The Beginning of the End For Hadopi?

← Back to Stories (view on slashdot.org)

The Beginning of the End For Hadopi?

Posted by Soulskill on Saturday May 21, 2011 @06:16AM from the pulling-a-sony dept.

zrbyte writes "TorrentFreak reports on the latest developments in the french Hadopi saga. 'The private company entrusted to carry out file-sharing network monitoring for the French government has been hacked. Trident Media Guard, which is responsible for gathering data for so-called 3 strikes warnings was hacked and now has some of its data out in the wild, an event which has the potential to upset the operation of Hadopi.' TMG temporarily suspended the gathering of data on file-sharers while they investigated the breach, later claiming that the attack was on 'an unprotected test server with no confidential data.'"

27 of 44 comments (clear)

Min score:

Reason:

Sort:

Beginning of the end by milonssecretsn · 2011-05-21 06:24 · Score: 2

Isn't it "the beginning of the end" for everything today?
http://slashdot.org/poll/2174/The-world-will-end-

--
Hey, I was only kidding. You don't have to MOD me "Troll" . . . again . . . .
1. Re:Beginning of the end by digitig · 2011-05-21 07:47 · Score: 1
  
  The end began almost fourteen billion years ago (probably). The only question is how long it will take.
  
  --
  Quidnam Latine loqui modo coepi?
follow-up by Anonymous Coward · 2011-05-21 06:27 · Score: 5, Insightful

http://torrentfreak.com/french-3-strikes-suspended-due-to-anti-piracy-security-alert-110517/
1. Re:follow-up by Anonymous Coward · 2011-05-21 20:59 · Score: 1
  
  More informations here : http://seclists.org/fulldisclosure/2011/May/434
In somewhat related news... by BlueTemplar · 2011-05-21 06:28 · Score: 5, Informative

Sarkozy doesn't want any freedom of expression on the Internet:
http://www.laquadrature.net/en/frances-g8-focuses-on-control-and-restrictions-to-online-freedoms
http://kcrg.biz/2011/05/sarkozy-expels-the-freedoms-of-its-civilized-internet/
Hacked? Really? by Trigger31415 · 2011-05-21 06:35 · Score: 5, Interesting

Quoting TorrentFreak: "Actually, hacked is probably too strong a word, since it appears TMG left the front door open." According to Bluetouff (the one who performed the 'hack'), the "Index of" wasn't disabled, so the data was left in the open. Oh, btw, Hadopi is about punishing people if they didn't secure enough their wifi / computer ...
1. Re:Hacked? Really? by Yvanhoe · 2011-05-21 07:43 · Score: 1
  
  It can't be a honeypot. Really, they have proven that they don't have the knowledge to even think of such an "advanced" concept. For someone who has followed the story a bit, there is no doubt about it : it is crass incompetence.
  
  And if it was a honeypot, accessing data on a webserver is not (yet) forbidden by the law. Which is what they did. With just the IP of the computer, all the files were served on the port 80.
  
  --
  The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
2. Re:Hacked? Really? by KingBenny · 2011-05-21 09:17 · Score: 1
  
  let's not get all mushy and semantic on this, they proved for one they are incompetent to handle what they are supposed to handle, if it was worse, someone could have like injected some data to prove saint Nicolas was the biggest file sharer in france, ergo : their authority has been breached, or maybe even nullified.
  except for the fact that we have mass media perhaps. Who knows, the division is the generation who knows jack shit about it, and the generation who grew up with it. And then there's the minority of q we can observe here :p
  
  --
  Free speech was meant to be free for all... how can anyone grow up in a nanny state ?
3. Re:Hacked? Really? by Yvanhoe · 2011-05-23 21:54 · Score: 1
  
  Don't you think governments can be evil AND incompetent ?
  
  --
  The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
So what? by Opportunist · 2011-05-21 06:47 · Score: 2

I don't want Sarkozy and nobody cares, why should I care what the garden gnome wants?

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
1. Re:So what? by Anonymous Coward · 2011-05-21 07:39 · Score: 1
  
  The G8 summit will care.
Draconian laws by spikestabber · 2011-05-21 06:49 · Score: 1

Whats with the public of France bending over like this with such draconian copyright laws?
Its not fair at all, Sarkozy's just pussy whipped, his wife owns a record label so he passes all these one-sided
laws just to please her. It shouldn't be allowed and the public doesn't even seem to give a damn.
1. Re:Draconian laws by BlackPignouf · 2011-05-21 07:23 · Score: 5, Insightful
  
  The majority doesn't even understand what it's about.
  Newspaper don't care to explain what is it, and why it could be bad.
  The minority who knows about it and gives a damn knows how to circumvent it, and use SSH/proxies/neighbour's wifi.
2. Re:Draconian laws by Anonymous Coward · 2011-05-21 14:20 · Score: 1
  
  So that's like the tax system then.
Excuse me, but could someone clue me in by Opportunist · 2011-05-21 06:50 · Score: 3, Interesting

Now, it might be different how my company handles tests, but I'd have guessed it would be a bit more difficult to hack a "test" server because, well, it's used for testing. Not for public viewing. It may seem odd to the unsuspecting eye, but test servers are usually vastly better protected than productive systems. First, for the obvious reason that they are used internally and thus reaching them is usually a bit more tricky than accessing a system that needs external connections, and second because test servers are usually used for software that's not yet launched and hence usually a bit more "secret" than software that already made it into the open.
Is it me or is having a "hacked test server" not looking too well on their security bill?

--
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
1. Re:Excuse me, but could someone clue me in by Kjella · 2011-05-21 15:55 · Score: 1
  
  Well, from what I gather these systems gather IP addresses from P2P networks and send "strikes", seems to me you could start over at any time with a blank database without any production data.
  So you have an empty test server, you tweak it to work with new protocols and networks and whatnot - then you put those changes into production. I can see how that kind of server could end up not having much security.
  The problem for them now of course is that it could have data from test runs - not that would be used in production but none the less data of real IPs sharing real files. In any case, I doubt they'll give up this easily it'll be back...
  
  --
  Live today, because you never know what tomorrow brings
News is incomplete by Trigger31415 · 2011-05-21 06:53 · Score: 4, Informative

Also :
-Hadopi have severed the link between them and TMG, as a result of this hack
Source: telecompaper + the French media
(and it was their only source of monitoring)

-the CNIL decided to investigate TMG due to this lack of protection of what may be personnal data.

-TMG decided to sue the hacker, but then removed the complaint
Just a test server? by Charliemopps · 2011-05-21 07:44 · Score: 2

As someone that creates test servers all day long as part of my job I have to wonder what they mean by this. For us to create a true and proper test server it is a MIRROR of our production server. Then we make the changes we need... TEST it.. if everything works we make the changes on production. "Just a test server" really?
1. Re:Just a test server? by aztracker1 · 2011-05-21 15:19 · Score: 1
  
  Wish I had mod points... In 222003, I was in the middle of setting up a test server, the updates were going to take 40 min. to download, so I figured I'd put it up so I could remote in to finish up at home (was the end of the day). 15 minutes later I was called because the internet was "down" ... actually flooding the connection as the server was hosed/controlled that quickly... Now, nothing gets in front f a firewall with good port restrictions... MS-SQL Server and the Slammer worm... sigh.
  
  --
  Michael J. Ryan - tracker1.info
2. Re:Just a test server? by Phishcast · 2011-05-21 18:50 · Score: 1
  
  I believe it to also be common practice to sanitize production data that goes anywhere except where it's absolutely needed. The sensitive stuff in databases gets replaced with bogus data or whacked all together. If you had, say, credit card data on various prod servers there are regulatory reasons that would prohibit a straight mirror of that data to put on a test server to play with. Not to say they follow such regulations, but it may be reasonable that a test server was compromised and nothing of value was exposed.
Re:No hacking by SuricouRaven · 2011-05-21 07:44 · Score: 1

Under the common media definition of hacking, the one you'll find used by every non-techie, it means 'Anything illegal, computerised and beyond my understanding.'
Re:I'm so glad! by vbraga · 2011-05-21 08:52 · Score: 1

I spent a few moments looking with at the headline and thinking what the fuck Hadoop has to do with three strikes and the French government?

--
English is not my first language. Corrections and suggestions are welcome.
Re:I'm so glad! by Samantha+Wright · 2011-05-21 09:13 · Score: 1

My best guess is that they both have extremely awkward-sounding names (at least, in English.)

--
Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
We'll see. by SeaFox · 2011-05-21 17:59 · Score: 1

TMG temporarily suspended the gathering of data on file-sharers while they investigated the breach, later claiming that the attack was on 'an unprotected test server with no confidential data.
So I suppose if this is really not confidential data they should have no issues with it being released on the Net then, huh?
Whats with it ? by unity100 · 2011-05-21 20:45 · Score: 2

if you even temporarily be a moron enough to vote any right-wing party, that happens. thats all that there is to it. the reason for you voting for the right wing party, does not matter. in this case, french voted for right mainly because of the culture clash in between migrant population, and anti-immigrant sentiments.

right wing parties dont do any shit for what you have actually voted for, but what they want to do when they are in power. and this is what's happening in france. its as simple as that.

--
Read radical news here
1. Re:Whats with it ? by cpghost · 2011-05-22 03:49 · Score: 1
  
  There's no correlation between right-wing parties and copyright fascism. In fact, France is rather the exception than the rule. Just look at how in the US, it's the democrats who are the worst copyright talibans.
  IMHO, Sarkozy is just taking orders from his Carla, the de facto chief lobbyist of their entertainment cartel. If it weren't him and his party, the P.S. would be just as gung-ho about copyright than the UMP.
  
  --
  cpghost at Cordula's Web.
2. Re:Whats with it ? by unity100 · 2011-05-22 10:29 · Score: 1
  
  there is direct correlation in between right wing parties and copyright fascism. right wing believes everything is for sale. this includes army, police, judiciary. they just havent been able to outright do these up till now, but with the 'security contractor' bullshit in bush era they had enabled private armies.
  
  and, no, it was the republicans who prepared acta, in first 1-1.5 years of bush administration. democrats are just serving the meal republicans cooked. had republicans been at it undisrupted until now, things would be much worse, as you can understand from what kind of filth acta was.
  
  --
  Read radical news here