Apple addresses iTunes "MiniStore" privacy concerns
Apple on Wednesday responded to claims that its new iTunes 'MiniStore' feature is akin to spyware by remotely disabling the feature on all installed copies of the latest digital jukebox software.
On relaunch, iTunes 6.0.2 now offers a dialogue allowing users to decide whether to enable the "MiniStore" feature, which reports information about each song a user listens to in iTunes, notes MacNN.
Apple released iTunes 6.0.2 on January 10th, but two days later avid Mac users discovered that the software quietly communicated playlist information over the Internet, both to Apple and to a company based in Orem, Utah.
The MiniStore now displays an information pane on the first connect to it, explaining what data is transmitted, and telling the user how to toggle its visibility. It also confirms that when the MiniStore is disabled, that no data is transmitted at all. This update was performed on Apple's servers, leaving user installations untouched.
The latest version of iTunes now displays the following note via its interface: "The iTunes MiniStore allows you to discover new music and videos right from your iTunes Library. As you select items in your Library, information about that item is sent to Apple and the MiniStore will show you related songs or videos. Apple does not keep any information related to the contents of your music Library."
On relaunch, iTunes 6.0.2 now offers a dialogue allowing users to decide whether to enable the "MiniStore" feature, which reports information about each song a user listens to in iTunes, notes MacNN.
Apple released iTunes 6.0.2 on January 10th, but two days later avid Mac users discovered that the software quietly communicated playlist information over the Internet, both to Apple and to a company based in Orem, Utah.
The MiniStore now displays an information pane on the first connect to it, explaining what data is transmitted, and telling the user how to toggle its visibility. It also confirms that when the MiniStore is disabled, that no data is transmitted at all. This update was performed on Apple's servers, leaving user installations untouched.
The latest version of iTunes now displays the following note via its interface: "The iTunes MiniStore allows you to discover new music and videos right from your iTunes Library. As you select items in your Library, information about that item is sent to Apple and the MiniStore will show you related songs or videos. Apple does not keep any information related to the contents of your music Library."
Comments
Originally posted by AppleInsider
Apple on Wednesday responded to claims that its new iTunes 'MiniStore' feature is akin to spyware by remotely disabling the feature on all installed copies of the latest digital jukebox software.
...
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.
Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.
My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?
I've gotta hand it to Apple on this one.
Good move
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.
That button has always been in 6.0.2.
Originally posted by VanFruniken
Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.
My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?
Originally posted by AppleInsider
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.
Actually, this last sentence is wrong. The Show/Hide button was already included with the 6.0.2 update prior to today's change.
This is a very good move on Apple's part. They made a minor but poorly-judged move by adding the ministore (by default) in the first place, and should have had a heads-up like this to begin with, but they've acted swiftly and appropriately to nip it in the bud.
Originally posted by FreakyT
That button has always been in 6.0.2.
Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?
Too bad they're using port 80 for this information sharing, otherwise it would be possible to use Little Snitch to block it without blocking everything else.
Originally posted by AppleInsider
It also appears that Apple was able to add or activate a new "show/hide" MiniStore button to the iTunes interface (below) without requiring a software update.
Who's writing these articles? Seriously! How about a little research before publication?
Originally posted by auxio
Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?
No. This update basically just reminds people that it CAN be closed, and tells people exactly WHAT is happening so they can decide Which is what they should have done.
And adding that note doesn't mean Apple is remote-controlling your mouse or something
It probably means Apple ALREADY included that note in the new iTunes, and was debating whether they should bother people with it or not. So they disabled it but left the option open to show it. Now I bet they're glad they did.
EDIT: Above poster makes more sense: the popup is probably generated by the ministore just like other popups are generated by the main store. I never thought about whether they were in the "HTML" or in the app, but now that you mention it I bet you're right.
Either way, Apple didn't have to "intrude" on your machine in order to add the new warning.
Originally posted by auxio
Yes, I have always kept it closed. The question is, before this change, if it was closed, would it still send information to Apple?
Too bad they're using port 80 for this information sharing, otherwise it would be possible to use Little Snitch to block it without blocking everything else.
Actually, if you check the comments in the original stories on this (at BoingBoing, SlashDot, etc), quite a few people confirmed that no, it was *not* sending info to Apple unless the ministore was showing, even before this change. They cited LittleSnitch and other similar utilities to verify it.
So, Apple only made 2 errors here: 1) the store was "on" by default instead of "off"; and 2) they didn't give you any notice of what information was being sent (or under what circumstances). This latest change solves both.
Originally posted by fahlman
Isn't that portion of iTunes dynamically generated HTML?
I don´t think so.
Wha is it with the sudden influx of "Apple can´t do anything wrong" people we have ahd lately?
Originally posted by VanFruniken
Now it is this last point that bothers me. Apparently Apple is able to control remotely how our apps work.
My question, now, is: "how many other hooks into our systems does Apple have to control other ascpects of our Macs"?
It doesn't hook into your system. We're talking about data iTunes pulls from the internet. When iTunes pulls up a page offering recommendations, the server first returns a page asking for permission.
Originally posted by BlueDjinn
Actually, if you check the comments in the original stories on this (at BoingBoing, SlashDot, etc), quite a few people confirmed that no, it was *not* sending info to Apple unless the ministore was showing, even before this change. They cited LittleSnitch and other similar utilities to verify it.
So, Apple only made 2 errors here: 1) the store was "on" by default instead of "off"; and 2) they didn't give you any notice of what information was being sent (or under what circumstances). This latest change solves both.
ok, good to know that keeping it closed prevented the information from being shared.
And I did notice that even though I had previously kept that portion of iTunes closed, when I updated to 6.0.2, it was reopened (and I had to close it again). So that's another problem with the update: not respecting previous user settings.
Originally posted by Anders
Wha is it with the sudden influx of "Apple can´t do anything wrong" people we have ahd lately?
Who in this thread has said that?
Nobody has denied that Apple was wrong to give no warning before. They've STOPPED doing this particular wrong, however. And there are misunderstandings about what that wrong was--like saying you couldn't disable it before, when that was always a click away, if Apple would only explain the choice. Now they do. (AND they note that they don't store your play info, only use it at the moment, to send recommendations--which removes most of my early complaints about this issue.)
BTW, the iTunes music store displays--including the mini-store, ARE a kind of HTML rendered on the fly depending on what items need to be shown. The only question is whether Apple delivers the popup notice itself that way (as many web sites do) or whether the warning was there all along. I'm curious about which method they use, but neither answer to that technical question is about apple "doing wrong" or "doing no wrong." Either way they DID do (small) wrong by not reminding people of the obvious (that the mini store recommendations are based on YOUR music playing)--and either way, they've corrected that thanks to feedback which they got--and which they deserved.
Originally posted by fahlman
Isn't that portion of iTunes dynamically generated HTML?
Yes, so the only update required was on their own servers. Your own machines have not been touched.
You would think that after what happened to Sony, apple would have said, whoa!. If they just came out with this information layout in the beginning, they would have been praised for being so upfront with what they were doing. Eveyone would then have pointed to them and said that they "got it".
Instead, we have this mini tempest.
The problem here is that the cure will never entirely erase the initial bad publicity and distrust from all. Apple's critics will be sure to bring it up again, and again.
I just can't understand why companies aren't smarter about these things, especially when they are doing something that they don't have to be ashamed about in the first place.
Does anyone know anyone who actually likes or uses the ministore?
Just so we are absolutely clear:
The contents of the iTunes window area that I have highlighted red in this picture is dynamically generated by Apple's music store servers and sent to iTunes. The button that the mini-store area is pointing to has always been in iTunes 6.0.2. Apple have not modified anything on your computer.
Originally posted by melgross
I just can't understand why companies aren't smarter about these things, especially when they are doing something that they don't have to be ashamed about in the first place.
I agree. I mean, the feature is intended to help users find music they may like based on what they currently listen to, so it's not bad intentioned. However, as is the case with any information collection, there is the potential to make a lot of money from information end users may or may not want to share, and so there will always be a level of distrust. Especially when the average user doesn't know exactly what information is being collected.
I think the best solution is for companies to be completely transparent about information collection: tell what information is collected, describe the benefits to end users, and allow them to decide what information they feel comfortable sharing through the application settings. The defaults, of course, should be no information sharing whatsoever.
Because if Apple knows I listen to Radiohead a lot, I'll turn to a pillar of salt?
I'm all for stopping snooping technology that lets companies I don't know about or don't consent to snoop around on my computer, show me pop-up messages for prescription drugs or drain my computer's processing power for nefarious purposes. I'm just not all concerned about a company whose product I use by license from that company -- ahem, Apple -- using information it gets from my usage of its product to make my experience better.
(I can feel the flamers already!)