No, Spotify, You Shouldn’t Have Sent Mysterious USB Drives to Journalists
upstart writes in with an IRC submission for SoyCow4408:
No, Spotify, you shouldn't have sent mysterious USB drives to journalists - TechCrunch:
Last week, Spotify sent a number of USB drives to reporters with a note: "Play me."
It's not uncommon for reporters to receive USB drives in the post. Companies distribute USB drives all the time, including at tech conferences, often containing promotional materials or large files, such as videos that would otherwise be difficult to get into as many hands as possible.
But anyone with basic security training under their hat - which here at TechCrunch we have - will know to never plug in a USB drive without taking some precautions first.
Concerned but undeterred, we safely examined the contents of the Spotify drive using a disposable version of Ubuntu Linux (using a live CD) on a spare computer. It was benign and contained a single audio file. "This is Alex Goldman, and you've just been hacked," the file played.
The drive was just a promotion for a new Spotify podcast. Because of course it was.
Jake Williams, a former NSA hacker and founder of Rendition Infosec, called the move "amazingly tone deaf" to encourage reporters into plugging in the drives to their computers.
Read more of this story at SoylentNews.