Ping, Apple's music social network, already plagued with spammersSpammers have wasted no time in flocking to Apple's new music-related social media service integrated within iTunes 10, Ping, which does not feature any protective filtering measures.
Security firm Sophos noted on its blog this week that Ping has been "drowning in scams and spams" since it launched on Wednesday. Since Ping does not feature spam or URL filtering, some have flooded the profiles of popular artists like Katy Perry.
Most of the spam, appropriately, is offering users Apple products, with links claiming to offer free iPhones and other devices in exchange for filling out a survey.
"If half as many free iPads, iPhones and iPods were being given away as Ping comments might lead you to believe, there will be no reason to bother with going to an Apple Store," wrote Chester Wisniewski, security expert with Sophos. "But if you actually want an Apple device, my advice is to go out and buy one, as filling out surveys will likely only end in tears."
While spam appears to be coming through regularly, Apple does prevent profile pictures from being uploaded without approval. The report noted that it is "quite easy" to create bogus accounts for Ping, because no credit card information is required.
Ping has already been involved in a minor controversy as well, as the site suggested it offered Facebook connectivity when it first launched, only for the feature to be inactive. Reports have indicated that is because Facebook blocked API access to Ping after the company failed to reach an agreement with Apple, as the website demanded "onerous terms" from the iTunes maker, Chief Executive Steve Jobs said.
While Ping is susceptible to spammers, iTunes 10 does pack a number of important security features. Sophos noted that the latest update patches 13 separate vulnerabilities in the WebKit components used to render the media suite for Mac and Windows.
Apple introduced Ping at its iPod-centric keynote on Wednesday. On Ping, users can "follow" artists and friends, and iTunes will populate a customized top 10 list that represents what those people are downloading. The service also allows users to see what local concerts are coming, and inform their friends that they will be attending.
The appeal to spammers is easy to see: Ping is open to over 160 million customers that already have active iTunes accounts with credit cards, a fact that Jobs noted Wednesday during his presentation.