In another case of “what were they thinking,” Spotify sent journalists USB drives with a note saying: “Play me.”
The journalists at TechCrunch were brave enough to plug in the drive and open it—after taking the necessary precautions, of course. The drive was plugged into a spare computer running a disposable version of Linux on a live CD.
As it turns out, the drive was harmless, containing a single audio file promoting one of Spotify’s new podcasts. The file simply said: “This is Alex Goldman, and you’ve just been hacked.”
Despite the harmless nature of this drive, security experts have been warning companies and individuals for years of the dangers of plugging random USB drives into computers. These devices can contain executable files, viruses and other malware, making them a popular attack vector for cyber criminals.
For a company of Spotify’s stature to resort to such a tactic in the interest of self-publicity was irresponsible and obtuse, and will no doubt cost the company a great deal of good will with journalists.