Printed from http://www.electronista.com

Spotify web player exploited for free downloads by Chrome extension

updated 11:01 am EDT, Wed May 8, 2013

Weak security resulted in DRM-free MP3 file downloads

A vulnerability found in Spotify's web player has been exploited, allowing users to download permanent copies of songs from the service. A Chrome extension by the name of Downloadify used the exploit to download MP3 files that were free of DRM, rather than just stream them, something which Spotify has been quick to rectify.

The Chrome extension, found by Tweakers, downloaded the track at the same time as streaming the song, taking advantage of the fact that the web-based client uses an HTML5-based API to play the music, and that the same songs being streamed were DRM free. The author of the extension reportedly commented that the hack required very little in the way of Javascript coding in order to accomplish, and that one possible solution for Spotify would be to supply a corrupt MP3 file and allow the client to fix the errors while playing it.

Google has been swift to remove Downloadify from the Chrome Web Store, but the code continues to be available to download in locations such as Github. Downloadify creator Robin Aldenhoven told The Verge that since Spotify has added a more secure protocol to its web player, the extension no longer works, and would not be updating the project again.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Cat B100

Cat is primarily known for its heavy-duty machinery used in the construction industry and farming, among other areas. What may not be ...

Linksys EA6900 AC Router

As AC networking begins to makes its way into more and more devices you may find yourself considering an upgrade for your home network ...

D-Link DIR-510L 802.11AC travel router

Having Internet access in hotels and other similar locations used to be a miasma of connectivity issues. If Wi-Fi was available, it wa ...

Sponsor

toggle

Most Commented

 
toggle

Popular News