iTunes DRM-Free Files Contain Personal Info 693
r2k writes "Apple's iTunes Plus files are DRM-free, but sharing the files on P2P networks may be an extremely bad idea. A report published by CNet highlights the fact that the account information and email address of the iTunes account holder is hidden inside each and every DRM-free download. I checked, and I found I couldn't access the information using an ID3 tag editor, but using Notepad I found my email address stored inside the audio file itself."
Re:Seriously... (Score:0, Informative)
> Good grief. "Sharing" copyrighted music files on a P2P network was always an extremely bad idea.
Not if you own the copyright or if you have permission to share it (e.g. permissive licensing). I hate it when people think that there is no _free_ music when there is plenty of it.
You can see the info in iTunes (Score:5, Informative)
You can see the info within iTunes.
Get Info on the Song/Video/Etc
Then go to the Summary Tab, Second column.
Re:Seriously... (Score:5, Informative)
AAC ( http://en.wikipedia.org/wiki/Advanced_Audio_Coding [wikipedia.org] ) is an industry standard, and even if it weren't, iTunes helpfully provides a "Convert to MP3" item in the context menu of non-DRM'd AAC files that does exactly what it says.
Old news (Score:5, Informative)
http://business.timesonline.co.uk/tol/business/industry_sectors/media/article1871173.ece [timesonline.co.uk]
Or at least for about a year and a half, I think slashdot reported on it then, too.
Hidden? (Score:5, Informative)
the account information and email address of the iTunes account holder is hidden inside each and every DRM-free download
How is this "hidden"? If you select an audio file purchased from the iTunes Store (with or without DRM), and go to File->Get Info, you'll see the following fields in the summary:
Purchased by:
Account Name:
Purchase Date:
Apple's not trying to hide anything here.
Re:Seriously... (Score:4, Informative)
AAC in a a run-of-the-mill MPEG-4 container, with ID3-formatted tags stored in a separate atom (permissible in the MPEG-4 standard).
Anything that uses libavcodec/libavformat as a base (ffmpeg, VLC, mplayer, etc) can read these files. They may not have the code to extract the ID3 tags from the atom and feed the data blob to something like libid3... but as long as the player software can read standard MPEG-4 files with basic AAC... it can play these suckers.
The format just isn't as prevalent as MP3, but that doesn't automatically make it proprietary.
Not everywhere in the world has the same laws (Score:5, Informative)
Re:Seriously... (Score:2, Informative)
I am from Spain and here we have something called "private copy right" that allows people to have copies of copyrighted stuff, and to share it, by P2P or by whatever.
P2P in Spain is not illegal, it's not regulated.
Why Apple has to ignore the privacy of their customers in such way?
P.S.: Excuse me if there is any mistake on my English
Jesus christ guys, we already know this. (Score:3, Informative)
I suppose it's pertinent again and all, but seriously, I already know this guys, why are we pretending like this is new?
On some level, I'm not sure why i care if it's repeat news. I mean really, repeat it all you want i guess, my life still goes on, but i dunno, journalistic integrity and all that, i feel like we should at least mention that this is a complete copy of an older story....
-Taylor
Re:Seriously... (Score:5, Informative)
Re:What could possibly go wrong? (Score:1, Informative)
ID3 tags? Hello? These are not MP3s and don't use ID3 tags. They store metadata in MPEG4 "atoms".
One might be able to view and edit them with Atomic Parsley:
http://atomicparsley.sourceforge.net/
However, its tag parsing isn't as good as it might be.
Old news (Score:5, Informative)
This came up when they introduced iTunes plus ages ago. It's been discussed back then. Yes, the info is there. You can simply look it up, no problem. Your ID3-Tag-Editor might not be able to chanxge it since we're not talking MP3 here. That's it.
Just use a different editor, clean out the information and start the copyrightinfringement-frenzy you seem to have been waiting for for so long. Oh no, you already do that, I guess.
Or, if you don't like finding an editor that can delete the info, just go to a record store and steal the CD.
Re:Seriously... (Score:5, Informative)
The English is fine, just not the information!
Like many places, Spanish law has exemptions for private use, which probably makes removing DRM completely legal. However the owners are allowed to make copies only for private usage, with collective and lucrative uses not allowed. Sharing on P2P would definitely constitute a collective use.
Although as with almost everywhere else, P2P itself is not illegal.
Re:Seriously... (Score:5, Informative)
Converting to MP3 is lossy, regardless of the source format.
Re:Seriously... (Score:1, Informative)
I can state for an absolute, personally experienced fact, that a purchased ITunes Plus AAC file can be played as-is by current versions of Winamp, with no processing or extra add ins.
Yes, they have some extra tag indicating who purchased it (visible doing a get info in iTunes, so it has to be somewhere - so it's somewhat obivious that it will be in there) - but Winamp just ignores it.
AAC is to MP3 what Divx/MP4 is to MPEG-2 video.
Don't see a problem here. (Score:3, Informative)
Way to sensationalize something which has been known for years. Everything that is purchased on iTunes is stamped with user account and a unique transaction ID. Apps, videos, movies, rentals, etc.
It doesn't bother me because I don't share my music on p2p networks and I'm not paranoid like some people. I dislike DRM because I want to easily play my music on whatever device I want, not because of some ideological drive to stick it to THE MAN.
This is a non-issue.
Re:Seriously... (Score:4, Informative)
Re:Seriously... (Score:4, Informative)
Re:Seriously... (Score:3, Informative)
Why would you think that you would get fined just because your name is in something?
Nothing is going to happen until it goes to court. The guberment can't give you a fine for this like a speeding ticket or anything. They would have to collect enough evidence and present it and then either hope that the government picks it up or sue you directly. Even then, your lawyer will probably get you off before it costs any money because you won't be the first person it happened to. All it will take is one Virus going around that does something with these files and it would be completely pointless and worthless as evidence.
About the most that can happen is Apple decides not to sell more music to you under that account.
Re:Seriously... (Score:2, Informative)
While I agree with you that removing the DRM is a good thing and inserting this information in the file is perfectly reasonable, as long as the music is in a proprietary format it can't be migrated easily. can the files be read by other applications?
I really can't understand why so many people think that AAC is an Apple format... Is it the "A"s in it that makes everyone seem to assume it has something to do with Apple? It's a (patent encumbered) standard, just like MP3. Practically everything made these days supports AAC - it's actually cheaper to license per unit than MP3.
Re:Reasonable compromise... (Score:5, Informative)
A shocking technical fumble! (Score:2, Informative)
I checked, and I found I couldn't access the information using an ID3 tag editor
All iTunes songs are AAC or Apple Lossless. ID3 is used almost exclusively for MP3 and certainly not for any iTunes song.
Re:No worries (Score:4, Informative)
I know many people incapable of getting music from a CD to a mp3 player but able to transfer from the web to the player.
They must be pretty dumb then. Provided iTunes is running, it starts ripping a CD into the library as soon as a CD is inserted. And as soon as the iPod is connected, the files will get transfered to it. No keyboard or mouse interaction needed.
(These two actions can be disabled with preferences, but I believe that is the default behaviour.)
Re:Seriously... (Score:4, Informative)
Re:Reasonable compromise... (Score:5, Informative)
this is the second or third article about apple putting said info into their music files over the years. It isn't surprising. Apple even states it somewhere in the fine print of the EULA's.
Slashdot suffers from ADD and forgets what it duped yesterday.
Comment removed (Score:5, Informative)
Re:Seriously... (Score:3, Informative)
Actually, there are no hifi mp3 players because mp3 players aren't defined in DIN 45500 at all.
Re:Seriously... (Score:3, Informative)
True. I would imagine there are ways, though, of minimizing the loss going from AAC to MP3. A naive conversion would convert AAC back to uncompressed PCM samples, and then run that through a standard MP3 converter. That strategy would work (and is likely the one employed), but it seems like it would cause the maximum damage.
Another technique transcodes one format to the other. AAC is also a lossy format, and its psychoacoustic model has already decided to discard some information. Transcoding from AAC to MP3 could convert the sound data in the frequency domain (i.e. the MDCT coefficients--the representation that AAC and MP3 use to code the sound once it's been shaped by the psychoacoustic model), throwing away only the sound bands that MP3 doesn't support. You may have to do some additional work to handle the smaller ranges of frame sizes that MP3 supports, but it's tractable.
The main point is that you don't have to apply the full psychoacoustic model again to decide on more things to discard. Since MP3 represents a narrower band of sound than AAC does, most of the conversion can focus on removing the stuff MP3 can't represent, and then just recoding what remains with the greatest fidelity possible.
Something tells me, though, that they're not bothering to do it that way, but I'd be interested to know if they do.
(Note: I'm not an audio format expert, and I have simplified the description above. For example, AAC uses a modified DCT [wikipedia.org], so it's not as pure a frequency domain representation as, say, an FFT. MP3 apparently uses a hybrid approach that isn't pure MDCT. And so on. Still, capturing the audio data nearer to its encoded form and transcoding it, rather than going all the way back out to audio samples should retain higher fidelity.)
Re:Reasonable compromise... (Score:2, Informative)
in iTunes: right click the song, select properties, tada! "Account Name: "
(its in the same place as the DRM'd copies)
I find it a little odd that so many people simply expected to get files with no account information, since all that was promised was FairPlay being removed. I'm still a little peeved about having to pay 0.30$ a tune to unlock my current library however.
Re:Seriously... (Score:3, Informative)
Which is exactly what the GP seems to have been going for. If they find a pirated track, it has your email address in it, and the signature validates (the file is unmodified), they can delete your account or whatever without having to worry about impersonation.
Re:Seriously... (Score:1, Informative)
AAC will play on most portable devices these days.
Why do people keep repeating this when it is demonstrably untrue? E.g. go to www.argos.co.uk.
They have 86 non-apple music players. I looked at a random sample of about 20-30 and only *two* of the more expensive ones had AAC support. *None* of the cheaper players have it (WAV/MP3/WMA only typically).
This is not a freak result. I've looked at maybe 100 player specs over the last year or two for sub £50 (UK) devices and I've *never* seen AAC support in this price range.
Now, given that Apple is fully switching to non-DRM AAC, maybe most new cheap players will start to include support. Maybe not. But *they do not include it now*.
Re:Not everywhere in the world has the same laws (Score:3, Informative)
I'm going to raise a red light on this...
1. We pay a *levy*, not a tax, on recordable media.
2. This levy does not allow you to distribute your collection online. Distributing copyrighted works online is still infringing activity.
3. The levy *does* cover you borrowing a CD from the library and making a *personal* copy of it to blank media. But, if you are recording the copyrighted work to a media that the levy is not applied to, it is still infringing activity.
4. The Canadian gov't has repeatedly made promises to reform copyright laws and eliminate the private copying levy, so don't get too comfortable with it.
Re:Reasonable compromise... (Score:2, Informative)
At least some people are pointing out that the account information has been part of iTunes files for forever and isn't news to most people who know how to do a Google search.
You don't even need to do a search. Just select the file in iTunes and press control-i in windows or command-i in Mac OSX. The information on the file is then displayed in all its relative glory.
Really old news? (Score:3, Informative)
Correct me if I'm wrong, but didn't this issue come up back when Apple first released DRM-Free songs?
To add to that, the post is misleading, it's not actually hidden unless you are a complete and utter tool. In the info window of iTunes, it clearly shows the information they have "hidden" in the file...
Re:Reasonable compromise... (Score:5, Informative)
This has always been the case since the iTunes store opened! It's not news, it's several years old. Heck, when Hymn was available (removed FairPlay from purchased music, and this was 5+ years ago), it kept the personal information to prevent people from P2P'ing the newly unlocked music.
So the very first time you used the iTunes store years ago, personal information was attached - it wouldn't have shown up with change bars because that part has not changed. You can probably find the news articles about it from years ago, and again from a couple of years ago when iTunesPlus was started about how the AppleID of the purchaser was embedded in the file.
People are acting like this is completely new, when it's been happening for years now.
Re:Reasonable compromise... (Score:3, Informative)
http://yro.slashdot.org/article.pl?sid=07/05/30/2014222&from=rss [slashdot.org]