Is Spotify safe

Posted on 2009-04-24
Last Modified: 2012-05-06
A couple of staff members are asking me if they can install Spotify.
Do any of you know the downsides of this?
Is it asking for trouble as I've never used it, or is it reasonably safe.
We have a 2003 domain, all users on XP
Question by:jasonbournecia
    LVL 27

    Assisted Solution

    Looks safe enough from these reviews and postings.
    I'm not a big fan of anything that is peer to peer (for various reasons).
    Other than that, I can't locate anything negative about the application.
    LVL 19

    Accepted Solution

    Hi jasonbournecia,

    Spotify, a proprietary peer-to-peer streaming music program may not be secure:

    "On 4 March 2009, Spotify announced that personal data including email addresses and birth dates of members of Spotify prior to 19 December 2008 were "potentially exposed" by hackers exploiting a bug in the system. Spotify later announced that any affected users have been personally emailed by Spotify. The team creating "Despotify", an open source clone of Spotify, later announced that it was they who had discovered the security hole, and that only around 40 users' details had been revealed, mostly members of the Despotify or Spotify teams. While it is possible that other groups could have have used this approach to gain user information, it is unlikely given that Spotify fixed the issue within a few hours of the exploit being made public.

    An announcement by Spotify also pointed out that any potential hackers would only be able to obtain salted encrypted passwords. Hackers would still have to have targeted specific accounts and used brute force attacks on these passwords."

    Here's their own security notice:

    According to their team, they have apparently fixed the security issue. There is a competing open source project:

    They discuss the security issues here:

    Author Closing Comment

    Thanks for the responses guys and gals.
    I hope you don't work for them Daydreams!
    I'll do a little more reading from the links
    Thanks again.
    LVL 19

    Expert Comment

    >Thanks for the responses guys and gals.
    I hope you don't work for them Daydreams!
    I'll do a little more reading from the links
    Thanks again.

    You're welcome Jason, and no, I don't work for them:-)

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
    One of the biggest challenges facing freelancers is balancing multiple projects and deadlines. Organizational skills and time management are key to keeping up with projects and staying on track. Luckily, we’ve curated seven tools to help you focus o…
    Viewers will get an overview of how to make and use Drum Racks in Ableton Live. Load new Drum Rack into empty MIDI track: Fill rack with audio samples: Re-arrange sample slots as necessary: Adjust parameters of each slot to tailor each sound a…
    The Bounty Board allows you to request an article or video on any technical topic, or fulfill a bounty request to earn points. Watch this video to learn how to use the Bounty Board to get the content you want, earn points, and browse submitted bount…

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now