Spotify Says 2 Million Users Hacked Apps To Suppress Ads On Its Free Service (engadget.com) 62
Earlier this month, Spotify revealed that it had begun cracking down on people using hacked versions of apps. These apps allowed users with free accounts to suppress advertising and take advantage of paid features. Now, Spotify has disclosed just how many people have been taking advantage of this hack: around 2 million users. Engadget reports:
That's not an insignificant number, and it's understandable why Spotify is cracking down on them. As the company explains in an amended F1 filing with the SEC this week, these users forced the company to adjust its metrics and key performance indicators. The disclosure notes, "Unauthorized access to our Service may cause us to misstate key performance indicators, which once discovered, corrected, and disclosed, could undermine investor confidence in the integrity of our key performance indicators and could cause our stock price to drop significantly." As a result, Spotify has adjusted its monthly active users from 159 million at the end of 2017 to 157 million.
In other words (Score:3, Insightful)
> These apps allowed users with free accounts to suppress advertising
IOW, running software they chose to run on a device they owned?
Blocking ads is not theft any more than going to the bathroom during a commercial is stealing from Toyota
Re:In other words (Score:4, Interesting)
We already have been through this a few days ago. Spotify servers are too dumb to enforce what the user has permissions to do. Instead, it lets the client app decide ;-)
Re: (Score:2)
Precisely. I wouldn't be surprised if they were open to SQL injection attacks with that level of security-mindedness.
Re: (Score:3)
> These apps allowed users with free accounts to suppress advertising
IOW, running software they chose to run on a device they owned?
Blocking ads is not theft any more than going to the bathroom during a commercial is stealing from Toyota
Except they are connecting to Spotify's servers that Spotify owns to listen to Spotify's music library. so no, it is nothing like your Toyota 'example'.
Re: (Score:2)
Re:In other words (Score:5, Interesting)
Blocking ads is not theft any more than going to the bathroom during a commercial is stealing from Toyota
Except they are connecting to Spotify's servers that Spotify owns to listen to Spotify's music library.
I have to comment on this one, sorry. I have a question, and you're probably not the one to ask:
If I'm fetching from a "legal source" and I somehow ignore commercials, am I breaking / stealing / anything? What if you, the legal source, let me? What if you force me to watch? How will you enforce / check / penalize that? (I suspect that question itself is wrong, but let's run with it.)
Let's take your argument. I'm got a device I bought that someone else built and someone else wrote the supporting OS and someone ELSE wrote the software application interface. But I bought it, so it's "my" hardware, running on "my" account on "my" internet connection and/or "my" paid-for 4G and/or an "open WiFi" point. That device then connects upstream to God-knows what, eventually to one of the backbone providers, eventually making it to Spotify's computers.
Right? That's how the internet works, being just a series of tubes. *I've" got my access, Spotify's got THEIR access, and everyone in between's got their own access rights. Assume for a second that skipping commercials are illegal. WHERE does that occur? On my device? On Spotify's? Maybe somewhere in the middle? [wikipedia.org]
It's all active vs passive. Watching TV, the usual comparison, the commercials are interspersed within the shows, and there's nothing you can do to your TV to bypass them. So you walk away and use the bathroom / SUDO Make me a sandwich. You run the slight risk of missing the resumption of the show, but that's usually ignored.
Now let's bring up Tivo / Plex / Kodi / Direct TV DVR. Suddenly that passive device assumption is no longer valid -- there's an intermediate processor between source and destination that's suddenly not under the originator's direct or indirect control. I pay Tivo for a service that provides an Electronic Program Guide that specifies the date / time / channel / duration a show is on. I can specify a show by name and it will search out and record it for me, allowing me to play it back at my leisure and time (aka Time Shifting). That's nice and all but suddenly I can shift the time that commercials take down to 0. I still have the "missing program" problem, but that's easy to skip back and fix. Plex can scan recorded shows and physically remove them from the stream, Tivo will mark them so they're easy to skip, Kodi will mark them and even autoskip them I understand. (Heck, Tivo even has a "speed-up" command for the actual shows themselves, so you can watch a 60 minute show in 45 minutes. Forget skipping commercials, I'm speeding up content.)
All of these change the "intent" of the "original stream" in an "cost-adverse manner". However they're not free and the individual must actively implement them. So sorry, the world is not "Pure", no matter what kind of SJW you are. Just ask viruses that subvert larger systems and "bad bugs" that invade other bugs and plants.
So is this "wrong"? Depends on whom you ask. Vendors, yes. Consumers, no. The only way to enforce someone to watch (or at least fetch) something is to give it to them first, and then receive a verified response that allows the next item to proceed. (But: see third party Captcha decode services.) TVs, providers, and intermediaries are NOT yet set up for that, so all they can do is force one show before another, or somehow intersperse them. (Product placement.)
Spotify's the same way -- if you WANT me to listen to your extras, you've going to have to FORCE me to at least download it before playing the next piece. That a client can automatically fetch the next correct part bypassing the annoyance is Morally Bankrupt, Bad Programming,
Re: In other words (Score:2)
Are you... me? It became spooky when you mentioned playthroughs.
Headline error (Score:2)
Huh?
"Spotify says" (subject verb) intro
"2 million users" (subject)
"hacked apps" (verb direct object)
So 2 million people hacked the Spotify app?
Really? Or some other app?
Please give more info on those two million hackers or admit to lying.
Re: (Score:2)
Yes, the assertion is 2 million people use a hacked spotify app. You have to be intentionally illiterate to be unable to read "Spotify Says[:] 2 Million Users Hacked Apps To Suppress Ads On Its Free Service "
And that number makes sense, in that only 1 person has to write the ad-skipping app for 2 million to install it.
Didn't read the summary? (Score:3)
> So for who is this message? Not for the "bad user" who (the 2 million of them) are identified.
Didn't bother to read even two sentences into the summary before posting your insightful knowledge about the topic? The message (an SEC filing) is for potential investors.
> So where is the real loss occurring?
The loss would be investors losing their investment. You, in your 401k, for example. If they invest in the company based on the claim that they have 159 million users generating revenue, but in fact
Trusting the client? What decade is this? (Score:4, Interesting)
Outside of some 'trusted computing' dystopian fantasy there isn't much they can do about people suppressing ads; but since they are the ones running the servers streaming the music one would think that they could quite easily do things like stopping the media stream during periods when ads are supposed to be playing; making periodic chunks of silence the best-possible modified client outcome.
Re: (Score:2)
It's not a security issue, it's a UX issue.
Client tries to access an ad server. Server can't be contacted - DNS lookup failed, sever didn't respond, network is blocking it for some reason.
Does the client refuse to play any more music, making the user think Spotify is unreliable, or does it just carry on without the ad?
It's an unwinnable situation.
It's a shame, killing Pandora too (Score:3)
Pandora is already a public company. I'm willing to bet that they're suffering just as much if not more.
I've been a subscriber to Pandora since 2008. I loved the service and when the ads started, I hated it so much I shoveled out a paltry amount for the yearly service. I don't remember what it was, but it was stupid affordable enough for a broke college stupid.
The music industry really bends these guys over and abuses them. Their licensing costs are stupid high. This type of piracy depresses me because they're both struggling to make any sort of profit.
Re: (Score:3)
Pandora isn’t available where you are yet.
Pandora is only available in the U.S. right now – but we are working on bringing our music service to other parts of the world.
This message has been up for over ten years for anyone outside the US.
Re: (Score:2)
This type of piracy depresses me because they're both struggling to make any sort of profit.
That was my first thought. A premium subscription is less than $10 dollars per month and is worth much more than that IMHO.
Pro Tip (Score:2)
Subscribe to Spotify for a couple of months and use Audacity to rip everything you want. After ~350 albums I cancelled.
Re: (Score:1)
If you're going to do this, it will be easier, quicker, and give you better sound quality to just torrent those '350 albums'.
Spotify (Score:1)
Maybe this business model fails (Score:2)
I get pestered by some websites to disable my non-existing ad-blocker and it takes all the fun out of it.
If it happens always, I don't go there anymore and look somewhere else.
Next thing, if there is a counter running for ad length and I really want to watch it what's behind, sound is turned down and the browser window moved down, do just the counter is visible and I start looking/listening again.
Who
Re: (Score:2)
Maybe, just maybe consider paying the subscription fee if you want to use their service?
"hack" (Score:1)
127.0.0.1 shittyspotifyadserver.com
Understandable? (Score:2)
"That's not an insignificant number, and it's understandable why Spotify is cracking down on them"
Why? Those people will never click on an ad or buy anything they offer by principle.
Re: Understandable? (Score:2)
Because like most enforcement, it sends a signal to everyone else that the rules are going to be enforced. The 2 million may be a lost cause, but they want to prevent the other tens of millions from jumping to an ad free stream, which WOULD materially affect the bottom line of the advertisers and Spotify by extension.
I have a Roland (Score:2)
Why bother??? (Score:2)
Re: (Score:2)
Because people want everything for free, even when the alternative is a measly $10/month for access to the biggest library of music in the world.
Re: (Score:1)
Re: (Score:2)
Maybe consider paying for a subscription then, if you're that annoyed by ads and you listen to that much music?
Notice to advertisers (Score:2)
The bottom line is, two million of your users decided your services are only tolerable if they didn't have to deal with the bullshit ( ads ) that come with it.
Perhaps you should use that as a learning experience and rework your service into something that folks won't feel the need to take such measures.
Just a thought.
Re: (Score:2)
Or maybe they should just pay the $10/month, which is hilariously inexpensive for what you get in return?