Jim Carroll

Music, Life and everything else

Bad day for “the global standard in secure media delivery”

Play MPE are a company that the vast majority of people who write about music know only too well. They are, per their own website, “the perfect solution for content owners to securely deliver their audio and other media to …

Tue, Apr 27, 2010, 08:37

   

Play MPE are a company that the vast majority of people who write about music know only too well. They are, per their own website, “the perfect solution for content owners to securely deliver their audio and other media to authorized recipients via the Internet”.

If you are a record label who are about to release a new album which reviewers have to hear and you don’t want to send out CDs for fear of piracy and leaks, you use a company like Play MPE. You give the album to Play MPE because they can get it to the journalists who need to hear it without the album leaking all over the internet. Well, that’s the sales pitch anyway. Music hacks may not like Play MPE and other services like it (we’d prefer a CD or MP3 downloads rather than a very awkward streaming service – see this survey from CMU Daily) but, given the paranoia demonstrated by the labels and their firm belief that media reps are responsible for the bulk of album leaks, we don’t have much of a choice in the matter.

However, it now seems that Play MPE is far from leak-proof itself. Per this report from Cnet, a teenager posed as an Australian music critic, got access to the service and proceeded to leak new releases by The Black Keys, Macy Gray, Hole, The Gaslight Anthem and others.

According to a post on Absolute Punk, where this story came to light, Play MPE then emailed the labels to tell them the bad news: “a hacker managed to obtain a Play MPE account last week and found an exploit in the Play MPE Direct-to-Web player that allowed him access to your release, even though he was not on the recipient lists. We promptly disabled the offending account and closed this exploit on Monday but by then your album had been accessed.”

I would say there’s a hell of a lot of fuming at the labels who use Play MPE about this. They pay a huge fee to “the global standard in secure media delivery” so that this kind of thing doesn’t happen. Yet, despite all the security and hoopla, the system can still be hacked and the files sent out into the wild for anyone to access.

What’s noteworthy about this fiasco is that none of the hacks who use Play MPE on a day to day basis were the ones who leaked the tracks. This may be down to a number of facts. Maybe it’s the case that teens are far more technologically sussed than most music hacks. Or maybe, as seems more likely, that music hacks were not the ones doing the leaking in the first place and can actually be trusted with a promo CD. The labels – and bands – will be hoping that it’s not because hacks listened to the albums concerned and decided they weren’t worth leaking.