Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Man Who Hacked the Bank of France

Posted by timothy on from the whereas-6-5-4-3-2-1-would-have-stopped-him dept.

First time accepted submitter David Off writes "In 2008 a Skype user looking for cheap rate gateway numbers found himself connected to the Bank of France where he was asked for a password. He typed 1 2 3 4 5 6 and found himself connected to their computer system. The intrusion was rapidly detected but led to the system being frozen for 48 hours as a security measure. Two years of extensive international police inquiries eventually traced the 37-year-old unemployed Breton despite the fact he'd used his real address when he registered with Skype. The man was found not guilty in court today (Original, in French) of maliciously breaking into the bank."

8 of 184 comments (clear)

  1. amazing by masternerdguy · · Score: 5, Funny

    i have the same combination on my luggage!

    --
    To offset political mods, replace Flamebait with Insightful.
    1. Re:amazing by Anonymous Coward · · Score: 5, Insightful

      The surprising thing about this story is the court in France was found not guilty. In the United States of Amerika he would have been sentenced under the anti-terrorism laws. The person responsible for IS security at the Bank of France, however, should be terminated with prejudice.

    2. Re:amazing by girlintraining · · Score: 5, Insightful

      i have the same combination on my luggage!

      It's a bit harder to defend breaking into your luggage than randomly dialing phone numbers and entering what is widely considered a "default" password in to get access. In the former case, it's reasonable to conclude that, regardless of password, if your luggage has a lock on it, it's meant to be private. In the digital world, however, access control mechanisms frequently are assigned a default password because the access mechanism itself is integral to the system -- ie, you can choose not to put a pad lock on a door, you can't disable the login screen. In the minds of a lot of people, assigning a password of "password", "1234" (or variant), "letmein", or "admin", is equivalent to not putting a pad lock on a door.

      In other words, it's not breaking and entering if you leave the door to your house unlocked. It's simple trespass and there are numerous legal defenses and excuses for that. The French court merely (and correctly, IMO) said there is an electronic analogue to this legal reasoning. That said, change your luggage combo dude, or I'm klepto'ing that hawaiian shirt you love so much. :P

      --
      #fuckbeta #iamslashdot #dicemustdie
    3. Re:amazing by michelcolman · · Score: 5, Funny

      Three digits on the lock on the left, and three on the lock on the right, makes 6 digits on my luggage. I had been trying to open it for years, unsuccessfully, and guess what!

  2. Re:This reminds me of the time by Anonymous Coward · · Score: 5, Funny

    I really hoped you learned your lesson after that. Do not ever use IE.

  3. Sure it is by SuperKendall · · Score: 5, Funny

    Luggage is four numbers. You cannot have six numbers.

    Sure it is. You just start working backwards after you reach the fourth number.

    It's a brilliantly easy way to remember

    1265

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  4. Re:That is not reasonable security by AGMW · · Score: 5, Informative

    In the US I think we'd have class action lawyers going after them immediately for lack of security due diligence. They would deserve it, too.

    Oh, you mean like when Gary McKinnon, who similarly walked into unsecured US military and NASA computer. The difference - oh yes, no one noticed for ages!

    --
    Eclectic beats from Leeds, UK
    handmadehands.co.uk
  5. Hacking? by Anonymous Coward · · Score: 5, Insightful

    If this is "hacking" then opening an unlocked front door by turning the handle is lock-picking