Proteron, LLC today issued an urgent update to its drag-and-drop Macintosh audio encoder, N2MP3. This update will prevent unsuspecting Mac users from causing harm to the well known compact disc database (CDDB).
Every time an N2MP3 user inserted a non-audio CD (regular data CD-ROM), N2MP3 would continually to query the CDDB with no time-out. This amounted to an unintentional denial of service type attack on the CDDB services. During the past weekend, as a greater and greater number of users installed N2MP3, the number of queries reached a critical mass.
Steve Scherf at Escient Inc. responded quickly by denying service, in turn, to all N2MP3 clients requesting information from the CDDB servers. This quick action helped save the CDDB from being overrun by spurious requests, effectively eliminating the flood of bandwidth caused by Proteron's errant N2MP3. Unfortunately, the spread of the first release of N2MP3 will only exacerbate the problem and would contribute to the bandwith limiting.
"We are asking the Mac press community to rally behind us in getting the word out so that we can save the CDDB from further abuse by the first release of N2MP3." said Sam Caughron, who led the efforts at Proteron to identify and fix the bug within 24 hours of its discovery. "All old copies of N2MP3 should be immediately replaced and/or upgraded to the current preview release version, marked 1.01 PR."
Other, much less urgent, bug fixes and improvements in this release include:
- support for proxies for cddb users behind firewalls
- GrayAmp file format now an option for encoded MP3 files