updated 11:01 am EDT, Wed May 8, 2013
Weak security resulted in DRM-free MP3 file downloads
A vulnerability found in Spotify's web player has been exploited, allowing users to download permanent copies of songs from the service. A Chrome extension by the name of Downloadify used the exploit to download MP3 files that were free of DRM, rather than just stream them, something which Spotify has been quick to rectify.
Google has been swift to remove Downloadify from the Chrome Web Store, but the code continues to be available to download in locations such as Github. Downloadify creator Robin Aldenhoven told The Verge that since Spotify has added a more secure protocol to its web player, the extension no longer works, and would not be updating the project again.