News Section Logo NEWS - Return to news section


Spotify Flaw That Allowed Downloading of Songs Fixed

Posted by: , 17:53 AEST, Sat May 11, 2013

Permanent Link     Add Comments
submit to reddit
A flaw in Spotify's web player allowed any of the songs in their 20 million strong catalog to be downloaded without copy protection
News story feature image
Image/Photo Credit: Sorosh @ Flickr, CC

It came, it saw, it didn't exactly conquer, but was banned and now it's fixed. That's what happened this week when a Chrome browser add-on called Downloadify exploited a flaw in the Spotify web player and allowed people to download any song streamed by Spotify.

The flaw meant that songs being streamed by the Spotify web player were not encrypted properly, and the Downloadify add-on simply exploited this fact to allow users to download songs temporarily stored in the browser cache.

Google, who manages Chrome browser add-ons, quickly took action and removed the add-on, but the open source nature of Downloadify still meant that anyone who wanted to get it still could.

So it was up to Spotify to fix the flaw, and they finally did this week.

The programmer of Downloadify says that he created the add-on purely as a way to force Spotify to fix the flaw, which he says has been there for at least "four or five months".


Related News:

News Icon Spotify Founder: Creating Something Better Than Piracy Was My Goal

posted by: Sean F, 13:13 AEDT, Fri December 14, 2012

News Icon Music Pirates Are Also Most Prolific Buyers, New Report

posted by: Sean F, 13:27 AEDT, Thu October 18, 2012

News Icon New Megaupload Sidesteps Legal Issues, But Already Targeted By Copyright Groups

posted by: Sean F, 18:35 AEDT, Tue January 22, 2013

News Icon Ubisoft DRM Contains Rootkit, Update Available To Fix Vulnerability

posted by: Sean F, 12:07 AEST, Wed August 1, 2012

News Icon SXSW Interactive Panel Blasts Copyright Law, Entertainment Industry

posted by: Sean F, 15:22 AEDT, Tue March 12, 2013