Uh-Oh: Spotify’s New DM Feature Has a Major Doxxing Vulnerability
Entertainment

Uh-Oh: Spotify’s New DM Feature Has a Major Doxxing Vulnerability

0 reactions
0 comments 1 views
Author Avatar

Trendsnews

5.8KSubscribers

Photo Credit: Lucian Alexe

Spotify’s new messaging feature can reveal your identity to complete strangers based on your Spotify link-sharing history.Spotify’s new messaging feature—which is actually the newest iteration of a social messaging feature the streaming giant killed off in 2017 due to low engagement—wants to give users more control. It features encryption “in transit and at rest,” an option to reject message requests from others, and the option to opt out completely. But anything short of opting out of the feature will inadvertently introduce a doxxing risk by linking you to people with whom you’ve shared music in the past.

First discovered by users on Reddit, Spotify’s messaging feature has the potential to reveal your identity to strangers you’ve shared Spotify links with in the past. If you enjoy being able to share your music tastes with online friends and acquaintances without having to reveal your real name or identity, you might want to steer clear of the messaging feature until Spotify stamps out the bugs. This is especially common for Twitch streamers, who often share a playlist of their favorite songs for their chat denizens to enjoy.

For another example, say you’ve shared a Spotify link in a Discord group. Now, everyone in that group who clicks on the link is connected to you in the eyes of Spotify. This also applies to Spotify links you’ve sent in the past, too. That’s because each Spotify link has a unique suffix attached to it, which the platform uses to conclude that Person A sharing the link must know Person B clicking on the link.Spotify’s messaging feature’s “suggestions” will then offer you as a possible contact to anyone who has ever clicked on one of your shared Spotify links. From there, users can freely explore your profile, see your name and photo, send you a message, and view a history of Spotify links exchanged between the two of you.

That aspect has the potential for strangers to connect your real-life identity to your more pseudonymous presence on social platforms like Discord, Reddit, or WhatsApp. For now, the simple solution is to opt out of Spotify’s new messaging feature completely, via the app’s settings. But if you still want to retain the functionality, you can always remove any personally identifiable information from your profile.

Reviews

0 %

User Score

0 ratings
Rate This
Prev
Hip-Hop Pioneer Grandmaster Flash Joins the Roster at Primary Wave Music

Hip-Hop Pioneer Grandmaster Flash Joins the Roster at Primary Wave Music

Next
Report: Eagles were 1 of the 2 teams Micah Parsons wanted to be traded to

Report: Eagles were 1 of the 2 teams Micah Parsons wanted to be traded to

18 Related Posts

Related Posts or Video

Leave your comment

Your email address will not be published. Required fields are marked *