Sophos Security

Apple's Ping is a spam magnet

September 3, 2010: 11:05 AM ET

Steve Jobs' new social network for music is already filled with cheesy come-ons

Damm's Ping profile

[UPDATE: Apple seems to have found a way to combat the problem. By Monday, Sept. 6, the spam had all but disappeared.]

The iTunes account holder who calls himself Claude Damm had a busy morning Friday. In the space of an hour, he visited more than four dozen celebrity profiles on Ping -- the newest feature on Apple's (AAPL) 10-year-old iTunes store -- and posted 51 links to a dodgy U.K. website offering "iPhone4free."

And he's not alone, according to Sophos Security's Chester Wisniewski, who reports on his blog that "less than 24 hours after launch, Ping [was] drowning in scams and spams."

"Most of the security industry," he writes, "has been pointing out the migration of spam from an email-only venture to blog/forum comments, Facebook, Twitter and other Web 2.0 platforms. But apparently Apple didn't consider this when designing Ping, as the service implements no spam or URL filtering... Another problem that is likely to contribute to spam is that it is quite easy to create bogus accounts for the Ping service because no credit card or other positive identification is required to participate."

Apple anticipated the problem to some extent. You can click on a "Report" button to alert iTunes staffers of an Offensive Comment, Inappropriate Photo or Video or Spam. But MacRumors reports can take up to four hours for an offender's account to be suspended.

The whole Ping service feels like a work in progress. Navigation is difficult, editing one's profile even harder, and as All Things D's Peter Kafka points out, it isn't very easy on Ping to share your musical tastes -- which is ostensibly its purpose.

[UPDATE: Damm's account was suspended two hours after this was posted. He was quickly replaced by "Michael" and "James," who are filling the celebrity comment streams the same iPhone4free come-on.]

[Follow Philip Elmer-DeWitt on Twitter @philiped]

Current Issue
  • Give the gift of Fortune
  • Get the Fortune app
  • Subscribe
Powered by WordPress.com VIP.