Recently, I downloaded and installed the RealJukeBox player software on my Windows 98 laptop. The player is available at no charge from RealNetworks at http://www.real.com. It can be used to play music CDs, as well as record them to music files on a hard disk for future playback. Since its release in the summer of 1999, more than 12 million copies of the software have been downloaded.
Unfortunately, I quickly discovered that the RealJukeBox software is sending off information to RealNetworks about what music CDs I listen to, along with a unique player ID number that identifies who I am. I also found that the RealJukeBox sends back to RealNetworks, on a daily basis, information on how I am using the product. It reports things like how many songs I have recorded on my hard drive, the type of portable MP3 player I own, and my music preferences.
This monitoring system, built into the RealJukeBox software, has the potential for being used as a powerful profiling system to help market new CDs and related products at the expense of personal privacy. The remainder of this write-up documents how the monitoring system is implemented and some of its potential uses and/or misuses.
The RealJukeBox is now the default music CD player on my Windows system. I noticed that each time I play a music CD in my computer CD-ROM drive, that RealJukeBox player shows the name of the CD, the artist, and a list of all songs on the CD. This is a pretty handy feature if one wants to only listen to or record one or two tracks on a CD. All of this information about the music CD is obtained from a Web server at RealNetworks. This information is downloaded in parallel when a CD starts playing.
I decided to put a packet sniffer on the RealJukeBox player to see exactly what information is being transmitted from my computer to the Real Networks servers. Mucmh to my dismay, I found that in the HTTP GET request for the CD information, the player is including a unique GUID serial number for my copy of the software.
Here was what a sample request looks like:
The music CD I am listening to is identified by a "electronic
fingerprint" called TOC numbers which are passed in the
query string of the URL. These TOC numbers are read from the CD.
My unique player ID number is sent in the "X-Taiko-AppGUID" HTTP
header of the GET request.
My assumption is that the same GUID was sent
to RealNetworks when I registered my copy of the player.
Checking in the Windows 98 registry, I found the following
URL that was used by the RealJukeBox player to register
Unfortunately the registry entry is encrypted so that
it cannot be easily read. However, a computer consultant
from Australia that I know, Geoff Chappell, volunteered to
decrypt the URL for me. With a few hours of work, he
was successful. He found the following registration information
is sent to RealNetworks:
(Geoff's home page is http://www.ozemail.com.au/~geoffch/)
Geoff was also able to decode the following registry entry
for the RealJukeBox player which contains my player GUID:
It is very unclear to me why all of this secrecy is needed
on my own computer.
Because the same GUID (3d7460c0-83b6-11d3-a67f-444553540000) is sent to RealNetworks both at registration time and when I play an audio CD, then in theory, they know what audio CDs I am listening to. They could, for example, be creating a list of all my CDs and putting this list in a database with my Email address. For pretty obvious reasons this is very valuable marketing information that could be used by CD retailers to pitch me via Email other CDs that match up with my musical tastes.
In addition, the RealJukeBox tracking system might also be useful for detecting music piracy although I do not have the time right now to investigate this possibility.
However after notifying RealNetworks of the various
privacy problems in the RealJukeBox they did update their
about GUIDs and some the places they are used. The new
not talk about the many uses of GUIDs in RealJukeBox. In
RealNetworks registration database can be used to turn
a GUID into a person's Email address. I've attached
the October 30 language to the end of this write-up for
I also found that the same player GUID number is sent to
RealNetworks for most commands on the "Sites" and "Help"
menus of the RealJukeBox software. For example, the
"Product Feedback..." selection on the Help menu
initially goes to this URL:
The query string of this URL decrypts as follows:
The Feedback page asks for your Email address, but of
course, RealNetworks already has it. (As an aside, it probably
is important to say only nice things here on this page.)
LP=en-US, en, *|
The same thing happens at the "Sites" menu. When one goes to a music Web site from inside of RealJukeBox, the player GUID is sent in with a URL. This allows RealNetworks to synchronize a Web site cookie with registration information. What Web pages you visit can then be matched with your Email address.
Another interesting discovery I made of the RealJukeBox
player is that in the morning it sends out information
about my usage of the product to RealNetworks.
This information includes how many songs that I
have recorded to my hard disk, what brand of
portable MP3 player I own, and my music preferences. My
player GUID number is also sent along with this
information. All of this information goes inside
of an HTTP GET request. Here is what my player tells
RealNetworks about me in its morning "status report":
Pretty obviously this information can be used for
both market research and as well as "one-on-one"
targeting of advertisments. Like the GUID and CD tracking, I didn't
find any mention in the RealJukeBox documentation
of this "status report" feature in the software.
GET /getmusic/msearch.rmp HTTP/1.0
X-Taiko-EncodingOptions:95780 bps G2 - Un-Encrypted
I got in touch with RealNetworks and I received verification that the RealJukeBox player software is indeed doing all the different things I saw with my packet sniffer. However, I was told that Real Networks servers do not log what CDs individual customers are listening to. However, the person I spoke to agreed that logging is possible with the current RealJukeBox player software. The only changes to implement such a logging system would be required at the Real Networks servers.
The person I spoke to also clarified one point. If the same CD is played multiple times, the RealJukeBox player only asks for information about a CD once and it saves the result on the local hard disk.
So why then is the GUID sent to RealNetworks servers when my player software is requesting information about a CD? I was told that the GUID is used to validate that someone is a RealNetworks customer. This validation is apparently a requirement of the company supplying the CD data base, CDDB, Inc. (http://www.cddb.com). Unfortunately, in my testing this validation feature did not seem to work. I was able to request CD information from the RealNetworks server from Internet Explorer 5 which never sends in a player GUID.
This validation scheme also does not explain why the player GUID number is sent in when the RealJukeBox "Sites" and "Help" menus are used.
All and all, the RealJukeBox software does entirely too much tracking of how it is being used and reporting this information back to RealNetworks. I only hope it does not represent a "Brave New World" of consumer electronic devices which send back to media companies what music we listen to, what DVDs we watch, and what TV stations we tune into. As RealNetworks has shown, with an Internet connection, these kinds of monitoring systems are far too easy to implement and deploy.
Going forward, I hope to see RealNetworks immediately remove the player GUID number from the RealJukeBox player software. This one small change will eliminate most of the tracking possibilities that exist in the product today. In addition, the daily status report that is sent out about product usage needs to be stopped. For current users of the RealJukeBox software, I believe the right thing for RealNetworks to do is to notify users via Email of the privacy problems and offer them a patch on the RealNetworks Web site that can be downloaded to fix the problems.
Copyright (C) 1999 Richard M. Smith
Questions? Comments? Hot Tips? Click Here