Printed from http://www.electronista.com

Spotify web player exploited for free downloads by Chrome extension

updated 11:01 am EDT, Wed May 8, 2013

Weak security resulted in DRM-free MP3 file downloads

A vulnerability found in Spotify's web player has been exploited, allowing users to download permanent copies of songs from the service. A Chrome extension by the name of Downloadify used the exploit to download MP3 files that were free of DRM, rather than just stream them, something which Spotify has been quick to rectify.

The Chrome extension, found by Tweakers, downloaded the track at the same time as streaming the song, taking advantage of the fact that the web-based client uses an HTML5-based API to play the music, and that the same songs being streamed were DRM free. The author of the extension reportedly commented that the hack required very little in the way of Javascript coding in order to accomplish, and that one possible solution for Spotify would be to supply a corrupt MP3 file and allow the client to fix the errors while playing it.

Google has been swift to remove Downloadify from the Chrome Web Store, but the code continues to be available to download in locations such as Github. Downloadify creator Robin Aldenhoven told The Verge that since Spotify has added a more secure protocol to its web player, the extension no longer works, and would not be updating the project again.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Samsung Galaxy S 5

The Samsung Galaxy S5 might be the phone that Android users have been craving for some time. Information coming out of Mobile World Co ...

STM Trust technology bag

The search for a good messenger bag that doubles as a laptop bag is something many travelers find themselves facing at least once. Bet ...

PenClic Bluetooth mouse

Windows 8 aside, computer users have been trained that a mouse is the proper way to navigate through the desktop for many years now. T ...

Sponsor

toggle

Most Commented

 
toggle

Popular News