By now you may have already seen muxtape.com, it’s a nifty mixtape sharing site - upload your mp3’s drag drop and you have a slick mix ready to share with friends - excellent concept, but you may as well zip up the mp3’s and post the link to that as well - IMHO this is yet another site that makes grabbing high quality music easy and readily available for download and distribution - a like so many other sites, it appears that they’ve spent zero time even considering the security of the media, or the artists whose music is being shared.
Go to any muxtape (http://beatless.muxtape.com/) click on any song, basically you’ve just made a request to an amazon S3 server for one of the uploaded tracks - it get’s loaded into a flash audio player and played - but in doing so it exposes the path the mp3 itself - and from what I can tell, that path is fairly static (it eventually expires) but it’s plenty of time to grab the music if you’re so inclined.
Here’s an example of how easy it is:
Say you’re using Safari, open the activity window and then click on each link on the muxtape page - you can watch the mp3’s load (they’re generally the file that’s over 3MB) click on that item in the activity window, and it will download to your local system. Since this isn’t a how-to-steal-music post, I’ll spare you the gorey detail on how easy this is to do in firefox, but trust me it is.
There’s actually a few approaches that make it less of an issue, but the bottom line is that as long as people don’t consider a site like muxtape a passive form of piracy, people won’t spend the time or money to secure the media, in the end the artists are the losers - I’ve said it before, support artists, don’t steal music, but it would be helpful if we (the web/dev/media community) didn’t make it so easy.