Arstechnica brought it to my attention that Apple has been embedding my account information in the files I download from their iTunes music store.
On one hand, that’s understandable given that the encryption key is linked back to my account on iTunes music store. The very same reason you must authenticate when playing a encrypted music on a new installation of iTunes.
But why couldn’t they have just embedded an arbitrary account number associated with my account? Did they want to make it easier for the mafiaa to track down music sharing folks? I wonder if this was a strong arm tactic and why didn’t Apple protect our privacy better?
I cracked open a couple of files (pre-drm free itunes) with notepad and in the first page of code was my name and email address in plain text. And this is only in plain text, no telling what else is embedded in there.