Apple's DRM Whack-a-Mole 352
Mateo_LeFou writes "Gulf News has a nice piece exposing the last couple generations of Apple's DRM strategy (you didn't really think they were abandoning DRM, did you?). Article focuses on how quickly the tactics are worked around, and how nasty the latest one is: purchased iTunes now have your personal data in them. Author suspects that this is to prevent you uploading them to a network."
Couldn't be more ranty, or wrong (Score:5, Insightful)
The first half of the article is nothing but an anti-Apple rant, actually insinuating that Apple is on a mission to not let their users burn music to CD, which is completely and utterly false.
Then, the article drops this gem:
Turns out that Apple has been embedding its files with user information. iTunes customers have been downloading files that contain both their names and their email address.
"Turns out"? Let's continue...
How long this has been going on and just why Apple has felt compelled to do so is still a mystery - the company so far has refused to comment
A mystery? This has been going on since day one, and has never been a mystery. And even if it is a "mystery" on the non-DRM files, it was never a mystery on the DRM files, was never hidden, and was never secret. This has been known, never obfuscated, and obvious to anyone who clicked "Get Info" on anything purchased from the iTunes Store, ever.
but the reason seems obvious.
Oh, please. Do tell.
The embedded data won't prevent anyone from listening to their music files
but it might deter them from uploading them to a file-sharing server.
O, the humanity! Really??? It might deter people from that?
Well, let's take a look at the logic, here. It was never secret on the DRM files, and it's not secret on the no-DRM files. But, Apple also never overtly publicized it. So, if it's not even talked about, how is it a deterrent, exactly?
But the message is clear: take our songs public, and we'll take you public.
Oh, that's the message, is it? So we've been calling for no DRM for ages, so we can legitimately and legally use our music files, and now people have problems with not being able to do things with them that are strictly illegal? If you want to bash copyright or the fact that you can't legally share anything and everything with anyone with no repercussions, do that. But don't blame Apple because an incidental name and email address is in a file that you shouldn't be uploading anyway.
And to all the idiots who think this could be somehow "used against them" without their knowledge, it would be easily, easily provable that someone never made such a purchase from the iTunes store. But that's a different argument entirely. All these fringe examples of how something MIGHT be able to abused that makes all sorts of suppositions that aren't necessarily even true - that Apple put the information there for this purpose, or that it would ever even be used that way, by anyone, or that falsifying no-DRM tracks from iTunes and then uploading them to P2P networks will suddenly become routine harassment - are starting to get old.
Sure, encrypt the data. But you know what? if it was encrypted, do you really think all the people howling about this wouldn't be complaining even more? After all, it's still identifying information, and now it's encrypted! Maybe the RIAA has the key, and they're all going to come after you! Why is Apple hiding this information??? Does anyone really think that wouldn't happen?
My favorite quote of all this was from an EFF attorney; to paraphrase: if someone steals your iPod, the thief would have the name and email address of the rightful owner!
Oh, yes, I agree: what a nightmare scenario that would be!
Retards (Score:3, Insightful)
Nasty? (Score:5, Insightful)
That's not nasty. That's fair. It's YOUR music file, and there are no technical limitations on what you can do with it. if you do the one thing you're not allowed to do with it, they'll be able to (*gasp!*) track down that you did it.
Personal data in them? (Score:2, Insightful)
However, I do think they should encrypt the watermark, or at the very least use some unique hash to prevent people from placing someone else's name there instead. I mean, things can happen surely.
Monetary gain (Score:5, Insightful)
Strike one - let's paint Apple as stupid - pretend that the company famous for 'rip, mix, burn' don't understand that the code *they* built into iTunes can remove the DRM. [ed - are you sure you're going somewhere here ?]
Strike two - we'll pretend that the bug [playlistmag.com] in iTunes was put there maliciously. We'll claim that Apple were caught out by their users being too clever [ed - I thought Apple acknowledge [Roy B's post] [apple.com] this as a bug, they *are* human you know]
Strike three, they're out. They *embed* your email address into these "supposedly DRM-free" tracks! How are you supposed to upload and spread them around the net if they identify who did it ? That's it! Game over for Apple! [ed - but surely the people who *buy* iTunes music are the people who *don't* download free music from the 'net]
columnist: Trust me, ok, it'll make for loads of ad-hits. $$$ man!
ed: ok, ok. You know the territory, I'm just the business guy
Quite apart from the fact that the personal metadata has *always* been embedded, it doesn't prevent the exact same method of protection-removal if you really want to upload your tracks - lay it down to CD as audio, rip it, "share" it.
Perhaps what we have is simply that Apple didn't *remove* a piece of metadata that was always there, they just delivered on their promise to allow you to migrate your music to wherever you want to play it. But that's not a story that'll deliver ad-revenue...
Y'all just oughta be glad it's not *me* in charge... I'd have embedded the email address as an easy thing to spot & remove, and *also* embedded the binary user-GUID, spread around in the metadata block. Once you *thought* you'd removed all trace of your name, I'd still be able to track who'd uploaded files - enough files... time to emulate a ton of bricks. Given the pay-for timestamp and the appearance-on-the-network time, I ought to be able to tell who's just "sharing" files as a policy after a while...
Simon
Re:Couldn't be more ranty, or wrong (Score:2, Insightful)
Idiocy Alert (Score:5, Insightful)
Holy crap! I haven't seen this poorly of researched or obviously clueless article in a while. Apple isn't suddenly adding your personal data to songs. They've always done that. They just did not remove that when they pulled the DRM.
Well since such behavior would be illegal in almost every country Apple does business, I'm not sure why people should be so concerned about it. If you're obeying the law, this affects you not at all. If you're breaking the law, well, you're probably not paying to buy music in the first place so you won't have any of this music. If for some reason you are buying songs and intentionally republishing them without a license, well hopefully you're not so idiotic that you can't strip this data off. This data is nothing to worry about in my opinion. It is plaintext and easily removable. If you are a criminal you should be worrying about watermarking of files, which Apple may or may not be doing and which all the other music stores may or may not be doing. That is something a lot harder to detect.
Personally, I'm just not illegally publishing copyrighted works (and not buying from Apple either) so I don't see why I'd care. Note, this is not DRM in any way. DRM stops you from taking actions. This simply might make it easier to discover who took an action after the fact. This is no more DRM than your own upload logs are.
Well it's clear.. (Score:5, Insightful)
There's a serious point here (Score:4, Insightful)
Do you really feel completely comfortable about that? Do you for example feel comfortable knowing that that little radical publisher whose mag you subscribed to, and that has just been raided for some good or bad reason, has put your name and address in everything you bought from them? Lets say you live in some country where there had just been a change of regime.
I don't. It seems that if someone wants to write his name and (email) address in his books, or on his record or DVD covers, fine, he should be free to do it. But I cannot see the vendor writing it in the copy as a default in a way that needs tools to take it out again.
Its not about Apple - to the extent that this is just repetition of an old story about Apple its silly. But there is a serious question underneath this. To what extent do we want to be buying online exactly the same anonymous stuff we buy physically? This is not a silly question at all.
Re:Couldn't be more ranty, or wrong (Score:5, Insightful)
Thanks for ripping this article a new one. Comments like this make Slashdot valuable, rather than the way the social anarchist whining seems to get a free pass to the postings.
Re:Couldn't be more ranty, or wrong (Score:5, Insightful)
Re:Nasty? (Score:1, Insightful)
Finally, a voice of reason.
Prevents Nothing (Score:4, Insightful)
Re:Nasty? (Score:5, Insightful)
This is basically the digital equivalent of printing your name on the receipt and putting it in the bag when you buy a CD. No one's forcing you to keep the receipt if you don't want to, and no one's going to read it but you anyway unless you choose to staple it to a public bulletin board for some odd reason.
I'm incredibly disgusted with the negative spin many people online have managed to put on Apple's move to sell DRM-free music. If you ever wonder why so many companies screw their customers, I think this illustrates one of the reasons. There's no upside in *not* screwing your customers; a lot of people can't or won't even recognize it when they're given everything they wanted.
File sharing is NOT illegal (Score:5, Insightful)
A watermark is not DRM (Score:3, Insightful)
words... (Score:5, Insightful)
Besides, embedding personal info is not DRM. Wikipedia sums it up nicely:
Digital rights management (DRM) is an umbrella term referring to technologies used by publishers or copyright owners to control access to or usage of digital data or hardware, and to restrictions associated with a specific instance of a digital work or device.
Firehose this article to hell, please. (Score:3, Insightful)
Sad to say, but whoever wrote that article is clueless, and it does not deserve to be on slashdot (or anywhere else).
I can only think that it made the front page because it mentions both Apple and DRM in the title, causing lots of people to flag it up by reflex. It should be buried.
Re:So... (Score:5, Insightful)
Running a little fast and loose with the term "watermarked" [wikipedia.org], eh?
So a name and email address in a standard MPEG-4 atom intended for such purpose is now a "watermark"?
Since Apple maintains the authoritative purchase history of all transactions with the iTunes store for all users (and is also user-accessible), it would be ridiculously easy to prove that purchase was never made.
Still nice to know that there is such hatred of Apple that you'd insinuate that someone disseminating correct information about Apple should be targeted for online harassment, though!
Re:Nasty? (Score:5, Insightful)
Except there IS NO watermark. There is only your name and email address, unencrypted, in a part of the file that's supposed to contain meta-information. This is no different than Canon deciding to put my name and email address in the EXIF data when I take a picture. Watermarking would mean modifying the actual photo (or music) portion of the file so that the identifying data was intrinsic to the media itself. Apple has done none of this.
All this hand-waving is people showing their true colors. They are pirates at heart and simply want to complain. Most of the music on my iPod is ripped from my CDs. A lot of the music on my iPod is purchased (w/DRM) from iTMS. Some of the tracks on my iPod are from P2P networks, downloaded illegally. Do I feel guilty? No. Should I? Probably. But at the time I acquired those tracks they weren't available on iTMS. I've also discovered new bands through P2P and have since purchased their albums from either their web sites (if they had CDs for sale there) or iTMS when I found them there.
I have no intention of sharing my purchases publicly. I like the fact that music I purchase has my name on it. I put stickers on my CD and DVD cases too, specifically so that when I DO lend them out to friends or co-workers, they know whose it is and can get it back to me. I lend quite a lot of my music and movies to friends and use Delicious Library to track who has it and when it is due back. If they like what they borrow, they know they should purchase it for themselves. My tastes are somewhat esoteric, but I've gotten a lot of people hooked on some under-the-radar, good shows and bands this way. Did some of the borrowers rip my CDs when they got them? Undoubtedly. Did they then share those tracks on P2P? Maybe. But now, when I lend a friend a copy of an iTMS file I can tell them not to share it because it has my name on it and I purchased it legally. The people I lend to won't have a problem with that and neither do I.
The rest of the whiners need to STFU. They are just proving the RIAA right to think that all we want to do is pirate music and so we must be controlled like little children. I don't pirate music unless I'm not given an acceptable alternative. I've found my acceptable alternative and I'm glad it has my name on it. After all, I paid for it. It belongs to me. If I decide to sell it, I suppose I'll have to change the name, but then, If I decided to sell my engraved bracelet, my engraved wedding ring or my headstone, I have to have the name changed as well. Good thing I'm not planning on selling off my music collection any time soon...
Remove DRM so we can pirate music? (Score:2, Insightful)
I'm under the impression the whole point of DRM-free content was to allow users to legally use their purchased content to play them or convert them to any device we want. For Apple to put our names and email addresses into the DRM-free content seems okay to me, since I'm not going to be pirating the music out.
What difference does watermarking make? (Score:3, Insightful)
Hey, dude, if they were raided, the feds already got your name from them *already*. They don't need to dig your name out of a file to do that.
At this point, every book, record or mag anyone buys online has, imagine, a name and address in it that is verified to a credit card.
Which is why the untracable debit cards you can get at any grocery store in the US are so useful.
I mean, you're using them when you buy your porn aready, right?
Apple's Encoded ID data is reasonable and fair. (Score:5, Insightful)
As I see it, the Apple encoding lets you do whatever you want with your purchase, as long as you are willing to take responsibility for it. If you believe that music should be free, there's nothing to stop you from standing up for your belief and posting your downloads anywhere you want.
If you do, you will earn public recognition --- and perhaps the admiration of those who don't want to pay for their own downloads --- for sticking by your principles. You may also earn the recognition of the music's copyright owners, and that may be less enjoyable. But if you're not willing to accept the latter recognition, then you don't deserve the first.
Fortunately there's an easy solution; just don't post your downloads. I doubt that anyone will punish you for refraining. You can still enjoy them however else you choose and much more easily than you could before.
Peter
Apple is Pro-Apple (Score:2, Insightful)
If you think Apple and or Steve Jobs have any opinion on DRM you are insane. He is a business man and a succesfull one at that. He only cares about what will make him the most money and will use or not use DRM as required by the greatest possible profit stream.
If he was really for freedom for customers he would have long since forced disney to stop adding such basic stuff as region encoding or even plain impossible to skip commercials.
He has not.
At the moment his company is experimenting with a new product variation that for a premium offers customer an "enhanced" version. If it succeeds, good, the same product for more money at almost no increase in costs. If it doesn't well he tried, got a few headlines and the costs are minimal.
Steve Jobs is NOT anti-DRM or pro-DRM, he is PRO-Apples bottom-line and will say or do anything (legal) that makes that bottom-line look really good.
All you need to know about Steve Jobs is that the iPod line has a ridiculous profit margin yet is made under dismall circumstances in a low wage country with appaling human rights and working conditions that would shock a european. Well main european, mainland western european. Northen part.
He could easily afford to have the iPod produced in more accetapble conditions BUT that would hurt the bottom-line. So he chooses to do the absolute minimum needed to keep the humanrights watchers from having to much ammo and rolls in the profits.
Steve Jobs is NOT god. He is just another businessman, stop trying to pretend he is something else.
Captain Obvious (Score:2, Insightful)
...author ALSO suspects that the big pretty boat in the movie Titanic will sink in the end.
Re:Apple's Encoded ID data is reasonable and fair. (Score:3, Insightful)
Amen! This is a very good thing that Apple have done. If they can just be persuaded to now open their store to Linux users, then it will be perfect for me. But all round, this is fine. The article writer and editor to accepted this should be ashamed of themselves.
Re:Couldn't be more ranty, or wrong (Score:3, Insightful)
Re:File sharing is NOT illegal (Score:3, Insightful)
Re:Apple's Encoded ID data is reasonable and fair. (Score:2, Insightful)
Re:Apple is Pro-Apple (Score:5, Insightful)
Wrong.
It may be a "good business move" for Apple to start going down the no-DRM path. It may also be that everything Steve Jobs said in his anti-DRM "manifesto" of sorts is also correct, and something that he actually believes. The two aren't mutually exclusive. Also, if removing DRM is such an obviously good business decision for the "bottom line" and "profits", then why was Apple the first major entity to actually do it in any meaningful or high-volume way with mainstream music?
Being "pro-Apple's-bottom-line" is fine. But that doesn't preclude Steve Jobs from having personal opinions and motivations that shape the way he runs the company. This whole "a corporation's only duty is to maximize profits and nothing else" line is garbage. On your region code arguments, you make assumptions that Steve Jobs has single-handed control over how Disney does all distribution of movies. You also ignore the incredibly complex situation with regard to regions for DVDs, which, for better or worse and no matter anyone's own opinion on them, are designed to allow for rollouts at different times in different regions of the world AND support the simply truth that some products can reasonably be sold for more in some markets than others. The owner/creator of the content has at least some say in the fact that they may want to sell something for $30 in the US, but $7 in Asia, do they not? Or are we arguing for globalization after all? I can't keep track.
The fact of the matter is that Steve Jobs and Apple have now done more than any media, music, or computing industry company to tear down DRM where it counts, i.e., on mainstream content that is encumbered with DRM. I don't care if some indie artist is selling no-DRM music on eMusic. Good for them. We don't need to concentrate on indies who already sell without DRM, do we? We need to concentrate on the big labels who ARE selling with DRM. Apple has done more in the anti-DRM campaign in rhetoric, posturing, words, and now, action, than any other entity to date. Does that make Steve Jobs a "god"? Nope. It's just the simple truth. In the end it doesn't really matter if it's "good for Apple's bottom line", or if Steve Jobs really does believe everything he said about DRM, if it's good for you as a consumer, does it?
On the subject of iPod, you're arguing that Apple is somehow doing something any differently from any other peer vendor in this industry with regard to manufacturing. Would people pay $1000 or more for an iPod? You over simplify the situation by making everything mutually exclusive: Steve Jobs *could* make the iPod in better conditions, at the same time ignoring the fact that any such move would completely decimate the iPod. As long as a company is abiding by the laws in the countries in which they operate, I don't care where they are based or who they sell to: your problem is with the host nation (China), not with Apple. And sure, some people make the problem with the company instead of the country because they think their "action" will best be spent there. Fine. Good for them. Let them vote with their wallets.
I don't ever think anyone really said Steve Jobs was a god in all these straw man discussions. But believe it or not, individual opinions, convictions, and intent can shape a corporation just as much as any "concern for the bottom line". If concern for the bottom line was all that mattered, Apple should have been doing great under Gil Amelio. Some might say, "No, that just means Amelio was a bad businessman and Jobs isn't."
Or could it mean that there's more to the bottom line than these latent (or overt) anti-corporate arguments?
Re:So... (Score:3, Insightful)
Yes, it's a watermark. It's just not a robust or stealthy one.
Re:Apple's Encoded ID data is reasonable and fair. (Score:5, Insightful)
Re:Couldn't be more ranty, or wrong (Score:2, Insightful)
Re:shame on Apple (Score:3, Insightful)
Not that there's really a right way.
Re:DRM is not encryption (Score:4, Insightful)
Your assertion that M4A is an "unusual format" is completely absurd for starters, but let's go down that slope a little more. Are you really saying that it's DRM unless you put your files in the most common format available? That the entire industry ought to be forever locked in to 90's era technology with demonstrably inferior sound quality?
But what really takes the cake is your assertion that the tags (the information isn't "embedded") represent a "restriction" when the only restriction is copyright law. This is an empty and offensive line of reasoning. Next you'll be calling a vinyl LP DRM, because it's hard to extract the music in digital form. Or the plastic wrapper on a CD case will be DRM since it makes it harder to get to the music.
In short, you've created an argument that simply allows you to criticize whatever company you don't like, which today happens to be Apple. By the way, increasing the bitrate on music is a matter of diminishing returns; the difference in quality between 128 and 256 is way greater than the difference between 256 and lossless.
Re:shame on Apple (Score:4, Insightful)
Re:DRM is not encryption (Score:3, Insightful)
Um...I don't know how to put this, but you're an idiot. They have plaintext metadata within the file that can probably be removed or altered with Apple's own QuickTime player, and they use a standard MPEG-4 Audio container with a standard MPEG AAC codec, and this is "an unusual format"?
I smell bullshit! First off, by your argument, CD's were a form of DRM back in the 80's, when you couldn't play them on your tape players. I guess HD-DVD and Blu-Ray, even without AACS, would be DRM by your standard because HD-DVD and Blu-Ray players are still expensive. So what, we don't get to use newly-standardized audio and video formats? We should satisfy ourselves with MP3's from the 90's and 100-pixel-wide AVI's? Also, you're backwards--the restriction was raised from 3 to 5. Also, how the fuck does including your name as metadata mean you can only play it on "your" computers? There's nothing stopping you from putting your iTunes Plus songs on a flash drive and loading them onto somebody else's computer to play.
Actually, Apple always allowed you to burn a song an infinite number of times (you just had to vary the playlist every so often, and you could even change it back), and to load it on an infinite number of iPods. As for the CPU restriction, do you have any fucking idea where you are?
I think you left out a "Netcraft confirms it".
Lots of inaccurate information. (Score:3, Insightful)
Re:Right click, Convert to AAC/MP3/etc. (Score:3, Insightful)
There are a hundred ways to remove that data, and I have no doubt within another week or two someone will create an app whose sole purpose is to make all the files you have look like they were bought by Jack Valanti @RIAA.com.
I really can't imagine any way Apple could have made this any LESS innocuous while still being able to tell the music companies with a straight face "of course the files have the purchaser's account information in them!"
Re:shame on Apple (Score:3, Insightful)
Watermarking is OK (Score:1, Insightful)
Watermarking does not prevent thsee.