Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

The Beginning of the End For Hadopi?

Soulskill posted more than 3 years ago | from the pulling-a-sony dept.

Security 44

zrbyte writes "TorrentFreak reports on the latest developments in the french Hadopi saga. 'The private company entrusted to carry out file-sharing network monitoring for the French government has been hacked. Trident Media Guard, which is responsible for gathering data for so-called 3 strikes warnings was hacked and now has some of its data out in the wild, an event which has the potential to upset the operation of Hadopi.' TMG temporarily suspended the gathering of data on file-sharers while they investigated the breach, later claiming that the attack was on 'an unprotected test server with no confidential data.'"

cancel ×

44 comments

Beginning of the end (2)

milonssecretsn (1392667) | more than 3 years ago | (#36203152)

Isn't it "the beginning of the end" for everything today?

http://slashdot.org/poll/2174/The-world-will-end- [slashdot.org]

Re:Beginning of the end (-1, Troll)

Anonymous Coward | more than 3 years ago | (#36203288)

You think you have picked up a sexy girl. You put your hand up her skirt and find a HOT-DOG!!! Oops, you made a mistake....or was it really a mistake? Come on, be honest! Here's how it went down:

Last night, one of the most beautiful Asian women I've ever seen in my life tried to grab my cock in Nana Plaza (a red light district in Bangkok [huh huh]). I was impressed. We walked back to my hotel room, where she took off her underwear, revealing an erect, uncircumcised penis. My mind was totally blown, and I had to give in despite not really being into dudes. We had the most amazing gay sex ever, slept until noon, and went shopping together in CentralWorld the following day. It was the total Apple experience.

Re:Beginning of the end (1)

digitig (1056110) | more than 3 years ago | (#36203686)

The end began almost fourteen billion years ago (probably). The only question is how long it will take.

"hacked" (0)

Anonymous Coward | more than 3 years ago | (#36203154)

Can you talk about a hacking when the data was openly available for anyone to see and take ? Even TMG withdrew their "data theft" accusation...

follow-up (5, Insightful)

Anonymous Coward | more than 3 years ago | (#36203170)

http://torrentfreak.com/french-3-strikes-suspended-due-to-anti-piracy-security-alert-110517/

follow-up has good detail - mod up please! (0)

billstewart (78916) | more than 3 years ago | (#36203244)

Just used my mod points on another article a few minutes ago, and then this shows up :-)

Re:follow-up (1)

Anonymous Coward | more than 3 years ago | (#36206870)

More informations here : http://seclists.org/fulldisclosure/2011/May/434

In somewhat related news... (5, Informative)

BlueTemplar (992862) | more than 3 years ago | (#36203176)

So what? (2)

Opportunist (166417) | more than 3 years ago | (#36203282)

I don't want Sarkozy and nobody cares, why should I care what the garden gnome wants?

Re:So what? (1)

Anonymous Coward | more than 3 years ago | (#36203634)

The G8 summit will care.

end of head up out ass 'citizenship' finally (-1)

Anonymous Coward | more than 3 years ago | (#36203194)

accordingly even more terrifying stand-up mime holycost theater is anticipated, evidenced by our rulers ruling that the highly nonsensical (eye off the ball) end of world hysteria should flood their highly controlled mainstream media on this day, while continuing to avoid telling us the truth about the real big troubles they've gotten us into again, or anything at all. you can call this 'weather' if it makes you feel better. the deities must be hurting, or they wouldn't be so threatening, like the fake weather almost always is here now.

we now have at least one direction? as it may be like this more or less often, deepending on how many too many of us is still alive, by the god given authority of the passover holycost chosen ones, & their fleeing under fire, suicidal minions.

Sensationalist headings (0)

Anonymous Coward | more than 3 years ago | (#36203218)

What's with all these headings that don't really reflect reality? As far as I can tell, there is no indication at all that this breach will bring about the (non-temporary) end of this kind of system in France. Wishful thinking is fair enough, but it doesn't have to be the main attraction surely?

Hacked? Really? (5, Interesting)

Trigger31415 (1912176) | more than 3 years ago | (#36203236)

Quoting TorrentFreak: "Actually, hacked is probably too strong a word, since it appears TMG left the front door open." According to Bluetouff (the one who performed the 'hack'), the "Index of" wasn't disabled, so the data was left in the open. Oh, btw, Hadopi is about punishing people if they didn't secure enough their wifi / computer ...

Re:Hacked? Really? (0)

Anonymous Coward | more than 3 years ago | (#36203248)

Smells like a honeypot.

Which means they are either really fuckin' evil... or really fuckin' stupid.
.
.
Just kidding! They're both! ;)

Re:Hacked? Really? (1)

Yvanhoe (564877) | more than 3 years ago | (#36203666)

It can't be a honeypot. Really, they have proven that they don't have the knowledge to even think of such an "advanced" concept. For someone who has followed the story a bit, there is no doubt about it : it is crass incompetence.

And if it was a honeypot, accessing data on a webserver is not (yet) forbidden by the law. Which is what they did. With just the IP of the computer, all the files were served on the port 80.

Re:Hacked? Really? (0)

Anonymous Coward | more than 3 years ago | (#36212200)

Yeah, riiight. It's funny, how governments do evil over and over and over again, raping you 'till you are nothing but a gaping hole... ...and you still manage to rationalize it all away into "stupidity".

Well, maybe you're the ideal born cattle. And maybe, I should rape your ass too, as apparently, you'd just call me stupid, and offer me your ass right after.

Re:Hacked? Really? (1)

Yvanhoe (564877) | more than 3 years ago | (#36225980)

Don't you think governments can be evil AND incompetent ?

Re:Hacked? Really? (0)

Anonymous Coward | more than 3 years ago | (#36250450)

Holy shit, batman, thank you Captain Obvious, look at my comment from above:

Just kidding! They're both! ;)

PROTIP: Me, #36212200 and #36203248... SAME PERSON. ^^

Re:Hacked? Really? (2)

KingBenny (1301797) | more than 3 years ago | (#36204248)

let's not get all mushy and semantic on this, they proved for one they are incompetent to handle what they are supposed to handle, if it was worse, someone could have like injected some data to prove saint Nicolas was the biggest file sharer in france, ergo : their authority has been breached, or maybe even nullified.
except for the fact that we have mass media perhaps. Who knows, the division is the generation who knows jack shit about it, and the generation who grew up with it. And then there's the minority of q we can observe here :p

I'm so glad! (0)

Samantha Wright (1324923) | more than 3 years ago | (#36203242)

The Apache Software Foundation should never have entered the distributed computing arena.

Wait, what?

Re:I'm so glad! (1)

vbraga (228124) | more than 3 years ago | (#36204070)

I spent a few moments looking with at the headline and thinking what the fuck Hadoop has to do with three strikes and the French government?

Re:I'm so glad! (1)

Samantha Wright (1324923) | more than 3 years ago | (#36204226)

My best guess is that they both have extremely awkward-sounding names (at least, in English.)

I'd like to believe... (0)

Anonymous Coward | more than 3 years ago | (#36203280)

but given the stubbornness that showed the French government since the very beginning of the law project, I seriously doubt it.
It's also said that the France president will make the three-strikes system one of the main subjects of the e-G8 coming soon, so sadly now is probably not the time of the end for Hadopi.

Re:I'd like to believe... (0)

Anonymous Coward | more than 3 years ago | (#36203412)

Well, if the media mafiaa whored carla bruni out to you, maybe you'd change your tune too...

Draconian laws (1)

spikestabber (644578) | more than 3 years ago | (#36203292)

Whats with the public of France bending over like this with such draconian copyright laws?
Its not fair at all, Sarkozy's just pussy whipped, his wife owns a record label so he passes all these one-sided
laws just to please her. It shouldn't be allowed and the public doesn't even seem to give a damn.

Re:Draconian laws (5, Insightful)

BlackPignouf (1017012) | more than 3 years ago | (#36203540)

The majority doesn't even understand what it's about.
Newspaper don't care to explain what is it, and why it could be bad.
The minority who knows about it and gives a damn knows how to circumvent it, and use SSH/proxies/neighbour's wifi.

Re:Draconian laws (1)

Anonymous Coward | more than 3 years ago | (#36205918)

So that's like the tax system then.

Whats with it ? (2)

unity100 (970058) | more than 3 years ago | (#36206818)

if you even temporarily be a moron enough to vote any right-wing party, that happens. thats all that there is to it. the reason for you voting for the right wing party, does not matter. in this case, french voted for right mainly because of the culture clash in between migrant population, and anti-immigrant sentiments.

right wing parties dont do any shit for what you have actually voted for, but what they want to do when they are in power. and this is what's happening in france. its as simple as that.

Re:Whats with it ? (1)

cpghost (719344) | more than 3 years ago | (#36209048)

There's no correlation between right-wing parties and copyright fascism. In fact, France is rather the exception than the rule. Just look at how in the US, it's the democrats who are the worst copyright talibans.

IMHO, Sarkozy is just taking orders from his Carla, the de facto chief lobbyist of their entertainment cartel. If it weren't him and his party, the P.S. would be just as gung-ho about copyright than the UMP.

Re:Whats with it ? (1)

unity100 (970058) | more than 3 years ago | (#36212120)

there is direct correlation in between right wing parties and copyright fascism. right wing believes everything is for sale. this includes army, police, judiciary. they just havent been able to outright do these up till now, but with the 'security contractor' bullshit in bush era they had enabled private armies.

and, no, it was the republicans who prepared acta, in first 1-1.5 years of bush administration. democrats are just serving the meal republicans cooked. had republicans been at it undisrupted until now, things would be much worse, as you can understand from what kind of filth acta was.

Re:Whats with it ? (0)

Anonymous Coward | more than 3 years ago | (#36220384)

How many **AA stooges were in Bush's administration?

How many are in Obama's?

Excuse me, but could someone clue me in (3, Interesting)

Opportunist (166417) | more than 3 years ago | (#36203306)

Now, it might be different how my company handles tests, but I'd have guessed it would be a bit more difficult to hack a "test" server because, well, it's used for testing. Not for public viewing. It may seem odd to the unsuspecting eye, but test servers are usually vastly better protected than productive systems. First, for the obvious reason that they are used internally and thus reaching them is usually a bit more tricky than accessing a system that needs external connections, and second because test servers are usually used for software that's not yet launched and hence usually a bit more "secret" than software that already made it into the open.

Is it me or is having a "hacked test server" not looking too well on their security bill?

Re:Excuse me, but could someone clue me in (0)

Anonymous Coward | more than 3 years ago | (#36204436)

They're lying. Simple as that.
Posting anonymously because I've already modded.

Re:Excuse me, but could someone clue me in (1)

Kjella (173770) | more than 3 years ago | (#36206224)

Well, from what I gather these systems gather IP addresses from P2P networks and send "strikes", seems to me you could start over at any time with a blank database without any production data.

So you have an empty test server, you tweak it to work with new protocols and networks and whatnot - then you put those changes into production. I can see how that kind of server could end up not having much security.

The problem for them now of course is that it could have data from test runs - not that would be used in production but none the less data of real IPs sharing real files. In any case, I doubt they'll give up this easily it'll be back...

News is incomplete (4, Informative)

Trigger31415 (1912176) | more than 3 years ago | (#36203338)

Also :
-Hadopi have severed the link between them and TMG, as a result of this hack
Source: telecompaper [telecompaper.com] + the French media
(and it was their only source of monitoring)

-the CNIL [wikipedia.org] decided to investigate TMG due to this lack of protection of what may be personnal data.

-TMG decided to sue the hacker, but then removed the complaint

How Hadopi Works. (0)

Anonymous Coward | more than 3 years ago | (#36203448)

It's pretty easy to demonstrate already how Hadopi works. 1. Back Trace, 2. Call Internet Police.

No hacking (0)

Anonymous Coward | more than 3 years ago | (#36203498)

(I'm french)

Actually, there was no hacking. Which makes things much worse.

They stupidly left data available to everybody on a server reacheable using a simple navigator. This is much worse than hacking, because we know that it's difficult to prevent a determined hacking, but letting the data on an internet connected webserver without any protection?

And this is not the first time that their competences have been challenged (let's not talk about ethics).

Re:No hacking (1)

SuricouRaven (1897204) | more than 3 years ago | (#36203674)

Under the common media definition of hacking, the one you'll find used by every non-techie, it means 'Anything illegal, computerised and beyond my understanding.'

Re:No hacking (0)

Anonymous Coward | more than 3 years ago | (#36203704)

(I'm rwandan)

Actually, there was plenty of hacking. We hacked those fucking tutsis to little bitty pieces. HAHAHAHAHAAA!

Just a test server? (2)

Charliemopps (1157495) | more than 3 years ago | (#36203670)

As someone that creates test servers all day long as part of my job I have to wonder what they mean by this. For us to create a true and proper test server it is a MIRROR of our production server. Then we make the changes we need... TEST it.. if everything works we make the changes on production. "Just a test server" really?

Re:Just a test server? (1)

aztracker1 (702135) | more than 3 years ago | (#36206108)

Wish I had mod points... In 222003, I was in the middle of setting up a test server, the updates were going to take 40 min. to download, so I figured I'd put it up so I could remote in to finish up at home (was the end of the day). 15 minutes later I was called because the internet was "down" ... actually flooding the connection as the server was hosed/controlled that quickly... Now, nothing gets in front f a firewall with good port restrictions... MS-SQL Server and the Slammer worm... sigh.

Re:Just a test server? (1)

Phishcast (673016) | more than 3 years ago | (#36206738)

I believe it to also be common practice to sanitize production data that goes anywhere except where it's absolutely needed. The sensitive stuff in databases gets replaced with bogus data or whacked all together. If you had, say, credit card data on various prod servers there are regulatory reasons that would prohibit a straight mirror of that data to put on a test server to play with. Not to say they follow such regulations, but it may be reasonable that a test server was compromised and nothing of value was exposed.

We'll see. (1)

SeaFox (739806) | more than 3 years ago | (#36206590)

TMG temporarily suspended the gathering of data on file-sharers while they investigated the breach, later claiming that the attack was on 'an unprotected test server with no confidential data.

So I suppose if this is really not confidential data they should have no issues with it being released on the Net then, huh?

I've been on that test server (0)

Anonymous Coward | more than 3 years ago | (#36210646)

The test server in question is used by media companies to verify the upload and registration for use of 'media signature files' - generated "fingerprints" of copyrighted media, where TMG is the repository of these media fingerprints for online companies to access and use in copyrighted-media testing against UGC uploaded to their servers by the pubic. So, if anything was 'stolen' it was the media signatures, the equivalent to stealing virus definitions from an anti-virus company. As usual, the uneducated are blowing everything out of proportion.
BTW, from my interactions with the technical staff at TMG, the IT staff seems competent while being stretched very thin, but IMHO their management are french silver-spoon aristocrats, clueless to the point of it feeling criminal to me the fact of them being tasked with the responsibility they've been granted (stewardship over the protection of all copyrighted streamed media within France).

 

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...