Filed under: iTS, Terminal Tips, TUAW Tips
TUAW Tip: Don't Torrent That Song...
Sure, you can now download music from the iTunes store without DRM but that doesn't mean you should just willy nilly start sharing that music with your friends. For one thing, it's illegal. For another, your account information is embedded into that m4a music file. Don't believe me? Try this yourself.
1. Launch Terminal. You'll need to be comfortable at the command line to perform this check.
2. Navigate to one of your iTunes plus downloads. If you have a US iTunes account, you can download the iTunes plus "Ooh La" single of the week.
3. Use the UNIX "strings" command to look at the text in your data and grep to search for your name. e.g.
strings 01\ Ooh\ La.m4a | grep name
Alternatively, open all the strings in TextEdit:
strings 01\ Ooh\ La.m4a | open -f.
Bottom line: DRM-free doesn't mean that Apple suddenly supports piracy.

![TUAW [Cafepress]](http://www.blogsmithmedia.com/www.tuaw.com/media/tuaw-cafepress-promo.png)


Reader Comments (Page 1 of 5)
Nic said 12:26PM on 5-30-2007
Though as these are now m4a files you can convert to mp3 without burning to disk first.
Remember though - Home Taping is Killing Music
Reply
emor8t said 12:29PM on 5-30-2007
Isn't that even worse than DRM? Sure, I can move it, and do what I want with it, but it tracks me?
Thanks, but no thanks Jobs. Take you DRM-Free crap and stick it you-know-where.
Reply
Phillip Platz said 12:38PM on 5-30-2007
I'm sure converting to MP3 or some other format would get rid of it? Or simply opening the song in Garageband and sending it to iTunes again?
Anybody care to try?
Reply
Nic said 12:39PM on 5-30-2007
emor8t - it doesn't track you the file simply has the username in it used to purchase the track, hardly a issue. Most peoples issue with DRM is that restrictions it places on you as the purchaser playing the file on the device of your choice.
Having the username in the file is only going to be a problem for you if you starting sharing the file surely?
Reply
emor8t said 12:49PM on 5-30-2007
@Nic,
Doesn't change the fact that it exists. It's defeatist for Apple to claim they invented non-DRM music sales, only to stick user names it them. It's also unnecessary. It's also vapidly obnoxious that everyone, not Apple alone, insists on tracking consumer purchases down to the specific consumer. There is no reason that Apple needs to know that I, specifically, have every Soundgarden album they offer. They should be sufficiently satisfied with the X number of albums sold.
Reply
Donald Burr said 12:49PM on 5-30-2007
isn't this data just another one of the metadata tags that come standard in any iTunes file (i.e. Genre, Album, Artist, etc.)? If so, you should be able to use a tagger like Lostify, AtomicParsley, etc. to zap them from your file.
Reply
ra1n said 2:11PM on 5-30-2007
I imagine this is the same with DRMed tracks, but this is not a great problem, if you give this to friends and not on p2p :-)
Reply
GadgetGav said 1:03PM on 5-30-2007
@emor8t,
OK, you don't like Apple, Jobs or iTunes. We get the picture. It doesn't help your arguments make sense though. Apple don't claim to have "invented non-DRM music" - the launch of this was at an EMI event in London remember. Jobs says he wants non-DRM tracks to sell on iTunes, but it's up to the labels to provide them, which EMI has done.
Also, the data that they get by knowing who bought what helps drive features on the iTunes Store like where it says 'listeners also bought'. For someone who doesn't listen to radio, that's a good way to find new music based on the stuff I like. Any online download service that you log into can and does track who is downloading what. The only way this is a problem is if you want to do something illegal with the file, and if you want to do that, there's ways to strip it out which you'd have to do anyway.
Reply
! said 1:07PM on 5-30-2007
Nothing new here. Do a Get Info on any song you've downloaded from the iTMS, ever, and you'll see the email address of the account used to purchase it. What's the fuss about?
Reply
superadam said 1:09PM on 5-30-2007
@emor8t
Everything you buy is already kept track of by your iTunes account. Pretty much every store that requires you to create an account keeps record of what you purchase. This is nothing new.
Having a user name embedded in the files is just a way for Apple to identify which users are abusing the "honor system" type privileges. I'm sure that it's something that the record labels are going to require. Removing DRM means that YOU can use the file however you want. If you aren't doing anything wrong (i.e. uploading it to sharing site, giving it to all your friends, etc), then there's nothing to worry about.
Reply
Matt said 1:08PM on 5-30-2007
Donald, I'm not on my mac right now but I don't recall the file's owner (er, "licensee") to be part of the standard metadata. E.g. you can "get info" on a song with iTunes and change the Artist, but not the owner. I don't know if it's stored in the file the same way as other metadata.
From an account tracking point of view, it would make sense to embed an encrypted digital watermark in the file in addition to the customer name -- presumably many of Apple's customers share the same name. Or at least embed an account number, which might not be visible as a plain text string (via the unix "strings" command). Since these don't actively prevent the user from making copies Apple could still claim (arguably implausibly) they are DRM-free.
Thus, anyone trying to hack the metadata ought to research whether there are other such security features embedded in the file. Zapping the customer name alone might provide only the illusion of anonynmity.
Reply
Nic said 1:18PM on 5-30-2007
@emor8t
adding the username to the file is not DRM though, also its not a problem unless you start sending out the file on the net, which you shouldn't be doing anyway.
The only way this 'tracks' you is if the file becomes available all over bittorrents etc, anyway simply export to mp3 and its gone.
Reply
Eric said 1:21PM on 5-30-2007
"If you aren't doing anything wrong, then there's nothing to worry about."
Hey why don't you let the government openly tap all your phone calls to listen for suspicious activity? If you aren't doing anything wrong, there's nothing to worry about, right? There doesn't exist such a thing as respect for privacy or anything like that.
Reply
nicolas said 6:45PM on 5-30-2007
c'mon...
what if:
-someone steals your ipod
-steals / repairs your PC/Mac
-ect. ect.
suddenly all tracks are public, you have nothing to do with it, but you are the one whos followed by the police. one day, i just left my ipod a coupple of hours in a store for laser-etching.
as i returned, a audiobook was selected, which i definitly not listened to, that day. they could easily downloaded and share my music on p2p networks....
Reply
Nic said 1:30PM on 5-30-2007
@13 - slight difference between you making the decision to share a file all over the internet and whichever government infringing your rights, get some perspective, better still come live in the UK we must be about the most tracked citizens around
@14 - bad luck, these things happen but only in isolated amounts, personally I take any personal stuff off ANY bit of equipment I am leaving with a 3rd party.
Reply
Paul-Michael said 1:31PM on 5-30-2007
@emor8t
"It's defeatist for Apple to claim they invented non-DRM music sales, only to stick user names it them."
(In regards to your use of the word, defeatist)
I don't think that word means what you think it means.
Reply
superadam said 1:35PM on 5-30-2007
@ Eric
"Hey why don't you let the government openly tap all your phone calls to listen for suspicious activity? If you aren't doing anything wrong, there's nothing to worry about, right? There doesn't exist such a thing as respect for privacy or anything like that."
I don't think this applies. Apple isn't (or shouldn't be) spying on people's computers. Think of how many people have gigs upon gigs of stolen music on their computers. It's just a mechanism for them to be able to identify files that are found on file sharing networks. People forfeit their right to privacy when they are caught breaking the law. It's not like tapping phones, more like undercover police officers infiltrating a drug ring and arresting people. They can't complain about having their right to a private meeting violated.
Reply
Jeremy said 3:46PM on 5-30-2007
I can't see as anyone mentioned it yet, but this also is a violation of the European information laws.
You can't leave someone's name in a file without explicitly telling them it's there and also providing a means for it to be removed. It's illegal in Europe and in most modern countries (except the US of course.)
Reply
Alan Strangis said 1:48PM on 5-30-2007
@ Nic #15:
Just because the UK is the new super surveillance society doesn't mean that it's "okay". Privacy is privacy, and if I were a UK citizen, I'd be fighting it tooth and nail (or pitchfork and torch). :)
As for your other point, I totally agree.
Reply
ThunkDifferent.com said 1:51PM on 5-30-2007
Great addition, now there are new editions such as Paul McCartney, and classics like New Edition... thanks Apple iTunes!
http://ThunkDifferent.com
Reply