"Protect" mp3 files on amazon.com
Hello.
Not so long ago, they gave at work a task to study the fact of the presence of any hidden information in the required mp3-files. Because it was not exactly known whether something was in them or not, the task seemed almost insoluble. At one time, he wrote a diploma on the topic of hiding information in audio files (audio steganography) and imagined that if you wanted to hide something, it would be almost impossible to detect it. First of all, I started searching from reading the ID3 tag fields, I remembered that there is, in particular, the Lyrics tag (which serves to save the lyrics), the contents of which are not displayed in the same winamp.
In practice, this field was empty.
After some time of communication with Google, I first came across an article on Amazon MP3 ( http://en.wikipedia.org/wiki/Amazon_MP3 ), and then already on songs on amazon.com, which contain some “unique purchase identifier” . The article will be devoted to the study of this identifier.
Let's take it in order.
On September 25, 2007, amazon.com launches a public beta version of the online music store, which in early 2008. became the first music store to sell music without digital copyright protection (DRM). From the same article in the wiki we learn that initially Amazon did not sign the mp3 files sold by it with a digital watermark, some of the files were signed by labels to identify the seller, but not the buyer.
')
Since 2011, the company's policy has changed and for some songs they began to write explicitly that they contain a unique purchase identifier.
A couple of these tunes:
http://www.amazon.com/Silent-Night/dp/B0047E6AR2/ref=pd_sim_dmusic_t_5?tag=acleint-20
http://www.amazon.com/gp/product/B005I0DKPO/ref=dm_dp_trk1
Official information on the Amazon website:
http://www.amazon.com/gp/help/customer/display.html/ref=dm_adp_uits?ie=UTF8&nodeId=200422000
If in Russian: the downloaded file will contain a unique identifier for the purchase, the date / time of the purchase and other information about which below.
Downloading these songs into the forehead did not work out (Amazon swears and says that they can only sell them in the US). I had to ask American acquaintances and after a while I had the same song in my hands, but independently downloaded by two different people from different accounts in the Amazon. By the form, the files were exactly the same, the size coincided up to a byte.
But since Amazon wrote that it included a download identifier in every mp3 and decided to check some of the data for the two existing files and found the differences immediately.
At the beginning of each encrypted file there is a private frame, starting with PRIV and then xml.
Here is an example:
Separately xml:
(Part of the data was deliberately changed)
And what we see:
C2br1vaR - Amazon random numbers assigned to order
Amazon.com - Amazon.com Store Name
2011-12-08T03: 10: 50Z - Date and time of purchase of the song
00011805301110 - apparently this is the album ID (Universal Product Code)
USAG21130102 - International Standard Audio / Video Recording Number
KRXaw + vu1wr8bB2cCNxJScKWcFKk7fDg - the number of the sale transaction, which in the Amazon database are tied to the credit card number, address, and so on customer data
user-name - customer identifier (the initial part of the customer's email)
Next come a few more options. Most likely this is a digital signature by which it will be possible to determine whether the file has been modified or not.
With this information on hand, you can unambiguously determine who, from whom and when bought this composition. And if this record will later be laid out somewhere ... then it will be clear from where the legs grow.
According to our own observations, this section of PRIV, along with xml, takes about 8kb of mp3-file (more precisely, the necessary information itself takes less than 1kb, the rest is supplemented with zeros)
...
...
In this case, non-destructive audio data steganography, that is The embedded data does not affect the audio data itself, but hides in the service fields that are not displayed in the most common ID3-Tag scanners.
In one foreign blog, a certain craftsman has already laid out a program that removes “Amazon's kind of information” - http://invertedsky.net/desiccate/ .
It can work in batches, can first analyze the files and indicate to the user whether these fields are in the file or not.
Googling, stumbled upon another import blog, the owner of which made the ID3-Tag viewer, capable of reading all the frames in an mp3 file according to standards - http://glassocean.net/perrys-id3-tag-viewer/ .
Thus, the most common at first glance (and hearing) mp3-box can contain a lot of useful and even confidential information.
Listen to good music and be more attentive when sharing music!
Not so long ago, they gave at work a task to study the fact of the presence of any hidden information in the required mp3-files. Because it was not exactly known whether something was in them or not, the task seemed almost insoluble. At one time, he wrote a diploma on the topic of hiding information in audio files (audio steganography) and imagined that if you wanted to hide something, it would be almost impossible to detect it. First of all, I started searching from reading the ID3 tag fields, I remembered that there is, in particular, the Lyrics tag (which serves to save the lyrics), the contents of which are not displayed in the same winamp.
In practice, this field was empty.
After some time of communication with Google, I first came across an article on Amazon MP3 ( http://en.wikipedia.org/wiki/Amazon_MP3 ), and then already on songs on amazon.com, which contain some “unique purchase identifier” . The article will be devoted to the study of this identifier.
Let's take it in order.
On September 25, 2007, amazon.com launches a public beta version of the online music store, which in early 2008. became the first music store to sell music without digital copyright protection (DRM). From the same article in the wiki we learn that initially Amazon did not sign the mp3 files sold by it with a digital watermark, some of the files were signed by labels to identify the seller, but not the buyer.
')
Since 2011, the company's policy has changed and for some songs they began to write explicitly that they contain a unique purchase identifier.
A couple of these tunes:
http://www.amazon.com/Silent-Night/dp/B0047E6AR2/ref=pd_sim_dmusic_t_5?tag=acleint-20
http://www.amazon.com/gp/product/B005I0DKPO/ref=dm_dp_trk1
Official information on the Amazon website:
http://www.amazon.com/gp/help/customer/display.html/ref=dm_adp_uits?ie=UTF8&nodeId=200422000
If in Russian: the downloaded file will contain a unique identifier for the purchase, the date / time of the purchase and other information about which below.
Downloading these songs into the forehead did not work out (Amazon swears and says that they can only sell them in the US). I had to ask American acquaintances and after a while I had the same song in my hands, but independently downloaded by two different people from different accounts in the Amazon. By the form, the files were exactly the same, the size coincided up to a byte.
But since Amazon wrote that it included a download identifier in every mp3 and decided to check some of the data for the two existing files and found the differences immediately.
At the beginning of each encrypted file there is a private frame, starting with PRIV and then xml.
Here is an example:
Separately xml:
(Part of the data was deliberately changed)
And what we see:
C2br1vaR - Amazon random numbers assigned to order
Amazon.com - Amazon.com Store Name
2011-12-08T03: 10: 50Z - Date and time of purchase of the song
00011805301110 - apparently this is the album ID (Universal Product Code)
USAG21130102 - International Standard Audio / Video Recording Number
KRXaw + vu1wr8bB2cCNxJScKWcFKk7fDg - the number of the sale transaction, which in the Amazon database are tied to the credit card number, address, and so on customer data
user-name - customer identifier (the initial part of the customer's email)
Next come a few more options. Most likely this is a digital signature by which it will be possible to determine whether the file has been modified or not.
With this information on hand, you can unambiguously determine who, from whom and when bought this composition. And if this record will later be laid out somewhere ... then it will be clear from where the legs grow.
According to our own observations, this section of PRIV, along with xml, takes about 8kb of mp3-file (more precisely, the necessary information itself takes less than 1kb, the rest is supplemented with zeros)
...
...
In this case, non-destructive audio data steganography, that is The embedded data does not affect the audio data itself, but hides in the service fields that are not displayed in the most common ID3-Tag scanners.
In one foreign blog, a certain craftsman has already laid out a program that removes “Amazon's kind of information” - http://invertedsky.net/desiccate/ .
It can work in batches, can first analyze the files and indicate to the user whether these fields are in the file or not.
Googling, stumbled upon another import blog, the owner of which made the ID3-Tag viewer, capable of reading all the frames in an mp3 file according to standards - http://glassocean.net/perrys-id3-tag-viewer/ .
Thus, the most common at first glance (and hearing) mp3-box can contain a lot of useful and even confidential information.
Listen to good music and be more attentive when sharing music!
Source: https://habr.com/ru/post/134523/
All Articles