Apple gets Ping'd with comment spam - They didn't see this coming?

Filed Under: Apple, Social networks, Spam

Update: As of 18:00 PDT it appears Apple has deleted the spam messages from the popular artists on the Ping service. There are a small number of people still experimenting with spamming on the service at this point. It would appear that Apple is manually deleting the offending comments, so please be careful when visiting URLs posted on the Ping service.

Apple launched iTunes 10 yesterday along with their updated hardware platforms. Aside from supporting the newest generation of iPod and Apple TV devices, this new version of iTunes also introduces a new social media service branded as Ping. If you use iTunes, you should definitely update to iTunes 10 as it fixes thirteen separate vulnerabilities in the WebKit components used to render the iTunes interface.

Most of the security industry has been pointing out the migration of spam from an email-only venture to blog/forum comments, Facebook, Twitter and other Web 2.0 platforms. But apparently Apple didn't consider this when designing Ping, as the service implements no spam or URL filtering. It is no big shock that less than 24 hours after launch, Ping is drowning in scams and spams.

Screenshot of spam on Apple Ping

Ping spam

Strangely, Apple seems to have anticipated a certain degree of malfeasance, as profile pictures that you upload will not appear until approved by Apple. They are likely filtering for other offensive content as well, so they probably have means in place they could use to stop the spam. Another problem that is likely to contribute to spam is that it is quite easy to create bogus accounts for the Ping service because no credit card or other positive identification is required to participate.

Coincidentally, the most common spam on Ping at the moment targets Apple itself. The attacks are nearly identical to survey spams we have blogged about on Facebook, Google and Twitter.

If half as many free iPads, iPhones and iPods were being given away as Ping comments might lead you to believe, there would be no reason to bother with going to an Apple store. But if you actually want an Apple device, my advice is to go out and buy one, as filling out surveys will likely only end in tears.

, ,

You might like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Chester Wisniewski is a Senior Security Advisor at Sophos Canada. He provides advice and insight into the latest threats for security and IT professionals with the goal of providing clear guidance on complex topics. You can follow Chester on Twitter as @chetwisniewski, on App.net as Chester, Chester Wisniewski on Google Plus or send him an email at chesterw@sophos.com.