A vulnerability found in Spotify's web player
has been exploited, allowing users to download permanent copies of songs from the service. A Chrome extension by the name of Downloadify used the exploit to download MP3 files that were free of DRM, rather than just stream them, something which Spotify has been quick to rectify.
The Chrome extension, found by Tweakers
Google has been swift to remove Downloadify from the Chrome Web Store, but the code continues to be available to download in locations such as Github. Downloadify creator Robin Aldenhoven told The Verge
that since Spotify has added a more secure protocol to its web player, the extension no longer works, and would not be updating the project again.