From what I can tell, when you authorize a computer, you are authorizing an account, not a song. I can authorize one song on my eMac, unplug it from the network, copy another song bought with my account to it, and it will play both songs. If I deauthorize the computer, it will deauthorize for all songs with that account.
Your apple music store account name and ID are stored in the m4p file, and you can see them if you get info on a file using iTunes. Also, QuickTime and the Finder behave according to the rules of authorization, which can only be controlled through iTunes.
I would guess that Apple is storing the ethernet ID (MAC address) of an authorized machine with your account on their servers, and the machine gets access to songs of that account, which is stored on the machine. But, that doesn't quite make sense, as you can use a modem, airport, or ethernet to connect to the net. AirPort and Ethernet have different MAC addresses. Also, if your motherboard goes kaput, and it gets replaced, your MAC address changes. This brings up the fact that they may be using serial numbers, or a combination of things (most likey, in case of some component getting changed or replaced), but that brings me to "where is the SN on the machines stored?". My guess would be logic board, but a more logical place would be the Mac OS ROM file. I would hope that Apple thought of the possibility of a component going bad. Also, I have personally switched quite a few components on the colored iMacs, and yet firmware upgrades and OS9 system restores (background color) "know" what color the machine is; so I almost wonder if there is an identifier in every machine that Apple doesn't tell us about.
I would be curious to know how this part of the system works, from a purely technical and curious standpoint. I have an unquenchable need to know how things work. I have no intention to try to crack Apple's DRM, as I believe their implementation is almost perfect (not being able to rendevous stream m4p files to unauthorized machines bugs me, what if i have 4 macs?), and am pretty happy with what they have done with it. I just flat-out want to know how it works. ;)

hmm, serial numbers in the ROM. wasn't that the cause of quite a stink from Intel technology?

i wonder if this magic number is a hash of several gestalt values intrinsic in every rig. then, of course, migrations to new iron in the future are going to cause a huge headache to "re-own" property that you've bought.

and then, there's my identity etched in it, and someone is tracking that i buy esoteric music, so why not market me other esoteric things (shudder at the thought of what some mktng shill thinks i would think is esoteric).

i think i'm gonna continue to shop and buy my merch the old fashion way until they pry my cold dead fingers from my little green rectangles.

When I say the Mac OS ROM file, I'm referring to the file that gets loaded into RAM on boot, after initial startup, to finish the boot process. The "ROM in RAM" boot. Not the actual ROM chip on the board.
I believe they are at "/System Folder/Mac OS ROM" and "/System/Library/CoreServices/BootX"

edit
Almost forgot, Apple says to deauthorize a machine before selling it, so I would guess that would mean that when "mirgrating to new iron", it would be best to deauthorize an old machine before nuking a drive for sale.

yeah, i grok, but serializing the ROM file would be folly, because it can be distributed. right?

yeah, deauthorize a rig on sale, or before implosion :D but, still, it's another headache maintenance step in owning a product. tangible, hands on, "i own it" kinda stuff, that you don't have to speak to another entity to validate with your mother's secret recipe.

I think the ROM file idea might be possibility but opens it up for reverse engineering and a whole host of problems (like the distribution).

mervTormel pointed out something interesting. Apple has created this DRM tech and will compile a slew of info based on individual music habits. All in a neat encrypted file database we have no idea how they use or mine. They could go the Amazon route and allow .Mac users who have the same musical tastes to 'discover' each other. Collaborative filtering. Would that be cool? They could then attempt to share their files. ;)

I want to know more, unlikely, I'm sticking to independent buying for now. Well, I have no choice anyway until they expand to these shores. If the mechanism is foolproof why not make it transparent for the masses. True hackers will probably be publishing the details soon, wait and see.

I don't understand the widespread speculation on how Apple's recognizes a particular machine...MAC address, a hash? Do you forget that every Mac has a unique serial number? You see it when you run Apple System Profiler. That's the most logical number to use.

I think all they did was add a tag with your ID and a key. You can open the file with a text editor and see it. I don't think the audio is changed in any way. It's just that all of the Mac software that plays MP4 files checks the key first.

Chris

The serial number as a key did come up in this thread. It got misplaced :)

Being based on serial number makes the most sense, as it is a unique identifier to the machine, and not a particular component.
I never have bothered to check the software checkable serial number of a machine after swapping it's logic board, to see if it is stored there or not.

i know for a fact that, many moons ago, i frob'd this rig with TechTool Lite, "Zap the entire PRAM chip", and the customer serial number and mfg date went missing. now, ASP reports a new serial number and sales order number. hmm?

Very interesting indeed. I'm guessing that since you say "new serial number", it doesn't match the one on the back/bottom/whatever of your machine.
If it is the same, then I would think that the serial number is kept in multiple places, and if one is wiped clean, the others refill it. If so, this could also lend a theory to why imac restores and firmware updates seem to know the color of the machine, even after part swapping.
Also, on the newer machines, doens't booting into open firmware and doing a "reset-nvram" set the NVRAM back to a factory state, and deep zap the PRAM? If so, I did this on an 800Mhz iBook yesterday, and the serial in ASP held.

Maybe if I get into a 1:00AM caffeine induced state again, I'll dig further into m4p files, file modification dates, and what happens when you authorize and deauthorize a machine. If I'm going to do that though, I'm going to need to find my packet sniffer, and my copies of resourcer and hexedit. ;)

On the degradation of quality: it seems apple is ripping it's AAC from the masters (not from cds) therefore the codec has more info and renders a better sounding file; it seems that's why their 128kbits sound better than a rip you'd do on your own.

What's the difference between m4p and m4a? Is it only the presence of a key?


v