Recently, I downloaded and installed the RealJukeBox player software on my Windows 98 laptop. The player is available at no charge from RealNetworks at http://www.real.com. It can be used to play music CDs, as well as record them to music files on a hard disk for future playback. Since its release in the summer of 1999, more than 12 million copies of the software have been downloaded.
Unfortunately, I quickly discovered that the RealJukeBox software is sending off information to RealNetworks about what music CDs I listen to, along with a unique player ID number that identifies who I am. I also found that the RealJukeBox sends back to RealNetworks, on a daily basis, information on how I am using the product. It reports things like how many songs I have recorded on my hard drive, the type of portable MP3 player I own, and my music preferences.
This monitoring system, built into the RealJukeBox software, has the potential for being used as a powerful profiling system to help market new CDs and related products at the expense of personal privacy. The remainder of this write-up documents how the monitoring system is implemented and some of its potential uses and/or misuses.
The RealJukeBox is now the default music CD player on my Windows system. I noticed that each time I play a music CD in my computer CD-ROM drive, that RealJukeBox player shows the name of the CD, the artist, and a list of all songs on the CD. This is a pretty handy feature if one wants to only listen to or record one or two tracks on a CD. All of this information about the music CD is obtained from a Web server at RealNetworks. This information is downloaded in parallel when a CD starts playing.
I decided to put a packet sniffer on the RealJukeBox player to see exactly what information is being transmitted from my computer to the Real Networks servers. Mucmh to my dismay, I found that in the HTTP GET request for the CD information, the player is including a unique GUID serial number for my copy of the software.
Here was what a sample request looks like:
GET /query.html?cmd=cddb+query+6f0fe407+7+150+74670+107840+146875+
196050+215005+256182+4068&hello=realuser+real.com+
"RealNetworks+RealJukebox"+1.0&proto=4 HTTP/1.0
Accept: text/html
user-agent:RealNetworks RealJukebox
host:cdinfo.real.com
X-Taiko-AppGUID:3d7460c0-83b6-11d3-a67f-444553540000
X-Taiko-AppVersion:1.0.0.438
X-Taiko-AppDistCode:RJ04
X-Taiko-AppBuildType:FREE
My assumption is that the same GUID was sent
to RealNetworks when I registered my copy of the player.
Checking in the Windows 98 registry, I found the following
URL that was used by the RealJukeBox player to register
my software:
http://registration.real.com/60ereg/RealJukebox.html?
cw19q1wnACrfizsCrekm6u92mxx5zgi3t6zgtxort
6w4w6C1wmB2zgxl3k3ccijdsee4E2b7sA786074fh
4etx2qmfllpcghsmc4E6smc4E6Csc4E6tmc4E6ehs
4o9Aj29E6Cpd4E6avhA6awz54E6v2hjuabpfEqcjB
Cm48rdDvx71x12Eep35s2fvng2E69tABm7kg25i7j
c2uy7Ehqjm6Et0ry7vCdBke8rtAy744yCm7bvczs7smc4E6
RealJukebox
rms2000@bellatlantic.net
United States
02446
RealJukebox
000000000000100001B6000500007FF7FF00
RJ04
Win98
586
English
1.0.0.438
3d7460c0-83b6-11d3-a67f-444553540000
Geoff was also able to decode the following registry entry
for the RealJukeBox player which contains my player GUID:
[HKEY_LOCAL_MACHINE\Software\CLASSES\Software\RealNetworks\RealJukebox\1.0\Preferences]
"Rotuma"="gfejehcihjekeicmeoioqpqtprjrktlufkhgkihlhjhkjiplnnmolplqqrlsotoujfighhgi"
Because the same GUID (3d7460c0-83b6-11d3-a67f-444553540000) is sent to RealNetworks both at registration time and when I play an audio CD, then in theory, they know what audio CDs I am listening to. They could, for example, be creating a list of all my CDs and putting this list in a database with my Email address. For pretty obvious reasons this is very valuable marketing information that could be used by CD retailers to pitch me via Email other CDs that match up with my musical tastes.
In addition, the RealJukeBox tracking system might also be useful for detecting music piracy although I do not have the time right now to investigate this possibility.
The CD Info feature for RealJukeBox is documented in the product and can also be turned off. However, there is no mention of the player GUID number in the documentation and nothing is said about RealNetworks ability to identify individual users. In addition, the RealNetworks' original privacy policy does not talk at all about the player GUID number even though it goes into great detail about things like IP address, cookies, referring URLs, etc.
However after notifying RealNetworks of the various
privacy problems in the RealJukeBox they did update their
privacy policy on Saturday, October 30, 1999 to talk
about GUIDs and some the places they are used. The new
privacy policy is available at:
http://www.real.com/company/privacy.html
I also found that the same player GUID number is sent to
RealNetworks for most commands on the "Sites" and "Help"
menus of the RealJukeBox software. For example, the
"Product Feedback..." selection on the Help menu
initially goes to this URL:
http://presets6.real.com/sitesmenu/rjbhurl.html?
ms10paElp957kCqldbatljkexuakEfskutu9dhdw581kb30i
q9g8Cbxm93wabnxhaesD9Cpbkv28ng2C5Epbhai9s6oDads6
wruzEhkg25i7jc2uy7Ehqjm6Et0ry7vCdBke8rtAy744yCm7
bvczs7smc4E6xae20ibpfEqctel958rut157CqoBg748d20i
vpz8sed8pr3c3ujlA85zeoec9iz8se6x4a66b0xcz8n2Cri7nEa6A8
ID=618|SN=bad range|
CS=28800|
PN=RealJukebox|
PT=Free|
PV=1.0.0.438|
GU=3d7460c0-83b6-11d3-a67f-444553540000|
OS=Win98 4.10.33044|OL=en-US|
LP=en-US, en, *|
LI=1033|DC
=Unk
The same thing happens at the "Sites" menu. When one goes to a music Web site from inside of RealJukeBox, the player GUID is sent in with a URL. This allows RealNetworks to synchronize a Web site cookie with registration information. What Web pages you visit can then be matched with your Email address.
Another interesting discovery I made of the RealJukeBox
player is that in the morning it sends out information
about my usage of the product to RealNetworks.
This information includes how many songs that I
have recorded to my hard disk, what brand of
portable MP3 player I own, and my music preferences. My
player GUID number is also sent along with this
information. All of this information goes inside
of an HTTP GET request. Here is what my player tells
RealNetworks about me in its morning "status report":
GET /getmusic/msearch.rmp HTTP/1.0
user-agent:RealNetworks RealJukebox
host:getmusic.real.com
X-Taiko-AppGUID:3d7460c0-83b6-11d3-a67f-444553540000
X-Taiko-AppDistCode:RJ04
X-Taiko-AppVersion:1.0.0.438
X-Taiko-AppBuildType:FREE
X-Taiko-GenrePreference:New Music
X-Taiko-BackWebInstalled:0
X-Taiko-EncodingOptions:95780 bps G2 - Un-Encrypted
X-Taiko-PortableDevices:
X-Taiko-TotalTracks:11
X-Taiko-EncodedTracks:12
I got in touch with RealNetworks and I received verification that the RealJukeBox player software is indeed doing all the different things I saw with my packet sniffer. However, I was told that Real Networks servers do not log what CDs individual customers are listening to. However, the person I spoke to agreed that logging is possible with the current RealJukeBox player software. The only changes to implement such a logging system would be required at the Real Networks servers.
The person I spoke to also clarified one point. If the same CD is played multiple times, the RealJukeBox player only asks for information about a CD once and it saves the result on the local hard disk.
So why then is the GUID sent to RealNetworks servers when my player software is requesting information about a CD? I was told that the GUID is used to validate that someone is a RealNetworks customer. This validation is apparently a requirement of the company supplying the CD data base, CDDB, Inc. (http://www.cddb.com). Unfortunately, in my testing this validation feature did not seem to work. I was able to request CD information from the RealNetworks server from Internet Explorer 5 which never sends in a player GUID.
This validation scheme also does not explain why the player GUID number is sent in when the RealJukeBox "Sites" and "Help" menus are used.
All and all, the RealJukeBox software does entirely too much tracking of how it is being used and reporting this information back to RealNetworks. I only hope it does not represent a "Brave New World" of consumer electronic devices which send back to media companies what music we listen to, what DVDs we watch, and what TV stations we tune into. As RealNetworks has shown, with an Internet connection, these kinds of monitoring systems are far too easy to implement and deploy.
Going forward, I hope to see RealNetworks immediately remove the player GUID number from the RealJukeBox player software. This one small change will eliminate most of the tracking possibilities that exist in the product today. In addition, the daily status report that is sent out about product usage needs to be stopped. For current users of the RealJukeBox software, I believe the right thing for RealNetworks to do is to notify users via Email of the privacy problems and offer them a patch on the RealNetworks Web site that can be downloaded to fix the problems.
Copyright (C) 1999 Richard M. Smith
Questions? Comments? Hot Tips? Click Here
Language added to the RealNetworks privacy policy on October 30, 1999 about the use of GUIDs in RealNetworks' software products http://www.real.com/company/privacy.html "A Globally Unique Identifier (GUID) is an alpha-numeric identifier that is randomly generated by a RealNetworks consumer application during installation. RealNetworks uses publicly documented standards to create a GUID. A GUID is used to indicate a unique installation of one of RealNetworks products, and is found in many popular software applications. A GUID does not contain or identify any personal information such as your name or email. A RealPlayer GUID is sent to a RealServer when you initiate a streaming media session. The RealServer only uses the GUID for authentication when you request limited-access streaming content. RealNetworks uses GUIDs for statistical purposes and to personalize the services that are offered within our products. We may use GUIDs to understand the interests and needs of our users so that we can offer valuable personalized services such as customized RealPlayer channels. GUIDs also allow us to monitor the growth of the number of users of our products and to predict and plan for future capacity needs for customer support, update servers, and other important customer services."