Posts Tagged hacking
I’ve seen a few examples where recommenders, polls and top-ten lists have been manipulated. Generally a central coordinator sends a message to the hoard that descend on the to-be-hacked site. Ron Paul’s sheeple, or pharyngula‘s followers are prime examples of the type of group that can turn a poll upside down in a matter of minutes.
It has always seemed to me that such coordinating manipulation was a blunt instrument. The commanded horde could push a specific item to the top of a poll faster than a Kansas school board could lose Darwin’s notebook, but the horde lacked any subtlety or finesse. Sure you could promote or demote an individual or issue, but fine tuned manipulation would just be too difficult. Well, I’ve been proved wrong. Take a look at this Time Poll.
Not only has the poll been swamped to promote Moot (the pseudonym of the creator of 4chan, an image board and the birthplace for many internet memes) as the most influential of people, the poll crashers have manipulated the order of all the other nominees so that the first letter of each line spells out ‘marble cake, also the game’ (marble cake is not really a kind of cake btw). This is pretty phenomenal, precision hacking. Precision hacking of an extremely high profile poll run by a top notch media company. Now, imagine if the same energy was put into getting that latest Lordi album to the top of the pop 100 charts. I’m sure it could be done (and I’m already wondering if perhaps it has already been done, and we just don’t know it).
Polls, top-N lists, and recommenders based upon the wisdom of the crowds are susceptible to this type of manipulation. Better defenses are going to be needed otherwise we will all be listening to whatever 4chan wants us to listen to. (via reddit)
Spotify is the new “old napster” – everyone who uses it seems to love it. As this Google trends plot shows it is starting to become very popular.
But there is a downside to becoming popular – when you are popular you start to become a target of hackers. This is happening to Spotify now – Spotify is another platform waiting to be explored and exploited. Some notable hacks:
- Lastify – this is a rather benign hack – it adds a couple of buttons to the bottom of your spotify client that let you apply Last.fm ‘love’ and ‘ban’ to the currently playing track.
- Despotify – the open source Spotify client – this is a rather extensive hack. #hack.se has reverse engineeered the Spotify protocols and have built an open source Spotify client (with curses text-mode goodness). The client includes code that decrypts the encrypted music served by Spotify, potentially allowing anyone to not just listen to music, but to download and save it as well. Here’s a video of Despotify in action:
Already, Spotify seems to have responded to this hack, according to the Despotify page: “Despotify has been blocked for users using ‘free’ or ‘daypass’ accounts. You can still use despotify using ‘Premium’ accounts.”. That seems fair – if you pay for Spotify, you can use whatever client you want.
- Geographic hacks – Spotify is only released in certain countries. If you don’t live in the UK, Spain, France, Sweden, Norway or Finland you are out of luck – but not really. According to this article in Wired, some users are using a UK-based proxy to allow access to Spotify from places like the USA.
As Spotify gains in popularity, the Spotify engineers are going to be playing a bit of wack-a-mole to keep the hackers at bay in order to keep the Spotify platform stable and performant. So far, they seem to be doing a very good job.