If that is the case, then their name in the header, at least at a personal level, becomes an endorsement for potential piracy. Sure, we can speculate on ways in which these files could be taken surreptitiously and added to p2p networks, but we can probably also agree that a lot of these files are added by the users themselves. Ed mentions malware, but on a more low-tech level, it could just be that the purchaser lets the wrong person borrow his or her computer.Ĭryptography issues aside (and privacy for that matter), a name is a powerful thing. **There are a number of ways this could happen. *According to the EFF, these files do not have an audio watermark, which is something that might actually be non-trivial to remove: The file could hang around for months or years, just waiting for some RIAA minion to stumble across it. Even worse, once a file with your name embedded in it gets out on the P2P networks there’s no way for you to take it back. As Ed mentioned in his post, the main danger is that these files will leak onto P2P networks without any direct involvement from the person who purchased them**. So whatever else the technology does, it is unlikely to catch sophisticated file-swappers, who will simply strip out the personally identifying information. Of course, as Don Marti says, they may also be hiding some sort of personally identifying information in a less obvious place, but even in this case it’s probably only a matter of time before someone figures out how to strip this out too.* My point is that as long as Apple doesn’t do this, it would be trivial to write a program that takes the Apple’s DRM-less AAC files as input and outputs fully functional AAC files that have been sanitized of any personally identifying information. Nick, I agree that Apple is highly unlikely to require the headers in all music files. It’s unlikely that we could reliably tell the difference between a scofflaw user and one victimized by malware, so there seems to be no escape from this problem. If punishments are mild, then users might be willing to distribute their own files and claim innocence if they’re caught. If these people are punished severely, the result will be unfair and no prudent person will buy and keep the labeled files. Which brings us to the usual problem with systems that try to label files and punish people whose labels appear on infringing files. This scenario is very plausible, given that as many as 10% of the machines on the Net contain bot software that could easily be directed to swipe iTunes files. If a file is swiped from a customer’s machine and then distributed, you’ll know where the file came from but you won’t know who is at fault. All a digital signature can do is verify that a file is the same one that was sold to a particular customer. Apple could choose to publish this verification key if they wanted to let third parties verify the name information in files.īut there’s another problem – and a pretty big one. There’s a separate key used for verifying that the data hasn’t been modified. (You might worry that somebody could transplant the name header from one file to another, but proper crypto will detect that.) Whether to use this kind of integrity check is a separate question from whether to encrypt the information – you can do either, or both, or neither.įrom a security standpoint, the best way to do guarantee integrity in this case is to digitally sign the name data, using a key known only to Apple. Done right, this would let Apple detect whether the name information in a file was accurate. If you’re not a crypto person, you may not realize that there are different tools for keeping information secret than for detecting tampering – in the lingo, different tools for ensuring confidentiality than for ensuring integrity.Īpple apparently used crypto to protect the integrity of the data. Worse yet, it would be easy to change the data in a file to frame an innocent person – which makes the name information pretty much useless for enforcement. Fred predicts that somebody will make a tool for changing the name to “Steve Jobs†or something. This makes it pretty easy to change the name in a file. More interesting than the lack of encryption is the apparent lack of integrity checks on the data. Randy responded that there was a benefit to letting third parties do enforcement. Or so the theory goes.įred von Lohmann responded, suggesting that Apple should have encrypted the information, to protect privacy while still allowing Apple to identify the original buyer if necessary. It would be easy for Apple, or a copyright owner, to identify the culprit. Randy Picker suggested that this might be designed to deter copying – if you redistribute a file you bought, your name would be all over it. Recently it was revealed that Apple’s new DRM-free iTunes tracks come with the buyer’s name encoded in their headers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |