Comment 8 for bug 528910

Revision history for this message
Ryan (ryan-farmer-personal-deactivatedaccount) wrote :

"in some MP3 stores' MP3 files"

I generally believe that affirms that I don't know that they do this but that I don't trust them not to and I'll be "darned" if I'm going to buy one to tear it apart and find out. It's something that people should watch out for given the fact that some stores have done it.

I know iTunes does it, but the AAC container lets them append limitless data onto the file, id3 tags don't go that far. There's about 500 K of tracking data in an iTunes AAC including your account info, IP address, time of download etc. , far more than an id3 tag can even hold, but an id3 tag can still be misused to implant a GUID. That's why I said it would be nice if we could get someone to confirm or deny that they do this. Yes or No would suffice, thank you.

Note that at no point did I imply that an MP3 file can phone home, but having the GUID in the tag is still going too far and does have privacy implications.