Arstechnica brought it to my attention that Apple has been embedding my account information in the files I download from their iTunes music store.
On one hand, that’s understandable given that the encryption key is linked back to my account on iTunes music store. The very same reason you must authenticate when playing a encrypted music on a new installation of iTunes.
But why couldn’t they have just embedded an arbitrary account number associated with my account? Did they want to make it easier for the mafiaa to track down music sharing folks? I wonder if this was a strong arm tactic and why didn’t Apple protect our privacy better?
I cracked open a couple of files (pre-drm free itunes) with notepad and in the first page of code was my name and email address in plain text. And this is only in plain text, no telling what else is embedded in there.
From http://blog.wired.com/business/2007/06/apples_drmfree_.html
Want to strip that identifying marker off your files without losing any info by compressing it to MP3? Here’s how (at least on a Mac, although I’m sure there’s a easy way in Windows to do this as well):
Step one: In your iTunes preferences, under the advanced tab, choose to import your tracks as Apple Lossless.
Step two: Highlight one of your shiny new DRM-free tracks
Step three: Click the Advanced tab in the menu and select “Convert Selection to Apple Lossless”
Bang. You’re done. No quality loss, no iTunes account info. You can verify that your ID has been stripped using the Get Info command, or via the Unix grep solution that TUAW suggests above.
I haven’t tried it yet, but it wouldn’t suprise me if it is that easy. Drm and all of this stuff only stops the people that it is not intended for. hahaha