name and point them towards an authorised seller who offers samples.

No worries (5, Insightful)

Thanshin (1188877) | more than 5 years ago | (#26429265)

Never again buy anything related to music and you'll be safe.

Alternatively, you can buy music in small stores, in cash. In that case, it's better to wear sunglasses and a hat. You wouldn't want anyone to discover you're one of those people who actually are paying clients of the music industry.

here is comes... (1)

Arrakis Dv8r (1448299) | more than 5 years ago | (#26429269)

-insert anti-trust suits-

Done it before (0)

Anonymous Coward | more than 5 years ago | (#26429305)

I completely agree. Having bought CD's from Artsists where my name is "in" the CD (for this reason of tracking) I can happily say I have no problem with it.

It's not DRM, it's just saying "this CD was bought by x" for when it hits the internets.

(the artist was classic aussie electronic band Severed Heads, btw, for those interested. Another internet audio pioneer)

Seems reasonable enough (2, Insightful)

barius (1224526) | more than 5 years ago | (#26429307)

Just so long as the music industry doesn't come back in 10 years with new lawsuits targeting little-old-lady-X because 10 mil. people somehow ended up with 'pirated' copies of music with her name in it.

Since this watermark must be fairly easy to modify, I can't really see how useful it would be in tracking piracy. It could probably have some uses for marketing research. Though, honestly, I can't think of any myself...

Re:Seems reasonable enough (1)

Tubal-Cain (1289912) | more than 5 years ago | (#26429335)

Since this watermark must be fairly easy to modify, I can't really see how useful it would be in tracking piracy.

It'll slow it down for a while. Much easier to insert a user's name in the data than to write a program removing it.

Re:Seems reasonable enough (0)

Anonymous Coward | more than 5 years ago | (#26429541)

If buy "a while" you mean "no time at all", then I completely agree.

Re:Seems reasonable enough (1)

ubernostrum (219442) | more than 5 years ago | (#26429643)

Since this watermark must be fairly easy to modify

It's not a watermark. People need to learn the difference between a piece of actual media (e.g., a track of music) and the container it comes in; the actual music is not carrying any of this metadata, but the container (which is designed to hold arbitrary bits of whatever in addition to the media bits) is. There's also plenty of freely-available software for editing the contents of MPEG-4 containers (which are what iTunes uses -- the file you get is an AAC audio track and some metadata bundled together inside an MPEG-4 container).

You can see the info in iTunes (5, Informative)

Anonymous Coward | more than 5 years ago | (#26429309)

You can see the info within iTunes.

Get Info on the Song/Video/Etc

Then go to the Summary Tab, Second column.

m4a only? (1)

JimboFBX (1097277) | more than 5 years ago | (#26429323)

I've bought a few songs and checked them. My personal information is only on the itunes files. I converted the m4a files to mp3's using itune's built in file converter and I do not see any of my personal information in them, at least in plain text.

Old news (5, Informative)

AmaranthineNight (1005185) | more than 5 years ago | (#26429339)

This has been the case for AGES []

Or at least for about a year and a half, I think slashdot reported on it then, too.

Re:Old news (1)

IBBoard (1128019) | more than 5 years ago | (#26429609)

I think someone is digging this out again because Apple recently announced that all of their music is DRM free. As some [] other [] say [] this is a reasonable enough compromise.

My songs aren't going anywhere beyond me and the wife, so why should I care if it has information about who bought it and when? No-one is going to see it except me, and I can finally play the music in Linux without having to re-encode it.

Vengance (1, Redundant)

gevreet (1295795) | more than 5 years ago | (#26429341)

1. Open mp3 with text editor 2. Find and replace your email with 3. Upload.

Hidden? (5, Informative)

1729 (581437) | more than 5 years ago | (#26429345)

the account information and email address of the iTunes account holder is hidden inside each and every DRM-free download

How is this "hidden"? If you select an audio file purchased from the iTunes Store (with or without DRM), and go to File->Get Info, you'll see the following fields in the summary:

Purchased by:
Account Name:
Purchase Date:

Apple's not trying to hide anything here.

Re:Hidden? (1)

JimboFBX (1097277) | more than 5 years ago | (#26429383)

I was going to say, I don't think this is a watermark as it is just part of the file format.

Re:Hidden? (1)

Facegarden (967477) | more than 5 years ago | (#26429523)

Well, I'm not really against the situation, but still, i would say it is kind of hidden. At the very least, they don't make any effort to tell you, aside from maybe burying it in some EULA.

I mean, good call on finding that, but i feel like they should be more explicit.

Re:Hidden? (0)

Anonymous Coward | more than 5 years ago | (#26429579)


Seriously, why?

Re:Hidden? (-1, Troll)

Toonol (1057698) | more than 5 years ago | (#26429653)

They are putting your info in the song without telling you. That's rude. And when that sort of stuff is done on the sly, it makes you wonder what else is in there? Is my address? Credit Card number? iTunes account #? Some super-secret tracking number? Is it going to be a problem to put it on my wife's computer now, since they are still tracking it? What if my son's friends copy all my music someday, and it ends up on a p2p network?

I just bought a new monitor. I don't expect my email address to be hidden on a slip of paper inside the case. It probably would never hurt anything if it was, but that shouldn't be done without at least notifying me, and properly shouldn't be done without my consent.

Re:Hidden? (0)

Anonymous Coward | more than 5 years ago | (#26429735)

More to the point, isn't this information /necessary/? How else are you going to prove you paid for the music you have when your computer is shanghai'd by the police for related or unrealed charges?

would be interesting (1, Redundant)

ani23 (899493) | more than 5 years ago | (#26429361)

to see if they actually did used to for enforcement how would they track someone down and on what basis would they press charges? Yeah your email was in that file. hell anyone could change the email using some tool and upload stuff. The whole thing seems pointless.

Old News (5, Insightful)

Star_Gazer (25473) | more than 5 years ago | (#26429363) []

I think it's OK. Even if I really buy from iTunes to burn a cd as gift, at that point the account info will be gone, so what's the matter?

Simple... (0, Redundant)

maharg (182366) | more than 5 years ago | (#26429387)

1) Download DRM-free song from iTunes
2) Open in Notepad, Find and replace email address, Save
3) Share on p2p network of choice
4) ???
5) Profit !!!

I see a problem. (1)

Jane Q. Public (1010737) | more than 5 years ago | (#26429395)

If some form of steganography is used to alter a file, then somewhere and in some way the quality of that file will be compromised. Bitmaps lose sharpness, audio files lose certain audio data.

A big part of the problem is that you are not getting the product you ordered. You are getting a product that has been altered in a significant way.

There are people who were pissed enough at Microsoft for embedding personal information in their .doc and .xl and other files, that they were willing to hack the software to disable that feature. No doubt there will be people equally pissed off at iTunes for doing a similar thing.

I do feel there is room for bitching here. If I order a product, don't make significant alterations to it, especially by putting my personal information in it without my permission! I do not have to have criminal intent to feel that this is an invasion!!!

Re:I see a problem. (0)

Anonymous Coward | more than 5 years ago | (#26429501)

this is not steganography. it's info that's in the tag of the aac file. the audio is not altered in any way. besides, if the bitrate is twice what it was, 20-80 bytes for an email address is not a "significant alteration"

Re:I see a problem. (1)

Tyrion Moath (817397) | more than 5 years ago | (#26429531)

They only altered the ID3 tags as far as I know... Which all your MP3s have anyway. You can alter the hell out of ID3 tags and it won't touch the actual music. MP3 files have space at the beginning/end (depending on v2 or v1) of them for all that tagging data so the music isn't fiddled with. []

Re:I see a problem. (1)

ubernostrum (219442) | more than 5 years ago | (#26429553)

If some form of steganography is used to alter a file, then somewhere and in some way the quality of that file will be compromised. Bitmaps lose sharpness, audio files lose certain audio data.

Except this isn't "steganography" and doesn't degrade the file. The actual "file" you get from iTunes is an AAC audio track inside an MPEG-4 container, and the MPEG-4 container format, in turn, provides a way to embed both standard metadata (e.g., things like artist/genre/running time, etc.) and to create and use custom metadata fields (IIRC, the spec calls them "boxes"). The iTunes purchase info is an example of the latter.

Re:I see a problem. (1)

ubernostrum (219442) | more than 5 years ago | (#26429567)

(and in case anyone wants to get pedantic on me: yes, I know that the difference between "standard" and "custom" metadata fields is a bit muddled when it comes to Apple, since much of the MPEG-4 container format was lifted straight from QuickTime, and so things Apple was already doing became part of the "standard". AFAIK, though, the purchase-ID stuff falls on what would normally be called the "custom" side)

Re:I see a problem. (1)

AlecLyons (767385) | more than 5 years ago | (#26429759)

I don't think the information is hidden inside the file using steganography - you can see all the information right from iTunes. Whatever a persons grievance with having personally identifiable information inside songs they purchase, I think it's a bit tenuous to suggest that this is an inappropriate thing for Apple to do because it adversely effects the quality of what you are paying for.

Seems like a fair compromise a (1)

Roy Hobbs (1267752) | more than 5 years ago | (#26429419)

I doubt it will take that long for a utility to come out to remove the info though.

What could possibly go wrong? (1, Insightful)

rzei (622725) | more than 5 years ago | (#26429459)

How hard would it be for someone start spreading mp3's with someone elses information in it, and then make RIAA sue them when they find the first one?

Granted that the situation might be solved when Apple checks whether or not this person ("purchased by", "account name", "purchase date") actually bought the song but still it might cause a lot of trouble for someone.

I think this is not a good idea. iTunes should store these separately in some meta-files...

Re:What could possibly go wrong? (1)

Tyrion Moath (817397) | more than 5 years ago | (#26429495)

If you look at the ID3 tags in another program, like winamp or foobar2000, all you see is jibberish. It's encoded. I'm sure you could figure it out and do what you suggest if you really wanted to, but that's more work than it's worth really. I'm pretty sure you can just delete the jibberish and there goes any record of who bought it etc, too. But I don't have iTunes so I can't check.

Re:What could possibly go wrong? (1, Informative)

Anonymous Coward | more than 5 years ago | (#26429557)

ID3 tags? Hello? These are not MP3s and don't use ID3 tags. They store metadata in MPEG4 "atoms".

One might be able to view and edit them with Atomic Parsley:

However, its tag parsing isn't as good as it might be.


Re:What could possibly go wrong? (1)

calmofthestorm (1344385) | more than 5 years ago | (#26429511)

Identd can be configured to send out the username (or UID, forget which) of the current user whenever they initiate a connection from their account on a UNIX system. That hash can then be supplied to the sysadmins who can decrypt it to see which user did something.

I don't see why a similar principle couldn't be used here, especially since Apple isn't limited to a very small size for the ID (I believe 64 bits, could be wrong). Just have a bunch of keys, encrypt it with strong symmetric encryption, and put it in. You ever want to trace it back, quick and easy.

Jesus christ guys, we already know this. (2, Informative)

Facegarden (967477) | more than 5 years ago | (#26429473)

I suppose it's pertinent again and all, but seriously, I already know this guys, why are we pretending like this is new?

On some level, I'm not sure why i care if it's repeat news. I mean really, repeat it all you want i guess, my life still goes on, but i dunno, journalistic integrity and all that, i feel like we should at least mention that this is a complete copy of an older story....

Fair, unobtrusive, and fully in the open (1)

calmofthestorm (1344385) | more than 5 years ago | (#26429489)

Only thing more we could ask for is a warning hwen you download it, but that's not important.

It'll play on anything I put it on, I can share a copy with a friend or burn a few mix CDs.

I'm usually a big Apple critic and I hate DRM, but this is fine by me.

non-repudiation (0, Redundant)

rapiddescent (572442) | more than 5 years ago | (#26429505)

how can they prove that the email address in the file wasn't placed there by someone else?

I don't think that would last long as evidence in court, especially if some bright spark changes the email in the tag to

Re:non-repudiation (1)

IBBoard (1128019) | more than 5 years ago | (#26429675)

It's not difficult to put a checksum in as well. Even just a string length counter that invalidates the file if it doesn't match would defeat a lot of your more basic "I can open it in Notepad and see my email address, so lets delete it" 'hackers'.

Deal with music industry (2, Insightful)

oneofthose (1309131) | more than 5 years ago | (#26429543)

I can imagine that this is part of the deal with the music industry. They might have said: ok, you may drop the DRM but if we find one of those DRM free files on a file sharing network we want to know who did it. Or maybe Steve offered this as compromise to the industry. Maybe he even exploited the industries apparent lack of understanding new technologies and told them it's a watermark. Well, probably not. But imagining the background stories that might have lead to things like "personal info in DRM-ree files" is fun!

Bully move (1)

anti-pop-frustration (814358) | more than 5 years ago | (#26429569)

Some independent online stores (like Junodownloads) also say they watermark tracks, but I haven't been able to verify it so far. I don't know what kind of watermarking these stores use (if any) but embedding customers email in the files is clearly a bully move from Apple.

"Wanna leak our files on p2p? How about we leak your personal info? It would be too bad if some spammer found a way to harvest all those valid email addresses from itunes files.... too bad really..."

Guess what? If I buy music, I also want to be able to share it with my friends (friends!=p2p) without being traced on ending up sued.

Buying cds/vinyls and ripping them might still be the way to go in the end... Or are we going to have to pay an ever bigger premium for non-watermarked digital files?

Old story (5, Insightful)

rduke15 (721841) | more than 5 years ago | (#26429571)

This is an almost 2 year old story: Apple's DRM Whack-a-Mole [] (Posted by CmdrTaco on 10.06.2007 17:08)

If it bothers you to have an identifying tag in your music files, well remove it or overwrite it.
As far as I understand, it's stored in a standard MP4 atom.

And if you don't know how to do it, ask Google [] , or try this suggestion [] which explains how to use AtomicParsley for windows [] or mac [] .

There's even a Perl module to deal with it. (1)

rduke15 (721841) | more than 5 years ago | (#26429721)

Not only is this old, as many have pointed out, but there is even a Perl module (Audio::M4P::QuickTime [] ) which has a dedicated function for that: CleanAppleM4aPersonalData [] .

!ID3 (0)

Anonymous Coward | more than 5 years ago | (#26429605)

It's not an MP3 file, so metadata isn't stored by cobbling ID3 on to the audio data. It's an MP4 file, so this information is stored in (and can be removed as, using AtomicParsely or similar) MP4 atoms.

Old news (5, Informative) (302970) | more than 5 years ago | (#26429607)

This came up when they introduced iTunes plus ages ago. It's been discussed back then. Yes, the info is there. You can simply look it up, no problem. Your ID3-Tag-Editor might not be able to chanxge it since we're not talking MP3 here. That's it.

Just use a different editor, clean out the information and start the copyrightinfringement-frenzy you seem to have been waiting for for so long. Oh no, you already do that, I guess.

Or, if you don't like finding an editor that can delete the info, just go to a record store and steal the CD.

DRM Done (Relatively) Right (0)

Anonymous Coward | more than 5 years ago | (#26429611)

This is the only example I can think of where the rights of the copyright holder are protected without causing any inconvenience to the legitimate user.

As others have pointed out though, the files need to be water-marked in a way that cannot be forged (for the sake of the customer) or easily removed (for the sake of the copyright holder). The removability part is the problem of course, since steganography is easily overcome by simply using steganography on the file again.

Then again, its probably as effective as any other form of DRM (Fairplay can be removed by the original purchaser) and at least it doesn't affect the user.

Respect. (0)

Anonymous Coward | more than 5 years ago | (#26429637)

As others have said, this is not a bad thing if you respect the property of copyright holders. Nevertheless it won't take long before some 31337 h4x0rz figure out exactly where the information is stored and zero it out. Copy protection technology is like the lock on your front door. It keeps honest people honest. To the 31337 h4x0rz it's just another challenge. I'll tell you why you SHOULD respect copyright and copyright holders. You like free software? Doubtless you use free software? The free software licenses that guarantee the freeness of those programs are based on copyright law. Without copyright, that software would be in the public domain, many features added to distributed copies would never show up in source form, and you'd be stuck with jack diddly squat. So if you respect free software, then you should respect copyright.

Go Figure... (1)

PirateBlis (1208936) | more than 5 years ago | (#26429679)

Oh sure. They can properly store your email and IP Address in an audio file, but yet every time I press "See What Other Bands Match Your Criteria" while listening to Metallica, I still get Ace of Base and Yanni as suggestions


Keep your private stuff private: keep your privacy (4, Insightful)

HumanEmulator (1062440) | more than 5 years ago | (#26429687)

So... if I keep the music I purchased for private use private, I have no privacy violation? Right?

Also, despite the summary's between the lines implication that Apple is hiding the info from ID3 tag editors, the audio files are MPEG4. This means they don't contain ID3 tags. Since MPEG4 is based on QuickTime, a QuickTime atom editor will happily show you the tags and let you remove them.

You could also have guessed the purchaser info was in these files based on the fact that iTunes shows it to you if you get info on a song.

Re:Keep your private stuff private: keep your priv (1)

antifoidulus (807088) | more than 5 years ago | (#26429693)

Hush, this is slashdot, truth and reason have NO place here! Where is your sensationalism, where is your "Oh noes, the whole world is out to get me!" type statements. You and your rational arguments should just go and find another home!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?