Printed from http://www.electronista.com

Spotify web player exploited for free downloads by Chrome extension

updated 11:01 am EDT, Wed May 8, 2013

Weak security resulted in DRM-free MP3 file downloads

A vulnerability found in Spotify's web player has been exploited, allowing users to download permanent copies of songs from the service. A Chrome extension by the name of Downloadify used the exploit to download MP3 files that were free of DRM, rather than just stream them, something which Spotify has been quick to rectify.

The Chrome extension, found by Tweakers, downloaded the track at the same time as streaming the song, taking advantage of the fact that the web-based client uses an HTML5-based API to play the music, and that the same songs being streamed were DRM free. The author of the extension reportedly commented that the hack required very little in the way of Javascript coding in order to accomplish, and that one possible solution for Spotify would be to supply a corrupt MP3 file and allow the client to fix the errors while playing it.

Google has been swift to remove Downloadify from the Chrome Web Store, but the code continues to be available to download in locations such as Github. Downloadify creator Robin Aldenhoven told The Verge that since Spotify has added a more secure protocol to its web player, the extension no longer works, and would not be updating the project again.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Apple 13-inch MacBook Pro (Early 2015)

Although the new darling of the Apple MacBook line up is the all-new MacBook, Apple has given its popular 13-inch MacBook Pro with Ret ...

Seagate Wireless

It seems like no matter how much internal storage is included today's mobile devices, we, as users, will always find a way to fill the ...

Lenovo Yoga Tablet 2 (Android, 10.1-inch)

Lenovo is building a bigger name for itself year after year, including its devices expanding beyond desktop computers. The company's l ...

Advertisement

toggle

Most Commented

 
toggle

Popular News