back to article Spotify spews 'unencrypted' FREE MP3s all over creation

Spotify has tweaked the music player on its website after someone apparently found a way to harvest every single MP3 file from the audio-streaming service. The media biz's playback site, which launched in November, did not encrypt data streamed to the listener's web browser, it is claimed. One enterprising programmer said he …


This topic is closed for new posts.
  1. Steen Hive

    Possibly using RTMP?

    So now it's JS + rtmpdump?

  2. Destroy All Monsters Silver badge

    Artist can also choose to share their music with pink singing ponies and a barf bag.

    "Artist can choose to share their music DRM free, but we don't need to force them."

    Way to miss the point. It's about "paying" not about whether there is DRM or not. And who is that "we" he is talking about? I haven't been introduced.

    1. Joe Harrison

      Re: Artist can also choose to share their music with pink singing ponies and a barf bag.

      I spend a lot of time in clubs and the DJ comes along with his laptop and plays an MP3 which sounds great to him ON HEADPHONES. Sounds terrible however on big speakers. I'm guessing it's something to do with the psychoacoustic model.

  3. vinyl1

    MP3s are so low-quality that they are not even worth stealing.

    I was recently able to hear double-DSD rips of studio master tapes - now that is music! I am not surprised the record companies won't release stuff like that. It has 128 times the bit density of CD.

    1. Anonymous Coward
      Anonymous Coward

      Let me guess, it sounds "warmer".

      1. paulll

        ...and yet more airy. The soundstage came alive with incredibly accurate stereo imaging, although obviously this was due in no small part to the depleted uranium interconnects and the pineapple perched on the windowsill.

        1. Anonymous Coward
          Anonymous Coward

          "The soundstage came alive with incredibly accurate stereo imaging, although obviously this was due in no small part to the depleted uranium interconnects and the pineapple perched on the windowsill."

          Classic hi-fi wank. You can actually put the pineapple anywhere and it has the same effect.

    2. Anonymous Coward
      Thumb Up

      "MP3s are so low-quality that they are not even worth stealing."

      That is true, but it is not completely .mp3's fault. If you take CDDA and use lame @ 320kbps, you won't notice. But that is CDDA, which sadly is still the popular format. Now if you rip DVD-A or DTS streams and encode .mp3 @ 320, you immediately hear the difference. However, being .mp3 is generally encoded from CDDA, it is gimped from the start at the source.

      The irony of .mp3 quality is that if you download them for free, they are almost always better quality than the ones you pay for, I'd say 95% of the time. Companies are just too damn greedy to spend an extra 0.005 dollars to sell you a better quality .mp3.

      Technically, if you want higher quality .mp3's you don't buy them, because you can't :-/

    3. Anonymous Coward
      Anonymous Coward

      BD's are such low quality too that movies are not worth stealing. A "lightly" compressed video is 100Mbps which is 2.5 times that of BD. Want to see great video, uncompressed is the way to go.

      All aside. What does all that quality (video or audio) if you are listening to it on some cheap headphones, in a car with all the road noise or on a phone?

    4. Don Jefe

      Release quality has many factors involved in final decision, but a significant factor is that very few people have access to the equipment necessary to take advantage of super high quality recordings.

    5. phr0g

      CD will give perfect playback of anything in the 0 to 22 KHz range (Nyquists theorum)

      Anything more is inaudible.

      SACD is only useful for surround encoded music, HD music is only useful for making money from ignorant audiophiles.

      (Many SACDs and HD albums DO sound better, but because they have been mastered better, without nasty compression clipping the peaks - The same could be done to the CD, but then they would struggle to charge £20 for it.)

      As for MP3 at 320 KBps. It's pretty much transparent to the CD, and perfectly good.

      By the way, Spotify use the Ogg codec anyway, which is even better.

      1. Richard 22

        > CD will give perfect playback of anything in the 0 to 22 KHz range (Nyquists theorum)

        You're assuming the quantisation is only happening in 1 dimension (time). There's also the amplitude quantisation, which is done to 16bits with CD. SACD and other HD formats use more bits for the amplitude. So no, CDs will _NOT_ give "perfect" playback of anything up to 22kHz - neither will SACD etc, but they will be closer. However, it will give good enough playback for 99% of the situations people listen in (given low quality amplification, background noise, imperfect ears, not sitting in the optimal position etc etc).

        Personally I don't think my ears are good enough to tell the difference between a decent MP3 rip at ~192k VBR and 320k (or lossless for that matter). I haven't heard a really bad mp3 for many years (I remember the Xing mp3 ripper was really fast, back in the days when most encoders were slower than real time, but could produce some terrible results).

      2. Anonymous Coward
        Anonymous Coward

        Price of CDs

        "The same could be done to the CD, but then they would struggle to charge £20 for it"

        What do you mean? CDs DO cost nearly £20! Thats why huge numbers of people invest time in searching for and downloading ripped copies instead of going to HMV to buy the real thing.

    6. Anonymous Coward
      Anonymous Coward

      I quite agree but I and probably one or two more people on the planet ( sarcasm ) want their music to simply listen to, we don't want to have to buy a 1TB player and only be able to carry 10 FLAC albums around with us. A couple of hundred on a decent mobile phone is good enough for most of us and we get to carry about 1,000+ tracks in 320k.

      I shoot photos so I've spent close on £10k on camera kit to do it properly, people tell me I'm mad and that a £150 point'n'shoot pocket camera will do just as well, I know different but I'd never tell them that unless they ask.

      My photos are important to me so that's my thing, you're audio quality is important to you. I won't piss on your parade if you don't piss on mine. Each to their own and never the twain and all that.

    7. Wize

      "MP3s are so low-quality that they are not even worth stealing."

      That's like saying .jpg images are too low quality to make out what the image is.

      The compression level can be adjusted at the point of creation to make them very close to a lossless format but still have a reasonable amount of compression.

    8. MacGyver

      I only care once in a while

      I have some pretty gnarly mp3s, some of them are 15 years old, some were converted to VQFs, and then back to MP3, and the source CD has long since disappeared. On occasion I will get some sort of alien cut-in out of nowhere (perhaps caused by an errant neutrino hitting my hard-drive in just the right place, or maybe just aliens), but other than those and the occasional unlucky "cumulative compression clipping" (I know I just made that up, but what would you call the weird robotic clipping that occurs when a artifact from compression gets compressed again, but then is 4 times worse than the first time?).

      Anyway, all I was saying is that some people don't care all that much about the quality 90% of the time, not enough to even re-rip CDs to mp3s, let alone pay for some weird master that only plays on a bed of baby seal tears ran by moonbeams.

  4. ecofeco Silver badge

    Oh this is too funny

    Really? No, really?

    And with just Javascript, no less.

  5. JDX Gold badge


    Another great high publicity case to support DRM... if you want content not to be covered in security crap then act like responsible adults rather than take advantage.

  6. Mage Silver badge

    DRM on music

    Pointless to stop real pirates

    Option 1: Virtual Audio Cable

    Option 2: Two sound cards or second computer.

  7. Cameron Colley

    Am I missing something?

    ""So Spotify made a great HTML5 player for its service, but they forgot their encryption. Nice!" Aldenhoven wrote in his code bundle on GitHub."

    Since when did HTML5 allow any kind of DRM? Or is that his point?

    Personally I'd be happy to see DRM on streaming media as long as I can buy a decent copy without any usage restrictions beyond rule of law (e.g. CD, SACD, DVD Audio).

    1. diodesign (Written by Reg staff) Silver badge

      Re: Am I missing something?

      "Since when did HTML5 allow any kind of DRM?"

      Well, if Microsoft, Google and Netflix get their way...


    2. Mike007 Bronze badge

      Re: Am I missing something?

      From the 'adobe' reference in the article i'd guess about the same time flash became part of HTML5? oh...

    3. Not That Andrew

      Re: Am I missing something?

      It never specifically disallowed DRM. However, there are proposals before the W3C to add DRM support to the standard. It will quite likely become part of the standard whenever it is finalised

      1. Cameron Colley

        Re: Am I missing something?

        Well, yes, I am aware of the proposals for DRM and the fact that they have not been accepted. However, it appears that Robin Aldenhoven is not as he seems to think that DRM is included in HTML5 for some reason.

        So either I am better informed than somebody who should know better or he knows something the rest of us don't.

  8. mickey mouse the fith

    Not a new concept

    I wrote a little tool in visual basic a long while back that ripped spotify content. I took the artist/album name from the window title, like this plugin does and recorded the raw audio stream via an audio library ( i think, it was a while ago), detecting the title change to close the current rip and encode to mp3 or whatever. It worked flawlessly and was pretty easy to code. Mine worked on the windows spotify client, i dont think they had a web service when i wrote it, although I imagine it would have done its job via a webbrowser with a little tweaking. I must dig it out and see if it still works, it would be funny if it did.

    It ripped shoutcast streams as well, great for recording improv mix tapes for offline listening.

    I was going to release it, but yknow, the law.....

  9. Anonymous Coward
    Anonymous Coward

    Oh bloody hell, he went public? Like he needs everybody to know what a genius he is? The real geniuses work this stuff out and then keep it to themselves, Now he's gone and spoiled all my freetarding fun.

  10. Major Variola

    Silly Amazon, bits are copied or don't exist!

    "The media file is not stored locally on the end user's system."

    Silly Amazon, a bit that can't be read = copied is not a bit at all! Of course your content is copied as plaintext in our system. Then the buffers are played out. Perhaps you mean, "persistently by *our* software"

  11. herman Silver badge

    Same difference

    It doesn't matter that the link is now encrypted, one can still record it just fine.

    It also seems like nobody ever heard of Streamtuner and Streamripper. There is really no reason to use Spottify, iTunes, Pandora and the like in the first place!

    I live in a country with terrible radio stations, so all I play in my car is music saved with streamripper. One USB stick can hold several weeks worth of music.

    1. Someone Else Silver badge

      Re: Same difference

      I live in a country with terrible radio stations [...].

      You live near Chicago, then?

  12. Crisp

    So back to pressing play and record on the tape deck when a song I like comes on?

    Mines the one with a mix tape in the pocket.

  13. Tim 11

    OMG - a way to get free MP3s online

    I've been waiting for years for that to happen

    1. Dr.S

      Re: OMG - a way to get free MP3s online

      Yes, it is indeed terrible. Spotify was only successful because there was no alternative way of getting access to music. Now they will completely lose all their customers.

  14. Rob Daglish

    @Joe Harrison

    I'd suspect that it's probably also due to the fact that the DJ doesn't take any time to properly balance and EQ the sound system too. First time I use a venue's PA, it can take ages until I'm happy that the noise I'm hearing is actually what I want to hear. Just because there is lots of expensive kit there, doesn't mean it all plays together nicely.

    Also, laptop sound cards are usually pap - if I'm outputting from a laptop to a PA, I generally use a decent USB audio interface like

    Although as I usually end up with Musical Theatre, it all gets knocked sideways by the vocals...

This topic is closed for new posts.

Other stories you might like