Following some shrewd cold-war antics by a rogue developer, Spotify were left in the lurch as recipients of an ironic hack. According to The Verge, a developer published a Chrome extension, a small program from freeware web browser Google, which allowed Spotify users to download any of song currently available from the streaming service directly to their hard drive.
Aptly dubbed ‘Downloadify’, its release exploited a techincal faux pax inherent in the encryption and coding of the popular music service’s web-based player, allowing hackers the opportunity to rob any track from Spotify’s 20 million strong library.
As reported by CNet, the app’s description on downloading site GitHub flaunts the Spotify exploit with jest:
“Simple Chrome Extension to Download all Spotify Songs,” read the Downloadify synopsis. “Spotify made a great html5 player for their service… But they forgot their encription [sic]…Hey, I don’t like encription but love spotify, just pay them for their magnificent content and I am sure they fix it soon.”
Undermining the streaming principles of Spotify, the second ranked digital revenue digital source behind Apple (according to CNews), the Chrome Extension, which has now been officially removed from the Google Chrome web store, posed a direct threat to the music provider’s immense music catalogue.
The program’s potential to ransack such an extensive music library by the savvy consumer, could easily results in a myriad of ramifications for Spotify, the worst of which is leaving them legally vulnerable in the eyes of record label majors – such as Sony, Warner, and Universal – who supply the service with the licensing access to the tracks on the basis that their systems are secure. Aptly dubbed ‘Downloadify’, its release exploited a techincal faux pax… allowing hackers the opportunity to rob any track from Spotify’s 20 million strong library.
The security chink’s highlighted in Spotify’s armour by Downloadify suggests that perhaps the digital locks aren’t as secure as once though. As it would happen, the incident could not come at a more tenuous time, with licensing agreements for all three major labels being up for renewal this year, as reported by CNews.
With the competition in the music streaming sphere gaining momentum, with the likes of Pandora accumulating numbers over the 200 million mark and Deezer’s ambitious marketing plans for wrangling in emerging artists, opportunities for record labels to out source elsewhere are rife especially if confidence has been lost with Spotify.
In an ironic twist of fate, Spotify investor and board member Sean Parker – the web’s first true music hacker and former co-creator of Napster – has now experienced the other side of the sting in light of the Downloadify debacle. The wit has been out-witted in the game of his own creation, so to speak.
Parker previously stated, via a Daily Beast conference on YouTube, that his move from Napster to Spotify was a means of “finishing what (he) started” and ” trying and fix what (he) broke” in the music distribution process through the free file-sharing model developed in Napster.
The desire to download content, rather than simply stream it, even as a tech-geek prank, highlights the changing attitude of music consumers who, in general, would rather have ownership of song purchased rather than via the constrictions of streaming-subscriptions, according to a recent census.
Conducted by Worldplay and called Digital Generation Report, the report concludes over half of those surveyed share this attitude, with up to 15% believing it is respectively their legal right to do so.
However it’s not all bad news for Spotify. Having been notified of the unsanctioned ‘Downloadify’, the “tool” has since been removed from Chrome’s web store in compliance with its Google Chrome Web Store developer agreement, which explicates that prospective app makers “will not engage in any activity with the Web Store, including the development or publication of Products or other materials, that… infringes on the intellectual property rights of others [or] enables the unauthorized download of streaming content or media.”
Spotify has since accordingly amended its web player to prevent Downloadify use.