or Connect
AppleInsider › Forums › Mobile › iPod + iTunes + AppleTV › Apple addresses iTunes "MiniStore" privacy concerns
New Posts  All Forums:Forum Nav:

Apple addresses iTunes "MiniStore" privacy concerns

post #1 of 65
Thread Starter 
Apple on Wednesday responded to claims that its new iTunes 'MiniStore' feature is akin to spyware by remotely disabling the feature on all installed copies of the latest digital jukebox software.

On relaunch, iTunes 6.0.2 now offers a dialogue allowing users to decide whether to enable the "MiniStore" feature, which reports information about each song a user listens to in iTunes, notes MacNN.

Apple released iTunes 6.0.2 on January 10th, but two days later avid Mac users discovered that the software quietly communicated playlist information over the Internet, both to Apple and to a company based in Orem, Utah.

The MiniStore now displays an information pane on the first connect to it, explaining what data is transmitted, and telling the user how to toggle its visibility. It also confirms that when the MiniStore is disabled, that no data is transmitted at all. This update was performed on Apple's servers, leaving user installations untouched.

The latest version of iTunes now displays the following note via its interface: "The iTunes MiniStore allows you to discover new music and videos right from your iTunes Library. As you select items in your Library, information about that item is sent to Apple and the MiniStore will show you related songs or videos. Apple does not keep any information related to the contents of your music Library."



post #2 of 65
Quote:
Originally posted by AppleInsider
Apple on Wednesday responded to claims that its new iTunes 'MiniStore' feature is akin to spyware by remotely disabling the feature on all installed copies of the latest digital jukebox software.
...
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.

Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.

My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?
post #3 of 65
Wow, most software vendors would dig in and fight against people wanting to disable a "feature" that they've included.

I've gotta hand it to Apple on this one.

Good move
post #4 of 65
Quote:
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.

That button has always been in 6.0.2.
post #5 of 65
Whoah there conspiracy theorist! I don't know much about this, but I am guessing that since the mini-store is by default active, and since the function of the ministore is to send to and receive information from Apple, this is a minor thing for them to do. By no means does it suggest anything more than what it is - the company disabling the function due to consumer complaints...

Quote:
Originally posted by VanFruniken
Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.

My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?
post #6 of 65
Quote:
Originally posted by AppleInsider
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.

Actually, this last sentence is wrong. The Show/Hide button was already included with the 6.0.2 update prior to today's change.

This is a very good move on Apple's part. They made a minor but poorly-judged move by adding the ministore (by default) in the first place, and should have had a heads-up like this to begin with, but they've acted swiftly and appropriately to nip it in the bud.
post #7 of 65
Quote:
Originally posted by FreakyT
That button has always been in 6.0.2.

Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?

Too bad they're using port 80 for this information sharing, otherwise it would be possible to use Little Snitch to block it without blocking everything else.
 
Reply
 
Reply
post #8 of 65
Quote:
Originally posted by AppleInsider
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.

Who's writing these articles? Seriously! How about a little research before publication?
post #9 of 65
Isn't that portion of iTunes dynamically generated HTML?
NOTICE: While every effort has been made to ensure the accuracy of the information supplied herein, fahlman cannot be held responsible for any errors or omissions. Unless otherwise indicated,...
Reply
NOTICE: While every effort has been made to ensure the accuracy of the information supplied herein, fahlman cannot be held responsible for any errors or omissions. Unless otherwise indicated,...
Reply
post #10 of 65
Quote:
Originally posted by auxio
Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?

No. This update basically just reminds people that it CAN be closed, and tells people exactly WHAT is happening so they can decide Which is what they should have done.

And adding that note doesn't mean Apple is remote-controlling your mouse or something

It probably means Apple ALREADY included that note in the new iTunes, and was debating whether they should bother people with it or not. So they disabled it but left the option open to show it. Now I bet they're glad they did.

EDIT: Above poster makes more sense: the popup is probably generated by the ministore just like other popups are generated by the main store. I never thought about whether they were in the "HTML" or in the app, but now that you mention it I bet you're right.

Either way, Apple didn't have to "intrude" on your machine in order to add the new warning.
post #11 of 65
Quote:
Originally posted by auxio
Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?

Too bad they're using port 80 for this information sharing, otherwise it would be possible to use Little Snitch to block it without blocking everything else.

Actually, if you check the comments in the original stories on this (at BoingBoing, SlashDot, etc), quite a few people confirmed that no, it was *not* sending info to Apple unless the ministore was showing, even before this change. They cited LittleSnitch and other similar utilities to verify it.

So, Apple only made 2 errors here: 1) the store was "on" by default instead of "off"; and 2) they didn't give you any notice of what information was being sent (or under what circumstances). This latest change solves both.
post #12 of 65
Quote:
Originally posted by fahlman
Isn't that portion of iTunes dynamically generated HTML?

I don´t think so.

Wha is it with the sudden influx of "Apple can´t do anything wrong" people we have ahd lately?
"I reject your reality and substitute it with my own" - President Bush
Reply
"I reject your reality and substitute it with my own" - President Bush
Reply
post #13 of 65
Quote:
Originally posted by VanFruniken
Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.

My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?

It doesn't hook into your system. We're talking about data iTunes pulls from the internet. When iTunes pulls up a page offering recommendations, the server first returns a page asking for permission.
post #14 of 65
Quote:
Originally posted by BlueDjinn
Actually, if you check the comments in the original stories on this (at BoingBoing, SlashDot, etc), quite a few people confirmed that no, it was *not* sending info to Apple unless the ministore was showing, even before this change. They cited LittleSnitch and other similar utilities to verify it.

So, Apple only made 2 errors here: 1) the store was "on" by default instead of "off"; and 2) they didn't give you any notice of what information was being sent (or under what circumstances). This latest change solves both.

ok, good to know that keeping it closed prevented the information from being shared.

And I did notice that even though I had previously kept that portion of iTunes closed, when I updated to 6.0.2, it was reopened (and I had to close it again). So that's another problem with the update: not respecting previous user settings.
 
Reply
 
Reply
post #15 of 65
Quote:
Originally posted by Anders
Wha is it with the sudden influx of "Apple can´t do anything wrong" people we have ahd lately?

Who in this thread has said that?

Nobody has denied that Apple was wrong to give no warning before. They've STOPPED doing this particular wrong, however. And there are misunderstandings about what that wrong was--like saying you couldn't disable it before, when that was always a click away, if Apple would only explain the choice. Now they do. (AND they note that they don't store your play info, only use it at the moment, to send recommendations--which removes most of my early complaints about this issue.)

BTW, the iTunes music store displays--including the mini-store, ARE a kind of HTML rendered on the fly depending on what items need to be shown. The only question is whether Apple delivers the popup notice itself that way (as many web sites do) or whether the warning was there all along. I'm curious about which method they use, but neither answer to that technical question is about apple "doing wrong" or "doing no wrong." Either way they DID do (small) wrong by not reminding people of the obvious (that the mini store recommendations are based on YOUR music playing)--and either way, they've corrected that thanks to feedback which they got--and which they deserved.
post #16 of 65
Quote:
Originally posted by fahlman
Isn't that portion of iTunes dynamically generated HTML?

Yes, so the only update required was on their own servers. Your own machines have not been touched.
post #17 of 65
While Apple handled the problem in the best way, I'm surprised that they didn't anticipate the bad publicity that resulted from them doing it the way they did.

You would think that after what happened to Sony, apple would have said, whoa!. If they just came out with this information layout in the beginning, they would have been praised for being so upfront with what they were doing. Eveyone would then have pointed to them and said that they "got it".

Instead, we have this mini tempest.

The problem here is that the cure will never entirely erase the initial bad publicity and distrust from all. Apple's critics will be sure to bring it up again, and again.

I just can't understand why companies aren't smarter about these things, especially when they are doing something that they don't have to be ashamed about in the first place.
post #18 of 65
Nice to see Apple finally grow some brains on this issue. Personally, the "privacy" thing didn't bother me so much, but I can see why others might take issue with it. For me, it was more that it was extremely intrusive, and not immediately obvious how to turn it off.

Does anyone know anyone who actually likes or uses the ministore?

Just so we are absolutely clear:

The contents of the iTunes window area that I have highlighted red in this picture is dynamically generated by Apple's music store servers and sent to iTunes. The button that the mini-store area is pointing to has always been in iTunes 6.0.2. Apple have not modified anything on your computer.
it's = it is / it has, its = belonging to it.
Reply
it's = it is / it has, its = belonging to it.
Reply
post #19 of 65
Quote:
Originally posted by melgross
I just can't understand why companies aren't smarter about these things, especially when they are doing something that they don't have to be ashamed about in the first place.

I agree. I mean, the feature is intended to help users find music they may like based on what they currently listen to, so it's not bad intentioned. However, as is the case with any information collection, there is the potential to make a lot of money from information end users may or may not want to share, and so there will always be a level of distrust. Especially when the average user doesn't know exactly what information is being collected.

I think the best solution is for companies to be completely transparent about information collection: tell what information is collected, describe the benefits to end users, and allow them to decide what information they feel comfortable sharing through the application settings. The defaults, of course, should be no information sharing whatsoever.
 
Reply
 
Reply
post #20 of 65
Not disposed to internet paranoia, why is it I'm supposed to care whether Apple can see my playlists? I know, I know, they DON'T, but why am I supposed to care?

Because if Apple knows I listen to Radiohead a lot, I'll turn to a pillar of salt?

I'm all for stopping snooping technology that lets companies I don't know about or don't consent to snoop around on my computer, show me pop-up messages for prescription drugs or drain my computer's processing power for nefarious purposes. I'm just not all concerned about a company whose product I use by license from that company -- ahem, Apple -- using information it gets from my usage of its product to make my experience better.

(I can feel the flamers already!)
post #21 of 65
Should they also be able to see that you are listening to Mein Kamf without youbeing warned?
"I reject your reality and substitute it with my own" - President Bush
Reply
"I reject your reality and substitute it with my own" - President Bush
Reply
post #22 of 65
Quote:
Originally posted by Anders
Should they also be able to see that you are listening to Mein Kamf without youbeing warned?

Good point. But if I bought it from Apple, don't they already know?

Maybe that's the distinction. OK, fine. I'm OK with Apple utilizing my use of content that I download from Apple to make the iTunes experience better for me.
post #23 of 65
Quote:
Originally posted by Anders
Should they also be able to see that you are listening to Mein Kamf without youbeing warned?

You are making an unwarranted assumption that "they" are listening.

There is no "they". The servers receive the information about which song is playing or is being clicked on. Then the software shows other songs based on criteria that was programmed into it.

The information exchange is instantaneous, made up on the fly, and is also, just as instantaneously, dropped.
post #24 of 65
I'm glad Apple added this notice to iTunes. When I first launched iTunes after the update I was like WTF and couldn't figure out how to turn the mini store off, and I know what I'm doing!! This is a step in the right direction as it both informs the user and defaults the new feature to off.

If this was launched as part of a major iTunes release they probably could have defaulted it to active though.
Download BARTsmart BART Widget, the best BART schedule widget for Mac OS X's Dashboard.
Reply
Download BARTsmart BART Widget, the best BART schedule widget for Mac OS X's Dashboard.
Reply
post #25 of 65
Quote:
Originally posted by melgross
You are making an unwarranted assumption that "they" are listening.

There is no "they". The servers receive the information about which song is playing or is being clicked on. Then the software shows other songs based on criteria that was programmed into it.

The information exchange is instantaneous, made up on the fly, and is also, just as instantaneously, dropped.

This whole discussion is irrelevant. The whole worry about someone (they) at Apple bothering to look through a log of one hundred million or so playlist entries just to report someone who's listening to Mein Kampf or Das Kapital to the CIA is rediculous.

The real care here should be who is profiting from knowing that, 75% of the time someone who listens to the new Depeche Mode album will also have the new Arcade Fire album in their playlist, and so music stores (online or otherwise) which provide both albums should group them together somehow in order to increase sales.

I get annoyed with conspiracy theorists who think that businesses somehow care about your personal ideologies or law-breaking behavior. If it doesn't affect their bottom-line, they don't care about it, simple as that. Get out of the house a bit more, ease up on the pot smoking, and maybe see the world a bit clearer.
 
Reply
 
Reply
post #26 of 65
Quote:
Originally posted by auxio
This whole discussion is irrelevant. The whole worry about someone (they) at Apple bothering to look through a log of one hundred million or so playlist entries just to report someone who's listening to Mein Kampf or Das Kapital to the CIA is rediculous.

The real care here should be who is profiting from knowing that, 75% of the time someone who listens to the new Depeche Mode album will also have the new Arcade Fire album in their playlist, and so music stores (online or otherwise) which provide both albums should group them together somehow in order to increase sales.

I get annoyed with conspiracy theorists who think that businesses somehow care about your personal ideologies or law-breaking behavior. If it doesn't affect their bottom-line, they don't care about it, simple as that. Get out of the house a bit more, ease up on the pot smoking, and maybe see the world a bit clearer.

Amen. That was actually the point of my original post, i.e., that it may actually be a good thing that Apple (it's computers, whatever) knows what I like and can present better choices to me as a result of data-mining my playlists.

That said, I think the "Just for You (Beta)" feature on iTMS is a pretty weak first effort. It seems to look more to the totality of what I've bought than what I listen to. Without getting into the issue of whether Apple has or should have access to that information, I don't find the feature to be all that helpful.

For example, it tells me that I might like Weezer's Green album. Guess what! I do! And I already have it; I just happened to rip it from CD instead of buying it from Apple. I know it's a beta; I just note that I find it completely useless and wish there was an option for turning it off.
post #27 of 65
Quote:
Originally posted by Porchland
I know it's a beta; I just note that I find it completely useless and wish there was an option for turning it off.

Open the music store. Scroll to the bottom. Ta Da!
it's = it is / it has, its = belonging to it.
Reply
it's = it is / it has, its = belonging to it.
Reply
post #28 of 65
Quote:
Originally posted by auxio
The real care here should be who is profiting from knowing that, 75% of the time someone who listens to the new Depeche Mode album will also have the new Arcade Fire album in their playlist, and so music stores (online or otherwise) which provide both albums should group them together somehow in order to increase sales.

And it's not as if Amazon.com wasn't already doing something like that by telling you what others have bought in addition to the CD you're looking at. This hullabaloo reminds me of the foil-hatted people running around saying "TiVo knows everything you're watching!" So what if they do? I've always wanted to be a Nielsen family. I doubt iTunes sends personally identifiable information any more than TiVos do.

I have Little Snitch, too, and it's reported no iTunes activity. (It helps that I ripped all my songs from CD and never needed to buy anything from the iTMS. And that I found the MiniStore a waste of perfectly good screen real estate and previously turned it off, especially since I don't buy from iTMS.)
post #29 of 65
Quote:
Originally posted by Porchland
Amen. That was actually the point of my original post, i.e., that it may actually be a good thing that Apple (it's computers, whatever) knows what I like and can present better choices to me as a result of data-mining my playlists.

Yes, it should be up to the consumer whether they think it's of benefit to them to allow a company to gather personal information about them in order to provide a better service. Or whether they (in the case of myself) are subscribed to a number of record release lists with MP3 previews, chat with musicians and religious music fanatics on message boards, etc, etc and know well enough to make their own choices (and thus would rather not share our personal information).

Then again, most of the music I listen to isn't available on the iTMS anyways, so it's a moot point (and yes, I do buy MP3s online, just elsewhere).
 
Reply
 
Reply
post #30 of 65
Quote:
Originally posted by Kolchak
And it's not as if Amazon.com wasn't already doing something like that by telling you what others have bought in addition to the CD you're looking at. This hullabaloo reminds me of the foil-hatted people running around saying "TiVo knows everything you're watching!" So what if they do? I've always wanted to be a Nielsen family. I doubt iTunes sends personally identifiable information any more than TiVos do.

Right, but knowing who is profitting from your information sharing allows you to choose whether you want to "make a contribution" to that company or not. I'm not against it by any means, I just think people should be given the proper knowledge to make an informed choice (and be given a choice). For example, I wouldn't want to "contribute" information to a company whose business ethics I don't agree with.
 
Reply
 
Reply
post #31 of 65
Quote:
Originally posted by auxio
Right, but knowing who is profitting from your information sharing allows you to choose whether you want to "make a contribution" to that company or not. I'm not against it by any means, I just think people should be given the proper knowledge to make an informed choice (and be given a choice). For example, I wouldn't want to "contribute" information to a company whose business ethics I don't agree with.

You're making an assumption as well. There is no evidence that Apple is keeping or using any of this for anything other than for what they said they are.

So, you are also a conspiracy theorist.
post #32 of 65
Quote:
Originally posted by melgross
You're making an assumption as well. There is no evidence that Apple is keeping or using any of this for anything other than for what they said they are..

Likewise, there's no evidence that they are deleting the information they collect.
'L'enfer, c'est les autres' - JPS
Reply
'L'enfer, c'est les autres' - JPS
Reply
post #33 of 65
Quote:
Originally posted by auxio
This whole discussion is irrelevant. The whole worry about someone (they) at Apple bothering to look through a log of one hundred million or so playlist entries just to report someone who's listening to Mein Kampf or Das Kapital to the CIA is rediculous.
.

The fears of most people on this had nothing to do with the CIA/NSa/FBI or Big Brother et al

The fear was that AN ALGORITHM was churning the data into what would be the most valuable form of demographic info that the record companies could ever dream of...exactly what you listen to, when, how long, and maybe at what volume...all kinds of odd shit...just think of all the data that could have been sent back...


I really had no fear, because people were so pissed when they first saw it that I KNEW that there were at least 1000 or more (other) people running protocol analyzers looking for ANYTHING odd...it would have been discovered and splashed everywhere in minutes. and this doesnt account for iTunes competition, who was no doubt checking too, 12 hrs after the relese, I knew it was clean.
You can't quantify how much I don't care -- Bob Kevoian of the Bob and Tom Show.
Reply
You can't quantify how much I don't care -- Bob Kevoian of the Bob and Tom Show.
Reply
post #34 of 65
I do not really understand what all this fuss is about.
It seemed, to me anyway, as soon as I launced Itunes 6.0.2 that there
was a new button at the bottom of the library screen.

Whats that I thought, moved my mouse over it and it said - "show or hide the ministore" - if it was open, it was obvious that data was being shared as it was
showing me comparible songs as what I was listening to, turn it off and it went away, the only thing odd was not knowing what was being shared, Apple very very quickly told us what was going on, within about 24 hours down under anyway.
Shiny Side Up
Reply
Shiny Side Up
Reply
post #35 of 65
Quote:
Originally posted by melgross
You're making an assumption as well. There is no evidence that Apple is keeping or using any of this for anything other than for what they said they are.

So, you are also a conspiracy theorist.

Not really, because the reality of the situation is exactly what I said: Apple is profiting from the gathering of information by offering sales suggestions based on your playlist, which a certain percentage of consumers will use to buy music they might not have purchased otherwise. The side-effect is, of course, also of benefit to music consumers who are looking for new music that they might not find out about otherwise, which is why it makes business sense.

I never speculated about anyone else profiting from the same information (which is where the conspiracy theory would lie). Though Apple is free to do whatever they please with that information, so it would be in their best interest to maximize their investment in obtaining it (research & development costs, hardware costs, hardware maintenance, network bandwidth, etc) by finding other ways to profit from it.
 
Reply
 
Reply
post #36 of 65
Quote:
Originally posted by Gene Clean
Likewise, there's no evidence that they are deleting the information they collect.

The evidence has already been shown by those who have looked at what the packets contain.

Also, Apple says that they aren't keeping the info.

If you choose not to believe them, and adhere to these throries, fine.
post #37 of 65
Quote:
Originally posted by auxio
Not really, because the reality of the situation is exactly what I said: Apple is profiting from the gathering of information by offering sales suggestions based on your playlist, which a certain percentage of consumers will use to buy music they might not have purchased otherwise. The side-effect is, of course, also of benefit to music consumers who are looking for new music that they might not find out about otherwise, which is why it makes business sense.

I never speculated about anyone else profiting from the same information (which is where the conspiracy theory would lie). Though Apple is free to do whatever they please with that information, so it would be in their best interest to maximize their investment in obtaining it (research & development costs, hardware costs, hardware maintenance, network bandwidth, etc) by finding other ways to profit from it.

That's not quite what you were hinting.

Quote:
Right, but knowing who is profitting from your information sharing allows you to choose whether you want to "make a contribution" to that company or not. I'm not against it by any means, I just think people should be given the proper knowledge to make an informed choice (and be given a choice). For example, I wouldn't want to "contribute" information to a company whose business ethics I don't agree with.

Considering the subject that we are talking about. This is a pretty clear indication that you weren't talking about Apple, but that you were concerned that "someone else" was possibly benefiting.

Otherwise, you could simply have said that you didn't mind that Apple was benefiting, as you just did to me.
post #38 of 65
Quote:
Originally posted by melgross
Considering the subject that we are talking about. This is a pretty clear indication that you weren't talking about Apple, but that you were concerned that "someone else" was possibly benefiting.

No, I was giving an example (hence the "For example") of why someone would possibly not want to give their information out and would like to know exactly who is using it. I brought up this example in order to support my point of why I think companies should be completely transparent about information gathering. I never stated nor implied that this is what Apple is doing. Though I suppose that, in the context of this discussion, it's natural to assume that Apple is the company to fill in the blanks with. However, I assure you that my discussion has drifted to the more general issue of information gathering rather than this specific case.
Quote:
Originally posted by melgross
Otherwise, you could simply have said that you didn't mind that Apple was benefiting, as you just did to me.

I didn't state that either. But I admit, I wouldn't mind giving information to Apple for their benefit because I have no qualms with them (though I admit that I haven't looked into all of Apple's parts suppliers to see their track records on human rights, but that's another issue).
 
Reply
 
Reply
post #39 of 65
Quote:
Originally posted by melgross
[B]The evidence has already been shown by those who have looked at what the packets contain.

And those are... who?

Quote:
Also, Apple says that they aren't keeping the info.

If you choose not to believe them, and adhere to these throries, fine.

Pardon me for not taking for granted what a corporation out there to make money tells me to believe.
'L'enfer, c'est les autres' - JPS
Reply
'L'enfer, c'est les autres' - JPS
Reply
post #40 of 65
Corporations are bad (just think about M$). But Apple is Different.

Pure fanboyism.
"I reject your reality and substitute it with my own" - President Bush
Reply
"I reject your reality and substitute it with my own" - President Bush
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: iPod + iTunes + AppleTV
AppleInsider › Forums › Mobile › iPod + iTunes + AppleTV › Apple addresses iTunes "MiniStore" privacy concerns